./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2295709259 <...> Warning: Permanently added '10.128.0.249' (ED25519) to the list of known hosts. execve("./syz-executor2295709259", ["./syz-executor2295709259"], 0x7fffae5c7120 /* 10 vars */) = 0 brk(NULL) = 0x555555761000 brk(0x555555761d00) = 0x555555761d00 arch_prctl(ARCH_SET_FS, 0x555555761380) = 0 set_tid_address(0x555555761650) = 5061 set_robust_list(0x555555761660, 24) = 0 rseq(0x555555761ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2295709259", 4096) = 28 getrandom("\xe2\x5e\x9a\x10\x54\xf3\xec\x04", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555761d00 brk(0x555555782d00) = 0x555555782d00 brk(0x555555783000) = 0x555555783000 mprotect(0x7fc3b1f46000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached , child_tidptr=0x555555761650) = 5062 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] set_robust_list(0x555555761660, 24) = 0 ./strace-static-x86_64: Process 5063 attached [pid 5062] unshare(CLONE_NEWPID [pid 5061] <... clone resumed>, child_tidptr=0x555555761650) = 5063 [pid 5063] set_robust_list(0x555555761660, 24 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] <... set_robust_list resumed>) = 0 [pid 5063] unshare(CLONE_NEWPID) = 0 [pid 5062] <... unshare resumed>) = 0 ./strace-static-x86_64: Process 5064 attached [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached [pid 5061] <... clone resumed>, child_tidptr=0x555555761650) = 5064 [pid 5064] set_robust_list(0x555555761660, 24 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] set_robust_list(0x555555761660, 24 [pid 5064] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5066 attached ./strace-static-x86_64: Process 5067 attached [pid 5065] <... set_robust_list resumed>) = 0 [pid 5064] unshare(CLONE_NEWPID [pid 5063] <... clone resumed>, child_tidptr=0x555555761650) = 5065 [pid 5061] <... clone resumed>, child_tidptr=0x555555761650) = 5067 [pid 5067] set_robust_list(0x555555761660, 24 [pid 5066] set_robust_list(0x555555761660, 24 [pid 5065] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5064] <... unshare resumed>) = 0 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... set_robust_list resumed>) = 0 [pid 5066] <... set_robust_list resumed>) = 0 [pid 5062] <... clone resumed>, child_tidptr=0x555555761650) = 5066 [pid 5067] unshare(CLONE_NEWPID [pid 5066] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5065] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5067] <... unshare resumed>) = 0 ./strace-static-x86_64: Process 5068 attached ./strace-static-x86_64: Process 5069 attached [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... clone resumed>, child_tidptr=0x555555761650) = 5068 [pid 5061] <... clone resumed>, child_tidptr=0x555555761650) = 5069 [pid 5069] set_robust_list(0x555555761660, 24 [pid 5068] set_robust_list(0x555555761660, 24 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... set_robust_list resumed>) = 0 [pid 5068] <... set_robust_list resumed>) = 0 [pid 5065] <... prctl resumed>) = 0 [pid 5069] unshare(CLONE_NEWPID [pid 5065] setsid(./strace-static-x86_64: Process 5071 attached ./strace-static-x86_64: Process 5070 attached [pid 5068] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... setsid resumed>) = 1 [pid 5061] <... clone resumed>, child_tidptr=0x555555761650) = 5071 [pid 5066] <... prctl resumed>) = 0 [pid 5065] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5071] set_robust_list(0x555555761660, 24 [pid 5066] setsid( [pid 5065] <... prlimit64 resumed>NULL) = 0 [pid 5070] set_robust_list(0x555555761660, 24 [pid 5066] <... setsid resumed>) = 1 [pid 5065] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5071] <... set_robust_list resumed>) = 0 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5069] <... unshare resumed>) = 0 [pid 5068] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5067] <... clone resumed>, child_tidptr=0x555555761650) = 5070 [pid 5066] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5065] <... prlimit64 resumed>NULL) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... prlimit64 resumed>NULL) = 0 [pid 5065] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, ./strace-static-x86_64: Process 5072 attached [pid 5071] unshare(CLONE_NEWPID [pid 5070] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5068] <... prctl resumed>) = 0 [pid 5066] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5065] <... prlimit64 resumed>NULL) = 0 [pid 5072] set_robust_list(0x555555761660, 24 [pid 5071] <... unshare resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555555761650) = 5072 [pid 5068] setsid( [pid 5066] <... prlimit64 resumed>NULL) = 0 [pid 5065] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5072] <... set_robust_list resumed>) = 0 [pid 5070] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5068] <... setsid resumed>) = 1 [pid 5066] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5065] <... prlimit64 resumed>NULL) = 0 [pid 5072] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5066] <... prlimit64 resumed>NULL) = 0 [pid 5065] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... prlimit64 resumed>NULL) = 0 [pid 5072] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5068] <... prlimit64 resumed>NULL) = 0 [pid 5065] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5068] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5066] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5065] <... prlimit64 resumed>NULL) = 0 [pid 5070] <... prctl resumed>) = 0 [pid 5068] <... prlimit64 resumed>NULL) = 0 [pid 5066] <... prlimit64 resumed>NULL) = 0 [pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5072] <... prctl resumed>) = 0 [pid 5070] setsid( [pid 5068] <... prlimit64 resumed>NULL) = 0 [pid 5066] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5065] unshare(CLONE_NEWNS [pid 5072] setsid( [pid 5070] <... setsid resumed>) = 1 [pid 5068] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5072] <... setsid resumed>) = 1 [pid 5068] <... prlimit64 resumed>NULL) = 0 [pid 5072] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5068] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5072] <... prlimit64 resumed>NULL) = 0 [pid 5068] <... prlimit64 resumed>NULL) = 0 [pid 5072] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5068] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5072] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5070] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5068] <... prlimit64 resumed>NULL) = 0 [pid 5066] <... prlimit64 resumed>NULL) = 0 [pid 5065] <... unshare resumed>) = 0 [pid 5072] <... prlimit64 resumed>NULL) = 0 [pid 5070] <... prlimit64 resumed>NULL) = 0 [pid 5066] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5072] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5068] unshare(CLONE_NEWNS./strace-static-x86_64: Process 5073 attached [pid 5072] <... prlimit64 resumed>NULL) = 0 [pid 5070] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5068] <... unshare resumed>) = 0 [pid 5066] <... prlimit64 resumed>NULL) = 0 [pid 5065] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5072] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5071] <... clone resumed>, child_tidptr=0x555555761650) = 5073 [pid 5070] <... prlimit64 resumed>NULL) = 0 [pid 5066] unshare(CLONE_NEWNS [pid 5073] set_robust_list(0x555555761660, 24 [pid 5072] <... prlimit64 resumed>NULL) = 0 [pid 5070] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5068] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5065] <... mount resumed>) = 0 [pid 5073] <... set_robust_list resumed>) = 0 [pid 5072] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5070] <... prlimit64 resumed>NULL) = 0 [pid 5068] <... mount resumed>) = 0 [pid 5066] <... unshare resumed>) = 0 [pid 5065] unshare(CLONE_NEWIPC [pid 5073] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5072] <... prlimit64 resumed>NULL) = 0 [pid 5070] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5073] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5072] unshare(CLONE_NEWNS [pid 5070] <... prlimit64 resumed>NULL) = 0 [pid 5068] unshare(CLONE_NEWIPC [pid 5072] <... unshare resumed>) = 0 [pid 5070] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5065] <... unshare resumed>) = 0 [pid 5070] <... prlimit64 resumed>NULL) = 0 [pid 5066] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5068] <... unshare resumed>) = 0 [pid 5073] <... prctl resumed>) = 0 [pid 5066] <... mount resumed>) = 0 [pid 5073] setsid( [pid 5070] <... prlimit64 resumed>NULL) = 0 [pid 5066] unshare(CLONE_NEWIPC [pid 5073] <... setsid resumed>) = 1 [pid 5073] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5072] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5070] unshare(CLONE_NEWNS [pid 5068] unshare(CLONE_NEWCGROUP [pid 5073] <... prlimit64 resumed>NULL) = 0 [pid 5072] <... mount resumed>) = 0 [pid 5068] <... unshare resumed>) = 0 [pid 5073] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5072] unshare(CLONE_NEWIPC [pid 5068] unshare(CLONE_NEWUTS [pid 5073] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5072] <... unshare resumed>) = 0 [pid 5070] <... unshare resumed>) = 0 [pid 5068] <... unshare resumed>) = 0 [pid 5065] unshare(CLONE_NEWCGROUP [pid 5073] <... prlimit64 resumed>NULL) = 0 [pid 5073] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5073] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5068] unshare(CLONE_SYSVSEM [pid 5073] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5068] <... unshare resumed>) = 0 [pid 5066] <... unshare resumed>) = 0 [pid 5065] <... unshare resumed>) = 0 [pid 5073] <... prlimit64 resumed>NULL) = 0 [pid 5072] unshare(CLONE_NEWCGROUP [pid 5068] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5073] unshare(CLONE_NEWNS [pid 5072] <... unshare resumed>) = 0 [pid 5073] <... unshare resumed>) = 0 [pid 5070] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5066] unshare(CLONE_NEWCGROUP [pid 5065] unshare(CLONE_NEWUTS [pid 5072] unshare(CLONE_NEWUTS) = 0 [pid 5070] <... mount resumed>) = 0 [pid 5066] <... unshare resumed>) = 0 [pid 5065] <... unshare resumed>) = 0 [pid 5066] unshare(CLONE_NEWUTS [pid 5065] unshare(CLONE_SYSVSEM [pid 5073] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5072] unshare(CLONE_SYSVSEM [pid 5066] <... unshare resumed>) = 0 [pid 5065] <... unshare resumed>) = 0 [pid 5073] <... mount resumed>) = 0 [pid 5072] <... unshare resumed>) = 0 [pid 5070] unshare(CLONE_NEWIPC [pid 5068] <... openat resumed>) = 3 [pid 5066] unshare(CLONE_SYSVSEM [pid 5065] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5068] write(3, "16777216", 8 [pid 5066] <... unshare resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5070] <... unshare resumed>) = 0 [pid 5068] <... write resumed>) = 8 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5073] unshare(CLONE_NEWIPC [pid 5072] <... openat resumed>) = 3 [pid 5068] close(3 [pid 5066] <... openat resumed>) = 3 [pid 5065] write(3, "16777216", 8 [pid 5068] <... close resumed>) = 0 [pid 5073] <... unshare resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5066] write(3, "16777216", 8 [pid 5065] <... write resumed>) = 8 [pid 5073] unshare(CLONE_NEWCGROUP [pid 5072] write(3, "16777216", 8 [pid 5070] unshare(CLONE_NEWCGROUP [pid 5068] <... openat resumed>) = 3 [pid 5065] close(3 [pid 5073] <... unshare resumed>) = 0 [pid 5072] <... write resumed>) = 8 [pid 5070] <... unshare resumed>) = 0 [pid 5066] <... write resumed>) = 8 [pid 5073] unshare(CLONE_NEWUTS [pid 5072] close(3 [pid 5068] write(3, "536870912", 9 [pid 5065] <... close resumed>) = 0 [pid 5073] <... unshare resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5070] unshare(CLONE_NEWUTS [pid 5073] unshare(CLONE_SYSVSEM [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5070] <... unshare resumed>) = 0 [pid 5073] <... unshare resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5070] unshare(CLONE_SYSVSEM [pid 5072] write(3, "536870912", 9 [pid 5070] <... unshare resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5072] <... write resumed>) = 9 [pid 5070] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5072] close(3 [pid 5066] close(3 [pid 5072] <... close resumed>) = 0 [pid 5068] <... write resumed>) = 9 [pid 5066] <... close resumed>) = 0 [pid 5073] write(3, "16777216", 8 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5068] close(3 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5065] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5068] <... close resumed>) = 0 [pid 5073] <... write resumed>) = 8 [pid 5072] <... openat resumed>) = 3 [pid 5070] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5066] <... openat resumed>) = 3 [pid 5065] <... openat resumed>) = 3 [pid 5073] close(3) = 0 [pid 5072] write(3, "1024", 4 [pid 5070] write(3, "16777216", 8 [pid 5073] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5072] <... write resumed>) = 4 [pid 5070] <... write resumed>) = 8 [pid 5068] <... openat resumed>) = 3 [pid 5066] write(3, "536870912", 9 [pid 5065] write(3, "536870912", 9 [pid 5073] <... openat resumed>) = 3 [pid 5072] close(3 [pid 5070] close(3 [pid 5065] <... write resumed>) = 9 [pid 5068] write(3, "1024", 4 [pid 5066] <... write resumed>) = 9 [pid 5065] close(3 [pid 5068] <... write resumed>) = 4 [pid 5066] close(3 [pid 5068] close(3 [pid 5065] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5073] write(3, "536870912", 9 [pid 5072] <... close resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5073] <... write resumed>) = 9 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5070] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5065] <... openat resumed>) = 3 [pid 5073] close(3 [pid 5068] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5065] write(3, "1024", 4 [pid 5070] <... openat resumed>) = 3 [pid 5065] <... write resumed>) = 4 [pid 5073] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5070] write(3, "536870912", 9 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... openat resumed>) = 3 [pid 5065] close(3 [pid 5073] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "8192", 4 [pid 5070] <... write resumed>) = 9 [pid 5068] write(3, "8192", 4 [pid 5066] write(3, "1024", 4 [pid 5065] <... close resumed>) = 0 [pid 5073] write(3, "1024", 4 [pid 5072] <... write resumed>) = 4 [pid 5070] close(3 [pid 5068] <... write resumed>) = 4 [pid 5065] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5073] <... write resumed>) = 4 [pid 5072] close(3 [pid 5070] <... close resumed>) = 0 [pid 5068] close(3 [pid 5066] <... write resumed>) = 4 [pid 5073] close(3 [pid 5072] <... close resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5068] <... close resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5066] close(3 [pid 5065] <... openat resumed>) = 3 [pid 5066] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5070] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5065] write(3, "8192", 4 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5072] <... openat resumed>) = 3 [pid 5065] <... write resumed>) = 4 [pid 5070] write(3, "1024", 4) = 4 [pid 5073] <... openat resumed>) = 3 [pid 5070] close(3 [pid 5065] close(3 [pid 5072] write(3, "1024", 4 [pid 5070] <... close resumed>) = 0 [pid 5072] <... write resumed>) = 4 [pid 5070] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5066] <... openat resumed>) = 3 [pid 5065] <... close resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5073] write(3, "8192", 4 [pid 5065] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5073] <... write resumed>) = 4 [pid 5072] close(3 [pid 5070] write(3, "8192", 4 [pid 5072] <... close resumed>) = 0 [pid 5070] <... write resumed>) = 4 [pid 5073] close(3 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5070] close(3 [pid 5065] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5070] <... close resumed>) = 0 [pid 5066] write(3, "8192", 4 [pid 5068] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5068] write(3, "1024", 4 [pid 5066] <... write resumed>) = 4 [pid 5072] write(3, "1024", 4 [pid 5070] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5073] <... openat resumed>) = 3 [pid 5072] <... write resumed>) = 4 [pid 5070] <... openat resumed>) = 3 [pid 5068] <... write resumed>) = 4 [pid 5066] close(3 [pid 5072] close(3 [pid 5070] write(3, "1024", 4 [pid 5073] write(3, "1024", 4 [pid 5068] close(3 [pid 5066] <... close resumed>) = 0 [pid 5065] write(3, "1024", 4 [pid 5073] <... write resumed>) = 4 [pid 5068] <... close resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5072] <... close resumed>) = 0 [pid 5070] <... write resumed>) = 4 [pid 5068] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5065] <... write resumed>) = 4 [pid 5073] close(3 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5070] close(3 [pid 5066] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5070] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5072] write(3, "1024 1048576 500 1024", 21 [pid 5070] <... openat resumed>) = 3 [pid 5073] write(3, "1024", 4 [pid 5072] <... write resumed>) = 21 [pid 5068] <... openat resumed>) = 3 [pid 5066] write(3, "1024", 4 [pid 5065] close(3 [pid 5068] write(3, "1024", 4 [pid 5066] <... write resumed>) = 4 [pid 5068] <... write resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 5068] close(3 [pid 5066] close(3 [pid 5065] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5068] <... close resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5073] <... write resumed>) = 4 [pid 5072] close(3 [pid 5070] write(3, "1024", 4 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5065] <... openat resumed>) = 3 [pid 5073] close(3 [pid 5072] <... close resumed>) = 0 [pid 5070] <... write resumed>) = 4 [pid 5068] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5066] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5072] getpid( [pid 5065] write(3, "1024", 4 [pid 5073] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5072] <... getpid resumed>) = 1 [pid 5070] close(3 [pid 5068] <... openat resumed>) = 3 [pid 5073] <... openat resumed>) = 3 [pid 5072] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5070] <... close resumed>) = 0 [pid 5072] <... capget resumed>{effective=1< [pid 5073] write(3, "1024 1048576 500 1024", 21 [pid 5072] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5070] <... openat resumed>) = 3 [pid 5068] write(3, "1024 1048576 500 1024", 21 [pid 5073] <... write resumed>) = 21 [pid 5072] <... capset resumed>) = 0 [pid 5068] <... write resumed>) = 21 [pid 5073] close(3 [pid 5072] unshare(CLONE_NEWNET [pid 5070] write(3, "1024 1048576 500 1024", 21 [pid 5066] write(3, "1024", 4 [pid 5065] <... write resumed>) = 4 [pid 5073] <... close resumed>) = 0 [pid 5068] close(3 [pid 5065] close(3 [pid 5073] getpid( [pid 5070] <... write resumed>) = 21 [pid 5068] <... close resumed>) = 0 [pid 5066] <... write resumed>) = 4 [pid 5065] <... close resumed>) = 0 [pid 5073] <... getpid resumed>) = 1 [pid 5073] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5070] close(3 [pid 5068] getpid( [pid 5066] close(3 [pid 5065] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5073] <... capget resumed>{effective=1< [pid 5070] <... close resumed>) = 0 [pid 5068] <... getpid resumed>) = 1 [pid 5066] <... close resumed>) = 0 [pid 5065] <... openat resumed>) = 3 [pid 5073] <... capset resumed>) = 0 [pid 5070] getpid( [pid 5068] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5073] unshare(CLONE_NEWNET [pid 5070] <... getpid resumed>) = 1 [pid 5068] <... capget resumed>{effective=1<) = 3 [pid 5065] write(3, "1024 1048576 500 1024", 21 [pid 5070] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5068] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5066] write(3, "1024 1048576 500 1024", 21 [pid 5065] <... write resumed>) = 21 [pid 5070] <... capget resumed>{effective=1<) = 0 [pid 5066] <... write resumed>) = 21 [pid 5065] close(3 [pid 5070] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5068] unshare(CLONE_NEWNET [pid 5066] close(3 [pid 5065] <... close resumed>) = 0 [pid 5070] <... capset resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5070] unshare(CLONE_NEWNET [pid 5066] getpid() = 1 [pid 5066] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5065] getpid() = 1 [pid 5065] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5066] <... capset resumed>) = 0 [pid 5065] <... capget resumed>{effective=1< [pid 5065] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5068] <... unshare resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5072] <... unshare resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5068] <... openat resumed>) = 3 [pid 5072] <... openat resumed>) = 3 [pid 5070] <... unshare resumed>) = 0 [pid 5072] write(3, "0 65535", 7) = 7 [pid 5072] close(3) = 0 [pid 5072] mkdir("/dev/binderfs", 0777) = 0 [pid 5072] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5068] write(3, "0 65535", 7) = 7 [pid 5072] <... mount resumed>) = 0 [pid 5068] close(3 [pid 5070] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3 [pid 5068] <... close resumed>) = 0 [pid 5070] write(3, "0 65535", 7 [pid 5068] mkdir("/dev/binderfs", 0777 [pid 5070] <... write resumed>) = 7 [pid 5068] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5070] close(3 [pid 5068] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5070] <... close resumed>) = 0 [pid 5070] mkdir("/dev/binderfs", 0777) = -1 EEXIST (File exists) [pid 5070] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5068] <... mount resumed>) = 0 [pid 5070] <... mount resumed>) = 0 [pid 5068] symlink("/dev/binderfs", "./binderfs" [pid 5070] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... unshare resumed>) = 0 [pid 5072] symlink("/dev/binderfs", "./binderfs" [pid 5070] <... symlink resumed>) = -1 EEXIST (File exists) [pid 5068] <... symlink resumed>) = 0 [pid 5072] <... symlink resumed>) = -1 EEXIST (File exists) [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... openat resumed>) = 3 [pid 5073] write(3, "0 65535", 7 [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 2 [pid 5073] <... write resumed>) = 7 [pid 5073] close(3./strace-static-x86_64: Process 5080 attached ./strace-static-x86_64: Process 5079 attached ./strace-static-x86_64: Process 5081 attached ) = 0 [pid 5065] <... unshare resumed>) = 0 [pid 5073] mkdir("/dev/binderfs", 0777 [pid 5080] set_robust_list(0x555555761660, 24 [pid 5081] set_robust_list(0x555555761660, 24 [pid 5073] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 2 [pid 5070] <... clone resumed>, child_tidptr=0x555555761650) = 2 [pid 5065] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5079] set_robust_list(0x555555761660, 24 [pid 5081] <... set_robust_list resumed>) = 0 [pid 5073] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5065] <... openat resumed>) = 3 [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... mount resumed>) = 0 [pid 5065] write(3, "0 65535", 7) = 7 [pid 5065] close(3) = 0 [pid 5065] mkdir("/dev/binderfs", 0777) = -1 EEXIST (File exists) [pid 5065] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5073] symlink("/dev/binderfs", "./binderfs" [pid 5065] <... mount resumed>) = 0 [pid 5073] <... symlink resumed>) = -1 EEXIST (File exists) [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5083 attached [pid 5080] <... set_robust_list resumed>) = 0 [pid 5079] <... set_robust_list resumed>) = 0 [pid 5081] <... prctl resumed>) = 0 [pid 5066] <... unshare resumed>) = 0 [pid 5065] <... symlink resumed>) = -1 EEXIST (File exists) [pid 5083] set_robust_list(0x555555761660, 24 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5081] setpgid(0, 0 [pid 5073] <... clone resumed>, child_tidptr=0x555555761650) = 2 [pid 5083] <... set_robust_list resumed>) = 0 [pid 5080] <... prctl resumed>) = 0 [pid 5079] <... prctl resumed>) = 0 [pid 5081] <... setpgid resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] setpgid(0, 0 [pid 5079] setpgid(0, 0 [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5085 attached [pid 5083] <... prctl resumed>) = 0 [pid 5080] <... setpgid resumed>) = 0 [pid 5079] <... setpgid resumed>) = 0 [pid 5066] write(3, "0 65535", 7 [pid 5085] set_robust_list(0x555555761660, 24 [pid 5083] setpgid(0, 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5081] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5066] <... write resumed>) = 7 [pid 5085] <... set_robust_list resumed>) = 0 [pid 5083] <... setpgid resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5081] write(3, "1000", 4 [pid 5066] close(3 [pid 5065] <... clone resumed>, child_tidptr=0x555555761650) = 2 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... openat resumed>) = 3 [pid 5079] write(3, "1000", 4 [pid 5081] <... write resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 5079] <... write resumed>) = 4 [pid 5081] close(3 [pid 5066] mkdir("/dev/binderfs", 0777 [pid 5085] <... prctl resumed>) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] write(3, "1000", 4 [pid 5079] close(3 [pid 5081] <... close resumed>) = 0 [pid 5066] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5085] setpgid(0, 0 [pid 5079] <... close resumed>) = 0 [pid 5081] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5066] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5085] <... setpgid resumed>) = 0 [pid 5083] <... openat resumed>) = 3 [pid 5080] <... write resumed>) = 4 [pid 5079] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5081] <... socket resumed>) = 3 [pid 5083] write(3, "1000", 4 [pid 5080] close(3 [pid 5066] <... mount resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5083] <... write resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 5079] <... socket resumed>) = 3 [pid 5081] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5083] close(3 [pid 5080] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5083] <... close resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5083] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5080] <... socket resumed>) = 3 [pid 5079] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5066] symlink("/dev/binderfs", "./binderfs" [pid 5085] write(3, "1000", 4 [pid 5083] <... socket resumed>) = 3 [pid 5080] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5081] <... openat resumed>) = 4 [pid 5066] <... symlink resumed>) = -1 EEXIST (File exists) [pid 5085] <... write resumed>) = 4 [pid 5083] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5080] <... openat resumed>) = 4 [pid 5079] <... openat resumed>) = 4 [pid 5081] write(4, "10", 2 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] close(3) = 0 [pid 5081] <... write resumed>) = 2 [pid 5081] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0./strace-static-x86_64: Process 5086 attached [pid 5085] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5083] <... openat resumed>) = 4 [pid 5080] write(4, "10", 2 [pid 5079] write(4, "10", 2 [pid 5086] set_robust_list(0x555555761660, 24 [pid 5085] <... socket resumed>) = 3 [pid 5086] <... set_robust_list resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5080] <... write resumed>) = 2 [pid 5079] <... write resumed>) = 2 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... openat resumed>) = 4 [pid 5083] write(4, "10", 2 [pid 5080] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5079] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5066] <... clone resumed>, child_tidptr=0x555555761650) = 2 [pid 5086] <... prctl resumed>) = 0 [pid 5083] <... write resumed>) = 2 [pid 5086] setpgid(0, 0) = 0 [pid 5085] write(4, "10", 2 [pid 5083] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... write resumed>) = 2 [pid 5085] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5086] <... openat resumed>) = 3 [pid 5086] write(3, "1000", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5086] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5086] write(4, "10", 2) = 2 [ 72.123930][ T5081] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 72.132501][ T5081] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 72.141576][ T5081] FAULT_INJECTION: forcing a failure. [ 72.141576][ T5081] name failslab, interval 1, probability 0, space 0, times 1 [ 72.155306][ T5081] CPU: 1 PID: 5081 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 72.165740][ T5081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 72.175781][ T5081] Call Trace: [ 72.179047][ T5081] [ 72.181973][ T5081] dump_stack_lvl+0x125/0x1b0 [ 72.186704][ T5081] should_fail_ex+0x496/0x5b0 [ 72.191402][ T5081] should_failslab+0x9/0x20 [ 72.195901][ T5081] kmem_cache_alloc_node+0x71/0x330 [ 72.201100][ T5081] ? __alloc_skb+0x287/0x330 [ 72.205712][ T5081] __alloc_skb+0x287/0x330 [ 72.210146][ T5081] ? __napi_build_skb+0x50/0x50 [ 72.215006][ T5081] ? lwtunnel_get_encap_size+0x1a9/0x380 [ 72.220644][ T5081] ? fib_nlmsg_size+0x94/0xa90 [ 72.225414][ T5081] rtmsg_fib+0x13f/0x520 [ 72.229674][ T5081] ? fib_dump_info+0x2080/0x2080 [ 72.234625][ T5081] ? atomic_notifier_call_chain+0xa8/0x1b0 [ 72.240441][ T5081] fib_table_insert+0xc40/0x1d70 [ 72.245393][ T5081] ? pcpu_init_md_blocks+0x2c0/0x3a0 [ 72.250694][ T5081] ? fib_route_seq_show+0xea0/0xea0 [ 72.255909][ T5081] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 72.261813][ T5081] ? inet_rtm_newroute+0x11f/0x200 [ 72.266922][ T5081] inet_rtm_newroute+0x11f/0x200 [ 72.271861][ T5081] ? inet_rtm_delroute+0x390/0x390 [ 72.276986][ T5081] ? inet_rtm_delroute+0x390/0x390 [ 72.282096][ T5081] rtnetlink_rcv_msg+0x3c7/0xe00 [ 72.287039][ T5081] ? rtnl_fill_vf+0x4a0/0x4a0 [ 72.291715][ T5081] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 72.297702][ T5081] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 72.303694][ T5081] netlink_rcv_skb+0x16b/0x440 [ 72.308453][ T5081] ? rtnl_fill_vf+0x4a0/0x4a0 [ 72.313133][ T5081] ? netlink_ack+0x1380/0x1380 [ 72.317888][ T5081] ? lock_sync+0x190/0x190 [ 72.322322][ T5081] ? netlink_deliver_tap+0x1a0/0xd00 [ 72.327612][ T5081] ? _copy_from_iter+0x2c1/0x10f0 [ 72.332649][ T5081] netlink_unicast+0x53b/0x810 [ 72.337436][ T5081] ? netlink_attachskb+0x880/0x880 [ 72.342563][ T5081] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 72.348462][ T5081] ? __phys_addr_symbol+0x30/0x70 [ 72.353494][ T5081] ? __check_object_size+0x323/0x730 [ 72.358786][ T5081] netlink_sendmsg+0x8b7/0xd70 [ 72.363552][ T5081] ? netlink_unicast+0x810/0x810 [ 72.368503][ T5081] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 72.373792][ T5081] ? netlink_unicast+0x810/0x810 [ 72.378738][ T5081] __sock_sendmsg+0xd5/0x180 [ 72.383330][ T5081] ____sys_sendmsg+0x6ac/0x940 [ 72.388095][ T5081] ? copy_msghdr_from_user+0x10b/0x160 [ 72.393559][ T5081] ? kernel_sendmsg+0x50/0x50 [ 72.398237][ T5081] ? hlock_class+0x4e/0x130 [ 72.402757][ T5081] ___sys_sendmsg+0x135/0x1d0 [ 72.407449][ T5081] ? do_recvmmsg+0x740/0x740 [ 72.412069][ T5081] ? recalc_sigpending_tsk+0x187/0x1d0 [ 72.417527][ T5081] ? __fget_light+0x1fc/0x260 [ 72.422211][ T5081] __sys_sendmsg+0x117/0x1e0 [ 72.426820][ T5081] ? __sys_sendmsg_sock+0x30/0x30 [ 72.431874][ T5081] ? ptrace_notify+0xf4/0x130 [ 72.436558][ T5081] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 72.442814][ T5081] do_syscall_64+0x40/0x110 [ 72.447329][ T5081] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 72.453220][ T5081] RIP: 0033:0x7fc3b1ed34f9 [ 72.457629][ T5081] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.477233][ T5081] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.485642][ T5081] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 72.493607][ T5081] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 72.501570][ T5081] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00005555557624c0 [ 72.509535][ T5081] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 72.517501][ T5081] R13: 00007ffdaa3d0578 R14: 0000000000000000 R15: 00007ffdaa3d0350 [pid 5086] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5081] <... sendmsg resumed>) = 216 [pid 5081] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5081] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5081] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 5 [pid 5081] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [ 72.525483][ T5081] [ 72.531092][ T5079] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 72.539528][ T5079] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 72.548491][ T5079] FAULT_INJECTION: forcing a failure. [ 72.548491][ T5079] name failslab, interval 1, probability 0, space 0, times 0 [ 72.561197][ T5079] CPU: 1 PID: 5079 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 72.571621][ T5079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 72.581669][ T5079] Call Trace: [ 72.584944][ T5079] [ 72.587869][ T5079] dump_stack_lvl+0x125/0x1b0 [ 72.592552][ T5079] should_fail_ex+0x496/0x5b0 [ 72.597234][ T5079] should_failslab+0x9/0x20 [ 72.601738][ T5079] kmem_cache_alloc_node+0x71/0x330 [ 72.606956][ T5079] ? __alloc_skb+0x287/0x330 [ 72.611552][ T5079] __alloc_skb+0x287/0x330 [ 72.615975][ T5079] ? __napi_build_skb+0x50/0x50 [ 72.620838][ T5079] ? lwtunnel_get_encap_size+0x1a9/0x380 [ 72.626480][ T5079] ? fib_nlmsg_size+0x94/0xa90 [ 72.631252][ T5079] rtmsg_fib+0x13f/0x520 [ 72.635507][ T5079] ? fib_dump_info+0x2080/0x2080 [ 72.640453][ T5079] ? atomic_notifier_call_chain+0xa8/0x1b0 [ 72.646271][ T5079] fib_table_insert+0xc40/0x1d70 [ 72.651216][ T5079] ? pcpu_init_md_blocks+0x2c0/0x3a0 [ 72.656512][ T5079] ? fib_route_seq_show+0xea0/0xea0 [ 72.661720][ T5079] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 72.667619][ T5079] ? inet_rtm_newroute+0x11f/0x200 [ 72.672729][ T5079] inet_rtm_newroute+0x11f/0x200 [ 72.677666][ T5079] ? inet_rtm_delroute+0x390/0x390 [ 72.682790][ T5079] ? inet_rtm_delroute+0x390/0x390 [ 72.687902][ T5079] rtnetlink_rcv_msg+0x3c7/0xe00 [ 72.692847][ T5079] ? rtnl_fill_vf+0x4a0/0x4a0 [ 72.697528][ T5079] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 72.703517][ T5079] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 72.709513][ T5079] netlink_rcv_skb+0x16b/0x440 [ 72.714274][ T5079] ? rtnl_fill_vf+0x4a0/0x4a0 [ 72.718961][ T5079] ? netlink_ack+0x1380/0x1380 [ 72.723728][ T5079] ? lock_sync+0x190/0x190 [ 72.728168][ T5079] ? netlink_deliver_tap+0x1a0/0xd00 [ 72.733463][ T5079] ? _copy_from_iter+0x2c1/0x10f0 [ 72.738514][ T5079] netlink_unicast+0x53b/0x810 [ 72.743290][ T5079] ? netlink_attachskb+0x880/0x880 [ 72.748404][ T5079] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 72.754300][ T5079] ? __phys_addr_symbol+0x30/0x70 [ 72.759327][ T5079] ? __check_object_size+0x323/0x730 [ 72.764624][ T5079] netlink_sendmsg+0x8b7/0xd70 [ 72.769392][ T5079] ? netlink_unicast+0x810/0x810 [ 72.774340][ T5079] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 72.779626][ T5079] ? netlink_unicast+0x810/0x810 [ 72.784570][ T5079] __sock_sendmsg+0xd5/0x180 [ 72.789166][ T5079] ____sys_sendmsg+0x6ac/0x940 [ 72.793932][ T5079] ? copy_msghdr_from_user+0x10b/0x160 [ 72.799393][ T5079] ? kernel_sendmsg+0x50/0x50 [ 72.804069][ T5079] ? hlock_class+0x4e/0x130 [ 72.808587][ T5079] ___sys_sendmsg+0x135/0x1d0 [ 72.813269][ T5079] ? do_recvmmsg+0x740/0x740 [ 72.817884][ T5079] ? recalc_sigpending_tsk+0x187/0x1d0 [ 72.823343][ T5079] ? __fget_light+0x1fc/0x260 [ 72.828023][ T5079] __sys_sendmsg+0x117/0x1e0 [ 72.832614][ T5079] ? __sys_sendmsg_sock+0x30/0x30 [ 72.837653][ T5079] ? ptrace_notify+0xf4/0x130 [ 72.842330][ T5079] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 72.848580][ T5079] do_syscall_64+0x40/0x110 [ 72.853087][ T5079] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 72.858977][ T5079] RIP: 0033:0x7fc3b1ed34f9 [ 72.863389][ T5079] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.882989][ T5079] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.891400][ T5079] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 72.899364][ T5079] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 72.907330][ T5079] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00005555557624c0 [ 72.915299][ T5079] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 72.923262][ T5079] R13: 00007ffdaa3d0578 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 72.931242][ T5079] [ 72.935369][ T5080] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 72.943960][ T5080] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 72.952748][ T5080] FAULT_INJECTION: forcing a failure. [ 72.952748][ T5080] name failslab, interval 1, probability 0, space 0, times 0 [ 72.965817][ T5080] CPU: 1 PID: 5080 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 72.976248][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 72.986298][ T5080] Call Trace: [ 72.989569][ T5080] [ 72.992491][ T5080] dump_stack_lvl+0x125/0x1b0 [ 72.997174][ T5080] should_fail_ex+0x496/0x5b0 [ 73.001850][ T5080] should_failslab+0x9/0x20 [ 73.006357][ T5080] kmem_cache_alloc_node+0x71/0x330 [ 73.011562][ T5080] ? __alloc_skb+0x287/0x330 [ 73.016160][ T5080] __alloc_skb+0x287/0x330 [ 73.020578][ T5080] ? __napi_build_skb+0x50/0x50 [ 73.025429][ T5080] ? lwtunnel_get_encap_size+0x1a9/0x380 [ 73.031069][ T5080] ? fib_nlmsg_size+0x94/0xa90 [ 73.035839][ T5080] rtmsg_fib+0x13f/0x520 [ 73.040096][ T5080] ? fib_dump_info+0x2080/0x2080 [ 73.045051][ T5080] ? atomic_notifier_call_chain+0xa8/0x1b0 [ 73.050868][ T5080] fib_table_insert+0xc40/0x1d70 [ 73.055817][ T5080] ? pcpu_init_md_blocks+0x2c0/0x3a0 [ 73.061108][ T5080] ? fib_route_seq_show+0xea0/0xea0 [ 73.066315][ T5080] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.072235][ T5080] ? inet_rtm_newroute+0x11f/0x200 [ 73.077350][ T5080] inet_rtm_newroute+0x11f/0x200 [ 73.082289][ T5080] ? inet_rtm_delroute+0x390/0x390 [ 73.087415][ T5080] ? inet_rtm_delroute+0x390/0x390 [ 73.092530][ T5080] rtnetlink_rcv_msg+0x3c7/0xe00 [ 73.097476][ T5080] ? rtnl_fill_vf+0x4a0/0x4a0 [ 73.102156][ T5080] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.108145][ T5080] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.114144][ T5080] netlink_rcv_skb+0x16b/0x440 [ 73.118906][ T5080] ? rtnl_fill_vf+0x4a0/0x4a0 [ 73.123591][ T5080] ? netlink_ack+0x1380/0x1380 [ 73.128357][ T5080] ? lock_sync+0x190/0x190 [ 73.132803][ T5080] ? netlink_deliver_tap+0x1a0/0xd00 [ 73.138107][ T5080] ? _copy_from_iter+0x2c1/0x10f0 [ 73.143148][ T5080] netlink_unicast+0x53b/0x810 [ 73.147923][ T5080] ? netlink_attachskb+0x880/0x880 [ 73.153039][ T5080] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.158939][ T5080] ? __phys_addr_symbol+0x30/0x70 [ 73.163973][ T5080] ? __check_object_size+0x323/0x730 [ 73.169277][ T5080] netlink_sendmsg+0x8b7/0xd70 [ 73.174049][ T5080] ? netlink_unicast+0x810/0x810 [ 73.178998][ T5080] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 73.184285][ T5080] ? netlink_unicast+0x810/0x810 [ 73.189231][ T5080] __sock_sendmsg+0xd5/0x180 [ 73.193823][ T5080] ____sys_sendmsg+0x6ac/0x940 [ 73.198588][ T5080] ? copy_msghdr_from_user+0x10b/0x160 [ 73.204057][ T5080] ? kernel_sendmsg+0x50/0x50 [ 73.208735][ T5080] ? hlock_class+0x4e/0x130 [ 73.213252][ T5080] ___sys_sendmsg+0x135/0x1d0 [ 73.217948][ T5080] ? do_recvmmsg+0x740/0x740 [ 73.222571][ T5080] ? recalc_sigpending_tsk+0x187/0x1d0 [ 73.228027][ T5080] ? __fget_light+0x1fc/0x260 [ 73.232718][ T5080] __sys_sendmsg+0x117/0x1e0 [ 73.237326][ T5080] ? __sys_sendmsg_sock+0x30/0x30 [ 73.242380][ T5080] ? ptrace_notify+0xf4/0x130 [ 73.247060][ T5080] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 73.253306][ T5080] do_syscall_64+0x40/0x110 [ 73.257817][ T5080] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 73.263710][ T5080] RIP: 0033:0x7fc3b1ed34f9 [ 73.268118][ T5080] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 73.287727][ T5080] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.296137][ T5080] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 73.304105][ T5080] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 73.312070][ T5080] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00005555557624c0 [ 73.320035][ T5080] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [pid 5081] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5079] <... sendmsg resumed>) = 216 [pid 5079] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5079] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5079] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5080] <... sendmsg resumed>) = 216 [pid 5079] <... bpf resumed>) = 5 [pid 5079] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5079] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5080] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5080] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5081] <... bpf resumed>) = 6 [pid 5079] <... bpf resumed>) = 6 [pid 5080] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5081] close(3 [pid 5080] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5079] close(3 [pid 5081] <... close resumed>) = 0 [pid 5080] <... bpf resumed>) = 5 [pid 5081] close(4 [pid 5080] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5081] <... close resumed>) = 0 [pid 5080] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5081] close(5 [pid 5080] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5081] <... close resumed>) = 0 [pid 5080] <... bpf resumed>) = 6 [pid 5079] <... close resumed>) = 0 [pid 5081] close(6 [pid 5080] close(3 [ 73.328001][ T5080] R13: 00007ffdaa3d0578 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 73.335981][ T5080] [ 73.340608][ T5083] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 73.349279][ T5083] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 73.358962][ T5083] FAULT_INJECTION: forcing a failure. [ 73.358962][ T5083] name failslab, interval 1, probability 0, space 0, times 0 [pid 5079] close(4 [pid 5080] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5079] close(5 [pid 5081] close(7 [pid 5079] <... close resumed>) = 0 [pid 5081] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(6 [pid 5081] close(8) = -1 EBADF (Bad file descriptor) [pid 5081] close(9) = -1 EBADF (Bad file descriptor) [pid 5081] close(10) = -1 EBADF (Bad file descriptor) [pid 5081] close(11) = -1 EBADF (Bad file descriptor) [pid 5081] close(12) = -1 EBADF (Bad file descriptor) [pid 5081] close(13) = -1 EBADF (Bad file descriptor) [pid 5081] close(14) = -1 EBADF (Bad file descriptor) [pid 5081] close(15) = -1 EBADF (Bad file descriptor) [pid 5081] close(16) = -1 EBADF (Bad file descriptor) [pid 5081] close(17) = -1 EBADF (Bad file descriptor) [pid 5081] close(18) = -1 EBADF (Bad file descriptor) [pid 5081] close(19) = -1 EBADF (Bad file descriptor) [pid 5081] close(20) = -1 EBADF (Bad file descriptor) [pid 5081] close(21) = -1 EBADF (Bad file descriptor) [pid 5081] close(22) = -1 EBADF (Bad file descriptor) [pid 5081] close(23) = -1 EBADF (Bad file descriptor) [pid 5081] close(24) = -1 EBADF (Bad file descriptor) [pid 5081] close(25) = -1 EBADF (Bad file descriptor) [pid 5081] close(26) = -1 EBADF (Bad file descriptor) [pid 5081] close(27) = -1 EBADF (Bad file descriptor) [pid 5081] close(28) = -1 EBADF (Bad file descriptor) [pid 5081] close(29) = -1 EBADF (Bad file descriptor) [pid 5081] exit_group(0) = ? [pid 5081] +++ exited with 0 +++ [pid 5080] close(4) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=43 /* 0.43 s */} --- [pid 5080] close(5 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... close resumed>) = 0 [pid 5080] close(6./strace-static-x86_64: Process 5087 attached [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 3 [pid 5087] set_robust_list(0x555555761660, 24) = 0 [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 73.388491][ T5083] CPU: 0 PID: 5083 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 73.398938][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 73.408997][ T5083] Call Trace: [ 73.412260][ T5083] [ 73.415178][ T5083] dump_stack_lvl+0x125/0x1b0 [ 73.419864][ T5083] should_fail_ex+0x496/0x5b0 [ 73.424561][ T5083] should_failslab+0x9/0x20 [ 73.429081][ T5083] kmem_cache_alloc+0x69/0x2f0 [ 73.433846][ T5083] fib_insert_alias+0x438/0xe30 [pid 5087] setpgid(0, 0) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5087] write(3, "1000", 4) = 4 [pid 5087] close(3) = 0 [pid 5087] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5087] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5087] write(4, "10", 2) = 2 [ 73.438705][ T5083] ? trace_kmem_cache_alloc+0x26/0xa0 [ 73.444105][ T5083] ? kmem_cache_alloc+0x1af/0x2f0 [ 73.449130][ T5083] ? lockdep_rtnl_is_held+0x26/0x30 [ 73.454347][ T5083] fib_table_insert+0xaa7/0x1d70 [ 73.459327][ T5083] ? pcpu_init_md_blocks+0x2c0/0x3a0 [ 73.464650][ T5083] ? fib_route_seq_show+0xea0/0xea0 [ 73.469891][ T5083] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.475820][ T5083] ? inet_rtm_newroute+0x11f/0x200 [ 73.480961][ T5083] inet_rtm_newroute+0x11f/0x200 [ 73.485932][ T5083] ? inet_rtm_delroute+0x390/0x390 [ 73.491047][ T5083] ? inet_rtm_delroute+0x390/0x390 [ 73.496153][ T5083] rtnetlink_rcv_msg+0x3c7/0xe00 [ 73.501100][ T5083] ? rtnl_fill_vf+0x4a0/0x4a0 [ 73.505778][ T5083] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.511765][ T5083] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.517754][ T5083] netlink_rcv_skb+0x16b/0x440 [ 73.522513][ T5083] ? rtnl_fill_vf+0x4a0/0x4a0 [ 73.527191][ T5083] ? netlink_ack+0x1380/0x1380 [ 73.531945][ T5083] ? lock_sync+0x190/0x190 [ 73.536379][ T5083] ? netlink_deliver_tap+0x1a0/0xd00 [ 73.541669][ T5083] ? _copy_from_iter+0x2c1/0x10f0 [ 73.546703][ T5083] netlink_unicast+0x53b/0x810 [ 73.551478][ T5083] ? netlink_attachskb+0x880/0x880 [ 73.556592][ T5083] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.562485][ T5083] ? __phys_addr_symbol+0x30/0x70 [ 73.567509][ T5083] ? __check_object_size+0x323/0x730 [ 73.572797][ T5083] netlink_sendmsg+0x8b7/0xd70 [ 73.577578][ T5083] ? netlink_unicast+0x810/0x810 [ 73.582535][ T5083] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 73.587837][ T5083] ? netlink_unicast+0x810/0x810 [ 73.592783][ T5083] __sock_sendmsg+0xd5/0x180 [ 73.597377][ T5083] ____sys_sendmsg+0x6ac/0x940 [ 73.602139][ T5083] ? copy_msghdr_from_user+0x10b/0x160 [ 73.607605][ T5083] ? kernel_sendmsg+0x50/0x50 [ 73.612282][ T5083] ? hlock_class+0x4e/0x130 [ 73.616800][ T5083] ___sys_sendmsg+0x135/0x1d0 [ 73.621488][ T5083] ? do_recvmmsg+0x740/0x740 [ 73.626103][ T5083] ? recalc_sigpending_tsk+0x187/0x1d0 [ 73.631559][ T5083] ? __fget_light+0x1fc/0x260 [ 73.636239][ T5083] __sys_sendmsg+0x117/0x1e0 [ 73.640833][ T5083] ? __sys_sendmsg_sock+0x30/0x30 [ 73.645873][ T5083] ? ptrace_notify+0xf4/0x130 [ 73.650550][ T5083] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 73.656796][ T5083] do_syscall_64+0x40/0x110 [ 73.661306][ T5083] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 73.667196][ T5083] RIP: 0033:0x7fc3b1ed34f9 [ 73.671606][ T5083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 73.691214][ T5083] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.699637][ T5083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 73.707605][ T5083] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 73.715579][ T5083] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00005555557624c0 [ 73.723556][ T5083] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 73.731524][ T5083] R13: 00007ffdaa3d0578 R14: 0000000000000000 R15: 00007ffdaa3d0350 [pid 5087] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5083] <... sendmsg resumed>) = 216 [pid 5079] <... close resumed>) = 0 [pid 5083] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5079] close(7 [pid 5083] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5083] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5080] close(7 [pid 5079] close(8 [pid 5083] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(9 [pid 5083] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5080] close(8 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [ 73.739507][ T5083] [ 73.748559][ T5085] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 73.757073][ T5085] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 73.766042][ T5085] FAULT_INJECTION: forcing a failure. [ 73.766042][ T5085] name failslab, interval 1, probability 0, space 0, times 0 [pid 5083] <... bpf resumed>) = 5 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(10 [pid 5083] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5080] close(9 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5083] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5083] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(11 [pid 5080] close(10 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(12 [pid 5080] close(11 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(13 [pid 5080] close(12 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(14 [pid 5080] close(13 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(15 [pid 5080] close(14 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(16 [pid 5080] close(15) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(16 [pid 5079] close(17 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(17 [pid 5079] close(18 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(18 [pid 5079] close(19 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(19 [pid 5079] close(20 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(20 [pid 5079] close(21 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(21 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(22 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(22 [pid 5079] close(23 [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] close(23) = -1 EBADF (Bad file descriptor) [pid 5079] close(24 [pid 5080] close(24 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(25 [pid 5080] close(25 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(26 [pid 5080] close(26 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(27 [pid 5080] close(27 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(28 [pid 5080] close(28 [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5079] close(29 [pid 5080] close(29) = -1 EBADF (Bad file descriptor) [pid 5079] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5080] exit_group(0 [pid 5079] exit_group(0 [pid 5080] <... exit_group resumed>) = ? [pid 5079] <... exit_group resumed>) = ? [ 73.781544][ T5085] CPU: 0 PID: 5085 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 73.791974][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 73.802028][ T5085] Call Trace: [ 73.805319][ T5085] [ 73.808263][ T5085] dump_stack_lvl+0x125/0x1b0 [ 73.812973][ T5085] should_fail_ex+0x496/0x5b0 [ 73.817680][ T5085] should_failslab+0x9/0x20 [ 73.822215][ T5085] kmem_cache_alloc_node+0x71/0x330 [ 73.827444][ T5085] ? __alloc_skb+0x287/0x330 [ 73.832067][ T5085] __alloc_skb+0x287/0x330 [pid 5080] +++ exited with 0 +++ [pid 5079] +++ exited with 0 +++ [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 3 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5089 attached ./strace-static-x86_64: Process 5088 attached , child_tidptr=0x555555761650) = 3 [pid 5088] set_robust_list(0x555555761660, 24 [pid 5089] set_robust_list(0x555555761660, 24 [pid 5088] <... set_robust_list resumed>) = 0 [pid 5089] <... set_robust_list resumed>) = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] <... prctl resumed>) = 0 [pid 5089] setpgid(0, 0) = 0 [pid 5088] setpgid(0, 0 [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... setpgid resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... openat resumed>) = 3 [ 73.836508][ T5085] ? __napi_build_skb+0x50/0x50 [ 73.841386][ T5085] ? lwtunnel_get_encap_size+0x1a9/0x380 [ 73.847049][ T5085] ? fib_nlmsg_size+0x94/0xa90 [ 73.851850][ T5085] rtmsg_fib+0x13f/0x520 [ 73.856110][ T5085] ? fib_dump_info+0x2080/0x2080 [ 73.861040][ T5085] ? atomic_notifier_call_chain+0xa8/0x1b0 [ 73.866856][ T5085] fib_table_insert+0xc40/0x1d70 [ 73.871821][ T5085] ? pcpu_init_md_blocks+0x2c0/0x3a0 [ 73.877103][ T5085] ? fib_route_seq_show+0xea0/0xea0 [ 73.882314][ T5085] ? __sanitizer_cov_trace_switch+0x54/0x90 [pid 5089] write(3, "1000", 4 [pid 5088] <... openat resumed>) = 3 [pid 5089] <... write resumed>) = 4 [pid 5088] write(3, "1000", 4 [pid 5089] close(3) = 0 [pid 5088] <... write resumed>) = 4 [pid 5089] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5088] close(3 [pid 5089] <... socket resumed>) = 3 [pid 5088] <... close resumed>) = 0 [pid 5088] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5089] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5088] <... socket resumed>) = 3 [pid 5089] <... openat resumed>) = 4 [pid 5088] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5089] write(4, "10", 2) = 2 [pid 5089] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5088] write(4, "10", 2) = 2 [ 73.888230][ T5085] ? inet_rtm_newroute+0x11f/0x200 [ 73.893336][ T5085] inet_rtm_newroute+0x11f/0x200 [ 73.898282][ T5085] ? inet_rtm_delroute+0x390/0x390 [ 73.903475][ T5085] ? inet_rtm_delroute+0x390/0x390 [ 73.908611][ T5085] rtnetlink_rcv_msg+0x3c7/0xe00 [ 73.913581][ T5085] ? rtnl_fill_vf+0x4a0/0x4a0 [ 73.918291][ T5085] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.924326][ T5085] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.930332][ T5085] netlink_rcv_skb+0x16b/0x440 [ 73.935104][ T5085] ? rtnl_fill_vf+0x4a0/0x4a0 [ 73.939809][ T5085] ? netlink_ack+0x1380/0x1380 [ 73.944582][ T5085] ? lock_sync+0x190/0x190 [ 73.949000][ T5085] ? netlink_deliver_tap+0x1a0/0xd00 [ 73.954286][ T5085] ? _copy_from_iter+0x2c1/0x10f0 [ 73.959338][ T5085] netlink_unicast+0x53b/0x810 [ 73.964106][ T5085] ? netlink_attachskb+0x880/0x880 [ 73.969217][ T5085] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.975108][ T5085] ? __phys_addr_symbol+0x30/0x70 [ 73.980135][ T5085] ? __check_object_size+0x323/0x730 [ 73.985455][ T5085] netlink_sendmsg+0x8b7/0xd70 [ 73.990236][ T5085] ? netlink_unicast+0x810/0x810 [ 73.995178][ T5085] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 74.000467][ T5085] ? netlink_unicast+0x810/0x810 [ 74.005425][ T5085] __sock_sendmsg+0xd5/0x180 [ 74.010003][ T5085] ____sys_sendmsg+0x6ac/0x940 [ 74.014774][ T5085] ? copy_msghdr_from_user+0x10b/0x160 [ 74.020254][ T5085] ? kernel_sendmsg+0x50/0x50 [ 74.024928][ T5085] ? hlock_class+0x4e/0x130 [ 74.029453][ T5085] ___sys_sendmsg+0x135/0x1d0 [ 74.034149][ T5085] ? do_recvmmsg+0x740/0x740 [ 74.038746][ T5085] ? recalc_sigpending_tsk+0x187/0x1d0 [ 74.044219][ T5085] ? __fget_light+0x1fc/0x260 [ 74.048905][ T5085] __sys_sendmsg+0x117/0x1e0 [ 74.053500][ T5085] ? __sys_sendmsg_sock+0x30/0x30 [ 74.058550][ T5085] ? ptrace_notify+0xf4/0x130 [ 74.063239][ T5085] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 74.069492][ T5085] do_syscall_64+0x40/0x110 [ 74.074011][ T5085] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 74.079904][ T5085] RIP: 0033:0x7fc3b1ed34f9 [ 74.084325][ T5085] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 74.103930][ T5085] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.112361][ T5085] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 74.120343][ T5085] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 74.128303][ T5085] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00005555557624c0 [ 74.136264][ T5085] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 74.144222][ T5085] R13: 00007ffdaa3d0578 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 74.152211][ T5085] [ 74.156346][ T5086] FAULT_INJECTION: forcing a failure. [ 74.156346][ T5086] name failslab, interval 1, probability 0, space 0, times 0 [ 74.169102][ T5086] CPU: 1 PID: 5086 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 74.179522][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 74.189575][ T5086] Call Trace: [ 74.192860][ T5086] [ 74.195799][ T5086] dump_stack_lvl+0x125/0x1b0 [ 74.200487][ T5086] should_fail_ex+0x496/0x5b0 [ 74.205168][ T5086] should_failslab+0x9/0x20 [ 74.209678][ T5086] kmem_cache_alloc_node+0x71/0x330 [ 74.214881][ T5086] ? __alloc_skb+0x287/0x330 [ 74.219478][ T5086] __alloc_skb+0x287/0x330 [ 74.223906][ T5086] ? __napi_build_skb+0x50/0x50 [ 74.228766][ T5086] ? lwtunnel_get_encap_size+0x1a9/0x380 [ 74.234405][ T5086] ? fib_nlmsg_size+0x94/0xa90 [ 74.239184][ T5086] rtmsg_fib+0x13f/0x520 [ 74.243434][ T5086] ? fib_dump_info+0x2080/0x2080 [ 74.248381][ T5086] ? atomic_notifier_call_chain+0xa8/0x1b0 [ 74.254196][ T5086] fib_table_insert+0xc40/0x1d70 [ 74.259147][ T5086] ? pcpu_init_md_blocks+0x2c0/0x3a0 [ 74.264440][ T5086] ? fib_route_seq_show+0xea0/0xea0 [ 74.269648][ T5086] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 74.275552][ T5086] ? inet_rtm_newroute+0x11f/0x200 [ 74.280662][ T5086] inet_rtm_newroute+0x11f/0x200 [ 74.285599][ T5086] ? inet_rtm_delroute+0x390/0x390 [ 74.290724][ T5086] ? inet_rtm_delroute+0x390/0x390 [ 74.295838][ T5086] rtnetlink_rcv_msg+0x3c7/0xe00 [ 74.300782][ T5086] ? rtnl_fill_vf+0x4a0/0x4a0 [ 74.305461][ T5086] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 74.311449][ T5086] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 74.317444][ T5086] netlink_rcv_skb+0x16b/0x440 [ 74.322209][ T5086] ? rtnl_fill_vf+0x4a0/0x4a0 [ 74.326891][ T5086] ? netlink_ack+0x1380/0x1380 [ 74.331649][ T5086] ? lock_sync+0x190/0x190 [ 74.336084][ T5086] ? netlink_deliver_tap+0x1a0/0xd00 [ 74.341373][ T5086] ? _copy_from_iter+0x2c1/0x10f0 [ 74.346408][ T5086] netlink_unicast+0x53b/0x810 [ 74.351183][ T5086] ? netlink_attachskb+0x880/0x880 [ 74.356297][ T5086] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 74.362204][ T5086] ? __phys_addr_symbol+0x30/0x70 [ 74.367244][ T5086] ? __check_object_size+0x323/0x730 [ 74.372547][ T5086] netlink_sendmsg+0x8b7/0xd70 [ 74.377317][ T5086] ? netlink_unicast+0x810/0x810 [ 74.382265][ T5086] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 74.387552][ T5086] ? netlink_unicast+0x810/0x810 [ 74.392496][ T5086] __sock_sendmsg+0xd5/0x180 [ 74.397090][ T5086] ____sys_sendmsg+0x6ac/0x940 [ 74.401856][ T5086] ? copy_msghdr_from_user+0x10b/0x160 [ 74.407319][ T5086] ? kernel_sendmsg+0x50/0x50 [ 74.411992][ T5086] ? hlock_class+0x4e/0x130 [ 74.416512][ T5086] ___sys_sendmsg+0x135/0x1d0 [ 74.421193][ T5086] ? do_recvmmsg+0x740/0x740 [ 74.425813][ T5086] ? recalc_sigpending_tsk+0x187/0x1d0 [ 74.431267][ T5086] ? __fget_light+0x1fc/0x260 [ 74.435946][ T5086] __sys_sendmsg+0x117/0x1e0 [ 74.440539][ T5086] ? __sys_sendmsg_sock+0x30/0x30 [ 74.445580][ T5086] ? ptrace_notify+0xf4/0x130 [ 74.450258][ T5086] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 74.456506][ T5086] do_syscall_64+0x40/0x110 [ 74.461011][ T5086] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 74.466902][ T5086] RIP: 0033:0x7fc3b1ed34f9 [ 74.471312][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5088] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5085] <... sendmsg resumed>) = 216 [pid 5085] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5085] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5083] <... bpf resumed>) = 6 [pid 5083] close(3) = 0 [pid 5083] close(4) = 0 [pid 5083] close(5) = 0 [pid 5083] close(6) = 0 [pid 5083] close(7 [pid 5085] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5083] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5083] close(8) = -1 EBADF (Bad file descriptor) [pid 5083] close(9) = -1 EBADF (Bad file descriptor) [pid 5083] close(10) = -1 EBADF (Bad file descriptor) [pid 5085] <... bpf resumed>) = 5 [pid 5083] close(11) = -1 EBADF (Bad file descriptor) [pid 5083] close(12) = -1 EBADF (Bad file descriptor) [pid 5083] close(13) = -1 EBADF (Bad file descriptor) [pid 5083] close(14) = -1 EBADF (Bad file descriptor) [pid 5083] close(15) = -1 EBADF (Bad file descriptor) [pid 5083] close(16) = -1 EBADF (Bad file descriptor) [pid 5083] close(17) = -1 EBADF (Bad file descriptor) [pid 5083] close(18) = -1 EBADF (Bad file descriptor) [pid 5083] close(19) = -1 EBADF (Bad file descriptor) [pid 5083] close(20) = -1 EBADF (Bad file descriptor) [pid 5083] close(21) = -1 EBADF (Bad file descriptor) [pid 5083] close(22) = -1 EBADF (Bad file descriptor) [pid 5083] close(23) = -1 EBADF (Bad file descriptor) [pid 5083] close(24) = -1 EBADF (Bad file descriptor) [pid 5083] close(25) = -1 EBADF (Bad file descriptor) [pid 5083] close(26) = -1 EBADF (Bad file descriptor) [pid 5083] close(27) = -1 EBADF (Bad file descriptor) [ 74.490921][ T5086] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.499337][ T5086] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 74.507300][ T5086] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 74.515265][ T5086] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00005555557624c0 [ 74.523230][ T5086] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 74.531194][ T5086] R13: 00007ffdaa3d0578 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 74.539173][ T5086] [pid 5083] close(28) = -1 EBADF (Bad file descriptor) [pid 5083] close(29) = -1 EBADF (Bad file descriptor) [pid 5086] <... sendmsg resumed>) = 216 [pid 5085] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5083] exit_group(0 [pid 5086] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5085] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5085] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5086] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5086] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 5 [pid 5086] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5083] <... exit_group resumed>) = ? [pid 5085] <... bpf resumed>) = 6 [pid 5085] close(3 [pid 5083] +++ exited with 0 +++ [pid 5086] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... close resumed>) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=41 /* 0.41 s */} --- [ 74.561363][ T5087] FAULT_INJECTION: forcing a failure. [ 74.561363][ T5087] name failslab, interval 1, probability 0, space 0, times 0 [ 74.575665][ T5087] CPU: 1 PID: 5087 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 74.586101][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 74.596148][ T5087] Call Trace: [ 74.599425][ T5087] [ 74.602347][ T5087] dump_stack_lvl+0x125/0x1b0 [ 74.607030][ T5087] should_fail_ex+0x496/0x5b0 [ 74.611702][ T5087] ? __lock_acquire+0xc65/0x3b20 [ 74.616647][ T5087] should_failslab+0x9/0x20 [ 74.621155][ T5087] __kmem_cache_alloc_node+0x6b/0x310 [ 74.626531][ T5087] ? ip6_tun_build_state+0x165/0x680 [ 74.631823][ T5087] ? ip6_tun_build_state+0x165/0x680 [ 74.637113][ T5087] __kmalloc+0x49/0x90 [ 74.641187][ T5087] ip6_tun_build_state+0x165/0x680 [ 74.646306][ T5087] ? __mutex_unlock_slowpath+0x165/0x650 [ 74.651936][ T5087] ? ip_tun_parse_opts.part.0+0xfa0/0xfa0 [ 74.657666][ T5087] ? find_held_lock+0x2d/0x110 [ 74.662447][ T5087] ? pcpu_alloc+0x1f1/0x1420 [ 74.667045][ T5087] ? lwtunnel_build_state+0x1d3/0x670 [ 74.672420][ T5087] lwtunnel_build_state+0x1d3/0x670 [ 74.677631][ T5087] fib_nh_common_init+0x149/0x2d0 [ 74.682658][ T5087] ? rt_fibinfo_free_cpus.part.0+0x1d0/0x1d0 [ 74.688640][ T5087] ? gre_gso_segment+0x17b0/0x17b0 [ 74.693761][ T5087] fib_nh_init+0xbd/0x450 [ 74.698095][ T5087] fib_create_info+0x24fb/0x4d50 [ 74.703055][ T5087] ? fib_result_prefsrc+0x4b0/0x4b0 [ 74.708253][ T5087] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 74.714241][ T5087] ? idr_get_free+0xa30/0xa30 [ 74.718924][ T5087] fib_table_insert+0x1d7/0x1d70 [ 74.723864][ T5087] ? find_held_lock+0x2d/0x110 [ 74.728640][ T5087] ? fib_route_seq_show+0xea0/0xea0 [ 74.733845][ T5087] ? lwtunnel_valid_encap_type+0x113/0x6a0 [ 74.739663][ T5087] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 74.745570][ T5087] ? rtm_to_fib_config+0x71d/0x12c0 [ 74.750772][ T5087] ? inet_rtm_newroute+0x11f/0x200 [ 74.755883][ T5087] inet_rtm_newroute+0x11f/0x200 [ 74.760819][ T5087] ? inet_rtm_delroute+0x390/0x390 [ 74.765948][ T5087] ? inet_rtm_delroute+0x390/0x390 [ 74.771059][ T5087] rtnetlink_rcv_msg+0x3c7/0xe00 [ 74.776002][ T5087] ? rtnl_fill_vf+0x4a0/0x4a0 [ 74.780695][ T5087] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 74.786693][ T5087] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 74.792693][ T5087] netlink_rcv_skb+0x16b/0x440 [ 74.797471][ T5087] ? rtnl_fill_vf+0x4a0/0x4a0 [ 74.802156][ T5087] ? netlink_ack+0x1380/0x1380 [ 74.806914][ T5087] ? lock_sync+0x190/0x190 [ 74.811368][ T5087] ? netlink_deliver_tap+0x1a0/0xd00 [ 74.816667][ T5087] ? _copy_from_iter+0x2c1/0x10f0 [ 74.821706][ T5087] netlink_unicast+0x53b/0x810 [ 74.826484][ T5087] ? netlink_attachskb+0x880/0x880 [ 74.831600][ T5087] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 74.837497][ T5087] ? __phys_addr_symbol+0x30/0x70 [ 74.842523][ T5087] ? __check_object_size+0x323/0x730 [ 74.847813][ T5087] netlink_sendmsg+0x8b7/0xd70 [ 74.852586][ T5087] ? netlink_unicast+0x810/0x810 [ 74.857538][ T5087] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 74.862826][ T5087] ? netlink_unicast+0x810/0x810 [ 74.867771][ T5087] __sock_sendmsg+0xd5/0x180 [ 74.872362][ T5087] ____sys_sendmsg+0x6ac/0x940 [ 74.877126][ T5087] ? copy_msghdr_from_user+0x10b/0x160 [ 74.882596][ T5087] ? kernel_sendmsg+0x50/0x50 [ 74.887276][ T5087] ? hlock_class+0x4e/0x130 [ 74.891794][ T5087] ___sys_sendmsg+0x135/0x1d0 [ 74.896482][ T5087] ? do_recvmmsg+0x740/0x740 [ 74.901100][ T5087] ? recalc_sigpending_tsk+0x187/0x1d0 [ 74.906558][ T5087] ? __fget_light+0x1fc/0x260 [ 74.911238][ T5087] __sys_sendmsg+0x117/0x1e0 [ 74.915836][ T5087] ? __sys_sendmsg_sock+0x30/0x30 [ 74.920873][ T5087] ? ptrace_notify+0xf4/0x130 [ 74.925552][ T5087] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 74.931799][ T5087] do_syscall_64+0x40/0x110 [ 74.936307][ T5087] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 74.942211][ T5087] RIP: 0033:0x7fc3b1ed34f9 [ 74.946627][ T5087] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 74.966238][ T5087] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.974649][ T5087] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 74.982617][ T5087] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 74.990585][ T5087] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00000000557624c0 [ 74.998549][ T5087] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [pid 5086] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5085] close(4) = 0 [pid 5085] close(5) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] close(6 [pid 5073] <... clone resumed>, child_tidptr=0x555555761650) = 3 ./strace-static-x86_64: Process 5090 attached [pid 5090] set_robust_list(0x555555761660, 24) = 0 [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] setpgid(0, 0) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] write(3, "1000", 4) = 4 [pid 5090] close(3) = 0 [pid 5090] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5090] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5090] write(4, "10", 2) = 2 [ 75.006511][ T5087] R13: 00007ffdaa3d0334 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 75.014490][ T5087] [ 75.052275][ T5090] FAULT_INJECTION: forcing a failure. [ 75.052275][ T5090] name failslab, interval 1, probability 0, space 0, times 0 [ 75.053227][ T5088] FAULT_INJECTION: forcing a failure. [ 75.053227][ T5088] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 75.053807][ T5088] [ 75.053812][ T5088] ====================================================== [ 75.053817][ T5088] WARNING: possible circular locking dependency detected [ 75.053822][ T5088] 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 Not tainted [ 75.053834][ T5088] ------------------------------------------------------ [ 75.053839][ T5088] syz-executor229/5088 is trying to acquire lock: [ 75.053848][ T5088] ffffffff8ceb8da0 (console_owner){....}-{0:0}, at: vprintk_emit+0x313/0x5f0 [ 75.053895][ T5088] [ 75.053895][ T5088] but task is already holding lock: [ 75.053899][ T5088] ffff8880b983c718 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 75.053946][ T5088] [ 75.053946][ T5088] which lock already depends on the new lock. [ 75.053946][ T5088] [ 75.053951][ T5088] [ 75.053951][ T5088] the existing dependency chain (in reverse order) is: [ 75.053956][ T5088] [ 75.053956][ T5088] -> #5 (&rq->__lock){-.-.}-{2:2}: [ 75.053979][ T5088] _raw_spin_lock_nested+0x31/0x40 [ 75.054002][ T5088] raw_spin_rq_lock_nested+0x29/0x130 [ 75.054026][ T5088] task_fork_fair+0x70/0x240 [ 75.054049][ T5088] sched_cgroup_fork+0x3cf/0x510 [ 75.054075][ T5088] copy_process+0x4c86/0x73f0 [ 75.054098][ T5088] kernel_clone+0xfd/0x930 [ 75.054119][ T5088] user_mode_thread+0xb4/0xf0 [ 75.054141][ T5088] rest_init+0x27/0x2b0 [ 75.054160][ T5088] arch_call_rest_init+0x13/0x30 [ 75.054188][ T5088] start_kernel+0x39f/0x480 [ 75.054215][ T5088] x86_64_start_reservations+0x18/0x30 [ 75.054238][ T5088] x86_64_start_kernel+0xb2/0xc0 [ 75.054259][ T5088] secondary_startup_64_no_verify+0x166/0x16b [ 75.054286][ T5088] [ 75.054286][ T5088] -> #4 (&p->pi_lock){-.-.}-{2:2}: [ 75.054310][ T5088] _raw_spin_lock_irqsave+0x3a/0x50 [ 75.054331][ T5088] try_to_wake_up+0xb0/0x13d0 [ 75.054350][ T5088] kick_pool+0x253/0x470 [ 75.054371][ T5088] create_worker+0x46f/0x730 [ 75.054393][ T5088] workqueue_init+0x319/0x830 [ 75.054417][ T5088] kernel_init_freeable+0x332/0xc10 [ 75.054434][ T5088] kernel_init+0x1c/0x2a0 [ 75.054457][ T5088] ret_from_fork+0x45/0x80 [ 75.054479][ T5088] ret_from_fork_asm+0x11/0x20 [ 75.054503][ T5088] [ 75.054503][ T5088] -> #3 (&pool->lock){-.-.}-{2:2}: [ 75.054526][ T5088] _raw_spin_lock+0x2e/0x40 [ 75.054546][ T5088] __queue_work+0x399/0x11f0 [ 75.054570][ T5088] queue_work_on+0xed/0x110 [ 75.054593][ T5088] rpm_suspend+0x121b/0x16f0 [ 75.054622][ T5088] rpm_idle+0x578/0x6e0 [ 75.054646][ T5088] __pm_runtime_idle+0xbe/0x160 [ 75.054680][ T5088] __device_attach+0x382/0x4b0 [ 75.054697][ T5088] bus_probe_device+0x17c/0x1c0 [ 75.054724][ T5088] device_add+0x117e/0x1aa0 [ 75.054747][ T5088] serial_base_port_add+0x353/0x4b0 [ 75.054765][ T5088] serial_core_register_port+0x137/0x1af0 [ 75.054794][ T5088] serial8250_register_8250_port+0x140d/0x2080 [ 75.054815][ T5088] serial_pnp_probe+0x47d/0x880 [ 75.054833][ T5088] pnp_device_probe+0x2a3/0x4c0 [ 75.054850][ T5088] really_probe+0x234/0xc90 [ 75.054866][ T5088] __driver_probe_device+0x1de/0x4b0 [ 75.054884][ T5088] driver_probe_device+0x4c/0x1a0 [ 75.054901][ T5088] __driver_attach+0x274/0x570 [ 75.054918][ T5088] bus_for_each_dev+0x13c/0x1d0 [ 75.054944][ T5088] bus_add_driver+0x2e9/0x630 [ 75.054970][ T5088] driver_register+0x15c/0x4a0 [ 75.054988][ T5088] serial8250_init+0xba/0x4b0 [ 75.055016][ T5088] do_one_initcall+0x11c/0x650 [ 75.055040][ T5088] kernel_init_freeable+0x687/0xc10 [ 75.055057][ T5088] kernel_init+0x1c/0x2a0 [ 75.055076][ T5088] ret_from_fork+0x45/0x80 [ 75.055097][ T5088] ret_from_fork_asm+0x11/0x20 [ 75.055121][ T5088] [ 75.055121][ T5088] -> #2 (&dev->power.lock){-...}-{2:2}: [ 75.055144][ T5088] _raw_spin_lock_irqsave+0x3a/0x50 [ 75.055166][ T5088] __pm_runtime_resume+0xab/0x170 [ 75.055193][ T5088] __uart_start+0x1b2/0x470 [ 75.055217][ T5088] uart_write+0x2ff/0x5b0 [ 75.055243][ T5088] n_tty_write+0x422/0x1130 [ 75.055266][ T5088] file_tty_write.constprop.0+0x519/0x9b0 [ 75.055288][ T5088] redirected_tty_write+0xa6/0xc0 [ 75.055309][ T5088] vfs_write+0x64f/0xdf0 [ 75.055328][ T5088] ksys_write+0x12f/0x250 [ 75.055347][ T5088] do_syscall_64+0x40/0x110 [ 75.055371][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 75.055392][ T5088] [ 75.055392][ T5088] -> #1 (&port_lock_key){-...}-{2:2}: [ 75.055414][ T5088] _raw_spin_lock_irqsave+0x3a/0x50 [ 75.055436][ T5088] serial8250_console_write+0xa7c/0x1060 [ 75.055460][ T5088] console_flush_all+0x4d5/0xd60 [ 75.055478][ T5088] console_unlock+0x10c/0x260 [ 75.055496][ T5088] vprintk_emit+0x17f/0x5f0 [ 75.055513][ T5088] vprintk+0x7b/0x90 [ 75.055530][ T5088] _printk+0xc8/0x100 [ 75.055557][ T5088] register_console+0xa74/0x1060 [ 75.055575][ T5088] univ8250_console_init+0x35/0x50 [ 75.055602][ T5088] console_init+0xba/0x5d0 [ 75.055627][ T5088] start_kernel+0x25a/0x480 [ 75.055654][ T5088] x86_64_start_reservations+0x18/0x30 [ 75.055681][ T5088] x86_64_start_kernel+0xb2/0xc0 [ 75.055703][ T5088] secondary_startup_64_no_verify+0x166/0x16b [ 75.055728][ T5088] [ 75.055728][ T5088] -> #0 (console_owner){....}-{0:0}: [ 75.055751][ T5088] __lock_acquire+0x2433/0x3b20 [ 75.055778][ T5088] lock_acquire+0x1ae/0x520 [ 75.055804][ T5088] vprintk_emit+0x328/0x5f0 [ 75.055821][ T5088] vprintk+0x7b/0x90 [ 75.055839][ T5088] _printk+0xc8/0x100 [ 75.055864][ T5088] should_fail_ex+0x46b/0x5b0 [ 75.055882][ T5088] strncpy_from_user+0x38/0x300 [ 75.055904][ T5088] strncpy_from_user_nofault+0x80/0x180 [ 75.055932][ T5088] bpf_probe_read_user_str+0x26/0x70 [ 75.055960][ T5088] bpf_prog_6fb7ada547f278f2+0x3d/0x3f [ 75.055981][ T5088] bpf_trace_run4+0x173/0x450 [ 75.055999][ T5088] __bpf_trace_sched_switch+0x13e/0x180 [ 75.056018][ T5088] __traceiter_sched_switch+0x6c/0xc0 [ 75.056042][ T5088] __schedule+0x21f3/0x5af0 [ 75.056068][ T5088] schedule+0xe9/0x270 [ 75.056093][ T5088] ptrace_stop.part.0+0x44d/0x7a0 [ 75.056114][ T5088] ptrace_do_notify+0x22f/0x2e0 [ 75.056135][ T5088] ptrace_notify+0xc8/0x130 [ 75.056155][ T5088] syscall_exit_to_user_mode_prepare+0x126/0x230 [ 75.056180][ T5088] syscall_exit_to_user_mode+0xe/0x60 [ 75.056199][ T5088] do_syscall_64+0x4d/0x110 [ 75.056221][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 75.056241][ T5088] [ 75.056241][ T5088] other info that might help us debug this: [ 75.056241][ T5088] [ 75.056245][ T5088] Chain exists of: [ 75.056245][ T5088] console_owner --> &p->pi_lock --> &rq->__lock [ 75.056245][ T5088] [ 75.056269][ T5088] Possible unsafe locking scenario: [ 75.056269][ T5088] [ 75.056273][ T5088] CPU0 CPU1 [ 75.056277][ T5088] ---- ---- [ 75.056280][ T5088] lock(&rq->__lock); [ 75.056290][ T5088] lock(&p->pi_lock); [ 75.056300][ T5088] lock(&rq->__lock); [ 75.056311][ T5088] lock(console_owner); [ 75.056321][ T5088] [ 75.056321][ T5088] *** DEADLOCK *** [ 75.056321][ T5088] [ 75.056324][ T5088] 2 locks held by syz-executor229/5088: [ 75.056335][ T5088] #0: ffff8880b983c718 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 75.056386][ T5088] #1: ffffffff8cfabbe0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x107/0x450 [ 75.056431][ T5088] [ 75.056431][ T5088] stack backtrace: [ 75.056435][ T5088] CPU: 0 PID: 5088 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 75.056457][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 75.056468][ T5088] Call Trace: [ 75.056474][ T5088] [ 75.056480][ T5088] dump_stack_lvl+0xd9/0x1b0 [ 75.056507][ T5088] check_noncircular+0x317/0x400 [ 75.056537][ T5088] ? print_circular_bug+0x5c0/0x5c0 [ 75.056575][ T5088] ? lockdep_lock+0xc6/0x200 [ 75.056601][ T5088] ? hlock_class+0x130/0x130 [ 75.056630][ T5088] __lock_acquire+0x2433/0x3b20 [ 75.056666][ T5088] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 75.056700][ T5088] ? lock_acquire+0x1ae/0x520 [ 75.056729][ T5088] ? find_held_lock+0x2d/0x110 [ 75.056758][ T5088] lock_acquire+0x1ae/0x520 [ 75.056786][ T5088] ? vprintk_emit+0x313/0x5f0 [ 75.056808][ T5088] ? lock_sync+0x190/0x190 [ 75.056836][ T5088] ? reacquire_held_locks+0x4c0/0x4c0 [ 75.056865][ T5088] ? do_raw_spin_lock+0x12e/0x2b0 [ 75.056886][ T5088] ? spin_bug+0x1d0/0x1d0 [ 75.056904][ T5088] ? down_trylock+0x49/0x70 [ 75.056926][ T5088] vprintk_emit+0x328/0x5f0 [ 75.056945][ T5088] ? vprintk_emit+0x313/0x5f0 [ 75.056967][ T5088] vprintk+0x7b/0x90 [ 75.056993][ T5088] _printk+0xc8/0x100 [ 75.057021][ T5088] ? kmsg_dump_get_line+0x350/0x350 [ 75.057050][ T5088] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 75.057081][ T5088] ? ___ratelimit+0x24c/0x570 [ 75.057107][ T5088] ? idr_get_free+0xa30/0xa30 [ 75.057135][ T5088] should_fail_ex+0x46b/0x5b0 [ 75.057157][ T5088] strncpy_from_user+0x38/0x300 [ 75.057180][ T5088] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 75.057213][ T5088] strncpy_from_user_nofault+0x80/0x180 [ 75.057243][ T5088] bpf_probe_read_user_str+0x26/0x70 [ 75.057275][ T5088] bpf_prog_6fb7ada547f278f2+0x3d/0x3f [ 75.057297][ T5088] bpf_trace_run4+0x173/0x450 [ 75.057318][ T5088] ? bpf_trace_run3+0x430/0x430 [ 75.057340][ T5088] ? reacquire_held_locks+0x4c0/0x4c0 [ 75.057373][ T5088] __bpf_trace_sched_switch+0x13e/0x180 [ 75.057395][ T5088] ? __bpf_trace_ipi_raise+0xf0/0xf0 [ 75.057416][ T5088] ? psi_group_change+0x530/0xdc0 [ 75.057443][ T5088] __traceiter_sched_switch+0x6c/0xc0 [ 75.057471][ T5088] __schedule+0x21f3/0x5af0 [ 75.057499][ T5088] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 75.057531][ T5088] ? mark_held_locks+0x9f/0xe0 [ 75.057563][ T5088] ? __print_lock_name+0x1c2/0x260 [ 75.057590][ T5088] ? io_schedule_timeout+0x150/0x150 [ 75.057620][ T5088] ? schedule+0x1fc/0x270 [ 75.057648][ T5088] ? reacquire_held_locks+0x4c0/0x4c0 [ 75.057689][ T5088] schedule+0xe9/0x270 [ 75.057717][ T5088] ptrace_stop.part.0+0x44d/0x7a0 [ 75.057743][ T5088] ptrace_do_notify+0x22f/0x2e0 [ 75.057766][ T5088] ? lock_sync+0x190/0x190 [ 75.057793][ T5088] ? ptrace_stop.part.0+0x7a0/0x7a0 [ 75.057824][ T5088] ptrace_notify+0xc8/0x130 [ 75.057847][ T5088] syscall_exit_to_user_mode_prepare+0x126/0x230 [ 75.057875][ T5088] syscall_exit_to_user_mode+0xe/0x60 [ 75.057896][ T5088] do_syscall_64+0x4d/0x110 [ 75.057921][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 75.057943][ T5088] RIP: 0033:0x7fc3b1ed34f9 [ 75.057958][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 75.057977][ T5088] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 75.057996][ T5088] RAX: 00000000000000d8 RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 75.058009][ T5088] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 75.058021][ T5088] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00000000557624c0 [ 75.058034][ T5088] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 75.058047][ T5088] R13: 00007ffdaa3d0334 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 75.058068][ T5088] [ 76.183945][ T5088] CPU: 0 PID: 5088 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 76.194344][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 76.204378][ T5088] Call Trace: [ 76.207639][ T5088] [ 76.210549][ T5088] dump_stack_lvl+0xd9/0x1b0 [ 76.215130][ T5088] should_fail_ex+0x496/0x5b0 [ 76.219789][ T5088] strncpy_from_user+0x38/0x300 [ 76.224620][ T5088] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 76.230591][ T5088] strncpy_from_user_nofault+0x80/0x180 [ 76.236125][ T5088] bpf_probe_read_user_str+0x26/0x70 [ 76.241409][ T5088] bpf_prog_6fb7ada547f278f2+0x3d/0x3f [ 76.246852][ T5088] bpf_trace_run4+0x173/0x450 [ 76.251511][ T5088] ? bpf_trace_run3+0x430/0x430 [ 76.256339][ T5088] ? reacquire_held_locks+0x4c0/0x4c0 [ 76.261709][ T5088] __bpf_trace_sched_switch+0x13e/0x180 [ 76.267234][ T5088] ? __bpf_trace_ipi_raise+0xf0/0xf0 [ 76.272508][ T5088] ? psi_group_change+0x530/0xdc0 [ 76.277521][ T5088] __traceiter_sched_switch+0x6c/0xc0 [ 76.282887][ T5088] __schedule+0x21f3/0x5af0 [ 76.287381][ T5088] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 76.293348][ T5088] ? mark_held_locks+0x9f/0xe0 [ 76.298099][ T5088] ? __print_lock_name+0x1c2/0x260 [ 76.303192][ T5088] ? io_schedule_timeout+0x150/0x150 [ 76.308461][ T5088] ? schedule+0x1fc/0x270 [ 76.312772][ T5088] ? reacquire_held_locks+0x4c0/0x4c0 [ 76.318132][ T5088] schedule+0xe9/0x270 [ 76.322184][ T5088] ptrace_stop.part.0+0x44d/0x7a0 [ 76.327191][ T5088] ptrace_do_notify+0x22f/0x2e0 [ 76.332021][ T5088] ? lock_sync+0x190/0x190 [ 76.336420][ T5088] ? ptrace_stop.part.0+0x7a0/0x7a0 [ 76.341606][ T5088] ptrace_notify+0xc8/0x130 [ 76.346091][ T5088] syscall_exit_to_user_mode_prepare+0x126/0x230 [ 76.352405][ T5088] syscall_exit_to_user_mode+0xe/0x60 [ 76.357812][ T5088] do_syscall_64+0x4d/0x110 [ 76.362310][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 76.368186][ T5088] RIP: 0033:0x7fc3b1ed34f9 [ 76.372582][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 76.392172][ T5088] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 76.400567][ T5088] RAX: 00000000000000d8 RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 76.408516][ T5088] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [ 76.416478][ T5088] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00000000557624c0 [ 76.424433][ T5088] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 76.432404][ T5088] R13: 00007ffdaa3d0334 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 76.440365][ T5088] [ 76.443791][ T5090] CPU: 1 PID: 5090 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 76.454219][ T5090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 76.464264][ T5090] Call Trace: [ 76.467530][ T5090] [ 76.470450][ T5090] dump_stack_lvl+0x125/0x1b0 [ 76.475129][ T5090] should_fail_ex+0x496/0x5b0 [ 76.479798][ T5090] ? __lock_acquire+0xc65/0x3b20 [ 76.484740][ T5090] should_failslab+0x9/0x20 [ 76.489255][ T5090] __kmem_cache_alloc_node+0x6b/0x310 [ 76.494639][ T5090] ? ip6_tun_build_state+0x165/0x680 [ 76.499928][ T5090] ? ip6_tun_build_state+0x165/0x680 [ 76.505221][ T5090] __kmalloc+0x49/0x90 [ 76.509301][ T5090] ip6_tun_build_state+0x165/0x680 [ 76.514412][ T5090] ? __mutex_unlock_slowpath+0x165/0x650 [ 76.520043][ T5090] ? ip_tun_parse_opts.part.0+0xfa0/0xfa0 [ 76.525762][ T5090] ? find_held_lock+0x2d/0x110 [ 76.530535][ T5090] ? pcpu_alloc+0x1f1/0x1420 [ 76.535130][ T5090] ? lwtunnel_build_state+0x1d3/0x670 [ 76.540505][ T5090] lwtunnel_build_state+0x1d3/0x670 [ 76.545710][ T5090] fib_nh_common_init+0x149/0x2d0 [ 76.550731][ T5090] ? rt_fibinfo_free_cpus.part.0+0x1d0/0x1d0 [ 76.556707][ T5090] ? gre_gso_segment+0x17b0/0x17b0 [ 76.561820][ T5090] fib_nh_init+0xbd/0x450 [ 76.566145][ T5090] fib_create_info+0x24fb/0x4d50 [ 76.571084][ T5090] ? fib_result_prefsrc+0x4b0/0x4b0 [ 76.576273][ T5090] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 76.582252][ T5090] ? idr_get_free+0xa30/0xa30 [ 76.586925][ T5090] fib_table_insert+0x1d7/0x1d70 [ 76.591867][ T5090] ? find_held_lock+0x2d/0x110 [ 76.596645][ T5090] ? fib_route_seq_show+0xea0/0xea0 [ 76.601848][ T5090] ? lwtunnel_valid_encap_type+0x113/0x6a0 [ 76.607650][ T5090] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 76.613540][ T5090] ? rtm_to_fib_config+0x71d/0x12c0 [ 76.618732][ T5090] ? inet_rtm_newroute+0x11f/0x200 [ 76.623841][ T5090] inet_rtm_newroute+0x11f/0x200 [ 76.628776][ T5090] ? inet_rtm_delroute+0x390/0x390 [ 76.633885][ T5090] ? inet_rtm_delroute+0x390/0x390 [ 76.638989][ T5090] rtnetlink_rcv_msg+0x3c7/0xe00 [ 76.643932][ T5090] ? rtnl_fill_vf+0x4a0/0x4a0 [ 76.648606][ T5090] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 76.654609][ T5090] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 76.660597][ T5090] netlink_rcv_skb+0x16b/0x440 [ 76.665355][ T5090] ? rtnl_fill_vf+0x4a0/0x4a0 [ 76.670026][ T5090] ? netlink_ack+0x1380/0x1380 [ 76.674779][ T5090] ? lock_sync+0x190/0x190 [ 76.679201][ T5090] ? netlink_deliver_tap+0x1a0/0xd00 [ 76.684482][ T5090] ? _copy_from_iter+0x2c1/0x10f0 [ 76.689518][ T5090] netlink_unicast+0x53b/0x810 [ 76.694296][ T5090] ? netlink_attachskb+0x880/0x880 [ 76.699409][ T5090] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 76.705297][ T5090] ? __phys_addr_symbol+0x30/0x70 [ 76.710322][ T5090] ? __check_object_size+0x323/0x730 [ 76.715615][ T5090] netlink_sendmsg+0x8b7/0xd70 [ 76.720372][ T5090] ? netlink_unicast+0x810/0x810 [ 76.725311][ T5090] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 76.730595][ T5090] ? netlink_unicast+0x810/0x810 [ 76.735532][ T5090] __sock_sendmsg+0xd5/0x180 [ 76.740118][ T5090] ____sys_sendmsg+0x6ac/0x940 [ 76.744876][ T5090] ? copy_msghdr_from_user+0x10b/0x160 [ 76.750339][ T5090] ? kernel_sendmsg+0x50/0x50 [ 76.755016][ T5090] ? hlock_class+0x4e/0x130 [ 76.759535][ T5090] ___sys_sendmsg+0x135/0x1d0 [ 76.764214][ T5090] ? do_recvmmsg+0x740/0x740 [ 76.768814][ T5090] ? recalc_sigpending_tsk+0x187/0x1d0 [ 76.774270][ T5090] ? __fget_light+0x1fc/0x260 [ 76.778946][ T5090] __sys_sendmsg+0x117/0x1e0 [ 76.783537][ T5090] ? __sys_sendmsg_sock+0x30/0x30 [ 76.788570][ T5090] ? ptrace_notify+0xf4/0x130 [ 76.793241][ T5090] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 76.799484][ T5090] do_syscall_64+0x40/0x110 [ 76.803990][ T5090] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 76.809880][ T5090] RIP: 0033:0x7fc3b1ed34f9 [ 76.814287][ T5090] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 76.833892][ T5090] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 76.842299][ T5090] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 76.850263][ T5090] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [pid 5090] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [pid 5089] <... sendmsg resumed>) = 216 [pid 5088] <... sendmsg resumed>) = 216 [pid 5087] <... sendmsg resumed>) = 216 [pid 5086] <... bpf resumed>) = 6 [pid 5085] <... close resumed>) = 0 [pid 5088] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5087] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5085] close(7 [pid 5088] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5087] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5085] close(8 [pid 5088] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5087] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5085] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5087] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5085] close(9 [pid 5088] <... bpf resumed>) = 5 [pid 5087] <... bpf resumed>) = 5 [pid 5085] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5085] close(10) = -1 EBADF (Bad file descriptor) [pid 5085] close(11) = -1 EBADF (Bad file descriptor) [pid 5085] close(12) = -1 EBADF (Bad file descriptor) [pid 5085] close(13) = -1 EBADF (Bad file descriptor) [pid 5085] close(14) = -1 EBADF (Bad file descriptor) [pid 5085] close(15) = -1 EBADF (Bad file descriptor) [pid 5085] close(16) = -1 EBADF (Bad file descriptor) [pid 5085] close(17) = -1 EBADF (Bad file descriptor) [pid 5085] close(18) = -1 EBADF (Bad file descriptor) [pid 5085] close(19) = -1 EBADF (Bad file descriptor) [pid 5088] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5085] close(20 [pid 5088] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5087] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5085] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5087] <... bpf resumed>) = -1 EINVAL (Invalid argument) [ 76.858224][ T5090] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00000000557624c0 [ 76.866194][ T5090] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 76.874157][ T5090] R13: 00007ffdaa3d0334 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 76.882126][ T5090] [ 76.893981][ T5089] FAULT_INJECTION: forcing a failure. [ 76.893981][ T5089] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.907024][ T5089] CPU: 0 PID: 5089 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 76.917440][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 76.927491][ T5089] Call Trace: [ 76.930770][ T5089] [ 76.933701][ T5089] dump_stack_lvl+0xd9/0x1b0 [ 76.938302][ T5089] should_fail_ex+0x496/0x5b0 [ 76.942993][ T5089] strncpy_from_user+0x38/0x300 [ 76.947855][ T5089] ? bpf_trace_run4+0x1aa/0x450 [ 76.952710][ T5089] strncpy_from_user_nofault+0x80/0x180 [ 76.958274][ T5089] bpf_probe_read_user_str+0x26/0x70 [ 76.963577][ T5089] bpf_prog_6fb7ada547f278f2+0x3d/0x3f [ 76.969071][ T5089] bpf_trace_run4+0x173/0x450 [ 76.973770][ T5089] ? bpf_trace_run3+0x430/0x430 [ 76.978630][ T5089] ? reacquire_held_locks+0x4c0/0x4c0 [ 76.984013][ T5089] ? rcu_is_watching+0x12/0xb0 [ 76.988770][ T5089] __bpf_trace_sched_switch+0x13e/0x180 [ 76.994301][ T5089] ? __bpf_trace_ipi_raise+0xf0/0xf0 [ 76.999569][ T5089] ? psi_group_change+0x530/0xdc0 [ 77.004577][ T5089] __traceiter_sched_switch+0x6c/0xc0 [ 77.009936][ T5089] __schedule+0x21f3/0x5af0 [ 77.014429][ T5089] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 77.020396][ T5089] ? rcu_is_watching+0x12/0xb0 [ 77.025142][ T5089] ? io_schedule_timeout+0x150/0x150 [ 77.030421][ T5089] ? lock_release+0x4bf/0x690 [ 77.035089][ T5089] ? cgroup_enter_frozen+0x166/0x2f0 [ 77.040367][ T5089] ? schedule+0x1fc/0x270 [ 77.044685][ T5089] ? reacquire_held_locks+0x4c0/0x4c0 [ 77.050058][ T5089] ? spin_bug+0x1d0/0x1d0 [ 77.054370][ T5089] schedule+0xe9/0x270 [ 77.058425][ T5089] ptrace_stop.part.0+0x44d/0x7a0 [ 77.063435][ T5089] ptrace_do_notify+0x22f/0x2e0 [ 77.068280][ T5089] ? lock_sync+0x190/0x190 [ 77.072690][ T5089] ? ptrace_stop.part.0+0x7a0/0x7a0 [ 77.077868][ T5089] ? restore_fpregs_from_fpstate+0xc1/0x1d0 [ 77.083749][ T5089] ptrace_notify+0xc8/0x130 [ 77.088232][ T5089] syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 77.094283][ T5089] syscall_enter_from_user_mode+0x107/0x120 [ 77.100155][ T5089] do_syscall_64+0x1c/0x110 [ 77.104643][ T5089] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 77.110515][ T5089] RIP: 0033:0x7fc3b1ed34f9 [ 77.114907][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 77.134500][ T5089] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 77.142891][ T5089] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 77.150842][ T5089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [pid 5085] close(21 [pid 5090] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5089] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5088] <... bpf resumed>) = 6 [pid 5087] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5086] close(3 [pid 5085] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5088] close(3 [pid 5087] <... bpf resumed>) = 6 [pid 5086] <... close resumed>) = 0 [pid 5085] close(22 [pid 5066] kill(-2, SIGKILL [pid 5065] kill(-2, SIGKILL [pid 5089] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5088] <... close resumed>) = 0 [pid 5087] close(3 [pid 5085] <... close resumed>) = ? [pid 5066] <... kill resumed>) = 0 [pid 5065] <... kill resumed>) = 0 [pid 5089] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5088] close(4 [pid 5087] <... close resumed>) = 0 [pid 5086] +++ killed by SIGKILL +++ [pid 5085] +++ killed by SIGKILL +++ [pid 5066] kill(2, SIGKILL [pid 5065] kill(2, SIGKILL [pid 5089] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5088] <... close resumed>) = 0 [pid 5066] <... kill resumed>) = 0 [pid 5065] <... kill resumed>) = 0 [pid 5089] <... bpf resumed>) = 5 [pid 5087] close(4 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=2, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=45 /* 0.45 s */} --- [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=2, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5089] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5088] close(5 [pid 5087] <... close resumed>) = 0 [pid 5089] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... close resumed>) = 0 [pid 5087] close(5 [pid 5089] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5087] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached [pid 5089] <... bpf resumed>) = 6 [pid 5088] close(6 [pid 5091] set_robust_list(0x555555761660, 24 [pid 5089] close(3 [pid 5065] <... clone resumed>, child_tidptr=0x555555761650) = 3 [pid 5091] <... set_robust_list resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5087] close(6 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] close(4 [pid 5088] <... close resumed>) = 0 [pid 5091] <... prctl resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5088] close(7 [pid 5091] setpgid(0, 0 [pid 5089] close(5 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] <... setpgid resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5088] close(8 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] close(6 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) ./strace-static-x86_64: Process 5092 attached [pid 5091] <... openat resumed>) = 3 [pid 5088] close(9 [pid 5092] set_robust_list(0x555555761660, 24 [pid 5091] write(3, "1000", 4 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5066] <... clone resumed>, child_tidptr=0x555555761650) = 3 [pid 5091] <... write resumed>) = 4 [pid 5090] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... close resumed>) = 0 [pid 5088] close(10 [pid 5087] <... close resumed>) = 0 [pid 5092] <... set_robust_list resumed>) = 0 [pid 5091] close(3 [pid 5090] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5089] close(7 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(7 [pid 5091] <... close resumed>) = 0 [pid 5090] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(11 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5090] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5089] close(8 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(8 [pid 5092] <... prctl resumed>) = 0 [pid 5091] <... socket resumed>) = 3 [ 77.158792][ T5089] RBP: 0000000000000000 R08: 00000000557624c0 R09: 00000000557624c0 [ 77.166741][ T5089] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [ 77.174690][ T5089] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 77.182647][ T5089] [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(12 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] setpgid(0, 0 [pid 5091] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5090] <... bpf resumed>) = 5 [pid 5089] close(9 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(9 [pid 5092] <... setpgid resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5090] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(13 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5089] close(10 [pid 5087] close(10 [pid 5090] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] close(11 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(11 [pid 5092] <... openat resumed>) = 3 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(14 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] close(12 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(12 [pid 5092] write(3, "1000", 4 [pid 5091] write(4, "10", 2 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(15 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... write resumed>) = 4 [pid 5089] close(13 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(13 [pid 5092] close(3 [pid 5091] <... write resumed>) = 2 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(16 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = 0 [pid 5091] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5089] close(14 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(14 [pid 5092] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5090] <... bpf resumed>) = 6 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(3 [pid 5089] close(15 [pid 5087] close(15 [pid 5090] <... close resumed>) = 0 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(4 [pid 5089] close(16 [pid 5087] close(16 [pid 5090] <... close resumed>) = 0 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(5) = 0 [pid 5089] close(17 [pid 5087] close(17 [pid 5090] close(6 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] close(18 [pid 5087] close(18 [pid 5090] <... close resumed>) = 0 [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(7 [pid 5089] close(19 [pid 5087] close(19 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(8 [pid 5089] close(20 [pid 5087] close(20 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(9 [pid 5089] close(21 [pid 5087] close(21 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(10 [pid 5089] close(22 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... socket resumed>) = 3 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5090] close(11 [pid 5089] close(23 [pid 5087] close(22 [pid 5092] <... openat resumed>) = 4 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] write(4, "10", 2 [pid 5090] close(12 [pid 5089] close(24 [pid 5087] close(23 [pid 5092] <... write resumed>) = 2 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5090] close(13 [pid 5089] close(25 [pid 5087] close(24 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(14 [pid 5089] close(26 [pid 5087] close(25 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(17 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(15 [pid 5089] close(27 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(26 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(18 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(16 [pid 5089] close(28 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(27 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(19 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(17 [pid 5089] close(29 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(28 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(20 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(18 [pid 5089] exit_group(0 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] close(29 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5089] <... exit_group resumed>) = ? [pid 5088] close(21 [pid 5087] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(19 [pid 5089] +++ exited with 0 +++ [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] exit_group(0 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(22 [pid 5087] <... exit_group resumed>) = ? [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5090] close(20 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5087] +++ exited with 0 +++ [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(23 [pid 5090] close(21 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(24 [pid 5068] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5093 attached [pid 5090] close(22 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5070] <... clone resumed>, child_tidptr=0x555555761650) = 4 [pid 5068] <... restart_syscall resumed>) = 0 [pid 5093] set_robust_list(0x555555761660, 24 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(25 [pid 5093] <... set_robust_list resumed>) = 0 [pid 5090] close(23 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5088] close(26 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5094 attached [pid 5093] <... prctl resumed>) = 0 [pid 5090] close(24 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] set_robust_list(0x555555761660, 24 [pid 5088] close(27 [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 4 [pid 5094] <... set_robust_list resumed>) = 0 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] close(28 [pid 5094] <... prctl resumed>) = 0 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] setpgid(0, 0 [pid 5088] close(29 [pid 5094] <... setpgid resumed>) = 0 [pid 5088] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] exit_group(0 [pid 5094] <... openat resumed>) = 3 [pid 5088] <... exit_group resumed>) = ? [pid 5088] +++ exited with 0 +++ [ 77.230908][ T5091] validate_nla: 10 callbacks suppressed [ 77.230923][ T5091] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 77.271024][ T5091] netlink: 'syz-executor229': attribute type 1 has an invalid length. [pid 5094] write(3, "1000", 4) = 4 [pid 5093] setpgid(0, 0 [pid 5091] <... sendmsg resumed>) = 216 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(3 [pid 5093] <... setpgid resumed>) = 0 [pid 5090] close(25 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5094] <... close resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5094] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5090] close(26 [pid 5072] <... restart_syscall resumed>) = 0 [pid 5094] <... socket resumed>) = 3 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(27 [pid 5093] <... openat resumed>) = 3 [pid 5094] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5090] close(28) = -1 EBADF (Bad file descriptor) [pid 5090] close(29 [pid 5093] write(3, "1000", 4 [pid 5092] <... sendmsg resumed>) = 216 [pid 5091] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5090] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... openat resumed>) = 4 [pid 5093] <... write resumed>) = 4 [pid 5092] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5091] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5090] exit_group(0 [pid 5094] write(4, "10", 2 [pid 5093] close(3 [pid 5091] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5090] <... exit_group resumed>) = ? [pid 5094] <... write resumed>) = 2 [pid 5090] +++ exited with 0 +++ [pid 5094] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5093] <... close resumed>) = 0 [pid 5091] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5073] <... restart_syscall resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5095 attached , child_tidptr=0x555555761650) = 4 [pid 5095] set_robust_list(0x555555761660, 24) = 0 [pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5095] setpgid(0, 0./strace-static-x86_64: Process 5096 attached ) = 0 [pid 5096] set_robust_list(0x555555761660, 24 [pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5096] <... set_robust_list resumed>) = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... openat resumed>) = 3 [pid 5096] <... prctl resumed>) = 0 [pid 5095] write(3, "1000", 4 [pid 5096] setpgid(0, 0 [pid 5095] <... write resumed>) = 4 [pid 5096] <... setpgid resumed>) = 0 [pid 5095] close(3 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... close resumed>) = 0 [pid 5096] <... openat resumed>) = 3 [pid 5095] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5095] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5095] write(4, "10", 2) = 2 [pid 5095] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5096] write(3, "1000", 4) = 4 [pid 5096] close(3) = 0 [ 77.279566][ T5092] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 77.287924][ T5092] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 77.298985][ T5092] FAULT_INJECTION: forcing a failure. [ 77.298985][ T5092] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.302562][ T5094] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 77.313808][ T5092] CPU: 1 PID: 5092 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [pid 5096] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5096] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5096] write(4, "10", 2) = 2 [pid 5096] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5094] <... sendmsg resumed>) = 216 [pid 5094] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5094] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [ 77.331206][ T5092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 77.336140][ T5094] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 77.341254][ T5092] Call Trace: [ 77.341263][ T5092] [ 77.341271][ T5092] dump_stack_lvl+0x125/0x1b0 [ 77.341303][ T5092] should_fail_ex+0x496/0x5b0 [ 77.350930][ T5095] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 77.352680][ T5092] _copy_from_user+0x30/0xf0 [ 77.352712][ T5092] __sys_bpf+0x210/0x4b20 [ 77.356170][ T5095] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 77.360275][ T5092] ? do_raw_spin_lock+0x12e/0x2b0 [ 77.360300][ T5092] ? bpf_perf_link_attach+0x540/0x540 [ 77.368331][ T5094] FAULT_INJECTION: forcing a failure. [ 77.368331][ T5094] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.373549][ T5092] ? cgroup_update_frozen+0x144/0x6b0 [ 77.373587][ T5092] ? recalc_sigpending_tsk+0x187/0x1d0 [ 77.373609][ T5092] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 77.373640][ T5092] ? rcu_is_watching+0x12/0xb0 [ 77.385633][ T5096] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 77.390624][ T5092] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 77.396154][ T5096] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 77.400982][ T5092] ? _raw_spin_unlock_irq+0x2e/0x50 [ 77.401010][ T5092] ? ptrace_notify+0xf4/0x130 [ 77.466848][ T5092] __x64_sys_bpf+0x78/0xc0 [ 77.471261][ T5092] ? syscall_enter_from_user_mode+0x107/0x120 [ 77.477322][ T5092] do_syscall_64+0x40/0x110 [ 77.481824][ T5092] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 77.487713][ T5092] RIP: 0033:0x7fc3b1ed34f9 [ 77.492128][ T5092] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 77.511732][ T5092] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 77.520137][ T5092] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 77.528100][ T5092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 77.536061][ T5092] RBP: 0000000000000000 R08: 00000009557624c0 R09: 00000009557624c0 [ 77.544024][ T5092] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [ 77.551983][ T5092] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 77.559948][ T5092] [ 77.563951][ T5094] CPU: 0 PID: 5094 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 77.568466][ T5091] FAULT_INJECTION: forcing a failure. [ 77.568466][ T5091] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.574365][ T5094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 77.574377][ T5094] Call Trace: [ 77.574385][ T5094] [ 77.574392][ T5094] dump_stack_lvl+0x125/0x1b0 [ 77.574423][ T5094] should_fail_ex+0x496/0x5b0 [ 77.612950][ T5094] _copy_from_user+0x30/0xf0 [ 77.617552][ T5094] __sys_bpf+0x210/0x4b20 [ 77.621886][ T5094] ? do_raw_spin_lock+0x12e/0x2b0 [ 77.626915][ T5094] ? bpf_perf_link_attach+0x540/0x540 [ 77.632294][ T5094] ? cgroup_update_frozen+0x144/0x6b0 [ 77.637674][ T5094] ? recalc_sigpending_tsk+0x187/0x1d0 [ 77.643130][ T5094] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 77.648340][ T5094] ? rcu_is_watching+0x12/0xb0 [ 77.653106][ T5094] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 77.659091][ T5094] ? _raw_spin_unlock_irq+0x2e/0x50 [ 77.664296][ T5094] ? ptrace_notify+0xf4/0x130 [ 77.668982][ T5094] __x64_sys_bpf+0x78/0xc0 [ 77.673398][ T5094] ? syscall_enter_from_user_mode+0x107/0x120 [ 77.679470][ T5094] do_syscall_64+0x40/0x110 [ 77.683979][ T5094] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 77.689870][ T5094] RIP: 0033:0x7fc3b1ed34f9 [ 77.694287][ T5094] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 77.713904][ T5094] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 77.722314][ T5094] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [pid 5094] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 4 [pid 5091] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5096] <... sendmsg resumed>) = 216 [pid 5095] <... sendmsg resumed>) = 216 [pid 5093] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5092] <... bpf resumed>) = -1 EINVAL (Invalid argument) [ 77.730279][ T5094] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 77.738245][ T5094] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 77.746209][ T5094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.754175][ T5094] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 77.762147][ T5094] [ 77.765163][ T5091] CPU: 1 PID: 5091 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 77.775583][ T5091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 77.785626][ T5091] Call Trace: [ 77.788897][ T5091] [ 77.791819][ T5091] dump_stack_lvl+0x125/0x1b0 [ 77.796495][ T5091] should_fail_ex+0x496/0x5b0 [ 77.801169][ T5091] _copy_from_user+0x30/0xf0 [ 77.805756][ T5091] __sys_bpf+0x210/0x4b20 [ 77.810090][ T5091] ? do_raw_spin_lock+0x12e/0x2b0 [ 77.815111][ T5091] ? bpf_perf_link_attach+0x540/0x540 [ 77.820483][ T5091] ? cgroup_update_frozen+0x144/0x6b0 [ 77.825858][ T5091] ? recalc_sigpending_tsk+0x187/0x1d0 [ 77.831311][ T5091] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 77.836518][ T5091] ? rcu_is_watching+0x12/0xb0 [ 77.841283][ T5091] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 77.847263][ T5091] ? _raw_spin_unlock_irq+0x2e/0x50 [ 77.852461][ T5091] ? ptrace_notify+0xf4/0x130 [ 77.857136][ T5091] __x64_sys_bpf+0x78/0xc0 [ 77.861546][ T5091] ? syscall_enter_from_user_mode+0x107/0x120 [ 77.867607][ T5091] do_syscall_64+0x40/0x110 [ 77.872108][ T5091] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 77.877995][ T5091] RIP: 0033:0x7fc3b1ed34f9 [ 77.882417][ T5091] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 77.902019][ T5091] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 77.910425][ T5091] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 77.918387][ T5091] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [pid 5092] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5091] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5092] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5091] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5093] <... socket resumed>) = 3 [pid 5091] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5091] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 5091] close(3) = 0 [pid 5091] close(4 [pid 5096] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5095] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5094] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5093] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5092] <... bpf resumed>) = 5 [pid 5096] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5094] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5092] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5091] <... close resumed>) = 0 [pid 5096] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5095] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5094] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(5 [pid 5094] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5093] <... openat resumed>) = 4 [pid 5092] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5096] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5094] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [ 77.926363][ T5091] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000009557624c0 [ 77.934322][ T5091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.942278][ T5091] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 77.950247][ T5091] [ 77.968773][ T5095] FAULT_INJECTION: forcing a failure. [ 77.968773][ T5095] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.981808][ T5095] CPU: 0 PID: 5095 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 77.992196][ T5095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 78.002228][ T5095] Call Trace: [ 78.005488][ T5095] [ 78.008399][ T5095] dump_stack_lvl+0xd9/0x1b0 [ 78.012977][ T5095] should_fail_ex+0x496/0x5b0 [ 78.017636][ T5095] ? rcu_is_watching+0x12/0xb0 [ 78.022382][ T5095] strncpy_from_user+0x38/0x300 [ 78.027227][ T5095] ? lock_release+0x4bf/0x690 [ 78.031891][ T5095] strncpy_from_user_nofault+0x80/0x180 [ 78.037422][ T5095] bpf_probe_read_user_str+0x26/0x70 [ 78.042697][ T5095] bpf_prog_6fb7ada547f278f2+0x3d/0x3f [ 78.048134][ T5095] bpf_trace_run4+0x173/0x450 [ 78.052791][ T5095] ? bpf_trace_run3+0x430/0x430 [ 78.057622][ T5095] ? kvm_sched_clock_read+0x11/0x20 [ 78.062811][ T5095] __bpf_trace_sched_switch+0x13e/0x180 [ 78.068344][ T5095] ? __bpf_trace_ipi_raise+0xf0/0xf0 [ 78.073611][ T5095] ? psi_task_switch+0x2d9/0x900 [ 78.078535][ T5095] __schedule+0x21f3/0x5af0 [ 78.083033][ T5095] ? __wake_up_common+0x129/0x1d0 [ 78.088046][ T5095] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 78.094019][ T5095] ? rcu_is_watching+0x12/0xb0 [ 78.098768][ T5095] ? io_schedule_timeout+0x150/0x150 [ 78.104041][ T5095] ? lock_release+0x4bf/0x690 [ 78.108705][ T5095] ? cgroup_enter_frozen+0x166/0x2f0 [ 78.113978][ T5095] ? schedule+0x1fc/0x270 [ 78.118292][ T5095] ? reacquire_held_locks+0x4c0/0x4c0 [ 78.123658][ T5095] ? spin_bug+0x1d0/0x1d0 [ 78.127975][ T5095] schedule+0xe9/0x270 [ 78.132032][ T5095] ptrace_stop.part.0+0x44d/0x7a0 [ 78.137040][ T5095] ptrace_do_notify+0x22f/0x2e0 [ 78.141872][ T5095] ? lock_sync+0x190/0x190 [ 78.146272][ T5095] ? ptrace_stop.part.0+0x7a0/0x7a0 [ 78.151451][ T5095] ? restore_fpregs_from_fpstate+0xc1/0x1d0 [ 78.157332][ T5095] ptrace_notify+0xc8/0x130 [ 78.161815][ T5095] syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 78.167865][ T5095] syscall_enter_from_user_mode+0x107/0x120 [ 78.173739][ T5095] do_syscall_64+0x1c/0x110 [ 78.178228][ T5095] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 78.184104][ T5095] RIP: 0033:0x7fc3b1ed34f9 [ 78.188498][ T5095] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 78.208081][ T5095] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 78.216486][ T5095] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 78.224442][ T5095] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [pid 5096] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5095] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5092] <... bpf resumed>) = 6 [pid 5091] close(6 [pid 5096] <... bpf resumed>) = 5 [pid 5095] <... bpf resumed>) = 5 [pid 5094] close(3 [pid 5093] write(4, "10", 2 [pid 5092] close(3 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... write resumed>) = 2 [pid 5092] <... close resumed>) = 0 [pid 5091] close(7 [pid 5093] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5092] close(4 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5095] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5094] <... close resumed>) = 0 [pid 5093] <... sendmsg resumed>) = 216 [pid 5092] <... close resumed>) = 0 [pid 5091] close(8 [pid 5096] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5094] close(4 [pid 5093] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5092] close(5 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5095] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5094] <... close resumed>) = 0 [pid 5093] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... close resumed>) = 0 [pid 5091] close(9 [pid 5096] <... bpf resumed>) = 6 [pid 5095] <... bpf resumed>) = 6 [pid 5094] close(5 [pid 5092] close(6 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(3 [pid 5095] close(3 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5092] <... close resumed>) = 0 [pid 5091] close(10 [pid 5096] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] close(6 [pid 5093] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5092] close(7 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(4 [pid 5095] close(4 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(11 [pid 5096] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] close(7 [pid 5092] close(8 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(5 [pid 5095] close(5 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(12 [pid 5096] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] close(8 [pid 5092] close(9 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(6 [pid 5095] close(6 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... bpf resumed>) = 5 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(13 [pid 5094] close(9 [pid 5092] close(10 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(14 [pid 5094] close(10 [pid 5093] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5092] close(11 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(15 [pid 5094] close(11 [pid 5092] close(12 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(16 [pid 5094] close(12 [pid 5092] close(13 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(17 [pid 5094] close(13 [pid 5092] close(14 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(18 [pid 5094] close(14 [pid 5092] close(15 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(19 [pid 5094] close(15 [pid 5092] close(16 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(20 [pid 5094] close(16 [pid 5092] close(17 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(21 [pid 5094] close(17 [pid 5092] close(18 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(22 [pid 5094] close(18 [pid 5092] close(19 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(19 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(23 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(20 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(20 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(24 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(21 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(21 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(25 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(22 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(22 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(26 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(23 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(23 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(27 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(24 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(24 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(28 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(25 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(25 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] close(29 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(26 [pid 5091] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] close(26 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5091] exit_group(0 [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(27 [pid 5091] <... exit_group resumed>) = ? [pid 5094] close(27 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(28 [pid 5094] close(28 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] close(29 [pid 5091] +++ exited with 0 +++ [pid 5094] close(29 [pid 5092] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5094] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5092] exit_group(0 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5094] exit_group(0 [pid 5092] <... exit_group resumed>) = ? [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5094] <... exit_group resumed>) = ? [pid 5096] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] +++ exited with 0 +++ [pid 5092] +++ exited with 0 +++ [pid 5096] close(7 [pid 5095] close(7 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(8 [pid 5095] close(8 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(9 [pid 5095] close(9 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(10 [pid 5095] close(10 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(11 [pid 5095] close(11 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(12 [pid 5095] close(12 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(13 [pid 5095] close(13 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(14 [pid 5095] close(14 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(15 [pid 5095] close(15 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- ./strace-static-x86_64: Process 5097 attached [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5065] <... clone resumed>, child_tidptr=0x555555761650) = 4 [pid 5097] set_robust_list(0x555555761660, 24 [pid 5096] close(16 [pid 5095] close(16 [pid 5068] <... restart_syscall resumed>) = 0 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5097] <... set_robust_list resumed>) = 0 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(17 [pid 5095] close(17 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(18 [pid 5095] close(18 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(19 [pid 5095] close(19 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(20 [pid 5095] close(20 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(21 [pid 5095] close(21 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5096] close(22 [pid 5095] close(22 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(23 [pid 5095] close(23 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(24 [pid 5095] close(24 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(25 [pid 5095] close(25 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(26 [pid 5095] close(26 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(27 [pid 5095] close(27 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(28 [pid 5095] close(28 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] close(29 [pid 5095] close(29 [pid 5096] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5095] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5096] exit_group(0 [pid 5095] exit_group(0) = ? [pid 5097] <... prctl resumed>) = 0 [ 78.232402][ T5095] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 78.240358][ T5095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 78.248313][ T5095] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 78.256267][ T5095] [pid 5096] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5099 attached ./strace-static-x86_64: Process 5098 attached [pid 5097] setpgid(0, 0 [pid 5095] +++ exited with 0 +++ [pid 5099] set_robust_list(0x555555761660, 24 [pid 5098] set_robust_list(0x555555761660, 24 [pid 5099] <... set_robust_list resumed>) = 0 [pid 5098] <... set_robust_list resumed>) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5097] <... setpgid resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 5 [pid 5066] <... clone resumed>, child_tidptr=0x555555761650) = 4 [pid 5099] <... prctl resumed>) = 0 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5099] setpgid(0, 0 [pid 5098] <... prctl resumed>) = 0 [pid 5099] <... setpgid resumed>) = 0 [pid 5098] setpgid(0, 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5098] <... setpgid resumed>) = 0 [pid 5099] <... openat resumed>) = 3 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5099] write(3, "1000", 4./strace-static-x86_64: Process 5100 attached [pid 5098] <... openat resumed>) = 3 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5096] +++ exited with 0 +++ [pid 5093] <... bpf resumed>) = 6 [pid 5100] set_robust_list(0x555555761660, 24 [pid 5099] <... write resumed>) = 4 [pid 5098] write(3, "1000", 4 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5100] <... set_robust_list resumed>) = 0 [pid 5099] close(3 [pid 5098] <... write resumed>) = 4 [pid 5097] <... openat resumed>) = 3 [pid 5093] close(3 [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 5 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5099] <... close resumed>) = 0 [pid 5098] close(3 [pid 5097] write(3, "1000", 4 [pid 5093] <... close resumed>) = 0 [pid 5100] <... prctl resumed>) = 0 [pid 5099] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5098] <... close resumed>) = 0 [pid 5097] <... write resumed>) = 4 [pid 5093] close(4 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5100] setpgid(0, 0 [pid 5099] <... socket resumed>) = 3 [pid 5098] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5097] close(3 [pid 5093] <... close resumed>) = 0 ./strace-static-x86_64: Process 5101 attached [pid 5100] <... setpgid resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5098] <... socket resumed>) = 3 [pid 5101] set_robust_list(0x555555761660, 24) = 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5097] <... close resumed>) = 0 [pid 5093] close(5 [pid 5073] <... clone resumed>, child_tidptr=0x555555761650) = 5 [pid 5101] <... prctl resumed>) = 0 [pid 5100] <... openat resumed>) = 3 [pid 5098] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5097] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5093] <... close resumed>) = 0 [pid 5100] write(3, "1000", 4 [pid 5099] <... openat resumed>) = 4 [pid 5100] <... write resumed>) = 4 [pid 5100] close(3 [pid 5097] <... socket resumed>) = 3 [pid 5100] <... close resumed>) = 0 [pid 5099] write(4, "10", 2 [pid 5097] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5101] setpgid(0, 0 [pid 5100] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5099] <... write resumed>) = 2 [pid 5093] close(6 [pid 5099] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5100] <... socket resumed>) = 3 [ 78.316054][ T5099] FAULT_INJECTION: forcing a failure. [ 78.316054][ T5099] name failslab, interval 1, probability 0, space 0, times 0 [ 78.328868][ T5099] CPU: 0 PID: 5099 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 78.339285][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 78.349330][ T5099] Call Trace: [ 78.352598][ T5099] [ 78.355516][ T5099] dump_stack_lvl+0x125/0x1b0 [ 78.360192][ T5099] should_fail_ex+0x496/0x5b0 [ 78.364862][ T5099] ? rcu_is_watching+0x12/0xb0 [ 78.369625][ T5099] should_failslab+0x9/0x20 [ 78.374137][ T5099] __kmem_cache_alloc_node+0x6b/0x310 [ 78.379513][ T5099] ? ip6_tun_build_state+0x165/0x680 [ 78.384800][ T5099] ? ip6_tun_build_state+0x165/0x680 [ 78.390082][ T5099] __kmalloc+0x49/0x90 [ 78.394148][ T5099] ip6_tun_build_state+0x165/0x680 [ 78.399255][ T5099] ? __mutex_unlock_slowpath+0x165/0x650 [ 78.404878][ T5099] ? ip_tun_parse_opts.part.0+0xfa0/0xfa0 [ 78.410596][ T5099] ? rcu_is_watching+0x12/0xb0 [ 78.415359][ T5099] ? rcu_is_watching+0x12/0xb0 [ 78.420124][ T5099] ? fib_nh_common_init+0xa1/0x2d0 [ 78.425226][ T5099] ? pcpu_alloc+0x1f1/0x1420 [ 78.429814][ T5099] ? lwtunnel_build_state+0x1d3/0x670 [ 78.435182][ T5099] lwtunnel_build_state+0x1d3/0x670 [ 78.440381][ T5099] fib_nh_common_init+0x149/0x2d0 [ 78.445400][ T5099] ? rt_fibinfo_free_cpus.part.0+0x1d0/0x1d0 [ 78.451374][ T5099] ? gre_gso_segment+0x17b0/0x17b0 [ 78.456488][ T5099] fib_nh_init+0xbd/0x450 [ 78.460814][ T5099] fib_create_info+0x24fb/0x4d50 [ 78.465755][ T5099] ? fib_result_prefsrc+0x4b0/0x4b0 [ 78.470950][ T5099] ? ___ratelimit+0x24c/0x570 [ 78.475631][ T5099] ? idr_get_free+0xa30/0xa30 [ 78.480307][ T5099] fib_table_insert+0x1d7/0x1d70 [ 78.485256][ T5099] ? rcu_is_watching+0x12/0xb0 [ 78.490020][ T5099] ? lock_release+0x4bf/0x690 [ 78.494697][ T5099] ? lock_acquire+0x464/0x520 [ 78.499382][ T5099] ? fib_route_seq_show+0xea0/0xea0 [ 78.504588][ T5099] ? lwtunnel_valid_encap_type+0x113/0x6a0 [ 78.510392][ T5099] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 78.516280][ T5099] ? rtm_to_fib_config+0x71d/0x12c0 [ 78.521471][ T5099] ? inet_rtm_newroute+0x11f/0x200 [ 78.526574][ T5099] inet_rtm_newroute+0x11f/0x200 [ 78.531506][ T5099] ? inet_rtm_delroute+0x390/0x390 [ 78.536616][ T5099] ? inet_rtm_delroute+0x390/0x390 [ 78.541719][ T5099] rtnetlink_rcv_msg+0x3c7/0xe00 [ 78.546655][ T5099] ? rtnl_fill_vf+0x4a0/0x4a0 [ 78.551334][ T5099] netlink_rcv_skb+0x16b/0x440 [ 78.556089][ T5099] ? rtnl_fill_vf+0x4a0/0x4a0 [ 78.560761][ T5099] ? netlink_ack+0x1380/0x1380 [ 78.565515][ T5099] ? lock_sync+0x190/0x190 [ 78.569929][ T5099] ? __rhashtable_lookup.constprop.0+0x397/0x710 [ 78.576269][ T5099] ? netlink_deliver_tap+0x1a0/0xd00 [ 78.581557][ T5099] ? _copy_from_iter+0x2c1/0x10f0 [ 78.586592][ T5099] netlink_unicast+0x53b/0x810 [ 78.591370][ T5099] ? netlink_attachskb+0x880/0x880 [ 78.596481][ T5099] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 78.602456][ T5099] ? __phys_addr_symbol+0x30/0x70 [ 78.607489][ T5099] ? __check_object_size+0x323/0x730 [ 78.612775][ T5099] netlink_sendmsg+0x8b7/0xd70 [ 78.617531][ T5099] ? netlink_unicast+0x810/0x810 [ 78.622476][ T5099] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 78.627760][ T5099] ? netlink_unicast+0x810/0x810 [ 78.632695][ T5099] __sock_sendmsg+0xd5/0x180 [ 78.637282][ T5099] ____sys_sendmsg+0x6ac/0x940 [ 78.642044][ T5099] ? copy_msghdr_from_user+0x10b/0x160 [ 78.647502][ T5099] ? kernel_sendmsg+0x50/0x50 [ 78.652174][ T5099] ? finish_task_switch.isra.0+0x219/0xca0 [ 78.657976][ T5099] ? __switch_to+0x75d/0x1380 [ 78.662655][ T5099] ___sys_sendmsg+0x135/0x1d0 [ 78.667328][ T5099] ? do_recvmmsg+0x740/0x740 [ 78.671921][ T5099] ? rcu_is_watching+0x12/0xb0 [ 78.676692][ T5099] ? recalc_sigpending_tsk+0x187/0x1d0 [ 78.682141][ T5099] ? __fget_light+0x1fc/0x260 [ 78.686818][ T5099] __sys_sendmsg+0x117/0x1e0 [ 78.691408][ T5099] ? __sys_sendmsg_sock+0x30/0x30 [ 78.696436][ T5099] ? ptrace_notify+0xf4/0x130 [ 78.701106][ T5099] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 78.707349][ T5099] do_syscall_64+0x40/0x110 [ 78.711852][ T5099] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 78.717738][ T5099] RIP: 0033:0x7fc3b1ed34f9 [ 78.722142][ T5099] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 78.741741][ T5099] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.750155][ T5099] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 78.758120][ T5099] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [pid 5101] <... setpgid resumed>) = 0 [pid 5100] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5098] <... openat resumed>) = 4 [pid 5097] <... openat resumed>) = 4 [pid 5100] <... openat resumed>) = 4 [pid 5098] write(4, "10", 2 [pid 5097] write(4, "10", 2 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5100] write(4, "10", 2 [pid 5097] <... write resumed>) = 2 [pid 5098] <... write resumed>) = 2 [pid 5098] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5100] <... write resumed>) = 2 [pid 5097] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5101] <... openat resumed>) = 3 [pid 5100] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5101] write(3, "1000", 4 [pid 5100] <... sendmsg resumed>) = 216 [pid 5099] <... sendmsg resumed>) = 216 [pid 5098] <... sendmsg resumed>) = 216 [pid 5097] <... sendmsg resumed>) = 216 [pid 5093] <... close resumed>) = 0 [pid 5101] <... write resumed>) = 4 [pid 5100] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5099] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5098] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5097] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5093] close(7 [pid 5101] close(3 [pid 5100] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5098] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5097] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = 0 [pid 5100] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5099] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5098] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5097] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5093] close(8 [pid 5101] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5100] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5099] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5098] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5097] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... socket resumed>) = 3 [pid 5100] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5099] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5098] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5097] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5093] close(9 [ 78.766080][ T5099] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00000000557624c0 [ 78.774040][ T5099] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 78.782003][ T5099] R13: 00007ffdaa3d0334 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 78.789973][ T5099] [pid 5101] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5099] <... bpf resumed>) = 5 [pid 5099] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5099] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5101] <... openat resumed>) = 4 [pid 5099] <... bpf resumed>) = 6 [ 78.816100][ T5100] FAULT_INJECTION: forcing a failure. [ 78.816100][ T5100] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.820188][ T5098] FAULT_INJECTION: forcing a failure. [ 78.820188][ T5098] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.830223][ T5097] FAULT_INJECTION: forcing a failure. [ 78.830223][ T5097] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.856361][ T5097] CPU: 1 PID: 5097 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 78.866793][ T5097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 78.876837][ T5097] Call Trace: [ 78.880107][ T5097] [ 78.883030][ T5097] dump_stack_lvl+0x125/0x1b0 [ 78.887711][ T5097] should_fail_ex+0x496/0x5b0 [ 78.892384][ T5097] _copy_from_user+0x30/0xf0 [ 78.896975][ T5097] __sys_bpf+0x210/0x4b20 [ 78.901298][ T5097] ? do_raw_spin_lock+0x12e/0x2b0 [ 78.906317][ T5097] ? bpf_perf_link_attach+0x540/0x540 [ 78.911678][ T5097] ? cgroup_update_frozen+0x144/0x6b0 [ 78.917053][ T5097] ? recalc_sigpending_tsk+0x187/0x1d0 [ 78.922500][ T5097] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 78.927697][ T5097] ? rcu_is_watching+0x12/0xb0 [ 78.932453][ T5097] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 78.938433][ T5097] ? _raw_spin_unlock_irq+0x2e/0x50 [ 78.943626][ T5097] ? ptrace_notify+0xf4/0x130 [ 78.948297][ T5097] __x64_sys_bpf+0x78/0xc0 [ 78.952703][ T5097] ? syscall_enter_from_user_mode+0x107/0x120 [ 78.958762][ T5097] do_syscall_64+0x40/0x110 [ 78.963266][ T5097] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 78.969153][ T5097] RIP: 0033:0x7fc3b1ed34f9 [ 78.973559][ T5097] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 78.993163][ T5097] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 79.001570][ T5097] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [pid 5099] close(3 [pid 5101] write(4, "10", 2 [pid 5099] <... close resumed>) = 0 [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] close(4) = 0 [pid 5099] close(5) = 0 [pid 5099] close(6 [pid 5101] <... write resumed>) = 2 [pid 5093] close(10 [ 79.009531][ T5097] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 79.017490][ T5097] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 79.025451][ T5097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.033412][ T5097] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.041379][ T5097] [ 79.044902][ T5098] CPU: 1 PID: 5098 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 79.047843][ T5101] FAULT_INJECTION: forcing a failure. [pid 5101] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [pid 5101] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5101] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [ 79.047843][ T5101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.055311][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 79.055325][ T5098] Call Trace: [ 79.055333][ T5098] [ 79.055340][ T5098] dump_stack_lvl+0x125/0x1b0 [ 79.055371][ T5098] should_fail_ex+0x496/0x5b0 [ 79.055394][ T5098] _copy_from_user+0x30/0xf0 [ 79.098510][ T5098] __sys_bpf+0x210/0x4b20 [ 79.102840][ T5098] ? do_raw_spin_lock+0x12e/0x2b0 [ 79.107856][ T5098] ? bpf_perf_link_attach+0x540/0x540 [ 79.113218][ T5098] ? cgroup_update_frozen+0x144/0x6b0 [ 79.118590][ T5098] ? recalc_sigpending_tsk+0x187/0x1d0 [ 79.124042][ T5098] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 79.129243][ T5098] ? rcu_is_watching+0x12/0xb0 [ 79.134002][ T5098] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 79.139980][ T5098] ? _raw_spin_unlock_irq+0x2e/0x50 [ 79.145176][ T5098] ? ptrace_notify+0xf4/0x130 [ 79.149847][ T5098] __x64_sys_bpf+0x78/0xc0 [ 79.154258][ T5098] ? syscall_enter_from_user_mode+0x107/0x120 [ 79.160320][ T5098] do_syscall_64+0x40/0x110 [ 79.164821][ T5098] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 79.170708][ T5098] RIP: 0033:0x7fc3b1ed34f9 [ 79.175114][ T5098] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 79.194723][ T5098] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 79.203128][ T5098] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 79.211089][ T5098] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 79.219048][ T5098] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 79.227017][ T5098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.234989][ T5098] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.242967][ T5098] [ 79.246103][ T5100] CPU: 1 PID: 5100 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 79.256522][ T5100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 79.266574][ T5100] Call Trace: [ 79.269850][ T5100] [ 79.272776][ T5100] dump_stack_lvl+0x125/0x1b0 [ 79.277462][ T5100] should_fail_ex+0x496/0x5b0 [ 79.282150][ T5100] _copy_from_user+0x30/0xf0 [ 79.286753][ T5100] __sys_bpf+0x210/0x4b20 [ 79.291091][ T5100] ? do_raw_spin_lock+0x12e/0x2b0 [ 79.296117][ T5100] ? bpf_perf_link_attach+0x540/0x540 [ 79.301499][ T5100] ? cgroup_update_frozen+0x144/0x6b0 [ 79.306891][ T5100] ? recalc_sigpending_tsk+0x187/0x1d0 [ 79.312352][ T5100] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 79.317565][ T5100] ? rcu_is_watching+0x12/0xb0 [ 79.322334][ T5100] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 79.328328][ T5100] ? _raw_spin_unlock_irq+0x2e/0x50 [ 79.333535][ T5100] ? ptrace_notify+0xf4/0x130 [ 79.338226][ T5100] __x64_sys_bpf+0x78/0xc0 [ 79.342663][ T5100] ? syscall_enter_from_user_mode+0x107/0x120 [ 79.348734][ T5100] do_syscall_64+0x40/0x110 [ 79.353245][ T5100] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 79.359146][ T5100] RIP: 0033:0x7fc3b1ed34f9 [pid 5101] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5097] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5097] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5097] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 5097] close(3) = 0 [pid 5097] close(4) = 0 [pid 5097] close(5) = -1 EBADF (Bad file descriptor) [pid 5097] close(6) = -1 EBADF (Bad file descriptor) [pid 5097] close(7) = -1 EBADF (Bad file descriptor) [pid 5097] close(8) = -1 EBADF (Bad file descriptor) [pid 5097] close(9) = -1 EBADF (Bad file descriptor) [pid 5097] close(10) = -1 EBADF (Bad file descriptor) [pid 5097] close(11) = -1 EBADF (Bad file descriptor) [pid 5097] close(12) = -1 EBADF (Bad file descriptor) [pid 5097] close(13) = -1 EBADF (Bad file descriptor) [pid 5097] close(14) = -1 EBADF (Bad file descriptor) [pid 5097] close(15) = -1 EBADF (Bad file descriptor) [pid 5097] close(16) = -1 EBADF (Bad file descriptor) [pid 5097] close(17) = -1 EBADF (Bad file descriptor) [pid 5097] close(18) = -1 EBADF (Bad file descriptor) [pid 5097] close(19) = -1 EBADF (Bad file descriptor) [pid 5097] close(20) = -1 EBADF (Bad file descriptor) [pid 5097] close(21) = -1 EBADF (Bad file descriptor) [pid 5097] close(22) = -1 EBADF (Bad file descriptor) [pid 5097] close(23) = -1 EBADF (Bad file descriptor) [pid 5097] close(24) = -1 EBADF (Bad file descriptor) [pid 5097] close(25) = -1 EBADF (Bad file descriptor) [pid 5097] close(26) = -1 EBADF (Bad file descriptor) [pid 5097] close(27) = -1 EBADF (Bad file descriptor) [pid 5097] close(28) = -1 EBADF (Bad file descriptor) [pid 5097] close(29) = -1 EBADF (Bad file descriptor) [pid 5097] exit_group(0) = ? [pid 5097] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555761650) = 5 ./strace-static-x86_64: Process 5103 attached [pid 5103] set_robust_list(0x555555761660, 24) = 0 [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5103] setpgid(0, 0) = 0 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5103] write(3, "1000", 4) = 4 [pid 5103] close(3) = 0 [pid 5103] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5103] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5103] write(4, "10", 2) = 2 [pid 5103] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [ 79.363558][ T5100] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 79.383172][ T5100] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 79.391590][ T5100] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 79.399571][ T5100] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 79.407545][ T5100] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 79.412205][ T5103] FAULT_INJECTION: forcing a failure. [ 79.412205][ T5103] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.415506][ T5100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.415522][ T5100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.415543][ T5100] [ 79.436746][ T5101] CPU: 1 PID: 5101 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 79.457953][ T5101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 79.468008][ T5101] Call Trace: [ 79.471279][ T5101] [ 79.474199][ T5101] dump_stack_lvl+0x125/0x1b0 [ 79.478880][ T5101] should_fail_ex+0x496/0x5b0 [ 79.483551][ T5101] _copy_from_user+0x30/0xf0 [ 79.488139][ T5101] __sys_bpf+0x210/0x4b20 [ 79.492466][ T5101] ? do_raw_spin_lock+0x12e/0x2b0 [ 79.497486][ T5101] ? bpf_perf_link_attach+0x540/0x540 [ 79.502849][ T5101] ? cgroup_update_frozen+0x144/0x6b0 [ 79.508222][ T5101] ? recalc_sigpending_tsk+0x187/0x1d0 [ 79.513677][ T5101] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 79.518876][ T5101] ? rcu_is_watching+0x12/0xb0 [ 79.523633][ T5101] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 79.529616][ T5101] ? _raw_spin_unlock_irq+0x2e/0x50 [ 79.534812][ T5101] ? ptrace_notify+0xf4/0x130 [ 79.539485][ T5101] __x64_sys_bpf+0x78/0xc0 [ 79.543896][ T5101] ? syscall_enter_from_user_mode+0x107/0x120 [ 79.549960][ T5101] do_syscall_64+0x40/0x110 [ 79.554461][ T5101] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 79.560358][ T5101] RIP: 0033:0x7fc3b1ed34f9 [ 79.564771][ T5101] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 79.584380][ T5101] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 79.592786][ T5101] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 79.600753][ T5101] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 79.608717][ T5101] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 79.616676][ T5101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.624636][ T5101] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.632602][ T5101] [ 79.635879][ T5103] CPU: 0 PID: 5103 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 79.646309][ T5103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 79.656361][ T5103] Call Trace: [ 79.659630][ T5103] [ 79.662548][ T5103] dump_stack_lvl+0x125/0x1b0 [ 79.667225][ T5103] should_fail_ex+0x496/0x5b0 [ 79.671897][ T5103] _copy_from_user+0x30/0xf0 [ 79.676485][ T5103] __sys_bpf+0x210/0x4b20 [ 79.680806][ T5103] ? do_raw_spin_lock+0x12e/0x2b0 [ 79.685821][ T5103] ? bpf_perf_link_attach+0x540/0x540 [ 79.691182][ T5103] ? cgroup_update_frozen+0x144/0x6b0 [ 79.696554][ T5103] ? recalc_sigpending_tsk+0x187/0x1d0 [ 79.702004][ T5103] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 79.707201][ T5103] ? rcu_is_watching+0x12/0xb0 [ 79.711957][ T5103] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 79.717937][ T5103] ? _raw_spin_unlock_irq+0x2e/0x50 [ 79.723134][ T5103] ? ptrace_notify+0xf4/0x130 [ 79.727806][ T5103] __x64_sys_bpf+0x78/0xc0 [ 79.732214][ T5103] ? syscall_enter_from_user_mode+0x107/0x120 [ 79.738275][ T5103] do_syscall_64+0x40/0x110 [ 79.742786][ T5103] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 79.748681][ T5103] RIP: 0033:0x7fc3b1ed34f9 [ 79.753088][ T5103] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 79.772689][ T5103] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 79.781096][ T5103] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 79.789057][ T5103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 79.797019][ T5103] RBP: 0000000000000000 R08: 00000000557624c0 R09: 00000000557624c0 [ 79.804982][ T5103] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [pid 5103] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5101] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5100] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5099] <... close resumed>) = 0 [pid 5098] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] close(11 [pid 5101] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5098] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5098] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 5098] close(3) = 0 [pid 5098] close(4) = 0 [pid 5098] close(5) = -1 EBADF (Bad file descriptor) [pid 5098] close(6) = -1 EBADF (Bad file descriptor) [pid 5098] close(7) = -1 EBADF (Bad file descriptor) [pid 5098] close(8) = -1 EBADF (Bad file descriptor) [pid 5098] close(9) = -1 EBADF (Bad file descriptor) [pid 5098] close(10) = -1 EBADF (Bad file descriptor) [pid 5098] close(11) = -1 EBADF (Bad file descriptor) [pid 5098] close(12) = -1 EBADF (Bad file descriptor) [pid 5098] close(13) = -1 EBADF (Bad file descriptor) [pid 5098] close(14) = -1 EBADF (Bad file descriptor) [pid 5098] close(15) = -1 EBADF (Bad file descriptor) [pid 5098] close(16) = -1 EBADF (Bad file descriptor) [pid 5098] close(17) = -1 EBADF (Bad file descriptor) [pid 5098] close(18) = -1 EBADF (Bad file descriptor) [pid 5098] close(19) = -1 EBADF (Bad file descriptor) [pid 5098] close(20) = -1 EBADF (Bad file descriptor) [pid 5098] close(21) = -1 EBADF (Bad file descriptor) [pid 5098] close(22) = -1 EBADF (Bad file descriptor) [pid 5098] close(23) = -1 EBADF (Bad file descriptor) [pid 5098] close(24) = -1 EBADF (Bad file descriptor) [pid 5098] close(25) = -1 EBADF (Bad file descriptor) [pid 5098] close(26) = -1 EBADF (Bad file descriptor) [pid 5098] close(27 [pid 5101] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5100] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5099] close(7 [pid 5098] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] close(12 [pid 5101] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5100] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5098] close(28 [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5099] close(8 [pid 5098] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] close(13 [pid 5103] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5101] close(3 [pid 5100] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5098] close(29 [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5101] <... close resumed>) = 0 [pid 5100] close(3 [pid 5099] close(9 [pid 5098] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] close(14 [pid 5103] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5101] close(4 [pid 5100] <... close resumed>) = 0 [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5098] exit_group(0 [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5101] <... close resumed>) = 0 [pid 5100] close(4 [pid 5099] close(10 [pid 5098] <... exit_group resumed>) = ? [pid 5093] close(15 [pid 5103] <... bpf resumed>) = 5 [pid 5101] close(5 [pid 5100] <... close resumed>) = 0 [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(5 [pid 5099] close(11 [pid 5093] close(16 [pid 5103] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5101] close(6 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(6 [pid 5099] close(12 [pid 5093] close(17 [pid 5103] <... bpf resumed>) = 6 [pid 5101] close(7 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(7 [pid 5099] close(13 [pid 5093] close(18 [pid 5103] close(3 [pid 5101] close(8 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] <... close resumed>) = 0 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(8 [pid 5099] close(14 [pid 5098] +++ exited with 0 +++ [pid 5093] close(19 [pid 5103] close(4 [pid 5101] close(9 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5103] <... close resumed>) = 0 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(9 [pid 5099] close(15 [pid 5093] close(20 [pid 5103] close(5 [pid 5101] close(10 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] <... close resumed>) = 0 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(10 [pid 5099] close(16 [pid 5093] close(21 [pid 5103] close(6 [pid 5101] close(11 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] <... close resumed>) = 0 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(11 [pid 5099] close(17 [pid 5093] close(22 [pid 5101] close(12 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] close(7 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(12 [pid 5099] close(18 [pid 5093] close(23 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(13 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] close(8 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(13 [pid 5099] close(19 [pid 5093] close(24 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(14 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] close(9 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(14 [pid 5099] close(20 [pid 5093] close(25 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(15 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] close(10 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(15 [pid 5099] close(21 [pid 5093] close(26 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(16 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5103] close(11 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(16 [pid 5099] close(22 [pid 5093] close(27 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(17 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] close(12 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(17 [pid 5099] close(23 [pid 5093] close(28 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(18 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] close(13 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(18 [pid 5099] close(24 [pid 5093] close(29 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(19 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5103] close(14 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(19 [pid 5099] close(25 [pid 5093] exit_group(0 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(20 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5093] <... exit_group resumed>) = ? [ 79.812942][ T5103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.820909][ T5103] ./strace-static-x86_64: Process 5104 attached [pid 5103] close(15 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(20 [pid 5099] close(26 [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 6 [pid 5104] set_robust_list(0x555555761660, 24) = 0 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(21 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5103] close(16 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(21 [pid 5099] close(27 [pid 5104] <... prctl resumed>) = 0 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(22 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] setpgid(0, 0 [pid 5103] close(17 [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(22 [pid 5099] close(28 [pid 5104] <... setpgid resumed>) = 0 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] close(23 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(23 [pid 5099] close(29 [pid 5104] <... openat resumed>) = 3 [pid 5103] close(18 [pid 5101] close(24 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] write(3, "1000", 4 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(24 [pid 5099] exit_group(0 [pid 5093] +++ exited with 0 +++ [pid 5104] <... write resumed>) = 4 [pid 5103] close(19 [pid 5101] close(25 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] <... exit_group resumed>) = ? [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=47 /* 0.47 s */} --- [pid 5104] close(3 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(25 [pid 5104] <... close resumed>) = 0 [pid 5104] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5104] <... socket resumed>) = 3 [pid 5103] close(20 [pid 5101] close(26 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5099] +++ exited with 0 +++ ./strace-static-x86_64: Process 5105 attached [pid 5104] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(26 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=41 /* 0.41 s */} --- [pid 5103] close(21 [pid 5101] close(27 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] set_robust_list(0x555555761660, 24 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(27 [pid 5105] <... set_robust_list resumed>) = 0 [pid 5104] <... openat resumed>) = 4 [pid 5103] close(22 [pid 5101] close(28 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5070] <... clone resumed>, child_tidptr=0x555555761650) = 5 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(28 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5105] <... prctl resumed>) = 0 [pid 5104] write(4, "10", 2 [pid 5103] close(23 [pid 5101] close(29 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] setpgid(0, 0 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] close(29 [pid 5105] <... setpgid resumed>) = 0 [pid 5103] close(24 [pid 5101] exit_group(0 [pid 5100] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] <... exit_group resumed>) = ? [pid 5100] exit_group(0./strace-static-x86_64: Process 5106 attached [pid 5105] <... openat resumed>) = 3 [pid 5104] <... write resumed>) = 2 [pid 5103] close(25 [pid 5106] set_robust_list(0x555555761660, 24 [pid 5104] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5100] <... exit_group resumed>) = ? [pid 5066] <... clone resumed>, child_tidptr=0x555555761650) = 5 [pid 5106] <... set_robust_list resumed>) = 0 [pid 5105] write(3, "1000", 4 [pid 5104] <... sendmsg resumed>) = 216 [pid 5103] close(26 [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5104] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5106] <... prctl resumed>) = 0 [pid 5105] <... write resumed>) = 4 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5101] +++ exited with 0 +++ [pid 5100] +++ exited with 0 +++ [pid 5105] close(3 [pid 5103] close(27) = -1 EBADF (Bad file descriptor) [pid 5103] close(28 [pid 5105] <... close resumed>) = 0 [pid 5103] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5103] close(29) = -1 EBADF (Bad file descriptor) [pid 5103] exit_group(0 [pid 5105] <... socket resumed>) = 3 [pid 5103] <... exit_group resumed>) = ? [pid 5105] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5105] write(4, "10", 2) = 2 [pid 5105] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [pid 5105] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5105] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5105] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5106] setpgid(0, 0 [pid 5103] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [ 79.877582][ T5104] FAULT_INJECTION: forcing a failure. [ 79.877582][ T5104] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.888531][ T5105] FAULT_INJECTION: forcing a failure. [ 79.888531][ T5105] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.890821][ T5104] CPU: 0 PID: 5104 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 79.914206][ T5104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 79.924259][ T5104] Call Trace: [pid 5106] <... setpgid resumed>) = 0 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5106] <... openat resumed>) = 3 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] restart_syscall(<... resuming interrupted clone ...> [pid 5106] write(3, "1000", 4 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... restart_syscall resumed>) = 0 [pid 5106] <... write resumed>) = 4 [pid 5073] <... clone resumed>, child_tidptr=0x555555761650) = 6 [pid 5106] close(3 [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 6 [pid 5106] <... close resumed>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5106] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5065] <... clone resumed>, child_tidptr=0x555555761650) = 6 [pid 5106] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5106] write(4, "10", 2) = 2 [pid 5106] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [ 79.927538][ T5104] [ 79.930465][ T5104] dump_stack_lvl+0x125/0x1b0 [ 79.935148][ T5104] should_fail_ex+0x496/0x5b0 [ 79.939829][ T5104] _copy_from_user+0x30/0xf0 [ 79.944428][ T5104] __sys_bpf+0x210/0x4b20 [ 79.948763][ T5104] ? do_raw_spin_lock+0x12e/0x2b0 [ 79.953790][ T5104] ? bpf_perf_link_attach+0x540/0x540 [ 79.959170][ T5104] ? cgroup_update_frozen+0x144/0x6b0 [ 79.963837][ T5106] FAULT_INJECTION: forcing a failure. [ 79.963837][ T5106] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.964550][ T5104] ? recalc_sigpending_tsk+0x187/0x1d0 [ 79.983006][ T5104] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 79.988209][ T5104] ? rcu_is_watching+0x12/0xb0 [ 79.992968][ T5104] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 79.998948][ T5104] ? _raw_spin_unlock_irq+0x2e/0x50 [ 80.004140][ T5104] ? ptrace_notify+0xf4/0x130 [ 80.008809][ T5104] __x64_sys_bpf+0x78/0xc0 [ 80.013216][ T5104] ? syscall_enter_from_user_mode+0x107/0x120 [ 80.019280][ T5104] do_syscall_64+0x40/0x110 [ 80.023782][ T5104] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 80.029664][ T5104] RIP: 0033:0x7fc3b1ed34f9 [ 80.034070][ T5104] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 80.053667][ T5104] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 80.062069][ T5104] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 80.070026][ T5104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 80.077987][ T5104] RBP: 0000000000000000 R08: 00000000557624c0 R09: 00000000557624c0 [ 80.085945][ T5104] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [ 80.093906][ T5104] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.101868][ T5104] [ 80.104952][ T5106] CPU: 1 PID: 5106 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 80.115376][ T5106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 80.125428][ T5106] Call Trace: [ 80.128701][ T5106] [ 80.131626][ T5106] dump_stack_lvl+0x125/0x1b0 [ 80.136315][ T5106] should_fail_ex+0x496/0x5b0 [ 80.141011][ T5106] _copy_from_user+0x30/0xf0 [ 80.143079][ T5108] FAULT_INJECTION: forcing a failure. [ 80.143079][ T5108] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.145604][ T5106] __sys_bpf+0x210/0x4b20 [ 80.145631][ T5106] ? do_raw_spin_lock+0x12e/0x2b0 [ 80.145653][ T5106] ? bpf_perf_link_attach+0x540/0x540 [ 80.145675][ T5106] ? cgroup_update_frozen+0x144/0x6b0 [ 80.159914][ T5107] FAULT_INJECTION: forcing a failure. [ 80.159914][ T5107] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.162967][ T5106] ? recalc_sigpending_tsk+0x187/0x1d0 [ 80.168722][ T5109] FAULT_INJECTION: forcing a failure. [ 80.168722][ T5109] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.173304][ T5106] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 80.215302][ T5106] ? rcu_is_watching+0x12/0xb0 [ 80.220073][ T5106] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 80.226061][ T5106] ? _raw_spin_unlock_irq+0x2e/0x50 [ 80.231273][ T5106] ? ptrace_notify+0xf4/0x130 [ 80.235963][ T5106] __x64_sys_bpf+0x78/0xc0 [ 80.240387][ T5106] ? syscall_enter_from_user_mode+0x107/0x120 [ 80.246461][ T5106] do_syscall_64+0x40/0x110 [ 80.250973][ T5106] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 80.256867][ T5106] RIP: 0033:0x7fc3b1ed34f9 [ 80.261278][ T5106] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 80.280885][ T5106] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 80.289315][ T5106] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 80.297291][ T5106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 80.305259][ T5106] RBP: 0000000000000000 R08: 00000000557624c0 R09: 00000000557624c0 [ 80.313226][ T5106] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [ 80.321194][ T5106] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [pid 5106] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0./strace-static-x86_64: Process 5109 attached ./strace-static-x86_64: Process 5108 attached ./strace-static-x86_64: Process 5107 attached [pid 5104] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5109] set_robust_list(0x555555761660, 24 [pid 5108] set_robust_list(0x555555761660, 24 [pid 5107] set_robust_list(0x555555761660, 24 [pid 5109] <... set_robust_list resumed>) = 0 [pid 5108] <... set_robust_list resumed>) = 0 [pid 5107] <... set_robust_list resumed>) = 0 [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5109] <... prctl resumed>) = 0 [pid 5108] <... prctl resumed>) = 0 [pid 5107] <... prctl resumed>) = 0 [pid 5109] setpgid(0, 0 [pid 5108] setpgid(0, 0 [pid 5107] setpgid(0, 0 [pid 5109] <... setpgid resumed>) = 0 [pid 5108] <... setpgid resumed>) = 0 [pid 5107] <... setpgid resumed>) = 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5108] <... openat resumed>) = 3 [pid 5107] <... openat resumed>) = 3 [pid 5108] write(3, "1000", 4 [pid 5107] write(3, "1000", 4 [pid 5108] <... write resumed>) = 4 [pid 5107] <... write resumed>) = 4 [pid 5109] <... openat resumed>) = 3 [pid 5108] close(3 [pid 5107] close(3 [pid 5109] write(3, "1000", 4 [pid 5108] <... close resumed>) = 0 [pid 5107] <... close resumed>) = 0 [pid 5109] <... write resumed>) = 4 [pid 5108] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5107] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5109] close(3 [pid 5108] <... socket resumed>) = 3 [pid 5107] <... socket resumed>) = 3 [pid 5109] <... close resumed>) = 0 [pid 5108] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5107] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5109] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5108] <... openat resumed>) = 4 [pid 5107] <... openat resumed>) = 4 [pid 5109] <... socket resumed>) = 3 [pid 5108] write(4, "10", 2 [pid 5109] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5107] write(4, "10", 2 [pid 5109] <... openat resumed>) = 4 [pid 5108] <... write resumed>) = 2 [pid 5107] <... write resumed>) = 2 [pid 5109] write(4, "10", 2 [pid 5108] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5107] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5109] <... write resumed>) = 2 [pid 5108] <... sendmsg resumed>) = 216 [pid 5109] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5107] <... sendmsg resumed>) = 216 [pid 5109] <... sendmsg resumed>) = 216 [pid 5108] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5107] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5109] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5107] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5109] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5107] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5109] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5107] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5109] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5107] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5109] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5104] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [ 80.329175][ T5106] [ 80.332192][ T5107] CPU: 0 PID: 5107 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 80.342614][ T5107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 80.352663][ T5107] Call Trace: [ 80.355938][ T5107] [ 80.358859][ T5107] dump_stack_lvl+0x125/0x1b0 [ 80.363545][ T5107] should_fail_ex+0x496/0x5b0 [ 80.368231][ T5107] _copy_from_user+0x30/0xf0 [ 80.372819][ T5107] __sys_bpf+0x210/0x4b20 [ 80.377153][ T5107] ? do_raw_spin_lock+0x12e/0x2b0 [ 80.382183][ T5107] ? bpf_perf_link_attach+0x540/0x540 [ 80.387556][ T5107] ? cgroup_update_frozen+0x144/0x6b0 [ 80.392934][ T5107] ? recalc_sigpending_tsk+0x187/0x1d0 [ 80.398382][ T5107] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 80.403582][ T5107] ? rcu_is_watching+0x12/0xb0 [ 80.408337][ T5107] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 80.414316][ T5107] ? _raw_spin_unlock_irq+0x2e/0x50 [ 80.419509][ T5107] ? ptrace_notify+0xf4/0x130 [ 80.424183][ T5107] __x64_sys_bpf+0x78/0xc0 [ 80.428592][ T5107] ? syscall_enter_from_user_mode+0x107/0x120 [ 80.434649][ T5107] do_syscall_64+0x40/0x110 [ 80.439155][ T5107] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 80.445038][ T5107] RIP: 0033:0x7fc3b1ed34f9 [ 80.449439][ T5107] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 80.469034][ T5107] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 80.477435][ T5107] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 80.485393][ T5107] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 80.493358][ T5107] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 80.501323][ T5107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.509284][ T5107] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.517253][ T5107] [ 80.520357][ T5108] CPU: 0 PID: 5108 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 80.530775][ T5108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 80.540817][ T5108] Call Trace: [ 80.544085][ T5108] [ 80.547003][ T5108] dump_stack_lvl+0x125/0x1b0 [ 80.551677][ T5108] should_fail_ex+0x496/0x5b0 [ 80.556345][ T5108] _copy_from_user+0x30/0xf0 [ 80.560929][ T5108] __sys_bpf+0x210/0x4b20 [ 80.565251][ T5108] ? do_raw_spin_lock+0x12e/0x2b0 [ 80.570265][ T5108] ? bpf_perf_link_attach+0x540/0x540 [ 80.575627][ T5108] ? cgroup_update_frozen+0x144/0x6b0 [ 80.581001][ T5108] ? recalc_sigpending_tsk+0x187/0x1d0 [ 80.586452][ T5108] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 80.591649][ T5108] ? rcu_is_watching+0x12/0xb0 [ 80.596406][ T5108] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 80.602383][ T5108] ? _raw_spin_unlock_irq+0x2e/0x50 [ 80.607577][ T5108] ? ptrace_notify+0xf4/0x130 [ 80.612247][ T5108] __x64_sys_bpf+0x78/0xc0 [ 80.616656][ T5108] ? syscall_enter_from_user_mode+0x107/0x120 [ 80.622733][ T5108] do_syscall_64+0x40/0x110 [ 80.627246][ T5108] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 80.633132][ T5108] RIP: 0033:0x7fc3b1ed34f9 [ 80.637539][ T5108] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 80.657141][ T5108] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 80.665553][ T5108] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 80.673515][ T5108] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 80.681475][ T5108] RBP: 0000000000000000 R08: 00000000557624c0 R09: 00000000557624c0 [ 80.689433][ T5108] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [ 80.697391][ T5108] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.705356][ T5108] [ 80.708506][ T5105] CPU: 1 PID: 5105 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 80.718932][ T5105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 80.728979][ T5105] Call Trace: [ 80.732257][ T5105] [ 80.735182][ T5105] dump_stack_lvl+0x125/0x1b0 [ 80.739864][ T5105] should_fail_ex+0x496/0x5b0 [ 80.744545][ T5105] _copy_from_user+0x30/0xf0 [ 80.749170][ T5105] __sys_bpf+0x210/0x4b20 [ 80.753510][ T5105] ? do_raw_spin_lock+0x12e/0x2b0 [ 80.758539][ T5105] ? bpf_perf_link_attach+0x540/0x540 [ 80.763912][ T5105] ? cgroup_update_frozen+0x144/0x6b0 [ 80.769294][ T5105] ? recalc_sigpending_tsk+0x187/0x1d0 [ 80.774750][ T5105] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 80.779960][ T5105] ? rcu_is_watching+0x12/0xb0 [ 80.784723][ T5105] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 80.790717][ T5105] ? _raw_spin_unlock_irq+0x2e/0x50 [ 80.795926][ T5105] ? ptrace_notify+0xf4/0x130 [ 80.800616][ T5105] __x64_sys_bpf+0x78/0xc0 [ 80.805036][ T5105] ? syscall_enter_from_user_mode+0x107/0x120 [ 80.811098][ T5105] do_syscall_64+0x40/0x110 [ 80.815599][ T5105] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 80.821484][ T5105] RIP: 0033:0x7fc3b1ed34f9 [ 80.825888][ T5105] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 80.845962][ T5105] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 80.854367][ T5105] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 80.862331][ T5105] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 80.870294][ T5105] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [pid 5104] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5106] <... bpf resumed>) = -1 EINVAL (Invalid argument) [ 80.878257][ T5105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.886221][ T5105] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.894186][ T5105] [ 80.897217][ T5109] CPU: 0 PID: 5109 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 80.907639][ T5109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 80.917682][ T5109] Call Trace: [ 80.920948][ T5109] [ 80.923870][ T5109] dump_stack_lvl+0x125/0x1b0 [ 80.928544][ T5109] should_fail_ex+0x496/0x5b0 [ 80.933215][ T5109] _copy_from_user+0x30/0xf0 [ 80.937801][ T5109] __sys_bpf+0x210/0x4b20 [ 80.942126][ T5109] ? do_raw_spin_lock+0x12e/0x2b0 [ 80.947145][ T5109] ? bpf_perf_link_attach+0x540/0x540 [ 80.952509][ T5109] ? cgroup_update_frozen+0x144/0x6b0 [ 80.957895][ T5109] ? recalc_sigpending_tsk+0x187/0x1d0 [ 80.963350][ T5109] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 80.968548][ T5109] ? rcu_is_watching+0x12/0xb0 [ 80.973318][ T5109] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 80.979306][ T5109] ? _raw_spin_unlock_irq+0x2e/0x50 [ 80.984501][ T5109] ? ptrace_notify+0xf4/0x130 [ 80.989178][ T5109] __x64_sys_bpf+0x78/0xc0 [ 80.993598][ T5109] ? syscall_enter_from_user_mode+0x107/0x120 [ 80.999661][ T5109] do_syscall_64+0x40/0x110 [ 81.004165][ T5109] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 81.010051][ T5109] RIP: 0033:0x7fc3b1ed34f9 [ 81.014454][ T5109] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 81.034055][ T5109] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 81.042467][ T5109] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 81.050436][ T5109] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 81.058397][ T5109] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 81.066354][ T5109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.074312][ T5109] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [pid 5109] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5108] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5107] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5106] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5105] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5104] <... bpf resumed>) = 5 [pid 5109] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5108] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5107] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5106] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5105] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5104] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5109] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5108] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5107] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5104] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5106] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5109] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5108] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5107] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5105] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5104] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5109] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(3 [pid 5107] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... bpf resumed>) = 5 [pid 5105] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5104] <... bpf resumed>) = 6 [pid 5106] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5105] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(3 [pid 5109] <... close resumed>) = 0 [pid 5107] close(3 [pid 5105] close(3 [pid 5104] <... close resumed>) = 0 [pid 5109] close(4 [pid 5108] <... bpf resumed>) = 5 [pid 5107] <... close resumed>) = 0 [pid 5106] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5105] <... close resumed>) = 0 [pid 5104] close(4 [pid 5109] <... close resumed>) = 0 [pid 5107] close(4 [pid 5105] close(4 [pid 5104] <... close resumed>) = 0 [pid 5109] close(5 [pid 5107] <... close resumed>) = 0 [pid 5105] <... close resumed>) = 0 [pid 5104] close(5 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(5 [pid 5105] close(5 [pid 5109] close(6 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = 0 [pid 5108] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5107] close(6 [pid 5106] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5105] close(6 [pid 5104] close(6 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5108] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... bpf resumed>) = 6 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(7 [pid 5108] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5107] close(7 [pid 5106] close(3 [pid 5105] close(7 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... close resumed>) = 0 [pid 5106] close(4 [pid 5109] close(8) = -1 EBADF (Bad file descriptor) [pid 5107] close(8 [pid 5106] <... close resumed>) = 0 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(9 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(5 [pid 5105] close(8 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(9 [pid 5106] <... close resumed>) = 0 [pid 5109] close(10 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(6 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(10 [pid 5105] close(9 [pid 5109] close(11 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(11 [pid 5105] close(10 [pid 5109] close(12 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(12 [pid 5105] close(11 [pid 5109] close(13 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(13 [pid 5105] close(12 [pid 5109] close(14) = -1 EBADF (Bad file descriptor) [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(15 [pid 5107] close(14 [pid 5105] close(13 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(15 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(16 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] close(14 [pid 5107] close(16 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(17 [pid 5105] close(15 [pid 5109] close(17 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(18 [pid 5105] close(16 [pid 5109] close(18 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(19 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(19 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] close(17 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(20 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(20 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] close(18 [pid 5107] close(21) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(22 [pid 5109] close(21 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] close(19 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(23 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(22 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] close(20 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(24 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(23 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] close(21 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(24 [pid 5105] close(22 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(25 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] close(23 [pid 5109] close(26 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] close(25 [pid 5105] close(24 [pid 5109] close(27 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(28 [pid 5107] close(26 [pid 5105] close(25 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] close(29 [pid 5107] close(27 [pid 5105] close(26 [pid 5109] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5109] exit_group(0 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [ 81.082277][ T5109] [pid 5105] close(27) = -1 EBADF (Bad file descriptor) [pid 5109] <... exit_group resumed>) = ? [pid 5108] <... bpf resumed>) = 6 [pid 5107] close(28 [pid 5105] close(28 [pid 5104] <... close resumed>) = 0 [pid 5108] close(3 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(7 [pid 5108] <... close resumed>) = 0 [pid 5105] close(29 [pid 5107] close(29 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5108] close(4 [pid 5104] close(8 [pid 5107] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5108] <... close resumed>) = 0 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5108] close(5) = 0 [pid 5107] exit_group(0 [pid 5104] close(9 [pid 5108] close(6 [pid 5105] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5107] <... exit_group resumed>) = ? [pid 5104] close(10 [pid 5109] +++ exited with 0 +++ [pid 5105] exit_group(0 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(11 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5105] <... exit_group resumed>) = ? [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5108] <... close resumed>) = 0 [pid 5107] +++ exited with 0 +++ [pid 5106] <... close resumed>) = 0 [pid 5105] +++ exited with 0 +++ [pid 5104] close(12 [pid 5106] close(7 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(13 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5106] close(8 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(14 [pid 5073] <... restart_syscall resumed>) = 0 [pid 5106] close(9 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) ./strace-static-x86_64: Process 5110 attached [pid 5108] close(7 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(15 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(10 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(16 [pid 5108] close(8 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5110] set_robust_list(0x555555761660, 24 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(11 [pid 5104] close(17 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... clone resumed>, child_tidptr=0x555555761650) = 7 ./strace-static-x86_64: Process 5112 attached ./strace-static-x86_64: Process 5111 attached [pid 5110] <... set_robust_list resumed>) = 0 [pid 5108] close(9 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] set_robust_list(0x555555761660, 24 [pid 5111] set_robust_list(0x555555761660, 24 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(12 [pid 5112] <... set_robust_list resumed>) = 0 [pid 5111] <... set_robust_list resumed>) = 0 [pid 5110] <... prctl resumed>) = 0 [pid 5108] close(10 [pid 5070] <... clone resumed>, child_tidptr=0x555555761650) = 6 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5110] setpgid(0, 0 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5073] <... clone resumed>, child_tidptr=0x555555761650) = 7 [pid 5111] <... prctl resumed>) = 0 [pid 5106] close(13 [pid 5104] close(18 [pid 5111] setpgid(0, 0 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5111] <... setpgid resumed>) = 0 [pid 5106] close(14 [pid 5104] close(19 [pid 5112] <... prctl resumed>) = 0 [pid 5110] <... setpgid resumed>) = 0 [pid 5108] close(11 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5108] close(12) = -1 EBADF (Bad file descriptor) [pid 5108] close(13) = -1 EBADF (Bad file descriptor) [pid 5108] close(14) = -1 EBADF (Bad file descriptor) [pid 5108] close(15 [pid 5111] <... openat resumed>) = 3 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(15 [pid 5104] close(20 [pid 5111] write(3, "1000", 4 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(16 [pid 5104] close(21 [pid 5112] setpgid(0, 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5108] close(16 [pid 5112] <... setpgid resumed>) = 0 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5111] <... write resumed>) = 4 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5111] close(3 [pid 5108] close(17 [pid 5106] close(17 [pid 5104] close(22 [pid 5111] <... close resumed>) = 0 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... openat resumed>) = 3 [pid 5111] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5110] <... openat resumed>) = 3 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(18 [pid 5104] close(23 [pid 5108] close(18 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] write(3, "1000", 4 [pid 5110] write(3, "1000", 4 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(19 [pid 5104] close(24 [pid 5111] <... socket resumed>) = 3 [pid 5112] <... write resumed>) = 4 [pid 5110] <... write resumed>) = 4 [pid 5108] close(19 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] close(3 [pid 5111] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5110] close(3 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(20 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = 0 [pid 5110] <... close resumed>) = 0 [pid 5108] close(20 [pid 5112] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5110] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(25 [pid 5112] <... socket resumed>) = 3 [pid 5111] <... openat resumed>) = 4 [pid 5110] <... socket resumed>) = 3 [pid 5108] close(21 [pid 5106] close(21 [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5110] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] close(26 [pid 5108] close(22 [pid 5106] close(22 [pid 5112] <... openat resumed>) = 4 [pid 5111] write(4, "10", 2 [pid 5110] <... openat resumed>) = 4 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5111] <... write resumed>) = 2 [pid 5106] close(23 [pid 5104] close(27 [pid 5111] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5110] write(4, "10", 2 [pid 5108] close(23 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] write(4, "10", 2 [pid 5110] <... write resumed>) = 2 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(24 [pid 5104] close(28 [pid 5112] <... write resumed>) = 2 [pid 5110] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5108] close(24 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5111] <... sendmsg resumed>) = 216 [pid 5110] <... sendmsg resumed>) = 216 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(25 [pid 5104] close(29 [pid 5112] <... sendmsg resumed>) = 216 [pid 5111] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5110] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5108] close(25 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5111] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5110] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] close(26 [pid 5112] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5110] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5108] close(26 [pid 5104] exit_group(0 [pid 5112] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5111] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5110] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5111] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5110] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5108] close(27 [pid 5106] close(27 [pid 5104] <... exit_group resumed>) = ? [pid 5112] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5111] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5106] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5104] +++ exited with 0 +++ [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5108] close(28) = -1 EBADF (Bad file descriptor) [pid 5106] close(28) = -1 EBADF (Bad file descriptor) [pid 5106] close(29) = -1 EBADF (Bad file descriptor) [pid 5106] exit_group(0) = ? [pid 5106] +++ exited with 0 +++ [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 7 [pid 5066] <... clone resumed>, child_tidptr=0x555555761650) = 6 ./strace-static-x86_64: Process 5114 attached [ 81.189134][ T5110] FAULT_INJECTION: forcing a failure. [ 81.189134][ T5110] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.193693][ T5111] FAULT_INJECTION: forcing a failure. [ 81.193693][ T5111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.202214][ T5112] FAULT_INJECTION: forcing a failure. [ 81.202214][ T5112] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.228519][ T5110] CPU: 0 PID: 5110 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [pid 5114] set_robust_list(0x555555761660, 24) = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] setpgid(0, 0) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5114] write(3, "1000", 4) = 4 [pid 5114] close(3) = 0 [pid 5114] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5114] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5114] write(4, "10", 2) = 2 [pid 5114] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [pid 5114] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5114] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [ 81.238951][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 81.246959][ T5114] FAULT_INJECTION: forcing a failure. [ 81.246959][ T5114] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.248997][ T5110] Call Trace: [ 81.249006][ T5110] [ 81.268188][ T5110] dump_stack_lvl+0x125/0x1b0 [ 81.272865][ T5110] should_fail_ex+0x496/0x5b0 [ 81.277534][ T5110] _copy_from_user+0x30/0xf0 [ 81.282120][ T5110] __sys_bpf+0x210/0x4b20 [ 81.286444][ T5110] ? do_raw_spin_lock+0x12e/0x2b0 [ 81.291461][ T5110] ? bpf_perf_link_attach+0x540/0x540 [ 81.296826][ T5110] ? cgroup_update_frozen+0x144/0x6b0 [ 81.302199][ T5110] ? recalc_sigpending_tsk+0x187/0x1d0 [ 81.307650][ T5110] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 81.312847][ T5110] ? rcu_is_watching+0x12/0xb0 [ 81.317603][ T5110] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 81.323584][ T5110] ? _raw_spin_unlock_irq+0x2e/0x50 [ 81.328779][ T5110] ? ptrace_notify+0xf4/0x130 [ 81.333450][ T5110] __x64_sys_bpf+0x78/0xc0 [ 81.337864][ T5110] ? syscall_enter_from_user_mode+0x107/0x120 [ 81.343922][ T5110] do_syscall_64+0x40/0x110 [ 81.348423][ T5110] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 81.354310][ T5110] RIP: 0033:0x7fc3b1ed34f9 [ 81.358713][ T5110] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 81.378312][ T5110] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 81.386716][ T5110] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 81.394678][ T5110] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 81.402635][ T5110] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 81.410597][ T5110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.418561][ T5110] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.426529][ T5110] [ 81.429647][ T5111] CPU: 1 PID: 5111 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 81.440068][ T5111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 81.450117][ T5111] Call Trace: [ 81.453392][ T5111] [ 81.456317][ T5111] dump_stack_lvl+0x125/0x1b0 [ 81.461002][ T5111] should_fail_ex+0x496/0x5b0 [ 81.465684][ T5111] _copy_from_user+0x30/0xf0 [ 81.470283][ T5111] __sys_bpf+0x210/0x4b20 [ 81.474613][ T5111] ? do_raw_spin_lock+0x12e/0x2b0 [ 81.479637][ T5111] ? bpf_perf_link_attach+0x540/0x540 [ 81.485007][ T5111] ? cgroup_update_frozen+0x144/0x6b0 [pid 5114] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144./strace-static-x86_64: Process 5113 attached [pid 5108] close(29 [pid 5113] set_robust_list(0x555555761660, 24 [pid 5108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... set_robust_list resumed>) = 0 [pid 5108] exit_group(0) = ? [ 81.490387][ T5111] ? recalc_sigpending_tsk+0x187/0x1d0 [ 81.495850][ T5111] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 81.501062][ T5111] ? rcu_is_watching+0x12/0xb0 [ 81.505830][ T5111] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 81.511819][ T5111] ? _raw_spin_unlock_irq+0x2e/0x50 [ 81.517019][ T5111] ? ptrace_notify+0xf4/0x130 [ 81.521698][ T5111] __x64_sys_bpf+0x78/0xc0 [ 81.526119][ T5111] ? syscall_enter_from_user_mode+0x107/0x120 [ 81.532201][ T5111] do_syscall_64+0x40/0x110 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5108] +++ exited with 0 +++ [pid 5113] <... prctl resumed>) = 0 [pid 5113] setpgid(0, 0) = 0 [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 81.536720][ T5111] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 81.542628][ T5111] RIP: 0033:0x7fc3b1ed34f9 [ 81.547045][ T5111] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 81.566660][ T5111] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 81.575078][ T5111] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 81.583043][ T5111] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [pid 5113] write(3, "1000", 4) = 4 [pid 5113] close(3) = 0 [pid 5113] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5113] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5113] write(4, "10", 2) = 2 [pid 5113] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [pid 5113] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5113] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5113] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5111] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5110] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [ 81.591016][ T5111] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 81.598991][ T5111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.606962][ T5111] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.614943][ T5111] [ 81.616525][ T5113] FAULT_INJECTION: forcing a failure. [ 81.616525][ T5113] name fail_usercopy, interval 1, probability 0, space 0, times 0 [pid 5111] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5111] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 5111] close(3) = 0 [pid 5111] close(4) = 0 [ 81.631106][ T5114] CPU: 1 PID: 5114 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 81.641528][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 81.651581][ T5114] Call Trace: [ 81.654862][ T5114] [ 81.657788][ T5114] dump_stack_lvl+0x125/0x1b0 [ 81.662475][ T5114] should_fail_ex+0x496/0x5b0 [ 81.667163][ T5114] _copy_from_user+0x30/0xf0 [ 81.671764][ T5114] __sys_bpf+0x210/0x4b20 [ 81.676098][ T5114] ? do_raw_spin_lock+0x12e/0x2b0 [ 81.681128][ T5114] ? bpf_perf_link_attach+0x540/0x540 [pid 5111] close(5) = -1 EBADF (Bad file descriptor) [pid 5111] close(6) = -1 EBADF (Bad file descriptor) [pid 5111] close(7) = -1 EBADF (Bad file descriptor) [pid 5111] close(8) = -1 EBADF (Bad file descriptor) [pid 5111] close(9) = -1 EBADF (Bad file descriptor) [pid 5111] close(10) = -1 EBADF (Bad file descriptor) [pid 5111] close(11) = -1 EBADF (Bad file descriptor) [pid 5111] close(12) = -1 EBADF (Bad file descriptor) [pid 5111] close(13) = -1 EBADF (Bad file descriptor) [pid 5111] close(14) = -1 EBADF (Bad file descriptor) [pid 5111] close(15) = -1 EBADF (Bad file descriptor) [pid 5111] close(16) = -1 EBADF (Bad file descriptor) [pid 5111] close(17) = -1 EBADF (Bad file descriptor) [pid 5111] close(18) = -1 EBADF (Bad file descriptor) [pid 5111] close(19) = -1 EBADF (Bad file descriptor) [pid 5111] close(20) = -1 EBADF (Bad file descriptor) [pid 5111] close(21) = -1 EBADF (Bad file descriptor) [pid 5111] close(22) = -1 EBADF (Bad file descriptor) [pid 5111] close(23) = -1 EBADF (Bad file descriptor) [pid 5111] close(24) = -1 EBADF (Bad file descriptor) [pid 5111] close(25) = -1 EBADF (Bad file descriptor) [pid 5111] close(26) = -1 EBADF (Bad file descriptor) [pid 5111] close(27) = -1 EBADF (Bad file descriptor) [pid 5111] close(28) = -1 EBADF (Bad file descriptor) [pid 5111] close(29) = -1 EBADF (Bad file descriptor) [pid 5111] exit_group(0) = ? [pid 5111] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555761650) = 8 [ 81.686508][ T5114] ? cgroup_update_frozen+0x144/0x6b0 [ 81.691892][ T5114] ? recalc_sigpending_tsk+0x187/0x1d0 [ 81.697350][ T5114] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 81.702569][ T5114] ? rcu_is_watching+0x12/0xb0 [ 81.707356][ T5114] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 81.713362][ T5114] ? _raw_spin_unlock_irq+0x2e/0x50 [ 81.718577][ T5114] ? ptrace_notify+0xf4/0x130 [ 81.723276][ T5114] __x64_sys_bpf+0x78/0xc0 [ 81.727704][ T5114] ? syscall_enter_from_user_mode+0x107/0x120 [ 81.733771][ T5114] do_syscall_64+0x40/0x110 [ 81.738281][ T5114] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 81.744179][ T5114] RIP: 0033:0x7fc3b1ed34f9 [ 81.744390][ T5115] FAULT_INJECTION: forcing a failure. [ 81.744390][ T5115] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.748580][ T5114] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 81.748602][ T5114] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 ./strace-static-x86_64: Process 5115 attached [pid 5115] set_robust_list(0x555555761660, 24) = 0 [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5115] setpgid(0, 0) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5115] write(3, "1000", 4) = 4 [pid 5115] close(3) = 0 [pid 5115] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5115] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5115] write(4, "10", 2) = 2 [pid 5115] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [pid 5115] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5115] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5115] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5110] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5110] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 5110] close(3) = 0 [pid 5110] close(4) = 0 [pid 5110] close(5) = -1 EBADF (Bad file descriptor) [pid 5110] close(6) = -1 EBADF (Bad file descriptor) [pid 5110] close(7) = -1 EBADF (Bad file descriptor) [pid 5110] close(8) = -1 EBADF (Bad file descriptor) [pid 5110] close(9) = -1 EBADF (Bad file descriptor) [pid 5110] close(10) = -1 EBADF (Bad file descriptor) [pid 5110] close(11) = -1 EBADF (Bad file descriptor) [pid 5110] close(12) = -1 EBADF (Bad file descriptor) [pid 5110] close(13) = -1 EBADF (Bad file descriptor) [pid 5110] close(14) = -1 EBADF (Bad file descriptor) [pid 5110] close(15) = -1 EBADF (Bad file descriptor) [pid 5110] close(16) = -1 EBADF (Bad file descriptor) [pid 5110] close(17) = -1 EBADF (Bad file descriptor) [pid 5110] close(18) = -1 EBADF (Bad file descriptor) [pid 5110] close(19) = -1 EBADF (Bad file descriptor) [pid 5110] close(20) = -1 EBADF (Bad file descriptor) [pid 5110] close(21) = -1 EBADF (Bad file descriptor) [pid 5110] close(22) = -1 EBADF (Bad file descriptor) [pid 5110] close(23) = -1 EBADF (Bad file descriptor) [pid 5110] close(24) = -1 EBADF (Bad file descriptor) [pid 5110] close(25) = -1 EBADF (Bad file descriptor) [pid 5110] close(26) = -1 EBADF (Bad file descriptor) [pid 5110] close(27) = -1 EBADF (Bad file descriptor) [pid 5110] close(28) = -1 EBADF (Bad file descriptor) [pid 5110] close(29) = -1 EBADF (Bad file descriptor) [pid 5110] exit_group(0) = ? [pid 5110] +++ exited with 0 +++ [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5065] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555761650) = 8 [ 81.789597][ T5114] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 81.797566][ T5114] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 81.805534][ T5114] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 81.813504][ T5114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.821481][ T5114] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.829469][ T5114] [ 81.833046][ T5113] CPU: 0 PID: 5113 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 81.843473][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 81.853518][ T5113] Call Trace: [ 81.856782][ T5113] [ 81.859701][ T5113] dump_stack_lvl+0x125/0x1b0 [ 81.864379][ T5113] should_fail_ex+0x496/0x5b0 [ 81.869049][ T5113] _copy_from_user+0x30/0xf0 [ 81.873634][ T5113] __sys_bpf+0x210/0x4b20 [ 81.877955][ T5113] ? do_raw_spin_lock+0x12e/0x2b0 [ 81.882970][ T5113] ? bpf_perf_link_attach+0x540/0x540 [ 81.888333][ T5113] ? cgroup_update_frozen+0x144/0x6b0 [ 81.893708][ T5113] ? recalc_sigpending_tsk+0x187/0x1d0 [ 81.899156][ T5113] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 81.904354][ T5113] ? rcu_is_watching+0x12/0xb0 [ 81.909110][ T5113] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 81.915091][ T5113] ? _raw_spin_unlock_irq+0x2e/0x50 [ 81.920283][ T5113] ? ptrace_notify+0xf4/0x130 [ 81.924956][ T5113] __x64_sys_bpf+0x78/0xc0 [ 81.929366][ T5113] ? syscall_enter_from_user_mode+0x107/0x120 [ 81.935424][ T5113] do_syscall_64+0x40/0x110 [ 81.939926][ T5113] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 81.945815][ T5113] RIP: 0033:0x7fc3b1ed34f9 [ 81.950217][ T5113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 81.969816][ T5113] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 81.978220][ T5113] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 81.986185][ T5113] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 81.994147][ T5113] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 82.002108][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.010066][ T5113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.018032][ T5113] [ 82.021167][ T5112] CPU: 0 PID: 5112 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 82.031580][ T5112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 82.041621][ T5112] Call Trace: [ 82.044890][ T5112] [ 82.047809][ T5112] dump_stack_lvl+0x125/0x1b0 [ 82.052484][ T5112] should_fail_ex+0x496/0x5b0 [ 82.057153][ T5112] _copy_from_user+0x30/0xf0 [ 82.061737][ T5112] __sys_bpf+0x210/0x4b20 [ 82.066074][ T5112] ? do_raw_spin_lock+0x12e/0x2b0 [ 82.071094][ T5112] ? bpf_perf_link_attach+0x540/0x540 [ 82.076458][ T5112] ? cgroup_update_frozen+0x144/0x6b0 [ 82.081840][ T5112] ? recalc_sigpending_tsk+0x187/0x1d0 [ 82.087302][ T5112] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 82.092508][ T5112] ? rcu_is_watching+0x12/0xb0 [ 82.097266][ T5112] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 82.103247][ T5112] ? _raw_spin_unlock_irq+0x2e/0x50 [ 82.108449][ T5112] ? ptrace_notify+0xf4/0x130 [ 82.113136][ T5112] __x64_sys_bpf+0x78/0xc0 [ 82.117553][ T5112] ? syscall_enter_from_user_mode+0x107/0x120 [ 82.123617][ T5112] do_syscall_64+0x40/0x110 [ 82.128123][ T5112] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 82.134013][ T5112] RIP: 0033:0x7fc3b1ed34f9 [ 82.138421][ T5112] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 82.158020][ T5112] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 82.166421][ T5112] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 82.174382][ T5112] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 82.182342][ T5112] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 82.190311][ T5112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.198274][ T5112] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.206239][ T5112] [ 82.209570][ T5115] CPU: 0 PID: 5115 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 82.219986][ T5115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 82.230027][ T5115] Call Trace: [ 82.233292][ T5115] [ 82.236212][ T5115] dump_stack_lvl+0x125/0x1b0 [ 82.240888][ T5115] should_fail_ex+0x496/0x5b0 [ 82.245560][ T5115] _copy_from_user+0x30/0xf0 [ 82.250144][ T5115] __sys_bpf+0x210/0x4b20 [ 82.254485][ T5115] ? do_raw_spin_lock+0x12e/0x2b0 [ 82.259513][ T5115] ? bpf_perf_link_attach+0x540/0x540 [ 82.264881][ T5115] ? cgroup_update_frozen+0x144/0x6b0 [ 82.270253][ T5115] ? recalc_sigpending_tsk+0x187/0x1d0 [ 82.275703][ T5115] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 82.280911][ T5115] ? rcu_is_watching+0x12/0xb0 [ 82.285673][ T5115] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 82.291652][ T5115] ? _raw_spin_unlock_irq+0x2e/0x50 [ 82.296853][ T5115] ? ptrace_notify+0xf4/0x130 [ 82.301536][ T5115] __x64_sys_bpf+0x78/0xc0 [ 82.305952][ T5115] ? syscall_enter_from_user_mode+0x107/0x120 [ 82.312012][ T5115] do_syscall_64+0x40/0x110 [ 82.316511][ T5115] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 82.322398][ T5115] RIP: 0033:0x7fc3b1ed34f9 [ 82.326805][ T5115] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 82.346406][ T5115] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 82.354811][ T5115] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 82.362773][ T5115] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 82.370733][ T5115] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 82.378692][ T5115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.386651][ T5115] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 ./strace-static-x86_64: Process 5116 attached [pid 5114] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5116] set_robust_list(0x555555761660, 24) = 0 [pid 5114] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5113] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5114] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 7 [pid 5113] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5116] <... prctl resumed>) = 0 [pid 5114] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 5116] setpgid(0, 0 [pid 5113] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5113] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5116] <... setpgid resumed>) = 0 [pid 5114] close(3) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5114] close(4 [pid 5113] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] close(3 [pid 5114] <... close resumed>) = 0 [pid 5113] <... close resumed>) = 0 [pid 5114] close(5 [pid 5113] close(4) = 0 [pid 5113] close(5 [pid 5116] <... openat resumed>) = 3 [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] close(6) = -1 EBADF (Bad file descriptor) [pid 5113] close(7) = -1 EBADF (Bad file descriptor) [pid 5113] close(8) = -1 EBADF (Bad file descriptor) [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] close(9 [pid 5116] write(3, "1000", 4 [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] close(10) = -1 EBADF (Bad file descriptor) [pid 5113] close(11) = -1 EBADF (Bad file descriptor) [pid 5113] close(12./strace-static-x86_64: Process 5117 attached ) = -1 EBADF (Bad file descriptor) [pid 5116] <... write resumed>) = 4 [pid 5114] close(6 [pid 5113] close(13) = -1 EBADF (Bad file descriptor) [pid 5113] close(14) = -1 EBADF (Bad file descriptor) [pid 5113] close(15) = -1 EBADF (Bad file descriptor) [pid 5113] close(16) = -1 EBADF (Bad file descriptor) [pid 5113] close(17) = -1 EBADF (Bad file descriptor) [pid 5113] close(18) = -1 EBADF (Bad file descriptor) [pid 5113] close(19 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(7 [pid 5113] close(20 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(3 [pid 5114] close(8 [pid 5113] close(21 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] set_robust_list(0x555555761660, 24 [pid 5114] close(9 [pid 5113] close(22 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(10 [pid 5113] close(23 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] <... close resumed>) = 0 [pid 5114] close(11 [pid 5113] close(24 [pid 5116] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] <... socket resumed>) = 3 [pid 5114] close(12 [pid 5113] close(25 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(13 [pid 5113] close(26 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(14 [pid 5113] close(27 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(15 [pid 5113] close(28 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5114] close(16 [pid 5113] close(29 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(17 [pid 5113] exit_group(0 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5113] <... exit_group resumed>) = ? [pid 5117] <... set_robust_list resumed>) = 0 [pid 5114] close(18 [pid 5113] +++ exited with 0 +++ [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(19 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(20) = -1 EBADF (Bad file descriptor) [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5116] <... openat resumed>) = 4 [pid 5115] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5114] close(21 [pid 5112] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5117] <... prctl resumed>) = 0 [pid 5115] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5117] setpgid(0, 0 [pid 5115] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5114] close(22 [pid 5112] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5117] <... setpgid resumed>) = 0 [pid 5116] write(4, "10", 2 [pid 5115] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5116] <... write resumed>) = 2 [pid 5115] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(23 [pid 5112] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... openat resumed>) = 3 [pid 5116] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5115] close(3 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] close(3./strace-static-x86_64: Process 5119 attached [pid 5117] write(3, "1000", 4 [pid 5114] close(24 [pid 5119] set_robust_list(0x555555761660, 24 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 8 [pid 5119] <... set_robust_list resumed>) = 0 [pid 5114] close(25 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(26 [pid 5119] <... prctl resumed>) = 0 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(27 [pid 5119] setpgid(0, 0 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... setpgid resumed>) = 0 [pid 5114] close(28 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] close(29 [pid 5119] <... openat resumed>) = 3 [pid 5114] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5114] exit_group(0) = ? [pid 5114] +++ exited with 0 +++ [pid 5119] write(3, "1000", 4 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5119] <... write resumed>) = 4 [pid 5066] <... restart_syscall resumed>) = 0 [pid 5119] close(3) = 0 [pid 5117] <... write resumed>) = 4 [pid 5115] <... close resumed>) = 0 [pid 5112] <... close resumed>) = 0 [ 82.394617][ T5115] [ 82.398436][ T922] cfg80211: failed to load regulatory.db [ 82.429830][ T5116] validate_nla: 38 callbacks suppressed [ 82.429843][ T5116] netlink: 'syz-executor229': attribute type 21 has an invalid length. [pid 5119] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5120 attached [pid 5119] <... socket resumed>) = 3 [pid 5120] set_robust_list(0x555555761660, 24 [pid 5066] <... clone resumed>, child_tidptr=0x555555761650) = 7 [pid 5120] <... set_robust_list resumed>) = 0 [pid 5119] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5120] setpgid(0, 0) = 0 [pid 5119] <... openat resumed>) = 4 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5120] write(3, "1000", 4 [pid 5119] write(4, "10", 2 [pid 5117] close(3 [pid 5116] <... sendmsg resumed>) = 216 [pid 5115] close(4 [pid 5112] close(4 [pid 5120] <... write resumed>) = 4 [pid 5119] <... write resumed>) = 2 [pid 5117] <... close resumed>) = 0 [pid 5116] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5115] <... close resumed>) = 0 [pid 5112] <... close resumed>) = 0 [pid 5120] close(3 [pid 5119] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5117] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5116] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5115] close(5 [pid 5112] close(5 [pid 5120] <... close resumed>) = 0 [pid 5117] <... socket resumed>) = 3 [pid 5116] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5116] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5120] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5117] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [ 82.444144][ T5116] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 82.454889][ T5119] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 82.458518][ T5116] FAULT_INJECTION: forcing a failure. [ 82.458518][ T5116] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.464143][ T5119] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 82.479157][ T5116] CPU: 1 PID: 5116 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 82.486874][ T5117] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 82.494641][ T5116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 82.494654][ T5116] Call Trace: [ 82.494662][ T5116] [ 82.494669][ T5116] dump_stack_lvl+0x125/0x1b0 [ 82.494700][ T5116] should_fail_ex+0x496/0x5b0 [ 82.494723][ T5116] _copy_from_user+0x30/0xf0 [ 82.533059][ T5116] __sys_bpf+0x210/0x4b20 [ 82.537388][ T5116] ? do_raw_spin_lock+0x12e/0x2b0 [ 82.542406][ T5116] ? bpf_perf_link_attach+0x540/0x540 [ 82.547772][ T5116] ? cgroup_update_frozen+0x144/0x6b0 [ 82.553143][ T5116] ? recalc_sigpending_tsk+0x187/0x1d0 [ 82.558591][ T5116] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 82.563790][ T5116] ? rcu_is_watching+0x12/0xb0 [ 82.568547][ T5116] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 82.574526][ T5116] ? _raw_spin_unlock_irq+0x2e/0x50 [ 82.579718][ T5116] ? ptrace_notify+0xf4/0x130 [ 82.584389][ T5116] __x64_sys_bpf+0x78/0xc0 [ 82.588797][ T5116] ? syscall_enter_from_user_mode+0x107/0x120 [ 82.594857][ T5116] do_syscall_64+0x40/0x110 [ 82.599360][ T5116] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 82.605245][ T5116] RIP: 0033:0x7fc3b1ed34f9 [ 82.609648][ T5116] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 82.629247][ T5116] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 82.637652][ T5116] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [pid 5120] <... socket resumed>) = 3 [pid 5119] <... sendmsg resumed>) = 216 [pid 5117] <... openat resumed>) = 4 [pid 5115] close(6 [pid 5112] close(6 [pid 5120] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5119] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5117] write(4, "10", 2 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] <... openat resumed>) = 4 [pid 5119] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5117] <... write resumed>) = 2 [pid 5115] close(7 [pid 5112] close(7 [pid 5120] write(4, "10", 2 [pid 5119] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5117] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] <... write resumed>) = 2 [pid 5115] close(8 [pid 5112] close(8 [pid 5120] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(9 [pid 5112] close(9 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(10 [pid 5112] close(10 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(11 [pid 5112] close(11 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(12 [pid 5112] close(12 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5115] close(13 [pid 5112] close(13 [pid 5119] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... bpf resumed>) = 5 [pid 5115] close(14 [pid 5112] close(14 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(15 [pid 5112] close(15 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(16 [pid 5112] close(16 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(17 [pid 5112] close(17 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(18 [pid 5112] close(18 [pid 5119] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5115] close(19 [pid 5112] close(19 [pid 5119] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... bpf resumed>) = 6 [pid 5117] <... sendmsg resumed>) = 216 [pid 5116] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5119] close(3 [pid 5116] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5119] <... close resumed>) = 0 [pid 5116] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5119] close(4 [pid 5116] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [ 82.645612][ T5116] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 82.653572][ T5116] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 82.661529][ T5116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.669489][ T5116] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.677457][ T5116] [ 82.680601][ T5117] netlink: 'syz-executor229': attribute type 1 has an invalid length. [pid 5119] <... close resumed>) = 0 [pid 5116] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(5 [pid 5116] close(3 [pid 5119] <... close resumed>) = 0 [ 82.689561][ T5120] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 82.697963][ T5117] FAULT_INJECTION: forcing a failure. [ 82.697963][ T5117] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.710991][ T5117] CPU: 0 PID: 5117 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 82.721405][ T5117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 82.731463][ T5117] Call Trace: [ 82.734739][ T5117] [ 82.737670][ T5117] dump_stack_lvl+0xd9/0x1b0 [ 82.742269][ T5117] should_fail_ex+0x496/0x5b0 [ 82.746953][ T5117] strncpy_from_user+0x38/0x300 [ 82.751813][ T5117] ? bpf_trace_run4+0x1aa/0x450 [ 82.756669][ T5117] strncpy_from_user_nofault+0x80/0x180 [ 82.762231][ T5117] bpf_probe_read_user_str+0x26/0x70 [ 82.767529][ T5117] bpf_prog_6fb7ada547f278f2+0x3d/0x3f [ 82.772993][ T5117] bpf_trace_run4+0x173/0x450 [ 82.777673][ T5117] ? bpf_trace_run3+0x430/0x430 [ 82.782531][ T5117] ? kvm_sched_clock_read+0x11/0x20 [ 82.787734][ T5117] __bpf_trace_sched_switch+0x13e/0x180 [ 82.793283][ T5117] ? __bpf_trace_ipi_raise+0xf0/0xf0 [ 82.798575][ T5117] ? psi_task_switch+0x2d9/0x900 [ 82.803520][ T5117] __schedule+0x21f3/0x5af0 [ 82.808031][ T5117] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 82.814008][ T5117] ? rcu_is_watching+0x12/0xb0 [ 82.818765][ T5117] ? io_schedule_timeout+0x150/0x150 [ 82.824049][ T5117] ? lock_release+0x4bf/0x690 [ 82.828722][ T5117] ? cgroup_enter_frozen+0x166/0x2f0 [ 82.834002][ T5117] ? schedule+0x1fc/0x270 [ 82.838326][ T5117] ? reacquire_held_locks+0x4c0/0x4c0 [ 82.843701][ T5117] ? spin_bug+0x1d0/0x1d0 [ 82.848022][ T5117] schedule+0xe9/0x270 [ 82.852088][ T5117] ptrace_stop.part.0+0x44d/0x7a0 [ 82.857105][ T5117] ptrace_do_notify+0x22f/0x2e0 [ 82.861941][ T5117] ? lock_sync+0x190/0x190 [ 82.866343][ T5117] ? ptrace_stop.part.0+0x7a0/0x7a0 [ 82.871522][ T5117] ? restore_fpregs_from_fpstate+0xc1/0x1d0 [ 82.877400][ T5117] ptrace_notify+0xc8/0x130 [ 82.881888][ T5117] syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 82.887939][ T5117] syscall_enter_from_user_mode+0x107/0x120 [ 82.894415][ T5117] do_syscall_64+0x1c/0x110 [ 82.898909][ T5117] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 82.904780][ T5117] RIP: 0033:0x7fc3b1ed34f9 [ 82.909193][ T5117] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 82.928780][ T5117] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 82.937171][ T5117] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [pid 5117] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5116] <... close resumed>) = 0 [pid 5119] close(6 [pid 5117] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5117] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5116] close(4 [pid 5112] close(20 [pid 5117] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5116] <... close resumed>) = 0 [pid 5119] <... close resumed>) = 0 [pid 5112] close(21 [pid 5119] close(7 [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... bpf resumed>) = 5 [pid 5116] close(5 [pid 5112] close(22 [pid 5119] close(8 [pid 5117] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5116] close(6 [pid 5112] close(23 [pid 5119] close(9 [pid 5117] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(7 [ 82.945140][ T5117] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 82.953088][ T5117] RBP: 0000000000000000 R08: 00000000557624c0 R09: 00000000557624c0 [ 82.961058][ T5117] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [ 82.969007][ T5117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.976967][ T5117] [ 82.987370][ T5120] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 82.995852][ T5120] FAULT_INJECTION: forcing a failure. [ 82.995852][ T5120] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.008871][ T5120] CPU: 1 PID: 5120 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 83.019260][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 83.029295][ T5120] Call Trace: [ 83.032567][ T5120] [ 83.035490][ T5120] dump_stack_lvl+0xd9/0x1b0 [ 83.040079][ T5120] should_fail_ex+0x496/0x5b0 [ 83.044740][ T5120] strncpy_from_user+0x38/0x300 [ 83.049571][ T5120] ? spin_bug+0x1d0/0x1d0 [ 83.053882][ T5120] strncpy_from_user_nofault+0x80/0x180 [ 83.059417][ T5120] bpf_probe_read_user_str+0x26/0x70 [ 83.064690][ T5120] bpf_prog_6fb7ada547f278f2+0x3d/0x3f [ 83.070128][ T5120] bpf_trace_run4+0x173/0x450 [ 83.074785][ T5120] ? bpf_trace_run3+0x430/0x430 [ 83.079618][ T5120] ? kvm_sched_clock_read+0x11/0x20 [ 83.084796][ T5120] __bpf_trace_sched_switch+0x13e/0x180 [ 83.090332][ T5120] ? __bpf_trace_ipi_raise+0xf0/0xf0 [ 83.095614][ T5120] ? psi_task_switch+0x20c/0x900 [ 83.100548][ T5120] __schedule+0x21f3/0x5af0 [ 83.105055][ T5120] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 83.111035][ T5120] ? rcu_is_watching+0x12/0xb0 [ 83.115797][ T5120] ? io_schedule_timeout+0x150/0x150 [ 83.121089][ T5120] ? lock_release+0x4bf/0x690 [ 83.125769][ T5120] ? cgroup_enter_frozen+0x166/0x2f0 [ 83.131053][ T5120] ? schedule+0x1fc/0x270 [ 83.135379][ T5120] ? reacquire_held_locks+0x4c0/0x4c0 [ 83.140752][ T5120] ? spin_bug+0x1d0/0x1d0 [ 83.145075][ T5120] schedule+0xe9/0x270 [ 83.149143][ T5120] ptrace_stop.part.0+0x44d/0x7a0 [ 83.154162][ T5120] ptrace_do_notify+0x22f/0x2e0 [ 83.159005][ T5120] ? lock_sync+0x190/0x190 [ 83.163417][ T5120] ? ptrace_stop.part.0+0x7a0/0x7a0 [ 83.168616][ T5120] ptrace_notify+0xc8/0x130 [ 83.173118][ T5120] syscall_exit_to_user_mode_prepare+0x126/0x230 [ 83.179448][ T5120] syscall_exit_to_user_mode+0xe/0x60 [ 83.184811][ T5120] do_syscall_64+0x4d/0x110 [ 83.189313][ T5120] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 83.195198][ T5120] RIP: 0033:0x7fc3b1ed34f9 [ 83.199603][ T5120] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 83.219209][ T5120] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 83.227615][ T5120] RAX: 00000000000000d8 RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 83.235575][ T5120] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003 [pid 5112] close(24 [pid 5115] close(20 [pid 5120] <... sendmsg resumed>) = 216 [pid 5119] close(10 [pid 5117] <... bpf resumed>) = 6 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(3) = 0 [pid 5117] close(4) = 0 [pid 5117] close(5) = 0 [pid 5117] close(6) = 0 [pid 5117] close(7 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(8 [pid 5115] close(21 [pid 5112] close(25 [pid 5120] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5119] close(11 [pid 5117] close(8 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(9 [pid 5115] close(22 [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(9 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(12 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(10 [pid 5120] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5115] close(23 [pid 5112] close(26 [pid 5120] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5119] close(13 [pid 5117] close(10 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(11 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(14 [pid 5117] close(11 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(24 [pid 5112] close(27 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(12 [pid 5119] close(15 [pid 5117] close(12 [pid 5115] close(25 [pid 5112] close(28 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(13 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(16 [pid 5117] close(13 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(26 [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(14 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] close(29 [pid 5119] close(17 [pid 5117] close(14 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(27 [pid 5112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(15 [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(15 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(18 [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] close(28 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(16 [pid 5116] close(16 [pid 5112] exit_group(0 [pid 5119] close(19 [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5112] <... exit_group resumed>) = ? [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(17 [pid 5116] close(17 [pid 5115] close(29 [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(20 [pid 5117] close(18 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(19) = -1 EBADF (Bad file descriptor) [pid 5115] exit_group(0 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(20 [pid 5116] close(18 [pid 5119] close(21) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(21) = -1 EBADF (Bad file descriptor) [pid 5117] close(22) = -1 EBADF (Bad file descriptor) [pid 5117] close(23) = -1 EBADF (Bad file descriptor) [pid 5119] close(22 [pid 5117] close(24) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] close(25) = -1 EBADF (Bad file descriptor) [pid 5119] close(23 [pid 5117] close(26 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(24 [pid 5117] close(27 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(25 [pid 5117] close(28 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] close(26) = -1 EBADF (Bad file descriptor) [pid 5119] close(27 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(19 [pid 5119] close(28 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(20 [pid 5115] <... exit_group resumed>) = ? [pid 5119] close(29 [pid 5117] close(29 [pid 5119] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5117] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5119] exit_group(0 [pid 5117] exit_group(0 [pid 5116] close(21 [pid 5117] <... exit_group resumed>) = ? [pid 5119] <... exit_group resumed>) = ? [pid 5117] +++ exited with 0 +++ [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5115] +++ exited with 0 +++ [pid 5116] close(22 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5116] close(23 [pid 5072] <... restart_syscall resumed>) = 0 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(24) = -1 EBADF (Bad file descriptor) [pid 5116] close(25) = -1 EBADF (Bad file descriptor) [pid 5116] close(26 [pid 5120] <... bpf resumed>) = 5 [pid 5120] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5120] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16) = 6 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5116] close(27 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5116] close(28 [pid 5120] close(3 [pid 5116] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] <... close resumed>) = 0 [pid 5120] close(4) = 0 [pid 5120] close(5) = 0 [pid 5120] close(6 [pid 5116] close(29) = -1 EBADF (Bad file descriptor) [pid 5120] <... close resumed>) = 0 [pid 5116] exit_group(0./strace-static-x86_64: Process 5121 attached [pid 5120] close(7 [pid 5116] <... exit_group resumed>) = ? [pid 5073] <... clone resumed>, child_tidptr=0x555555761650) = 9 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5121] set_robust_list(0x555555761660, 24 [pid 5120] close(8 [pid 5121] <... set_robust_list resumed>) = 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] close(9 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] close(10 [pid 5121] <... prctl resumed>) = 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5121] setpgid(0, 0 [pid 5120] close(11 [pid 5121] <... setpgid resumed>) = 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5120] close(12) = -1 EBADF (Bad file descriptor) [pid 5116] +++ exited with 0 +++ [pid 5120] close(13 [pid 5121] <... openat resumed>) = 3 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] close(14 [pid 5065] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5121] write(3, "1000", 4 [pid 5120] close(15 [pid 5121] <... write resumed>) = 4 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5121] close(3 [pid 5120] close(16 [pid 5121] <... close resumed>) = 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5120] close(17 [pid 5121] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5121] <... socket resumed>) = 3 [pid 5120] close(18 [pid 5119] +++ exited with 0 +++ [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5122 attached [pid 5121] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5120] close(19 [pid 5068] <... restart_syscall resumed>) = 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5122] set_robust_list(0x555555761660, 24 [ 83.243534][ T5120] RBP: 0000000000000000 R08: 00007ffdaa3d00c6 R09: 00000000557624c0 [ 83.251495][ T5120] R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8 [ 83.259453][ T5120] R13: 00007ffdaa3d0334 R14: 0000000000000000 R15: 00007ffdaa3d0350 [ 83.267419][ T5120] [pid 5120] close(20 [pid 5065] <... clone resumed>, child_tidptr=0x555555761650) = 9 [pid 5122] <... set_robust_list resumed>) = 0 [pid 5121] <... openat resumed>) = 4 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5120] close(21) = -1 EBADF (Bad file descriptor) [pid 5121] write(4, "10", 2 [pid 5120] close(22) = -1 EBADF (Bad file descriptor) [pid 5121] <... write resumed>) = 2 [pid 5120] close(23) = -1 EBADF (Bad file descriptor) [pid 5120] close(24 [pid 5121] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5112] +++ exited with 0 +++ [pid 5122] <... prctl resumed>) = 0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5122] setpgid(0, 0 [pid 5070] restart_syscall(<... resuming interrupted clone ...> [pid 5122] <... setpgid resumed>) = 0 [pid 5070] <... restart_syscall resumed>) = 0 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5122] write(3, "1000", 4 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5122] <... write resumed>) = 4 [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 8 [pid 5122] close(3 [pid 5070] <... clone resumed>, child_tidptr=0x555555761650) = 7 [pid 5122] <... close resumed>) = 0 [pid 5122] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 ./strace-static-x86_64: Process 5125 attached ./strace-static-x86_64: Process 5124 attached ./strace-static-x86_64: Process 5123 attached [pid 5122] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5120] close(25 [pid 5122] <... openat resumed>) = 4 [pid 5068] <... clone resumed>, child_tidptr=0x555555761650) = 9 [pid 5122] write(4, "10", 2) = 2 [pid 5122] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5125] set_robust_list(0x555555761660, 24) = 0 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5124] set_robust_list(0x555555761660, 24 [pid 5123] set_robust_list(0x555555761660, 24 [pid 5122] <... sendmsg resumed>) = 216 [pid 5121] <... sendmsg resumed>) = 216 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... set_robust_list resumed>) = 0 [pid 5123] <... set_robust_list resumed>) = 0 [pid 5122] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5121] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5120] close(26 [pid 5125] <... prctl resumed>) = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5121] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... prctl resumed>) = 0 [pid 5123] <... prctl resumed>) = 0 [pid 5120] close(27 [pid 5124] setpgid(0, 0 [pid 5123] setpgid(0, 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... setpgid resumed>) = 0 [pid 5120] close(28 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5123] <... setpgid resumed>) = 0 [pid 5120] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5120] close(29) = -1 EBADF (Bad file descriptor) [pid 5124] <... openat resumed>) = 3 [pid 5120] exit_group(0 [pid 5123] <... openat resumed>) = 3 [pid 5124] write(3, "1000", 4 [pid 5123] write(3, "1000", 4 [pid 5120] <... exit_group resumed>) = ? [pid 5124] <... write resumed>) = 4 [pid 5123] <... write resumed>) = 4 [pid 5124] close(3 [pid 5123] close(3 [pid 5124] <... close resumed>) = 0 [pid 5123] <... close resumed>) = 0 [pid 5124] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5123] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5124] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5123] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5124] <... openat resumed>) = 4 [pid 5123] <... openat resumed>) = 4 [pid 5120] +++ exited with 0 +++ [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5066] restart_syscall(<... resuming interrupted clone ...> [pid 5124] write(4, "10", 2 [pid 5125] setpgid(0, 0 [pid 5123] write(4, "10", 2 [pid 5121] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5066] <... restart_syscall resumed>) = 0 [pid 5125] <... setpgid resumed>) = 0 [pid 5124] <... write resumed>) = 2 [pid 5123] <... write resumed>) = 2 [pid 5121] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [ 83.310684][ T5121] netlink: 'syz-executor229': attribute type 21 has an invalid length. [ 83.319643][ T5121] netlink: 'syz-executor229': attribute type 1 has an invalid length. [ 83.336118][ T5122] FAULT_INJECTION: forcing a failure. [ 83.336118][ T5122] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.349224][ T5122] CPU: 0 PID: 5122 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5124] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5123] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5121] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5125] <... openat resumed>) = 3 [pid 5124] <... sendmsg resumed>) = 216 [pid 5123] <... sendmsg resumed>) = 216 [pid 5125] write(3, "1000", 4) = 4 [pid 5125] close(3) = 0 [pid 5125] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 3 [pid 5125] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5125] write(4, "10", 2) = 2 [pid 5125] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216 [pid 5125] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5125] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [ 83.359630][ T5122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 83.361857][ T5121] FAULT_INJECTION: forcing a failure. [ 83.361857][ T5121] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.369674][ T5122] Call Trace: [ 83.369685][ T5122] [ 83.369693][ T5122] dump_stack_lvl+0x125/0x1b0 [ 83.389321][ T5125] FAULT_INJECTION: forcing a failure. [ 83.389321][ T5125] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.393537][ T5122] should_fail_ex+0x496/0x5b0 [pid 5125] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5124] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5123] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5124] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5123] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5124] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5123] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5124] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5123] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5124] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555761650) = 8 [ 83.393566][ T5122] _copy_from_user+0x30/0xf0 [ 83.408867][ T5123] FAULT_INJECTION: forcing a failure. [ 83.408867][ T5123] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.411210][ T5122] __sys_bpf+0x210/0x4b20 [ 83.418618][ T5124] FAULT_INJECTION: forcing a failure. [ 83.418618][ T5124] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.428751][ T5122] ? do_raw_spin_lock+0x12e/0x2b0 [ 83.428778][ T5122] ? bpf_perf_link_attach+0x540/0x540 [ 83.428800][ T5122] ? cgroup_update_frozen+0x144/0x6b0 [ 83.461899][ T5122] ? recalc_sigpending_tsk+0x187/0x1d0 [ 83.467413][ T5122] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 83.472650][ T5122] ? rcu_is_watching+0x12/0xb0 [ 83.477428][ T5122] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 83.483429][ T5122] ? _raw_spin_unlock_irq+0x2e/0x50 [ 83.488645][ T5122] ? ptrace_notify+0xf4/0x130 [ 83.493340][ T5122] __x64_sys_bpf+0x78/0xc0 [ 83.497764][ T5122] ? syscall_enter_from_user_mode+0x107/0x120 [ 83.503836][ T5122] do_syscall_64+0x40/0x110 [ 83.508365][ T5122] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 83.514270][ T5122] RIP: 0033:0x7fc3b1ed34f9 [ 83.518693][ T5122] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 83.538310][ T5122] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 83.546722][ T5122] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 83.554692][ T5122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 83.562656][ T5122] RBP: 0000000000000000 R08: 00000000557624c0 R09: 00000000557624c0 [ 83.570622][ T5122] R10: 00007ffdaa3d00c6 R11: 0000000000000246 R12: 00000000200000d8 [ 83.578591][ T5122] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 83.586573][ T5122] [ 83.589749][ T5121] CPU: 1 PID: 5121 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 83.600169][ T5121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 83.610212][ T5121] Call Trace: [ 83.613494][ T5121] [ 83.616418][ T5121] dump_stack_lvl+0x125/0x1b0 [ 83.621093][ T5121] should_fail_ex+0x496/0x5b0 [ 83.625772][ T5121] _copy_from_user+0x30/0xf0 [ 83.630363][ T5121] __sys_bpf+0x210/0x4b20 [ 83.634686][ T5121] ? do_raw_spin_lock+0x12e/0x2b0 [ 83.639701][ T5121] ? bpf_perf_link_attach+0x540/0x540 [ 83.645062][ T5121] ? cgroup_update_frozen+0x144/0x6b0 [ 83.650441][ T5121] ? recalc_sigpending_tsk+0x187/0x1d0 [ 83.655896][ T5121] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 83.661096][ T5121] ? rcu_is_watching+0x12/0xb0 [ 83.665867][ T5121] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 83.671854][ T5121] ? _raw_spin_unlock_irq+0x2e/0x50 [ 83.677047][ T5121] ? ptrace_notify+0xf4/0x130 [ 83.681717][ T5121] __x64_sys_bpf+0x78/0xc0 [ 83.686127][ T5121] ? syscall_enter_from_user_mode+0x107/0x120 [ 83.692186][ T5121] do_syscall_64+0x40/0x110 [ 83.696686][ T5121] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 83.702570][ T5121] RIP: 0033:0x7fc3b1ed34f9 [ 83.706975][ T5121] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 83.726573][ T5121] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 83.734976][ T5121] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 83.742936][ T5121] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 83.750904][ T5121] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 83.758867][ T5121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.766825][ T5121] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 83.774795][ T5121] [ 83.777915][ T5123] CPU: 0 PID: 5123 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 83.788336][ T5123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 83.798388][ T5123] Call Trace: [ 83.801659][ T5123] [ 83.804585][ T5123] dump_stack_lvl+0x125/0x1b0 ./strace-static-x86_64: Process 5126 attached [ 83.809267][ T5123] should_fail_ex+0x496/0x5b0 [ 83.813954][ T5123] _copy_from_user+0x30/0xf0 [ 83.818548][ T5123] __sys_bpf+0x210/0x4b20 [ 83.822878][ T5123] ? do_raw_spin_lock+0x12e/0x2b0 [ 83.827901][ T5123] ? bpf_perf_link_attach+0x540/0x540 [ 83.833274][ T5123] ? cgroup_update_frozen+0x144/0x6b0 [ 83.838658][ T5123] ? recalc_sigpending_tsk+0x187/0x1d0 [ 83.844121][ T5123] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 83.849330][ T5123] ? rcu_is_watching+0x12/0xb0 [ 83.854101][ T5123] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 83.860090][ T5123] ? _raw_spin_unlock_irq+0x2e/0x50 [ 83.865289][ T5123] ? ptrace_notify+0xf4/0x130 [ 83.869971][ T5123] __x64_sys_bpf+0x78/0xc0 [ 83.874387][ T5123] ? syscall_enter_from_user_mode+0x107/0x120 [ 83.880452][ T5123] do_syscall_64+0x40/0x110 [ 83.884961][ T5123] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 83.890855][ T5123] RIP: 0033:0x7fc3b1ed34f9 [ 83.895263][ T5123] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 83.914873][ T5123] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 83.923296][ T5123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 83.931268][ T5123] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 83.939236][ T5123] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 83.947205][ T5123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.955173][ T5123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 83.963150][ T5123] [ 83.966163][ T5124] CPU: 1 PID: 5124 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 83.976580][ T5124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 83.986632][ T5124] Call Trace: [ 83.989914][ T5124] [ 83.992845][ T5124] dump_stack_lvl+0x125/0x1b0 [ 83.997531][ T5124] should_fail_ex+0x496/0x5b0 [ 84.002212][ T5124] _copy_from_user+0x30/0xf0 [ 84.006810][ T5124] __sys_bpf+0x210/0x4b20 [ 84.011158][ T5124] ? do_raw_spin_lock+0x12e/0x2b0 [ 84.016197][ T5124] ? bpf_perf_link_attach+0x540/0x540 [ 84.021585][ T5124] ? cgroup_update_frozen+0x144/0x6b0 [ 84.026979][ T5124] ? recalc_sigpending_tsk+0x187/0x1d0 [ 84.032439][ T5124] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 84.037029][ T5126] FAULT_INJECTION: forcing a failure. [ 84.037029][ T5126] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.037635][ T5124] ? rcu_is_watching+0x12/0xb0 [ 84.055399][ T5124] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 84.061388][ T5124] ? _raw_spin_unlock_irq+0x2e/0x50 [ 84.066594][ T5124] ? ptrace_notify+0xf4/0x130 [ 84.071272][ T5124] __x64_sys_bpf+0x78/0xc0 [ 84.075695][ T5124] ? syscall_enter_from_user_mode+0x107/0x120 [ 84.081773][ T5124] do_syscall_64+0x40/0x110 [ 84.086301][ T5124] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 84.092200][ T5124] RIP: 0033:0x7fc3b1ed34f9 [ 84.096618][ T5124] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 84.116223][ T5124] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.124628][ T5124] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 84.132587][ T5124] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 84.140545][ T5124] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 84.148503][ T5124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.156462][ T5124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [pid 5126] set_robust_list(0x555555761660, 24 [pid 5122] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5121] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5126] <... set_robust_list resumed>) = 0 [pid 5122] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5121] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5122] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5121] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5126] <... prctl resumed>) = 0 [pid 5122] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5121] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5126] setpgid(0, 0 [pid 5121] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... setpgid resumed>) = 0 [pid 5121] close(3 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5121] <... close resumed>) = 0 [pid 5126] <... openat resumed>) = 3 [pid 5121] close(4 [pid 5126] write(3, "1000", 4 [pid 5121] <... close resumed>) = 0 [pid 5126] <... write resumed>) = 4 [pid 5121] close(5 [pid 5126] close(3 [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = 0 [pid 5121] close(6 [pid 5126] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... socket resumed>) = 3 [pid 5121] close(7 [pid 5126] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... openat resumed>) = 4 [pid 5121] close(8 [pid 5126] write(4, "10", 2 [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... write resumed>) = 2 [pid 5121] close(9 [pid 5126] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... sendmsg resumed>) = 216 [pid 5121] close(10 [pid 5126] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5121] close(11 [pid 5126] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5121] close(12) = -1 EBADF (Bad file descriptor) [pid 5121] close(13) = -1 EBADF (Bad file descriptor) [pid 5121] close(14) = -1 EBADF (Bad file descriptor) [pid 5121] close(15) = -1 EBADF (Bad file descriptor) [pid 5121] close(16) = -1 EBADF (Bad file descriptor) [pid 5121] close(17) = -1 EBADF (Bad file descriptor) [pid 5121] close(18) = -1 EBADF (Bad file descriptor) [pid 5121] close(19) = -1 EBADF (Bad file descriptor) [pid 5121] close(20 [pid 5126] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5121] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5121] close(21) = -1 EBADF (Bad file descriptor) [pid 5121] close(22) = -1 EBADF (Bad file descriptor) [pid 5121] close(23) = -1 EBADF (Bad file descriptor) [pid 5121] close(24) = -1 EBADF (Bad file descriptor) [pid 5121] close(25) = -1 EBADF (Bad file descriptor) [pid 5121] close(26) = -1 EBADF (Bad file descriptor) [pid 5121] close(27) = -1 EBADF (Bad file descriptor) [pid 5121] close(28) = -1 EBADF (Bad file descriptor) [pid 5121] close(29) = -1 EBADF (Bad file descriptor) [pid 5121] exit_group(0) = ? [pid 5121] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=9, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555761650) = 10 ./strace-static-x86_64: Process 5127 attached [pid 5122] <... bpf resumed>) = 5 [pid 5122] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5127] set_robust_list(0x555555761660, 24 [pid 5124] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5123] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5122] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5127] <... set_robust_list resumed>) = 0 [pid 5123] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5123] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5127] <... prctl resumed>) = 0 [pid 5123] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5127] setpgid(0, 0 [pid 5123] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5127] <... setpgid resumed>) = 0 [pid 5123] close(3 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5123] <... close resumed>) = 0 [pid 5127] <... openat resumed>) = 3 [pid 5123] close(4) = 0 [pid 5123] close(5) = -1 EBADF (Bad file descriptor) [pid 5123] close(6) = -1 EBADF (Bad file descriptor) [pid 5123] close(7) = -1 EBADF (Bad file descriptor) [pid 5123] close(8) = -1 EBADF (Bad file descriptor) [pid 5123] close(9) = -1 EBADF (Bad file descriptor) [pid 5123] close(10) = -1 EBADF (Bad file descriptor) [pid 5127] write(3, "1000", 4 [pid 5123] close(11 [pid 5127] <... write resumed>) = 4 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5123] close(12 [pid 5127] close(3 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5127] <... close resumed>) = 0 [pid 5123] close(13 [pid 5127] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5127] <... socket resumed>) = 3 [pid 5123] close(14 [pid 5127] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5127] <... openat resumed>) = 4 [pid 5123] close(15 [pid 5127] write(4, "10", 2 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5123] close(16) = -1 EBADF (Bad file descriptor) [pid 5123] close(17 [pid 5127] <... write resumed>) = 2 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5127] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5123] close(18 [pid 5127] <... sendmsg resumed>) = 216 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5123] close(19 [pid 5127] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5127] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5123] close(20 [pid 5127] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5127] <... perf_event_open resumed>) = -1 EFAULT (Bad address) [pid 5123] close(21 [ 84.164428][ T5124] [ 84.170408][ T5126] CPU: 0 PID: 5126 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 84.180849][ T5126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 84.181261][ T5127] FAULT_INJECTION: forcing a failure. [ 84.181261][ T5127] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.190893][ T5126] Call Trace: [ 84.190902][ T5126] [ 84.190909][ T5126] dump_stack_lvl+0x125/0x1b0 [ 84.190939][ T5126] should_fail_ex+0x496/0x5b0 [ 84.190962][ T5126] _copy_from_user+0x30/0xf0 [ 84.190989][ T5126] __sys_bpf+0x210/0x4b20 [ 84.191012][ T5126] ? do_raw_spin_lock+0x12e/0x2b0 [ 84.191035][ T5126] ? bpf_perf_link_attach+0x540/0x540 [ 84.191058][ T5126] ? cgroup_update_frozen+0x144/0x6b0 [ 84.191092][ T5126] ? recalc_sigpending_tsk+0x187/0x1d0 [ 84.191115][ T5126] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 84.191150][ T5126] ? rcu_is_watching+0x12/0xb0 [ 84.191176][ T5126] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 84.191207][ T5126] ? _raw_spin_unlock_irq+0x2e/0x50 [ 84.191232][ T5126] ? ptrace_notify+0xf4/0x130 [ 84.191259][ T5126] __x64_sys_bpf+0x78/0xc0 [ 84.191287][ T5126] ? syscall_enter_from_user_mode+0x107/0x120 [ 84.191311][ T5126] do_syscall_64+0x40/0x110 [ 84.191339][ T5126] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 84.191364][ T5126] RIP: 0033:0x7fc3b1ed34f9 [ 84.191381][ T5126] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 84.320268][ T5126] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.328676][ T5126] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 84.336638][ T5126] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 84.344600][ T5126] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 84.352562][ T5126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [pid 5127] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5122] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=5}}, 16 [pid 5126] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5124] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5126] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5124] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5126] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5124] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5123] close(22 [pid 5126] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5124] close(3 [pid 5126] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = 0 [pid 5126] close(3 [pid 5124] close(4 [pid 5126] <... close resumed>) = 0 [pid 5124] <... close resumed>) = 0 [pid 5124] close(5 [pid 5126] close(4 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = 0 [pid 5124] close(6 [pid 5126] close(5 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(7 [pid 5126] close(6 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(8 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(7 [pid 5124] close(9 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(8 [pid 5124] close(10) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(11 [pid 5126] close(9 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(12 [pid 5126] close(10 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(13 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(11 [pid 5124] close(14 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(15 [pid 5126] close(12 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(16 [pid 5126] close(13 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(17 [pid 5126] close(14 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(18) = -1 EBADF (Bad file descriptor) [pid 5126] close(15 [pid 5124] close(19 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(16 [pid 5124] close(20 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(17 [pid 5124] close(21 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(22 [pid 5126] close(18 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(23 [pid 5126] close(19 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(24 [pid 5126] close(20 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(25 [pid 5126] close(21 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(26 [pid 5126] close(22 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(27 [pid 5126] close(23 [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] close(28 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(24 [pid 5124] close(29 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(25 [pid 5124] exit_group(0 [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5124] <... exit_group resumed>) = ? [pid 5124] +++ exited with 0 +++ [pid 5126] close(26 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5126] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5126] close(27) = -1 EBADF (Bad file descriptor) [pid 5126] close(28) = -1 EBADF (Bad file descriptor) [pid 5126] close(29) = -1 EBADF (Bad file descriptor) [ 84.360521][ T5126] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 84.368490][ T5126] [ 84.376216][ T5125] CPU: 0 PID: 5125 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 84.386657][ T5125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 84.396717][ T5125] Call Trace: [ 84.400002][ T5125] [ 84.402940][ T5125] dump_stack_lvl+0x125/0x1b0 [ 84.407639][ T5125] should_fail_ex+0x496/0x5b0 [pid 5126] exit_group(0) = ? [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5126] +++ exited with 0 +++ [pid 5072] <... clone resumed>, child_tidptr=0x555555761650) = 9 [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [ 84.412335][ T5125] _copy_from_user+0x30/0xf0 [ 84.416951][ T5125] __sys_bpf+0x210/0x4b20 [ 84.421290][ T5125] ? do_raw_spin_lock+0x12e/0x2b0 [ 84.426318][ T5125] ? bpf_perf_link_attach+0x540/0x540 [ 84.431681][ T5125] ? cgroup_update_frozen+0x144/0x6b0 [ 84.437054][ T5125] ? recalc_sigpending_tsk+0x187/0x1d0 [ 84.442503][ T5125] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 84.447706][ T5125] ? rcu_is_watching+0x12/0xb0 [ 84.452463][ T5125] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 84.458443][ T5125] ? _raw_spin_unlock_irq+0x2e/0x50 [ 84.463640][ T5125] ? ptrace_notify+0xf4/0x130 [ 84.468315][ T5125] __x64_sys_bpf+0x78/0xc0 [ 84.472723][ T5125] ? syscall_enter_from_user_mode+0x107/0x120 [ 84.478787][ T5125] do_syscall_64+0x40/0x110 [ 84.483285][ T5125] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 84.489173][ T5125] RIP: 0033:0x7fc3b1ed34f9 [ 84.493576][ T5125] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 84.513172][ T5125] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.521577][ T5125] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 84.529538][ T5125] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 84.537502][ T5125] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 84.545461][ T5125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.553421][ T5125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 84.561391][ T5125] [pid 5066] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [ 84.567020][ T5127] CPU: 1 PID: 5127 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 84.577460][ T5127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 84.587521][ T5127] Call Trace: [ 84.590802][ T5127] [ 84.593736][ T5127] dump_stack_lvl+0x125/0x1b0 [ 84.598427][ T5127] should_fail_ex+0x496/0x5b0 [ 84.603101][ T5127] _copy_from_user+0x30/0xf0 [ 84.607689][ T5127] __sys_bpf+0x210/0x4b20 [ 84.612012][ T5127] ? do_raw_spin_lock+0x12e/0x2b0 [ 84.617026][ T5127] ? bpf_perf_link_attach+0x540/0x540 [ 84.622389][ T5127] ? cgroup_update_frozen+0x144/0x6b0 [ 84.627763][ T5127] ? recalc_sigpending_tsk+0x187/0x1d0 [ 84.633212][ T5127] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 84.638408][ T5127] ? rcu_is_watching+0x12/0xb0 [ 84.643168][ T5127] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 84.649148][ T5127] ? _raw_spin_unlock_irq+0x2e/0x50 [ 84.654338][ T5127] ? ptrace_notify+0xf4/0x130 [ 84.659012][ T5127] __x64_sys_bpf+0x78/0xc0 [ 84.663419][ T5127] ? syscall_enter_from_user_mode+0x107/0x120 [ 84.669478][ T5127] do_syscall_64+0x40/0x110 [ 84.674672][ T5127] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 84.680555][ T5127] RIP: 0033:0x7fc3b1ed34f9 [ 84.684959][ T5127] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 84.704556][ T5127] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5129 attached ./strace-static-x86_64: Process 5128 attached [pid 5125] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5123] close(23 [pid 5129] set_robust_list(0x555555761660, 24 [pid 5128] set_robust_list(0x555555761660, 24 [pid 5125] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... set_robust_list resumed>) = 0 [pid 5128] <... set_robust_list resumed>) = 0 [pid 5125] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5123] close(24 [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5125] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... prctl resumed>) = 0 [pid 5128] <... prctl resumed>) = 0 [pid 5125] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5123] close(25 [pid 5129] setpgid(0, 0 [pid 5128] setpgid(0, 0 [pid 5125] close(3 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... setpgid resumed>) = 0 [pid 5128] <... setpgid resumed>) = 0 [pid 5125] <... close resumed>) = 0 [pid 5123] close(26 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... openat resumed>) = 3 [pid 5128] <... openat resumed>) = 3 [pid 5125] close(4 [pid 5123] close(27 [pid 5129] write(3, "1000", 4 [pid 5128] write(3, "1000", 4 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... write resumed>) = 4 [pid 5128] <... write resumed>) = 4 [pid 5125] <... close resumed>) = 0 [pid 5123] close(28 [pid 5129] close(3 [pid 5128] close(3 [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... close resumed>) = 0 [pid 5128] <... close resumed>) = 0 [pid 5125] close(5 [pid 5123] close(29 [pid 5129] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5128] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE [pid 5123] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... socket resumed>) = 3 [pid 5128] <... socket resumed>) = 3 [pid 5125] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5123] exit_group(0 [pid 5129] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5128] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5123] <... exit_group resumed>) = ? [pid 5129] <... openat resumed>) = 4 [pid 5128] <... openat resumed>) = 4 [pid 5125] close(6 [pid 5123] +++ exited with 0 +++ [pid 5129] write(4, "10", 2 [pid 5128] write(4, "10", 2 [pid 5125] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5129] <... write resumed>) = 2 [pid 5128] <... write resumed>) = 2 [pid 5129] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [ 84.712960][ T5127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 84.720918][ T5127] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 84.728877][ T5127] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [ 84.736837][ T5127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.744799][ T5127] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 84.752770][ T5127] [pid 5128] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x44\xb9\x04\x02\x1d\x08\x00\x14\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x04\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\xa4\x00\x01\x40\x03\x00\x00\x00\x03\x60\x10\xfa\xb9\x4d\xcf\x5c\x04\x61\xc1\xd6\x7f\x6f\x94\x00\x71\x34\xcf\x6e\xe0\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5125] close(7 [pid 5129] <... sendmsg resumed>) = 216 [pid 5128] <... sendmsg resumed>) = 216 [pid 5129] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0 [pid 5128] bpf(BPF_RAW_TRACEPOINT_OPEN, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5128] perf_event_open(NULL, 0, -1, -1, PERF_FLAG_FD_NO_GROUP|PERF_FLAG_FD_CLOEXEC) = -1 EFAULT (Bad address) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=9, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5066] <... clone resumed>, child_tidptr=0x555555761650) = 9 [pid 5128] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000340, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5125] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555761650) = 10 [ 84.782588][ T5129] FAULT_INJECTION: forcing a failure. [ 84.782588][ T5129] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.796945][ T5128] FAULT_INJECTION: forcing a failure. [ 84.796945][ T5128] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.810184][ T5128] CPU: 0 PID: 5128 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 84.820605][ T5128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [pid 5125] close(8) = -1 EBADF (Bad file descriptor) [pid 5125] close(9) = -1 EBADF (Bad file descriptor) [pid 5125] close(10) = -1 EBADF (Bad file descriptor) [pid 5125] close(11) = -1 EBADF (Bad file descriptor) [ 84.830660][ T5128] Call Trace: [ 84.833945][ T5128] [ 84.836881][ T5128] dump_stack_lvl+0x125/0x1b0 [ 84.841561][ T5128] should_fail_ex+0x496/0x5b0 [ 84.846230][ T5128] _copy_from_user+0x30/0xf0 [ 84.850815][ T5128] __sys_bpf+0x210/0x4b20 [ 84.855138][ T5128] ? do_raw_spin_lock+0x12e/0x2b0 [ 84.860153][ T5128] ? bpf_perf_link_attach+0x540/0x540 [ 84.865514][ T5128] ? cgroup_update_frozen+0x144/0x6b0 [ 84.870885][ T5128] ? recalc_sigpending_tsk+0x187/0x1d0 [ 84.876341][ T5128] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 84.881537][ T5128] ? rcu_is_watching+0x12/0xb0 [ 84.886296][ T5128] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 84.892276][ T5128] ? _raw_spin_unlock_irq+0x2e/0x50 [ 84.897466][ T5128] ? ptrace_notify+0xf4/0x130 [ 84.902139][ T5128] __x64_sys_bpf+0x78/0xc0 [ 84.906545][ T5128] ? syscall_enter_from_user_mode+0x107/0x120 [ 84.912603][ T5128] do_syscall_64+0x40/0x110 [ 84.917101][ T5128] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 84.922987][ T5128] RIP: 0033:0x7fc3b1ed34f9 [ 84.927391][ T5128] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 84.947088][ T5128] RSP: 002b:00007ffdaa3d0328 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.955491][ T5128] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc3b1ed34f9 [ 84.963453][ T5128] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 84.971417][ T5128] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000557624c0 [pid 5125] close(12) = -1 EBADF (Bad file descriptor) ./strace-static-x86_64: Process 5130 attached [pid 5125] close(13 [pid 5128] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5125] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5122] <... bpf resumed>) = 6 [pid 5125] close(14) = -1 EBADF (Bad file descriptor) [pid 5125] close(15 [pid 5128] bpf(BPF_MAP_CREATE, NULL, 0 [pid 5125] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5122] close(3 [pid 5125] close(16 [pid 5122] <... close resumed>) = 0 [pid 5128] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 5125] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5122] close(4 [pid 5130] set_robust_list(0x555555761660, 24 [pid 5128] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16 [pid 5127] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5125] close(17 [pid 5127] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5127] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 5127] close(3) = 0 [pid 5127] close(4) = 0 [pid 5127] close(5) = -1 EBADF (Bad file descriptor) [pid 5127] close(6) = -1 EBADF (Bad file descriptor) [pid 5127] close(7) = -1 EBADF (Bad file descriptor) [pid 5127] close(8) = -1 EBADF (Bad file descriptor) [pid 5127] close(9) = -1 EBADF (Bad file descriptor) [pid 5127] close(10) = -1 EBADF (Bad file descriptor) [pid 5127] close(11) = -1 EBADF (Bad file descriptor) [pid 5127] close(12) = -1 EBADF (Bad file descriptor) [pid 5127] close(13) = -1 EBADF (Bad file descriptor) [pid 5127] close(14) = -1 EBADF (Bad file descriptor) [pid 5127] close(15) = -1 EBADF (Bad file descriptor) [pid 5127] close(16) = -1 EBADF (Bad file descriptor) [pid 5127] close(17) = -1 EBADF (Bad file descriptor) [pid 5127] close(18) = -1 EBADF (Bad file descriptor) [pid 5127] close(19) = -1 EBADF (Bad file descriptor) [pid 5127] close(20) = -1 EBADF (Bad file descriptor) [pid 5127] close(21) = -1 EBADF (Bad file descriptor) [pid 5127] close(22) = -1 EBADF (Bad file descriptor) [pid 5127] close(23) = -1 EBADF (Bad file descriptor) [pid 5127] close(24) = -1 EBADF (Bad file descriptor) [pid 5127] close(25) = -1 EBADF (Bad file descriptor) [pid 5127] close(26) = -1 EBADF (Bad file descriptor) [pid 5127] close(27) = -1 EBADF (Bad file descriptor) [pid 5127] close(28) = -1 EBADF (Bad file descriptor) [pid 5127] close(29) = -1 EBADF (Bad file descriptor) [pid 5127] exit_group(0) = ? [pid 5130] <... set_robust_list resumed>) = 0 [pid 5128] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 5125] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 5122] <... close resumed>) = 0 [ 84.979377][ T5128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.987339][ T5128] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 84.995304][ T5128] [ 85.006441][ T5129] CPU: 1 PID: 5129 Comm: syz-executor229 Not tainted 6.7.0-rc3-syzkaller-00778-g2ebe81c81435 #0 [ 85.016878][ T5129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 85.026932][ T5129] Call Trace: [ 85.030208][ T5129] [ 85.033140][ T5129] dump_stack_lvl+0x125/0x1b0 [ 85.037823][ T5129] should_fail_ex+0x496/0x5b0 [ 85.042494][ T5129] _copy_from_user+0x30/0xf0 [ 85.047082][ T5129] __sys_bpf+0x210/0x4b20 [ 85.051404][ T5129] ? do_raw_spin_lock+0x12e/0x2b0 [ 85.056418][ T5129] ? bpf_perf_link_attach+0x540/0x540 [ 85.061782][ T5129] ? cgroup_update_frozen+0x144/0x6b0 [ 85.067157][ T5129] ? recalc_sigpending_tsk+0x187/0x1d0 [ 85.072608][ T5129] ? ptrace_stop.part.0+0x5c2/0x7a0 [ 85.077812][ T5129] ? rcu_is_watching+0x12/0xb0