./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor880651206

<...>
Warning: Permanently added '10.128.0.24' (ED25519) to the list of known hosts.
execve("./syz-executor880651206", ["./syz-executor880651206"], 0x7ffc0ee4c350 /* 10 vars */) = 0
brk(NULL)                               = 0x555556700000
brk(0x555556700d40)                     = 0x555556700d40
arch_prctl(ARCH_SET_FS, 0x5555567003c0) = 0
set_tid_address(0x555556700690)         = 292
set_robust_list(0x5555567006a0, 24)     = 0
rseq(0x555556700ce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor880651206", 4096) = 27
getrandom("\x0b\x17\x8c\xd2\xfb\x36\x34\x3f", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556700d40
brk(0x555556721d40)                     = 0x555556721d40
brk(0x555556722000)                     = 0x555556722000
mprotect(0x7fcacb3ce000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556700690) = 293
./strace-static-x86_64: Process 293 attached
[pid   293] set_robust_list(0x5555567006a0, 24) = 0
[pid   293] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid   293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   293] setsid()                    = 1
[pid   293] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid   293] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid   293] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid   293] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid   293] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid   293] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid   293] unshare(CLONE_NEWNS)        = 0
[pid   293] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid   293] unshare(CLONE_NEWIPC)       = -1 EINVAL (Invalid argument)
[pid   293] unshare(CLONE_NEWCGROUP)    = 0
[pid   293] unshare(CLONE_NEWUTS)       = 0
[pid   293] unshare(CLONE_SYSVSEM)      = 0
[pid   293] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   293] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   293] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   293] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   293] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   293] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   293] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   293] getpid()                    = 1
[pid   293] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   293] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   293] unshare(CLONE_NEWNET)       = 0
[pid   293] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid   293] write(3, "0 65535", 7)      = 7
[pid   293] close(3)                    = 0
[pid   293] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid   293] dup2(3, 200)                = 200
[pid   293] close(3)                    = 0
[pid   293] ioctl(200, TUNSETIFF, 0x7ffc9e13bb60) = 0
[pid   293] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid   293] write(3, "0", 1)            = 1
[pid   293] close(3)                    = 0
[pid   293] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid   293] write(3, "0", 1)            = 1
[pid   293] close(3)                    = 0
[pid   293] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid   293] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   293] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   293] close(4)                    = 0
[pid   293] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid   293] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   293] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   293] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   293] close(4)                    = 0
[pid   293] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid   293] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   293] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   293] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   293] close(4)                    = 0
[pid   293] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid   293] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   293] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   293] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   293] close(4)                    = 0
[pid   293] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid   293] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   293] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   293] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   293] close(4)                    = 0
[pid   293] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid   293] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   293] close(3)                    = 0
[pid   293] mkdir("/dev/binderfs", 0777) = 0
[pid   293] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid   293] symlink("/dev/binderfs", "./binderfs") = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556700690) = 2
./strace-static-x86_64: Process 294 attached
[pid   294] set_robust_list(0x5555567006a0, 24) = 0
[pid   294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   294] setpgid(0, 0)               = 0
[pid   294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   294] write(3, "1000", 4)         = 4
[pid   294] close(3)                    = 0
[pid   294] read(200, 0x7ffc9e13b6c0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   294] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   294] rt_sigaction(SIGRT_1, {sa_handler=0x7fcacb371cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fcacb363330}, NULL, 8) = 0
[pid   294] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   294] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fcacb2ea000
[pid   294] mprotect(0x7fcacb2eb000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   294] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   294] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fcacb30a990, parent_tid=0x7fcacb30a990, exit_signal=0, stack=0x7fcacb2ea000, stack_size=0x20300, tls=0x7fcacb30a6c0} => {parent_tid=[3]}, 88) = 3
[pid   294] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   294] futex(0x7fcacb3d43c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   294] futex(0x7fcacb3d43cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 295 attached
 <unfinished ...>
[pid   295] set_robust_list(0x7fcacb30a9a0, 24) = 0
[pid   295] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   295] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   295] write(3, "64", 2)           = 2
[   20.086985][   T30] audit: type=1400 audit(1695896228.916:66): avc:  denied  { execmem } for  pid=292 comm="syz-executor880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   20.090413][   T30] audit: type=1400 audit(1695896228.916:67): avc:  denied  { integrity } for  pid=292 comm="syz-executor880" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   20.093922][   T30] audit: type=1400 audit(1695896228.916:68): avc:  denied  { mounton } for  pid=293 comm="syz-executor880" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   20.097576][   T30] audit: type=1400 audit(1695896228.916:69): avc:  denied  { mount } for  pid=293 comm="syz-executor880" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   20.100657][   T30] audit: type=1400 audit(1695896228.916:70): avc:  denied  { mounton } for  pid=293 comm="syz-executor880" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   20.111703][   T30] audit: type=1400 audit(1695896228.936:71): avc:  denied  { create } for  pid=289 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   20.126438][  T295] FAULT_INJECTION: forcing a failure.
[   20.126438][  T295] name failslab, interval 1, probability 0, space 0, times 1
[   20.132562][   T30] audit: type=1400 audit(1695896228.936:72): avc:  denied  { write } for  pid=289 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   20.145516][  T295] CPU: 1 PID: 295 Comm: syz-executor880 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0
[   20.165575][   T30] audit: type=1400 audit(1695896228.936:73): avc:  denied  { nlmsg_read } for  pid=289 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   20.174964][  T295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   20.174980][  T295] Call Trace:
[   20.174985][  T295]  <TASK>
[   20.174992][  T295]  dump_stack_lvl+0x151/0x1b7
[   20.175026][  T295]  ? io_uring_drop_tctx_refs+0x190/0x190
[   20.196317][   T30] audit: type=1400 audit(1695896228.936:74): avc:  denied  { module_request } for  pid=289 comm="strace-static-x" kmod="net-pf-16-proto-4-type-16" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   20.205597][  T295]  dump_stack+0x15/0x17
[   20.208938][   T30] audit: type=1400 audit(1695896228.936:75): avc:  denied  { read } for  pid=289 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   20.211497][  T295]  should_fail+0x3c6/0x510
[   20.272862][  T295]  __should_failslab+0xa4/0xe0
[   20.277459][  T295]  ? anon_vma_fork+0xf7/0x4e0
[   20.281970][  T295]  should_failslab+0x9/0x20
[   20.286313][  T295]  slab_pre_alloc_hook+0x37/0xd0
[   20.291092][  T295]  ? anon_vma_fork+0xf7/0x4e0
[   20.295597][  T295]  kmem_cache_alloc+0x44/0x200
[   20.300196][  T295]  anon_vma_fork+0xf7/0x4e0
[   20.304535][  T295]  ? anon_vma_name+0x43/0x70
[   20.308965][  T295]  ? vm_area_dup+0x17a/0x230
[   20.313389][  T295]  copy_mm+0xa3a/0x13e0
[   20.317383][  T295]  ? copy_signal+0x610/0x610
[   20.321808][  T295]  ? __init_rwsem+0xd6/0x1c0
[   20.326235][  T295]  ? copy_signal+0x4e3/0x610
[   20.330662][  T295]  copy_process+0x12bc/0x3260
[   20.335177][  T295]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   20.340121][  T295]  ? __kasan_check_write+0x14/0x20
[   20.345067][  T295]  kernel_clone+0x21e/0x9e0
[   20.349414][  T295]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.354447][  T295]  ? create_io_thread+0x1e0/0x1e0
[   20.359305][  T295]  __x64_sys_clone+0x23f/0x290
[   20.363905][  T295]  ? __do_sys_vfork+0x130/0x130
[   20.368589][  T295]  ? __kasan_check_read+0x11/0x20
[   20.373451][  T295]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   20.379268][  T295]  do_syscall_64+0x3d/0xb0
[   20.383516][  T295]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   20.389263][  T295] RIP: 0033:0x7fcacb34a0a9
[   20.393500][  T295] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   20.413033][  T295] RSP: 002b:00007fcacb30a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   20.421270][  T295] RAX: ffffffffffffffda RBX: 00007fcacb3d43c8 RCX: 00007fcacb34a0a9
[   20.429083][  T295] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[pid   295] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   294] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   295] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   295] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   295] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   294] close(3)                    = 0
[pid   294] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   294] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   294] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   294] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   294] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   294] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   294] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   294] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   294] exit_group(0)               = ?
[pid   295] <... futex resumed>)        = ?
[pid   295] +++ exited with 0 +++
[pid   294] +++ exited with 0 +++
[pid   293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   293] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556700690) = 4
./strace-static-x86_64: Process 296 attached
[pid   296] set_robust_list(0x5555567006a0, 24) = 0
[pid   296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   296] setpgid(0, 0)               = 0
[pid   296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   296] write(3, "1000", 4)         = 4
[pid   296] close(3)                    = 0
[pid   296] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   296] read(200, 0x7ffc9e13b6c0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   296] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   296] rt_sigaction(SIGRT_1, {sa_handler=0x7fcacb371cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fcacb363330}, NULL, 8) = 0
[pid   296] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   296] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fcacb2ea000
[pid   296] mprotect(0x7fcacb2eb000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   296] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   296] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fcacb30a990, parent_tid=0x7fcacb30a990, exit_signal=0, stack=0x7fcacb2ea000, stack_size=0x20300, tls=0x7fcacb30a6c0}./strace-static-x86_64: Process 297 attached
 <unfinished ...>
[pid   297] set_robust_list(0x7fcacb30a9a0, 24) = 0
[pid   297] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   297] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   296] <... clone3 resumed> => {parent_tid=[5]}, 88) = 5
[pid   296] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   296] futex(0x7fcacb3d43c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   297] <... futex resumed>)        = 0
[pid   296] futex(0x7fcacb3d43cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   297] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   297] write(3, "64", 2)           = 2
[   20.436893][  T295] RBP: 00007fcacb3d43c0 R08: 0000000000000000 R09: 0000000000003436
[   20.444992][  T295] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcacb3d43cc
[   20.452798][  T295] R13: 00007fcacb30a210 R14: 0000000000000002 R15: 00007fcacb3a101d
[   20.460613][  T295]  </TASK>
[   20.479222][  T297] FAULT_INJECTION: forcing a failure.
[   20.479222][  T297] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   20.492283][  T297] CPU: 0 PID: 297 Comm: syz-executor880 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0
[   20.502300][  T297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   20.512194][  T297] Call Trace:
[   20.515318][  T297]  <TASK>
[   20.518093][  T297]  dump_stack_lvl+0x151/0x1b7
[   20.522611][  T297]  ? io_uring_drop_tctx_refs+0x190/0x190
[   20.528079][  T297]  ? sched_clock+0x9/0x10
[   20.532241][  T297]  dump_stack+0x15/0x17
[   20.536231][  T297]  should_fail+0x3c6/0x510
[   20.540499][  T297]  should_fail_alloc_page+0x5a/0x80
[   20.545523][  T297]  prepare_alloc_pages+0x15c/0x700
[   20.550469][  T297]  ? __alloc_pages_bulk+0xe60/0xe60
[   20.555504][  T297]  __alloc_pages+0x138/0x5e0
[   20.559929][  T297]  ? prep_new_page+0x110/0x110
[   20.564525][  T297]  ? __alloc_pages+0x206/0x5e0
[   20.569126][  T297]  ? prep_new_page+0x110/0x110
[   20.573727][  T297]  ? __kasan_check_write+0x14/0x20
[   20.578672][  T297]  ? _raw_spin_lock+0xa4/0x1b0
[   20.583272][  T297]  pte_alloc_one+0x73/0x1b0
[   20.587610][  T297]  ? pfn_modify_allowed+0x2f0/0x2f0
[   20.592647][  T297]  ? __pmd_alloc+0x48d/0x550
[   20.597082][  T297]  __pte_alloc+0x86/0x350
[   20.601240][  T297]  ? __pud_alloc+0x260/0x260
[   20.605664][  T297]  ? free_pgtables+0x280/0x280
[   20.610267][  T297]  ? __stack_depot_save+0x34/0x470
[   20.615215][  T297]  ? anon_vma_clone+0x9a/0x500
[   20.619811][  T297]  copy_page_range+0x28a8/0x2f90
[   20.624584][  T297]  ? __kasan_slab_alloc+0xb1/0xe0
[   20.629447][  T297]  ? slab_post_alloc_hook+0x53/0x2c0
[   20.634569][  T297]  ? kernel_clone+0x21e/0x9e0
[   20.639078][  T297]  ? do_syscall_64+0x3d/0xb0
[   20.643523][  T297]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   20.649410][  T297]  ? pfn_valid+0x1e0/0x1e0
[   20.653660][  T297]  ? rwsem_write_trylock+0x15b/0x290
[   20.658779][  T297]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[   20.665034][  T297]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[   20.670586][  T297]  ? __rb_insert_augmented+0x5de/0x610
[   20.675883][  T297]  copy_mm+0xc7e/0x13e0
[   20.679874][  T297]  ? copy_signal+0x610/0x610
[   20.684298][  T297]  ? __init_rwsem+0xd6/0x1c0
[   20.688727][  T297]  ? copy_signal+0x4e3/0x610
[   20.693162][  T297]  copy_process+0x12bc/0x3260
[   20.697666][  T297]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   20.702609][  T297]  ? __kasan_check_write+0x14/0x20
[   20.707558][  T297]  kernel_clone+0x21e/0x9e0
[   20.711901][  T297]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.716929][  T297]  ? create_io_thread+0x1e0/0x1e0
[   20.721792][  T297]  __x64_sys_clone+0x23f/0x290
[   20.726396][  T297]  ? __do_sys_vfork+0x130/0x130
[   20.731080][  T297]  ? __kasan_check_read+0x11/0x20
[   20.735936][  T297]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   20.741751][  T297]  do_syscall_64+0x3d/0xb0
[   20.746009][  T297]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   20.751734][  T297] RIP: 0033:0x7fcacb34a0a9
[   20.756012][  T297] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   297] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   296] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   297] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   297] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   297] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   296] close(3)                    = 0
[pid   296] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   296] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   296] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   296] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   296] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   296] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   296] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   296] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   296] exit_group(0)               = ?
[pid   297] <... futex resumed>)        = ?
[pid   297] +++ exited with 0 +++
[pid   296] +++ exited with 0 +++
[pid   293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   293] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556700690) = 6
./strace-static-x86_64: Process 299 attached
[pid   299] set_robust_list(0x5555567006a0, 24) = 0
[pid   299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   299] setpgid(0, 0)               = 0
[pid   299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "1000", 4)         = 4
[pid   299] close(3)                    = 0
[pid   299] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   299] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   299] read(200, 0x7ffc9e13b6c0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   299] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   299] rt_sigaction(SIGRT_1, {sa_handler=0x7fcacb371cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fcacb363330}, NULL, 8) = 0
[pid   299] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   299] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fcacb2ea000
[pid   299] mprotect(0x7fcacb2eb000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   299] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   299] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fcacb30a990, parent_tid=0x7fcacb30a990, exit_signal=0, stack=0x7fcacb2ea000, stack_size=0x20300, tls=0x7fcacb30a6c0} => {parent_tid=[7]}, 88) = 7
[pid   299] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   299] futex(0x7fcacb3d43c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   299] futex(0x7fcacb3d43cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 300 attached
 <unfinished ...>
[pid   300] set_robust_list(0x7fcacb30a9a0, 24) = 0
[pid   300] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   300] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   300] write(3, "64", 2)           = 2
[   20.775533][  T297] RSP: 002b:00007fcacb30a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   20.783769][  T297] RAX: ffffffffffffffda RBX: 00007fcacb3d43c8 RCX: 00007fcacb34a0a9
[   20.791579][  T297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   20.799391][  T297] RBP: 00007fcacb3d43c0 R08: 0000000000000000 R09: 0000000000003436
[   20.807214][  T297] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcacb3d43cc
[   20.815023][  T297] R13: 00007fcacb30a210 R14: 0000000000000002 R15: 00007fcacb3a101d
[   20.822854][  T297]  </TASK>
[   20.837075][  T300] FAULT_INJECTION: forcing a failure.
[   20.837075][  T300] name failslab, interval 1, probability 0, space 0, times 0
[   20.849575][  T300] CPU: 1 PID: 300 Comm: syz-executor880 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0
[   20.859643][  T300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   20.869532][  T300] Call Trace:
[   20.872652][  T300]  <TASK>
[   20.875427][  T300]  dump_stack_lvl+0x151/0x1b7
[   20.879944][  T300]  ? io_uring_drop_tctx_refs+0x190/0x190
[   20.885414][  T300]  dump_stack+0x15/0x17
[   20.889405][  T300]  should_fail+0x3c6/0x510
[   20.893654][  T300]  __should_failslab+0xa4/0xe0
[   20.898254][  T300]  ? vm_area_dup+0x26/0x230
[   20.902593][  T300]  should_failslab+0x9/0x20
[   20.906932][  T300]  slab_pre_alloc_hook+0x37/0xd0
[   20.911714][  T300]  ? vm_area_dup+0x26/0x230
[   20.916046][  T300]  kmem_cache_alloc+0x44/0x200
[   20.920646][  T300]  vm_area_dup+0x26/0x230
[   20.924811][  T300]  copy_mm+0x9a1/0x13e0
[   20.928808][  T300]  ? copy_signal+0x610/0x610
[   20.933232][  T300]  ? __init_rwsem+0xd6/0x1c0
[   20.937660][  T300]  ? copy_signal+0x4e3/0x610
[   20.942085][  T300]  copy_process+0x12bc/0x3260
[   20.946600][  T300]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   20.951543][  T300]  ? __kasan_check_write+0x14/0x20
[   20.956491][  T300]  kernel_clone+0x21e/0x9e0
[   20.960836][  T300]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.965870][  T300]  ? create_io_thread+0x1e0/0x1e0
[   20.970727][  T300]  __x64_sys_clone+0x23f/0x290
[   20.975329][  T300]  ? __do_sys_vfork+0x130/0x130
[   20.980017][  T300]  ? __kasan_check_read+0x11/0x20
[   20.984875][  T300]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   20.990715][  T300]  do_syscall_64+0x3d/0xb0
[   20.995044][  T300]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.000772][  T300] RIP: 0033:0x7fcacb34a0a9
[   21.005028][  T300] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   21.024485][  T300] RSP: 002b:00007fcacb30a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   300] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   299] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   300] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   300] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   299] close(3)                    = 0
[pid   299] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   299] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   299] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   299] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   299] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   299] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   299] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   299] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   299] exit_group(0 <unfinished ...>
[pid   300] <... futex resumed>)        = ?
[pid   299] <... exit_group resumed>)   = ?
[pid   300] +++ exited with 0 +++
[pid   299] +++ exited with 0 +++
[pid   293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   293] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556700690) = 8
./strace-static-x86_64: Process 301 attached
[pid   301] set_robust_list(0x5555567006a0, 24) = 0
[pid   301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   301] setpgid(0, 0)               = 0
[pid   301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   301] write(3, "1000", 4)         = 4
[pid   301] close(3)                    = 0
[pid   301] read(200, 0x7ffc9e13b6c0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   301] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   301] rt_sigaction(SIGRT_1, {sa_handler=0x7fcacb371cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fcacb363330}, NULL, 8) = 0
[pid   301] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fcacb2ea000
[pid   301] mprotect(0x7fcacb2eb000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   301] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   301] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fcacb30a990, parent_tid=0x7fcacb30a990, exit_signal=0, stack=0x7fcacb2ea000, stack_size=0x20300, tls=0x7fcacb30a6c0}./strace-static-x86_64: Process 302 attached
 <unfinished ...>
[pid   302] set_robust_list(0x7fcacb30a9a0, 24) = 0
[pid   302] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   302] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   301] <... clone3 resumed> => {parent_tid=[9]}, 88) = 9
[pid   301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   301] futex(0x7fcacb3d43c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   302] <... futex resumed>)        = 0
[pid   301] futex(0x7fcacb3d43cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   302] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   302] write(3, "64", 2)           = 2
[   21.032716][  T300] RAX: ffffffffffffffda RBX: 00007fcacb3d43c8 RCX: 00007fcacb34a0a9
[   21.040523][  T300] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   21.048333][  T300] RBP: 00007fcacb3d43c0 R08: 0000000000000000 R09: 0000000000003436
[   21.056142][  T300] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcacb3d43cc
[   21.063952][  T300] R13: 00007fcacb30a210 R14: 0000000000000002 R15: 00007fcacb3a101d
[   21.071766][  T300]  </TASK>
[pid   302] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   301] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   21.089238][  T302] FAULT_INJECTION: forcing a failure.
[   21.089238][  T302] name failslab, interval 1, probability 0, space 0, times 0
[   21.101757][  T302] CPU: 0 PID: 302 Comm: syz-executor880 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0
[   21.111699][  T302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   21.121593][  T302] Call Trace:
[   21.124716][  T302]  <TASK>
[   21.127532][  T302]  dump_stack_lvl+0x151/0x1b7
[   21.132013][  T302]  ? io_uring_drop_tctx_refs+0x190/0x190
[   21.137479][  T302]  dump_stack+0x15/0x17
[   21.141468][  T302]  should_fail+0x3c6/0x510
[   21.145721][  T302]  __should_failslab+0xa4/0xe0
[   21.150322][  T302]  ? anon_vma_fork+0xf7/0x4e0
[   21.154838][  T302]  should_failslab+0x9/0x20
[   21.159172][  T302]  slab_pre_alloc_hook+0x37/0xd0
[   21.163948][  T302]  ? anon_vma_fork+0xf7/0x4e0
[   21.168469][  T302]  kmem_cache_alloc+0x44/0x200
[   21.173059][  T302]  anon_vma_fork+0xf7/0x4e0
[   21.177397][  T302]  ? anon_vma_name+0x43/0x70
[   21.181824][  T302]  ? vm_area_dup+0x17a/0x230
[   21.186252][  T302]  copy_mm+0xa3a/0x13e0
[   21.190252][  T302]  ? copy_signal+0x610/0x610
[   21.194672][  T302]  ? __init_rwsem+0xd6/0x1c0
[   21.199094][  T302]  ? copy_signal+0x4e3/0x610
[   21.203522][  T302]  copy_process+0x12bc/0x3260
[   21.208037][  T302]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.212984][  T302]  ? __kasan_check_write+0x14/0x20
[   21.217930][  T302]  kernel_clone+0x21e/0x9e0
[   21.222272][  T302]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.227311][  T302]  ? create_io_thread+0x1e0/0x1e0
[   21.232164][  T302]  __x64_sys_clone+0x23f/0x290
[   21.236762][  T302]  ? __do_sys_vfork+0x130/0x130
[   21.241496][  T302]  ? __kasan_check_read+0x11/0x20
[   21.246328][  T302]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   21.252131][  T302]  do_syscall_64+0x3d/0xb0
[   21.256378][  T302]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.262107][  T302] RIP: 0033:0x7fcacb34a0a9
[   21.266362][  T302] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   302] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   302] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   302] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   301] close(3)                    = 0
[pid   301] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   301] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   301] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   301] exit_group(0 <unfinished ...>
[pid   302] <... futex resumed>)        = ?
[pid   301] <... exit_group resumed>)   = ?
[pid   302] +++ exited with 0 +++
[pid   301] +++ exited with 0 +++
[pid   293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   293] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556700690) = 10
./strace-static-x86_64: Process 303 attached
[pid   303] set_robust_list(0x5555567006a0, 24) = 0
[pid   303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   303] setpgid(0, 0)               = 0
[pid   303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   303] write(3, "1000", 4)         = 4
[pid   303] close(3)                    = 0
[pid   303] read(200, 0x7ffc9e13b6c0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   303] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   303] rt_sigaction(SIGRT_1, {sa_handler=0x7fcacb371cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fcacb363330}, NULL, 8) = 0
[pid   303] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   303] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fcacb2ea000
[pid   303] mprotect(0x7fcacb2eb000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   303] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   303] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fcacb30a990, parent_tid=0x7fcacb30a990, exit_signal=0, stack=0x7fcacb2ea000, stack_size=0x20300, tls=0x7fcacb30a6c0} => {parent_tid=[11]}, 88) = 11
[pid   303] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   303] futex(0x7fcacb3d43c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   303] futex(0x7fcacb3d43cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 304 attached
 <unfinished ...>
[pid   304] set_robust_list(0x7fcacb30a9a0, 24) = 0
[pid   304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   304] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   304] write(3, "64", 2)           = 2
[   21.285801][  T302] RSP: 002b:00007fcacb30a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   21.294044][  T302] RAX: ffffffffffffffda RBX: 00007fcacb3d43c8 RCX: 00007fcacb34a0a9
[   21.301879][  T302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   21.309754][  T302] RBP: 00007fcacb3d43c0 R08: 0000000000000000 R09: 0000000000003436
[   21.317567][  T302] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcacb3d43cc
[   21.325376][  T302] R13: 00007fcacb30a210 R14: 0000000000000002 R15: 00007fcacb3a101d
[   21.333191][  T302]  </TASK>
[   21.346515][  T304] FAULT_INJECTION: forcing a failure.
[   21.346515][  T304] name failslab, interval 1, probability 0, space 0, times 0
[   21.358969][  T304] CPU: 1 PID: 304 Comm: syz-executor880 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0
[   21.368986][  T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   21.378878][  T304] Call Trace:
[   21.382002][  T304]  <TASK>
[   21.384873][  T304]  dump_stack_lvl+0x151/0x1b7
[   21.389380][  T304]  ? io_uring_drop_tctx_refs+0x190/0x190
[   21.394847][  T304]  dump_stack+0x15/0x17
[   21.398840][  T304]  should_fail+0x3c6/0x510
[   21.403092][  T304]  __should_failslab+0xa4/0xe0
[   21.407694][  T304]  ? anon_vma_fork+0x1df/0x4e0
[   21.412298][  T304]  should_failslab+0x9/0x20
[   21.416633][  T304]  slab_pre_alloc_hook+0x37/0xd0
[   21.421408][  T304]  ? anon_vma_fork+0x1df/0x4e0
[   21.426004][  T304]  kmem_cache_alloc+0x44/0x200
[   21.430605][  T304]  anon_vma_fork+0x1df/0x4e0
[   21.435032][  T304]  copy_mm+0xa3a/0x13e0
[   21.439025][  T304]  ? copy_signal+0x610/0x610
[   21.443458][  T304]  ? __init_rwsem+0xd6/0x1c0
[   21.447876][  T304]  ? copy_signal+0x4e3/0x610
[   21.452302][  T304]  copy_process+0x12bc/0x3260
[   21.456819][  T304]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.461768][  T304]  ? __kasan_check_write+0x14/0x20
[   21.466712][  T304]  kernel_clone+0x21e/0x9e0
[   21.471054][  T304]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.476084][  T304]  ? create_io_thread+0x1e0/0x1e0
[   21.480946][  T304]  __x64_sys_clone+0x23f/0x290
[   21.485545][  T304]  ? __do_sys_vfork+0x130/0x130
[   21.490231][  T304]  ? __kasan_check_read+0x11/0x20
[   21.495093][  T304]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   21.500919][  T304]  do_syscall_64+0x3d/0xb0
[   21.505163][  T304]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.510892][  T304] RIP: 0033:0x7fcacb34a0a9
[   21.515142][  T304] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   21.534584][  T304] RSP: 002b:00007fcacb30a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   304] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   303] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   304] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   304] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   303] close(3)                    = 0
[pid   303] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   303] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   303] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   303] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   303] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   303] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   303] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   303] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   303] exit_group(0 <unfinished ...>
[pid   304] <... futex resumed>)        = ?
[pid   303] <... exit_group resumed>)   = ?
[pid   304] +++ exited with 0 +++
[pid   303] +++ exited with 0 +++
[pid   293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   293] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556700690) = 12
./strace-static-x86_64: Process 305 attached
[pid   305] set_robust_list(0x5555567006a0, 24) = 0
[pid   305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   305] setpgid(0, 0)               = 0
[pid   305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   305] write(3, "1000", 4)         = 4
[pid   305] close(3)                    = 0
[pid   305] read(200, 0x7ffc9e13b6c0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   305] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   305] rt_sigaction(SIGRT_1, {sa_handler=0x7fcacb371cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fcacb363330}, NULL, 8) = 0
[pid   305] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fcacb2ea000
[pid   305] mprotect(0x7fcacb2eb000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fcacb30a990, parent_tid=0x7fcacb30a990, exit_signal=0, stack=0x7fcacb2ea000, stack_size=0x20300, tls=0x7fcacb30a6c0}./strace-static-x86_64: Process 306 attached
 => {parent_tid=[13]}, 88) = 13
[pid   306] set_robust_list(0x7fcacb30a9a0, 24) = 0
[pid   306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   306] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   305] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   305] futex(0x7fcacb3d43c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   306] <... futex resumed>)        = 0
[pid   306] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   306] write(3, "64", 2)           = 2
[pid   306] clone(child_stack=NULL, flags=0 <unfinished ...>
[   21.542827][  T304] RAX: ffffffffffffffda RBX: 00007fcacb3d43c8 RCX: 00007fcacb34a0a9
[   21.550638][  T304] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   21.558452][  T304] RBP: 00007fcacb3d43c0 R08: 0000000000000000 R09: 0000000000003436
[   21.566261][  T304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcacb3d43cc
[   21.574070][  T304] R13: 00007fcacb30a210 R14: 0000000000000002 R15: 00007fcacb3a101d
[   21.581884][  T304]  </TASK>
[pid   305] futex(0x7fcacb3d43cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[   21.599765][  T306] FAULT_INJECTION: forcing a failure.
[   21.599765][  T306] name failslab, interval 1, probability 0, space 0, times 0
[   21.612212][  T306] CPU: 1 PID: 306 Comm: syz-executor880 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0
[   21.622236][  T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   21.632133][  T306] Call Trace:
[   21.635257][  T306]  <TASK>
[   21.638033][  T306]  dump_stack_lvl+0x151/0x1b7
[   21.642548][  T306]  ? io_uring_drop_tctx_refs+0x190/0x190
[   21.648016][  T306]  dump_stack+0x15/0x17
[   21.652008][  T306]  should_fail+0x3c6/0x510
[   21.656258][  T306]  __should_failslab+0xa4/0xe0
[   21.660859][  T306]  ? anon_vma_fork+0x1df/0x4e0
[   21.665468][  T306]  should_failslab+0x9/0x20
[   21.669797][  T306]  slab_pre_alloc_hook+0x37/0xd0
[   21.674571][  T306]  ? anon_vma_fork+0x1df/0x4e0
[   21.679170][  T306]  kmem_cache_alloc+0x44/0x200
[   21.683770][  T306]  anon_vma_fork+0x1df/0x4e0
[   21.688197][  T306]  copy_mm+0xa3a/0x13e0
[   21.692191][  T306]  ? copy_signal+0x610/0x610
[   21.696617][  T306]  ? __init_rwsem+0xd6/0x1c0
[   21.701042][  T306]  ? copy_signal+0x4e3/0x610
[   21.705470][  T306]  copy_process+0x12bc/0x3260
[   21.710071][  T306]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.715034][  T306]  ? __kasan_check_write+0x14/0x20
[   21.719964][  T306]  kernel_clone+0x21e/0x9e0
[   21.724304][  T306]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.729337][  T306]  ? create_io_thread+0x1e0/0x1e0
[   21.734197][  T306]  __x64_sys_clone+0x23f/0x290
[   21.738796][  T306]  ? __do_sys_vfork+0x130/0x130
[   21.743485][  T306]  ? __kasan_check_read+0x11/0x20
[   21.748343][  T306]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   21.754167][  T306]  do_syscall_64+0x3d/0xb0
[   21.758431][  T306]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.764141][  T306] RIP: 0033:0x7fcacb34a0a9
[   21.768392][  T306] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   21.787842][  T306] RSP: 002b:00007fcacb30a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   21.796082][  T306] RAX: ffffffffffffffda RBX: 00007fcacb3d43c8 RCX: 00007fcacb34a0a9
[   21.803890][  T306] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   21.811701][  T306] RBP: 00007fcacb3d43c0 R08: 0000000000000000 R09: 0000000000003436
[   21.819514][  T306] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcacb3d43cc
[   21.827323][  T306] R13: 00007fcacb30a210 R14: 0000000000000002 R15: 00007fcacb3a101d
[   21.835226][  T306]  </TASK>
[   21.838306][  T306] ==================================================================
[   21.846175][  T306] BUG: KASAN: double-free or invalid-free in kfree+0xc8/0x220
[   21.853471][  T306] 
[   21.855625][  T306] CPU: 0 PID: 306 Comm: syz-executor880 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0
[   21.865693][  T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   21.875589][  T306] Call Trace:
[   21.878712][  T306]  <TASK>
[   21.881490][  T306]  dump_stack_lvl+0x151/0x1b7
[   21.886005][  T306]  ? io_uring_drop_tctx_refs+0x190/0x190
[   21.891473][  T306]  ? __wake_up_klogd+0xd5/0x110
[   21.896158][  T306]  ? panic+0x751/0x751
[   21.900062][  T306]  ? kfree+0xc8/0x220
[   21.903879][  T306]  print_address_description+0x87/0x3b0
[   21.909267][  T306]  ? kfree+0xc8/0x220
[   21.913080][  T306]  ? kfree+0xc8/0x220
[   21.916899][  T306]  kasan_report_invalid_free+0x6b/0xa0
[   21.922193][  T306]  ____kasan_slab_free+0x13e/0x160
[   21.927145][  T306]  __kasan_slab_free+0x11/0x20
[   21.931740][  T306]  slab_free_freelist_hook+0xbd/0x190
[   21.936950][  T306]  ? anon_vma_name_free+0x15/0x20
[   21.941807][  T306]  kfree+0xc8/0x220
[   21.945467][  T306]  anon_vma_name_free+0x15/0x20
[   21.950142][  T306]  vm_area_free_no_check+0xa6/0x130
[   21.955180][  T306]  copy_mm+0xefb/0x13e0
[   21.959172][  T306]  ? copy_signal+0x610/0x610
[   21.963596][  T306]  ? __init_rwsem+0xd6/0x1c0
[   21.968020][  T306]  ? copy_signal+0x4e3/0x610
[   21.972448][  T306]  copy_process+0x12bc/0x3260
[   21.976962][  T306]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.981905][  T306]  ? __kasan_check_write+0x14/0x20
[   21.986855][  T306]  kernel_clone+0x21e/0x9e0
[   21.991193][  T306]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.996228][  T306]  ? create_io_thread+0x1e0/0x1e0
[   22.001090][  T306]  __x64_sys_clone+0x23f/0x290
[   22.005692][  T306]  ? __do_sys_vfork+0x130/0x130
[   22.010376][  T306]  ? __kasan_check_read+0x11/0x20
[   22.015232][  T306]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   22.021048][  T306]  do_syscall_64+0x3d/0xb0
[   22.025303][  T306]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   22.031030][  T306] RIP: 0033:0x7fcacb34a0a9
[   22.035286][  T306] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   22.054725][  T306] RSP: 002b:00007fcacb30a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   22.062970][  T306] RAX: ffffffffffffffda RBX: 00007fcacb3d43c8 RCX: 00007fcacb34a0a9
[   22.070779][  T306] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   22.078599][  T306] RBP: 00007fcacb3d43c0 R08: 0000000000000000 R09: 0000000000003436
[   22.086404][  T306] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcacb3d43cc
[   22.094221][  T306] R13: 00007fcacb30a210 R14: 0000000000000002 R15: 00007fcacb3a101d
[   22.102030][  T306]  </TASK>
[   22.104900][  T306] 
[   22.107059][  T306] Allocated by task 292:
[   22.111143][  T306]  __kasan_slab_alloc+0xb1/0xe0
[   22.115827][  T306]  slab_post_alloc_hook+0x53/0x2c0
[   22.120773][  T306]  kmem_cache_alloc+0xf5/0x200
[   22.125374][  T306]  vm_area_dup+0x26/0x230
[   22.129539][  T306]  copy_mm+0x9a1/0x13e0
[   22.133532][  T306]  copy_process+0x12bc/0x3260
[   22.138046][  T306]  kernel_clone+0x21e/0x9e0
[   22.142416][  T306]  __x64_sys_clone+0x23f/0x290
[   22.146983][  T306]  do_syscall_64+0x3d/0xb0
[   22.151237][  T306]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   22.156966][  T306] 
[   22.159134][  T306] The buggy address belongs to the object at ffff88811e85d000
[   22.159134][  T306]  which belongs to the cache vm_area_struct of size 232
[   22.173459][  T306] The buggy address is located 88 bytes inside of
[   22.173459][  T306]  232-byte region [ffff88811e85d000, ffff88811e85d0e8)
[   22.186476][  T306] The buggy address belongs to the page:
[   22.191945][  T306] page:ffffea00047a1740 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e85d
[   22.202013][  T306] flags: 0x4000000000000200(slab|zone=1)
[   22.207484][  T306] raw: 4000000000000200 0000000000000000 dead000000000122 ffff8881001bd080
[   22.215901][  T306] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[   22.224315][  T306] page dumped because: kasan: bad access detected
[   22.230574][  T306] page_owner tracks the page as allocated
[   22.236122][  T306] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 292, ts 20088978313, free_ts 0
[   22.251397][  T306]  post_alloc_hook+0x1a3/0x1b0
[   22.255993][  T306]  prep_new_page+0x1b/0x110
[   22.260332][  T306]  get_page_from_freelist+0x3550/0x35d0
[   22.265715][  T306]  __alloc_pages+0x206/0x5e0
[   22.270140][  T306]  new_slab+0x9a/0x4e0
[   22.274047][  T306]  ___slab_alloc+0x39e/0x830
[   22.278557][  T306]  __slab_alloc+0x4a/0x90
[   22.282722][  T306]  kmem_cache_alloc+0x134/0x200
[   22.287409][  T306]  vm_area_dup+0x26/0x230
[   22.291579][  T306]  copy_mm+0x9a1/0x13e0
[   22.295571][  T306]  copy_process+0x12bc/0x3260
[   22.300082][  T306]  kernel_clone+0x21e/0x9e0
[   22.304421][  T306]  __x64_sys_clone+0x23f/0x290
[   22.309021][  T306]  do_syscall_64+0x3d/0xb0
[   22.313274][  T306]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   22.319004][  T306] page_owner free stack trace missing
[   22.324212][  T306] 
[   22.326381][  T306] Memory state around the buggy address:
[   22.331852][  T306]  ffff88811e85cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.339749][  T306]  ffff88811e85cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[pid   306] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   306] futex(0x7fcacb3d43cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   306] futex(0x7fcacb3d43c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   305] close(3)                    = 0
[pid   305] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   305] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   305] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   305] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   305] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   305] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   305] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   305] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   305] exit_group(0)               = ?
[pid   306] <... futex resumed>)        = ?
[pid   306] +++ exited with 0 +++
[pid   305] +++ exited with 0 +++
[pid   293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   293] restart_syscall(<... resuming interrupted clone ...>) = 0
[   22.347646][  T306] >ffff88811e85d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.355544][  T306]                                                     ^
[   22.362315][  T306]  ffff88811e85d080: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[   22.370212][  T306]  ffff88811e85d100: fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb
[   22.378121][  T306] ==================================================================
[   22.386008][  T306] Disabling lock debugging due to kernel taint
[   22.399157][  T293] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
[   22.410672][  T293] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[   22.418915][  T293] CPU: 1 PID: 293 Comm: syz-executor880 Tainted: G    B             5.15.131-syzkaller-00653-gea586874d2f9 #0
[   22.430371][  T293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   22.440269][  T293] RIP: 0010:__rb_insert_augmented+0x91/0x610
[   22.446081][  T293] Code: 00 74 08 4c 89 ef e8 7e b8 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 50 b8 2b ff 48 89 d8 48 8b 1b 4c
[   22.465522][  T293] RSP: 0018:ffffc900007cf8f8 EFLAGS: 00010202
[   22.471423][  T293] RAX: 0000000000000000 RBX: 0000000000000008 RCX: dffffc0000000000
[   22.479236][  T293] RDX: ffffffff81a4c130 RSI: ffff88810be2daf0 RDI: ffff88811ee17ac0
[   22.487047][  T293] RBP: ffffc900007cf960 R08: dffffc0000000000 R09: ffff88811ee17ac8
[   22.494857][  T293] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   22.502837][  T293] R13: ffff88811e85d058 R14: 0000000000000001 R15: ffff88811ee17ac0
[   22.510646][  T293] FS:  00005555567003c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   22.519409][  T293] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   22.525836][  T293] CR2: 00007fcacb3a0808 CR3: 000000011e859000 CR4: 00000000003506a0
[   22.533645][  T293] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   22.541452][  T293] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   22.549350][  T293] Call Trace:
[   22.552477][  T293]  <TASK>
[   22.555255][  T293]  ? __die_body+0x62/0xb0
[   22.559419][  T293]  ? die_addr+0x9f/0xd0
[   22.563413][  T293]  ? exc_general_protection+0x311/0x4b0
[   22.568793][  T293]  ? asm_exc_general_protection+0x27/0x30
[   22.574351][  T293]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[   22.580598][  T293]  ? __rb_insert_augmented+0x91/0x610
[   22.585807][  T293]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[   22.592054][  T293]  vma_interval_tree_insert_after+0x2be/0x2d0
[   22.597954][  T293]  copy_mm+0xba2/0x13e0
[   22.601947][  T293]  ? copy_signal+0x610/0x610
[   22.606372][  T293]  ? __init_rwsem+0xd6/0x1c0
[   22.610799][  T293]  ? copy_signal+0x4e3/0x610
[   22.615228][  T293]  copy_process+0x12bc/0x3260
[   22.619740][  T293]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   22.624685][  T293]  ? __kasan_check_write+0x14/0x20
[   22.629633][  T293]  kernel_clone+0x21e/0x9e0
[   22.633972][  T293]  ? _raw_spin_unlock_irq+0x4e/0x70
[   22.639010][  T293]  ? create_io_thread+0x1e0/0x1e0
[   22.643867][  T293]  __x64_sys_clone+0x23f/0x290
[   22.648466][  T293]  ? __do_sys_vfork+0x130/0x130
[   22.653153][  T293]  ? __kasan_check_read+0x11/0x20
[   22.658012][  T293]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   22.663827][  T293]  do_syscall_64+0x3d/0xb0
[   22.668084][  T293]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   22.673810][  T293] RIP: 0033:0x7fcacb347f03
[   22.678063][  T293] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[   22.697502][  T293] RSP: 002b:00007ffc9e13b9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   22.705746][  T293] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcacb347f03
[   22.713560][  T293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[   22.721373][  T293] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffc9e1e20b0
[   22.729184][  T293] R10: 0000555556700690 R11: 0000000000000246 R12: 0000000000000001
[   22.736993][  T293] R13: 00007ffc9e13badc R14: 00007ffc9e13bb30 R15: 00007ffc9e13bb20
[   22.744806][  T293]  </TASK>
[   22.747680][  T293] Modules linked in:
[   22.751551][  T293] ---[ end trace fa6b92b8c2636720 ]---
[   22.756843][  T293] RIP: 0010:__rb_insert_augmented+0x91/0x610
[   22.762622][  T293] Code: 00 74 08 4c 89 ef e8 7e b8 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 50 b8 2b ff 48 89 d8 48 8b 1b 4c
[   22.782228][  T293] RSP: 0018:ffffc900007cf8f8 EFLAGS: 00010202
[   22.788130][  T293] RAX: 0000000000000000 RBX: 0000000000000008 RCX: dffffc0000000000
[   22.795930][  T293] RDX: ffffffff81a4c130 RSI: ffff88810be2daf0 RDI: ffff88811ee17ac0
[   22.803722][  T293] RBP: ffffc900007cf960 R08: dffffc0000000000 R09: ffff88811ee17ac8
[   22.811581][  T293] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   22.819358][  T293] R13: ffff88811e85d058 R14: 0000000000000001 R15: ffff88811ee17ac0
[   22.827193][  T293] FS:  00005555567003c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   22.835947][  T293] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   22.842343][  T293] CR2: 00007fcacb30a670 CR3: 000000011e859000 CR4: 00000000003506b0
[   22.850221][  T293] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   22.857989][  T293] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   22.865779][  T293] Kernel panic - not syncing: Fatal exception
[   22.871842][  T293] Kernel Offset: disabled
[   22.875958][  T293] Rebooting in 86400 seconds..