./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor879111733 <...> [ 11.712781][ T30] audit: type=1400 audit(1697032617.596:63): avc: denied { write } for pid=224 comm="sh" path="pipe:[949]" dev="pipefs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 11.716091][ T30] audit: type=1400 audit(1697032617.596:64): avc: denied { rlimitinh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.719024][ T30] audit: type=1400 audit(1697032617.596:65): avc: denied { siginh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.242' (ED25519) to the list of known hosts. execve("./syz-executor879111733", ["./syz-executor879111733"], 0x7ffff0eaeb90 /* 10 vars */) = 0 brk(NULL) = 0x555556029000 brk(0x555556029d40) = 0x555556029d40 arch_prctl(ARCH_SET_FS, 0x5555560293c0) = 0 set_tid_address(0x555556029690) = 293 set_robust_list(0x5555560296a0, 24) = 0 rseq(0x555556029ce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor879111733", 4096) = 27 getrandom("\x98\x11\x33\xa8\x55\xa4\xaf\x41", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556029d40 brk(0x55555604ad40) = 0x55555604ad40 brk(0x55555604b000) = 0x55555604b000 mprotect(0x7fee0c307000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 294 ./strace-static-x86_64: Process 294 attached [pid 294] set_robust_list(0x5555560296a0, 24) = 0 [pid 294] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 294] setsid() = 1 [pid 294] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 294] unshare(CLONE_NEWNS) = 0 [pid 294] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 294] unshare(CLONE_NEWIPC) = -1 EINVAL (Invalid argument) [pid 294] unshare(CLONE_NEWCGROUP) = 0 [pid 294] unshare(CLONE_NEWUTS) = 0 [pid 294] unshare(CLONE_SYSVSEM) = 0 [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] getpid() = 1 [pid 294] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< {parent_tid=[3]}, 88) = 3 [pid 295] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 295] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 296 attached [pid 296] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 296] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 296] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 296] write(3, "65", 2) = 2 [ 20.084979][ T30] audit: type=1400 audit(1697032625.986:71): avc: denied { create } for pid=290 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 20.104835][ T296] FAULT_INJECTION: forcing a failure. [ 20.104835][ T296] name failslab, interval 1, probability 0, space 0, times 1 [ 20.106706][ T30] audit: type=1400 audit(1697032625.986:72): avc: denied { write } for pid=290 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 20.118715][ T296] CPU: 1 PID: 296 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 20.138634][ T30] audit: type=1400 audit(1697032625.986:73): avc: denied { nlmsg_read } for pid=290 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 20.148504][ T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 20.148514][ T296] Call Trace: [ 20.148519][ T296] [ 20.148524][ T296] dump_stack_lvl+0x151/0x1b7 [ 20.148561][ T296] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.148577][ T296] ? avc_denied+0x1b0/0x1b0 [ 20.148600][ T296] dump_stack+0x15/0x17 [ 20.169565][ T30] audit: type=1400 audit(1697032625.986:74): avc: denied { module_request } for pid=290 comm="strace-static-x" kmod="net-pf-16-proto-4-type-16" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 20.179749][ T296] should_fail+0x3c6/0x510 [ 20.179773][ T296] __should_failslab+0xa4/0xe0 [ 20.182972][ T30] audit: type=1400 audit(1697032625.986:75): avc: denied { read } for pid=290 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 20.185651][ T296] ? vm_area_dup+0x26/0x230 [ 20.260654][ T296] should_failslab+0x9/0x20 [ 20.264926][ T296] slab_pre_alloc_hook+0x37/0xd0 [ 20.269689][ T296] ? vm_area_dup+0x26/0x230 [ 20.274027][ T296] kmem_cache_alloc+0x44/0x200 [ 20.278629][ T296] vm_area_dup+0x26/0x230 [ 20.282801][ T296] copy_mm+0x9a1/0x13e0 [ 20.286787][ T296] ? copy_signal+0x610/0x610 [ 20.291217][ T296] ? __init_rwsem+0xd6/0x1c0 [ 20.295659][ T296] ? copy_signal+0x4e3/0x610 [ 20.300067][ T296] copy_process+0x12bc/0x3260 [ 20.304622][ T296] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 20.309531][ T296] ? __kasan_check_write+0x14/0x20 [ 20.314477][ T296] kernel_clone+0x21e/0x9e0 [ 20.318835][ T296] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.323876][ T296] ? create_io_thread+0x1e0/0x1e0 [ 20.328796][ T296] __x64_sys_clone+0x23f/0x290 [ 20.333394][ T296] ? __do_sys_vfork+0x130/0x130 [ 20.338084][ T296] ? __kasan_check_read+0x11/0x20 [ 20.342940][ T296] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 20.348757][ T296] do_syscall_64+0x3d/0xb0 [ 20.353008][ T296] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.358739][ T296] RIP: 0033:0x7fee0c2830a9 [ 20.363008][ T296] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 20.382429][ T296] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 296] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 295] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 296] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 296] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] close(3) = 0 [pid 295] close(4) = -1 EBADF (Bad file descriptor) [pid 295] close(5) = -1 EBADF (Bad file descriptor) [pid 295] close(6) = -1 EBADF (Bad file descriptor) [pid 295] close(7) = -1 EBADF (Bad file descriptor) [pid 295] close(8) = -1 EBADF (Bad file descriptor) [pid 295] close(9) = -1 EBADF (Bad file descriptor) [pid 295] close(10) = -1 EBADF (Bad file descriptor) [pid 295] close(11) = -1 EBADF (Bad file descriptor) [pid 295] close(12) = -1 EBADF (Bad file descriptor) [pid 295] close(13) = -1 EBADF (Bad file descriptor) [pid 295] close(14) = -1 EBADF (Bad file descriptor) [pid 295] close(15) = -1 EBADF (Bad file descriptor) [pid 295] close(16) = -1 EBADF (Bad file descriptor) [pid 295] close(17) = -1 EBADF (Bad file descriptor) [pid 295] close(18) = -1 EBADF (Bad file descriptor) [pid 295] close(19) = -1 EBADF (Bad file descriptor) [pid 295] close(20) = -1 EBADF (Bad file descriptor) [pid 295] close(21) = -1 EBADF (Bad file descriptor) [pid 295] close(22) = -1 EBADF (Bad file descriptor) [pid 295] close(23) = -1 EBADF (Bad file descriptor) [pid 295] close(24) = -1 EBADF (Bad file descriptor) [pid 295] close(25) = -1 EBADF (Bad file descriptor) [pid 295] close(26) = -1 EBADF (Bad file descriptor) [pid 295] close(27) = -1 EBADF (Bad file descriptor) [pid 295] close(28) = -1 EBADF (Bad file descriptor) [pid 295] close(29) = -1 EBADF (Bad file descriptor) [pid 295] exit_group(0) = ? [pid 296] <... futex resumed>) = ? [pid 296] +++ exited with 0 +++ [pid 295] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 4 ./strace-static-x86_64: Process 298 attached [pid 298] set_robust_list(0x5555560296a0, 24) = 0 [pid 298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 298] setpgid(0, 0) = 0 [pid 298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 298] write(3, "1000", 4) = 4 [pid 298] close(3) = 0 [pid 298] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110 [pid 298] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110 [pid 298] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 298] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 298] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 298] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 298] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 298] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 298] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 298] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 299 attached => {parent_tid=[5]}, 88) = 5 [pid 299] set_robust_list(0x7fee0c2439a0, 24 [pid 298] rt_sigprocmask(SIG_SETMASK, [], [pid 299] <... set_robust_list resumed>) = 0 [pid 298] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 299] rt_sigprocmask(SIG_SETMASK, [], [pid 298] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 298] <... futex resumed>) = 0 [pid 299] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 298] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] <... openat resumed>) = 3 [pid 299] write(3, "65", 2) = 2 [ 20.390674][ T296] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 20.398487][ T296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 20.406305][ T296] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 20.414108][ T296] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 20.421919][ T296] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 20.429736][ T296] [pid 299] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 298] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 20.442583][ T299] FAULT_INJECTION: forcing a failure. [ 20.442583][ T299] name failslab, interval 1, probability 0, space 0, times 0 [ 20.455197][ T299] CPU: 0 PID: 299 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 20.465250][ T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 20.475146][ T299] Call Trace: [ 20.478268][ T299] [ 20.481048][ T299] dump_stack_lvl+0x151/0x1b7 [ 20.485559][ T299] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.491031][ T299] dump_stack+0x15/0x17 [ 20.495027][ T299] should_fail+0x3c6/0x510 [ 20.499276][ T299] __should_failslab+0xa4/0xe0 [ 20.504051][ T299] ? vm_area_dup+0x26/0x230 [ 20.508387][ T299] should_failslab+0x9/0x20 [ 20.512814][ T299] slab_pre_alloc_hook+0x37/0xd0 [ 20.517675][ T299] ? vm_area_dup+0x26/0x230 [ 20.522012][ T299] kmem_cache_alloc+0x44/0x200 [ 20.526613][ T299] vm_area_dup+0x26/0x230 [ 20.530792][ T299] copy_mm+0x9a1/0x13e0 [ 20.534771][ T299] ? copy_signal+0x610/0x610 [ 20.539202][ T299] ? __init_rwsem+0xd6/0x1c0 [ 20.543623][ T299] ? copy_signal+0x4e3/0x610 [ 20.548052][ T299] copy_process+0x12bc/0x3260 [ 20.552565][ T299] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 20.557535][ T299] ? __kasan_check_write+0x14/0x20 [ 20.562464][ T299] kernel_clone+0x21e/0x9e0 [ 20.566795][ T299] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.571845][ T299] ? create_io_thread+0x1e0/0x1e0 [ 20.576693][ T299] __x64_sys_clone+0x23f/0x290 [ 20.581290][ T299] ? __do_sys_vfork+0x130/0x130 [ 20.585980][ T299] ? __kasan_check_read+0x11/0x20 [ 20.591628][ T299] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 20.597442][ T299] do_syscall_64+0x3d/0xb0 [ 20.601697][ T299] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.607414][ T299] RIP: 0033:0x7fee0c2830a9 [ 20.611666][ T299] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 20.631283][ T299] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 20.639614][ T299] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 299] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 299] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 299] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 298] close(3) = 0 [pid 298] close(4) = -1 EBADF (Bad file descriptor) [pid 298] close(5) = -1 EBADF (Bad file descriptor) [pid 298] close(6) = -1 EBADF (Bad file descriptor) [pid 298] close(7) = -1 EBADF (Bad file descriptor) [pid 298] close(8) = -1 EBADF (Bad file descriptor) [pid 298] close(9) = -1 EBADF (Bad file descriptor) [pid 298] close(10) = -1 EBADF (Bad file descriptor) [pid 298] close(11) = -1 EBADF (Bad file descriptor) [pid 298] close(12) = -1 EBADF (Bad file descriptor) [pid 298] close(13) = -1 EBADF (Bad file descriptor) [pid 298] close(14) = -1 EBADF (Bad file descriptor) [pid 298] close(15) = -1 EBADF (Bad file descriptor) [pid 298] close(16) = -1 EBADF (Bad file descriptor) [pid 298] close(17) = -1 EBADF (Bad file descriptor) [pid 298] close(18) = -1 EBADF (Bad file descriptor) [pid 298] close(19) = -1 EBADF (Bad file descriptor) [pid 298] close(20) = -1 EBADF (Bad file descriptor) [pid 298] close(21) = -1 EBADF (Bad file descriptor) [pid 298] close(22) = -1 EBADF (Bad file descriptor) [pid 298] close(23) = -1 EBADF (Bad file descriptor) [pid 298] close(24) = -1 EBADF (Bad file descriptor) [pid 298] close(25) = -1 EBADF (Bad file descriptor) [pid 298] close(26) = -1 EBADF (Bad file descriptor) [pid 298] close(27) = -1 EBADF (Bad file descriptor) [pid 298] close(28) = -1 EBADF (Bad file descriptor) [pid 298] close(29) = -1 EBADF (Bad file descriptor) [pid 298] exit_group(0 [pid 299] <... futex resumed>) = ? [pid 298] <... exit_group resumed>) = ? [pid 299] +++ exited with 0 +++ [pid 298] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 6 ./strace-static-x86_64: Process 300 attached [pid 300] set_robust_list(0x5555560296a0, 24) = 0 [pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 300] setpgid(0, 0) = 0 [pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 300] write(3, "1000", 4) = 4 [pid 300] close(3) = 0 [pid 300] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 300] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 300] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 300] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 300] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 300] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 300] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 300] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 301 attached => {parent_tid=[7]}, 88) = 7 [pid 301] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 301] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 300] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 300] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 301] <... futex resumed>) = 0 [pid 301] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 301] write(3, "65", 2 [pid 300] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... write resumed>) = 2 [ 20.647425][ T299] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 20.655236][ T299] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 20.663047][ T299] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 20.670863][ T299] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 20.678671][ T299] [ 20.692350][ T301] FAULT_INJECTION: forcing a failure. [ 20.692350][ T301] name failslab, interval 1, probability 0, space 0, times 0 [ 20.704828][ T301] CPU: 1 PID: 301 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 20.714828][ T301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 20.724724][ T301] Call Trace: [ 20.727847][ T301] [ 20.730622][ T301] dump_stack_lvl+0x151/0x1b7 [ 20.735136][ T301] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.740610][ T301] dump_stack+0x15/0x17 [ 20.744597][ T301] should_fail+0x3c6/0x510 [ 20.748850][ T301] __should_failslab+0xa4/0xe0 [ 20.753454][ T301] ? vm_area_dup+0x26/0x230 [ 20.757790][ T301] should_failslab+0x9/0x20 [ 20.762130][ T301] slab_pre_alloc_hook+0x37/0xd0 [ 20.766902][ T301] ? vm_area_dup+0x26/0x230 [ 20.771240][ T301] kmem_cache_alloc+0x44/0x200 [ 20.775841][ T301] vm_area_dup+0x26/0x230 [ 20.780007][ T301] copy_mm+0x9a1/0x13e0 [ 20.784005][ T301] ? copy_signal+0x610/0x610 [ 20.788426][ T301] ? __init_rwsem+0xd6/0x1c0 [ 20.792852][ T301] ? copy_signal+0x4e3/0x610 [ 20.797277][ T301] copy_process+0x12bc/0x3260 [ 20.801792][ T301] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 20.806739][ T301] ? __kasan_check_write+0x14/0x20 [ 20.811686][ T301] kernel_clone+0x21e/0x9e0 [ 20.816026][ T301] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.821060][ T301] ? create_io_thread+0x1e0/0x1e0 [ 20.825925][ T301] __x64_sys_clone+0x23f/0x290 [ 20.830547][ T301] ? __do_sys_vfork+0x130/0x130 [ 20.835209][ T301] ? __kasan_check_read+0x11/0x20 [ 20.840069][ T301] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 20.845892][ T301] do_syscall_64+0x3d/0xb0 [ 20.850140][ T301] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.855865][ T301] RIP: 0033:0x7fee0c2830a9 [ 20.860118][ T301] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 20.879848][ T301] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 20.888254][ T301] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 301] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 300] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 301] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 301] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 300] close(3) = 0 [pid 300] close(4) = -1 EBADF (Bad file descriptor) [pid 300] close(5) = -1 EBADF (Bad file descriptor) [pid 300] close(6) = -1 EBADF (Bad file descriptor) [pid 300] close(7) = -1 EBADF (Bad file descriptor) [pid 300] close(8) = -1 EBADF (Bad file descriptor) [pid 300] close(9) = -1 EBADF (Bad file descriptor) [pid 300] close(10) = -1 EBADF (Bad file descriptor) [pid 300] close(11) = -1 EBADF (Bad file descriptor) [pid 300] close(12) = -1 EBADF (Bad file descriptor) [pid 300] close(13) = -1 EBADF (Bad file descriptor) [pid 300] close(14) = -1 EBADF (Bad file descriptor) [pid 300] close(15) = -1 EBADF (Bad file descriptor) [pid 300] close(16) = -1 EBADF (Bad file descriptor) [pid 300] close(17) = -1 EBADF (Bad file descriptor) [pid 300] close(18) = -1 EBADF (Bad file descriptor) [pid 300] close(19) = -1 EBADF (Bad file descriptor) [pid 300] close(20) = -1 EBADF (Bad file descriptor) [pid 300] close(21) = -1 EBADF (Bad file descriptor) [pid 300] close(22) = -1 EBADF (Bad file descriptor) [pid 300] close(23) = -1 EBADF (Bad file descriptor) [pid 300] close(24) = -1 EBADF (Bad file descriptor) [pid 300] close(25) = -1 EBADF (Bad file descriptor) [pid 300] close(26) = -1 EBADF (Bad file descriptor) [pid 300] close(27) = -1 EBADF (Bad file descriptor) [pid 300] close(28) = -1 EBADF (Bad file descriptor) [pid 300] close(29) = -1 EBADF (Bad file descriptor) [pid 300] exit_group(0) = ? [pid 301] <... futex resumed>) = ? [pid 301] +++ exited with 0 +++ [pid 300] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 8 ./strace-static-x86_64: Process 302 attached [pid 302] set_robust_list(0x5555560296a0, 24) = 0 [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 302] setpgid(0, 0) = 0 [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 302] write(3, "1000", 4) = 4 [pid 302] close(3) = 0 [pid 302] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110 [pid 302] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 302] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 302] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 302] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 302] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 303 attached [pid 303] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 303] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 303] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] <... clone3 resumed> => {parent_tid=[9]}, 88) = 9 [pid 302] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 302] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 303] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 303] write(3, "65", 2) = 2 [pid 303] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [ 20.896069][ T301] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 20.903886][ T301] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 20.911691][ T301] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 20.919503][ T301] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 20.927317][ T301] [ 20.950077][ T303] FAULT_INJECTION: forcing a failure. [ 20.950077][ T303] name failslab, interval 1, probability 0, space 0, times 0 [ 20.962590][ T303] CPU: 0 PID: 303 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 20.972553][ T303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 20.982450][ T303] Call Trace: [ 20.985572][ T303] [ 20.988351][ T303] dump_stack_lvl+0x151/0x1b7 [ 20.992863][ T303] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.998331][ T303] dump_stack+0x15/0x17 [ 21.002328][ T303] should_fail+0x3c6/0x510 [ 21.006575][ T303] __should_failslab+0xa4/0xe0 [ 21.011184][ T303] ? anon_vma_fork+0x1df/0x4e0 [ 21.015783][ T303] should_failslab+0x9/0x20 [ 21.020117][ T303] slab_pre_alloc_hook+0x37/0xd0 [ 21.024888][ T303] ? anon_vma_fork+0x1df/0x4e0 [ 21.029487][ T303] kmem_cache_alloc+0x44/0x200 [ 21.034096][ T303] anon_vma_fork+0x1df/0x4e0 [ 21.038514][ T303] copy_mm+0xa3a/0x13e0 [ 21.042506][ T303] ? copy_signal+0x610/0x610 [ 21.046931][ T303] ? __init_rwsem+0xd6/0x1c0 [ 21.051361][ T303] ? copy_signal+0x4e3/0x610 [ 21.055803][ T303] copy_process+0x12bc/0x3260 [ 21.060298][ T303] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 21.065244][ T303] ? __kasan_check_write+0x14/0x20 [ 21.070191][ T303] kernel_clone+0x21e/0x9e0 [ 21.074536][ T303] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.079564][ T303] ? create_io_thread+0x1e0/0x1e0 [ 21.084516][ T303] __x64_sys_clone+0x23f/0x290 [ 21.089122][ T303] ? __do_sys_vfork+0x130/0x130 [ 21.093800][ T303] ? __kasan_check_read+0x11/0x20 [ 21.098658][ T303] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 21.104477][ T303] do_syscall_64+0x3d/0xb0 [ 21.108726][ T303] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.114455][ T303] RIP: 0033:0x7fee0c2830a9 [ 21.118711][ T303] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 21.138180][ T303] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 302] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 303] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 303] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] close(3) = 0 [pid 302] close(4) = -1 EBADF (Bad file descriptor) [pid 302] close(5) = -1 EBADF (Bad file descriptor) [pid 302] close(6) = -1 EBADF (Bad file descriptor) [pid 302] close(7) = -1 EBADF (Bad file descriptor) [pid 302] close(8) = -1 EBADF (Bad file descriptor) [pid 302] close(9) = -1 EBADF (Bad file descriptor) [pid 302] close(10) = -1 EBADF (Bad file descriptor) [pid 302] close(11) = -1 EBADF (Bad file descriptor) [pid 302] close(12) = -1 EBADF (Bad file descriptor) [pid 302] close(13) = -1 EBADF (Bad file descriptor) [pid 302] close(14) = -1 EBADF (Bad file descriptor) [pid 302] close(15) = -1 EBADF (Bad file descriptor) [pid 302] close(16) = -1 EBADF (Bad file descriptor) [pid 302] close(17) = -1 EBADF (Bad file descriptor) [pid 302] close(18) = -1 EBADF (Bad file descriptor) [pid 302] close(19) = -1 EBADF (Bad file descriptor) [pid 302] close(20) = -1 EBADF (Bad file descriptor) [pid 302] close(21) = -1 EBADF (Bad file descriptor) [pid 302] close(22) = -1 EBADF (Bad file descriptor) [pid 302] close(23) = -1 EBADF (Bad file descriptor) [pid 302] close(24) = -1 EBADF (Bad file descriptor) [pid 302] close(25) = -1 EBADF (Bad file descriptor) [pid 302] close(26) = -1 EBADF (Bad file descriptor) [pid 302] close(27) = -1 EBADF (Bad file descriptor) [pid 302] close(28) = -1 EBADF (Bad file descriptor) [pid 302] close(29) = -1 EBADF (Bad file descriptor) [pid 302] exit_group(0 [pid 303] <... futex resumed>) = ? [pid 302] <... exit_group resumed>) = ? [pid 303] +++ exited with 0 +++ [pid 302] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 304 attached , child_tidptr=0x555556029690) = 10 [pid 304] set_robust_list(0x5555560296a0, 24) = 0 [pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 304] setpgid(0, 0) = 0 [pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 304] write(3, "1000", 4) = 4 [pid 304] close(3) = 0 [pid 304] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 304] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 304] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 304] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 304] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 304] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 304] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 304] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 305 attached => {parent_tid=[11]}, 88) = 11 [pid 305] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 305] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 305] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 304] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 305] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 304] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] write(3, "65", 2) = 2 [ 21.146424][ T303] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 21.154204][ T303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 21.162019][ T303] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 21.169827][ T303] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 21.177750][ T303] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 21.185826][ T303] [ 21.203630][ T305] FAULT_INJECTION: forcing a failure. [ 21.203630][ T305] name failslab, interval 1, probability 0, space 0, times 0 [ 21.216124][ T305] CPU: 0 PID: 305 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 21.226091][ T305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 21.235987][ T305] Call Trace: [ 21.239112][ T305] [ 21.241886][ T305] dump_stack_lvl+0x151/0x1b7 [ 21.246399][ T305] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.251867][ T305] dump_stack+0x15/0x17 [ 21.255865][ T305] should_fail+0x3c6/0x510 [ 21.260199][ T305] __should_failslab+0xa4/0xe0 [ 21.264798][ T305] ? anon_vma_clone+0x9a/0x500 [ 21.269399][ T305] should_failslab+0x9/0x20 [ 21.273743][ T305] slab_pre_alloc_hook+0x37/0xd0 [ 21.278511][ T305] ? anon_vma_clone+0x9a/0x500 [ 21.283125][ T305] kmem_cache_alloc+0x44/0x200 [ 21.287717][ T305] anon_vma_clone+0x9a/0x500 [ 21.292139][ T305] anon_vma_fork+0x91/0x4e0 [ 21.296565][ T305] ? anon_vma_name+0x4c/0x70 [ 21.301003][ T305] ? vm_area_dup+0x17a/0x230 [ 21.305680][ T305] copy_mm+0xa3a/0x13e0 [ 21.309670][ T305] ? copy_signal+0x610/0x610 [ 21.314100][ T305] ? __init_rwsem+0xd6/0x1c0 [ 21.318522][ T305] ? copy_signal+0x4e3/0x610 [ 21.322949][ T305] copy_process+0x12bc/0x3260 [ 21.327468][ T305] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 21.332414][ T305] ? __kasan_check_write+0x14/0x20 [ 21.337357][ T305] kernel_clone+0x21e/0x9e0 [ 21.341700][ T305] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.346736][ T305] ? create_io_thread+0x1e0/0x1e0 [ 21.351608][ T305] __x64_sys_clone+0x23f/0x290 [ 21.356190][ T305] ? __do_sys_vfork+0x130/0x130 [ 21.360877][ T305] ? __kasan_check_read+0x11/0x20 [ 21.365765][ T305] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 21.371559][ T305] do_syscall_64+0x3d/0xb0 [ 21.375809][ T305] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.381536][ T305] RIP: 0033:0x7fee0c2830a9 [ 21.385788][ T305] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 21.405234][ T305] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 21.413473][ T305] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 21.421283][ T305] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 21.429095][ T305] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 21.436908][ T305] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 21.444722][ T305] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 305] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 304] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 305] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 305] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 304] close(3) = 0 [pid 304] close(4) = -1 EBADF (Bad file descriptor) [pid 304] close(5) = -1 EBADF (Bad file descriptor) [pid 304] close(6) = -1 EBADF (Bad file descriptor) [pid 304] close(7) = -1 EBADF (Bad file descriptor) [pid 304] close(8) = -1 EBADF (Bad file descriptor) [pid 304] close(9) = -1 EBADF (Bad file descriptor) [pid 304] close(10) = -1 EBADF (Bad file descriptor) [pid 304] close(11) = -1 EBADF (Bad file descriptor) [pid 304] close(12) = -1 EBADF (Bad file descriptor) [pid 304] close(13) = -1 EBADF (Bad file descriptor) [pid 304] close(14) = -1 EBADF (Bad file descriptor) [pid 304] close(15) = -1 EBADF (Bad file descriptor) [pid 304] close(16) = -1 EBADF (Bad file descriptor) [pid 304] close(17) = -1 EBADF (Bad file descriptor) [pid 304] close(18) = -1 EBADF (Bad file descriptor) [pid 304] close(19) = -1 EBADF (Bad file descriptor) [pid 304] close(20) = -1 EBADF (Bad file descriptor) [pid 304] close(21) = -1 EBADF (Bad file descriptor) [pid 304] close(22) = -1 EBADF (Bad file descriptor) [pid 304] close(23) = -1 EBADF (Bad file descriptor) [pid 304] close(24) = -1 EBADF (Bad file descriptor) [pid 304] close(25) = -1 EBADF (Bad file descriptor) [pid 304] close(26) = -1 EBADF (Bad file descriptor) [pid 304] close(27) = -1 EBADF (Bad file descriptor) [pid 304] close(28) = -1 EBADF (Bad file descriptor) [pid 304] close(29) = -1 EBADF (Bad file descriptor) [pid 304] exit_group(0 [pid 305] <... futex resumed>) = ? [pid 304] <... exit_group resumed>) = ? [pid 305] +++ exited with 0 +++ [pid 304] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 12 ./strace-static-x86_64: Process 307 attached [pid 307] set_robust_list(0x5555560296a0, 24) = 0 [pid 307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 307] setpgid(0, 0) = 0 [pid 307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 307] write(3, "1000", 4) = 4 [pid 307] close(3) = 0 [pid 307] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 307] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 307] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 307] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 307] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 307] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 307] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 307] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 308 attached [pid 308] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 308] rt_sigprocmask(SIG_SETMASK, [], [pid 307] <... clone3 resumed> => {parent_tid=[13]}, 88) = 13 [pid 308] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 308] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 307] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 307] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 308] <... futex resumed>) = 0 [pid 308] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 307] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... openat resumed>) = 3 [pid 308] write(3, "65", 2) = 2 [ 21.452533][ T305] [pid 308] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 307] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 21.479593][ T308] FAULT_INJECTION: forcing a failure. [ 21.479593][ T308] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 21.492927][ T308] CPU: 1 PID: 308 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 21.502988][ T308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 21.512877][ T308] Call Trace: [ 21.516005][ T308] [ 21.518783][ T308] dump_stack_lvl+0x151/0x1b7 [ 21.523411][ T308] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.528873][ T308] ? arch_stack_walk+0xf3/0x140 [ 21.533559][ T308] dump_stack+0x15/0x17 [ 21.537547][ T308] should_fail+0x3c6/0x510 [ 21.541805][ T308] should_fail_alloc_page+0x5a/0x80 [ 21.546920][ T308] prepare_alloc_pages+0x15c/0x700 [ 21.551866][ T308] ? __kasan_check_write+0x14/0x20 [ 21.556817][ T308] ? __alloc_pages_bulk+0xe60/0xe60 [ 21.561847][ T308] ? copy_page_range+0x2deb/0x2f90 [ 21.566799][ T308] ? __kasan_slab_alloc+0xb1/0xe0 [ 21.571657][ T308] ? slab_post_alloc_hook+0x53/0x2c0 [ 21.576778][ T308] __alloc_pages+0x138/0x5e0 [ 21.581212][ T308] ? prep_new_page+0x110/0x110 [ 21.585805][ T308] ? avc_has_perm_noaudit+0x2dd/0x430 [ 21.591011][ T308] new_slab+0x9a/0x4e0 [ 21.594918][ T308] ___slab_alloc+0x39e/0x830 [ 21.599397][ T308] ? vm_area_dup+0x26/0x230 [ 21.603697][ T308] ? vm_area_dup+0x26/0x230 [ 21.608019][ T308] __slab_alloc+0x4a/0x90 [ 21.612186][ T308] ? vm_area_dup+0x26/0x230 [ 21.616525][ T308] kmem_cache_alloc+0x134/0x200 [ 21.621214][ T308] vm_area_dup+0x26/0x230 [ 21.625378][ T308] copy_mm+0x9a1/0x13e0 [ 21.629371][ T308] ? copy_signal+0x610/0x610 [ 21.633799][ T308] ? __init_rwsem+0xd6/0x1c0 [ 21.638227][ T308] ? copy_signal+0x4e3/0x610 [ 21.642651][ T308] copy_process+0x12bc/0x3260 [ 21.647165][ T308] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 21.652114][ T308] ? __kasan_check_write+0x14/0x20 [ 21.657059][ T308] kernel_clone+0x21e/0x9e0 [ 21.661398][ T308] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.666461][ T308] ? create_io_thread+0x1e0/0x1e0 [ 21.671300][ T308] __x64_sys_clone+0x23f/0x290 [ 21.675894][ T308] ? __do_sys_vfork+0x130/0x130 [ 21.680586][ T308] ? __kasan_check_read+0x11/0x20 [ 21.685459][ T308] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 21.691648][ T308] do_syscall_64+0x3d/0xb0 [ 21.695985][ T308] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.701741][ T308] RIP: 0033:0x7fee0c2830a9 [ 21.705966][ T308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 308] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 308] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 308] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 307] close(3) = 0 [pid 307] close(4) = -1 EBADF (Bad file descriptor) [pid 307] close(5) = -1 EBADF (Bad file descriptor) [pid 307] close(6) = -1 EBADF (Bad file descriptor) [pid 307] close(7) = -1 EBADF (Bad file descriptor) [pid 307] close(8) = -1 EBADF (Bad file descriptor) [pid 307] close(9) = -1 EBADF (Bad file descriptor) [pid 307] close(10) = -1 EBADF (Bad file descriptor) [pid 307] close(11) = -1 EBADF (Bad file descriptor) [pid 307] close(12) = -1 EBADF (Bad file descriptor) [pid 307] close(13) = -1 EBADF (Bad file descriptor) [pid 307] close(14) = -1 EBADF (Bad file descriptor) [pid 307] close(15) = -1 EBADF (Bad file descriptor) [pid 307] close(16) = -1 EBADF (Bad file descriptor) [pid 307] close(17) = -1 EBADF (Bad file descriptor) [pid 307] close(18) = -1 EBADF (Bad file descriptor) [pid 307] close(19) = -1 EBADF (Bad file descriptor) [pid 307] close(20) = -1 EBADF (Bad file descriptor) [pid 307] close(21) = -1 EBADF (Bad file descriptor) [pid 307] close(22) = -1 EBADF (Bad file descriptor) [pid 307] close(23) = -1 EBADF (Bad file descriptor) [pid 307] close(24) = -1 EBADF (Bad file descriptor) [pid 307] close(25) = -1 EBADF (Bad file descriptor) [pid 307] close(26) = -1 EBADF (Bad file descriptor) [pid 307] close(27) = -1 EBADF (Bad file descriptor) [pid 307] close(28) = -1 EBADF (Bad file descriptor) [pid 307] close(29) = -1 EBADF (Bad file descriptor) [pid 307] exit_group(0 [pid 308] <... futex resumed>) = ? [pid 307] <... exit_group resumed>) = ? [pid 308] +++ exited with 0 +++ [pid 307] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 14 ./strace-static-x86_64: Process 309 attached [pid 309] set_robust_list(0x5555560296a0, 24) = 0 [pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 309] setpgid(0, 0) = 0 [pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 309] write(3, "1000", 4) = 4 [pid 309] close(3) = 0 [pid 309] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 309] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 309] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 309] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 309] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 309] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 309] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 309] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[15]}, 88) = 15 [pid 309] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 309] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 309] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 310 attached [pid 310] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 310] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 310] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 310] write(3, "65", 2) = 2 [ 21.725569][ T308] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 21.733890][ T308] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 21.741710][ T308] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 21.749535][ T308] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 21.757322][ T308] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 21.765142][ T308] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 21.773209][ T308] [ 21.790905][ T310] FAULT_INJECTION: forcing a failure. [ 21.790905][ T310] name failslab, interval 1, probability 0, space 0, times 0 [ 21.803511][ T310] CPU: 1 PID: 310 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 21.813555][ T310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 21.823449][ T310] Call Trace: [ 21.826569][ T310] [ 21.829347][ T310] dump_stack_lvl+0x151/0x1b7 [ 21.833864][ T310] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.839331][ T310] dump_stack+0x15/0x17 [ 21.843322][ T310] should_fail+0x3c6/0x510 [ 21.847578][ T310] __should_failslab+0xa4/0xe0 [ 21.852173][ T310] ? vm_area_dup+0x26/0x230 [ 21.856513][ T310] should_failslab+0x9/0x20 [ 21.860853][ T310] slab_pre_alloc_hook+0x37/0xd0 [ 21.865629][ T310] ? vm_area_dup+0x26/0x230 [ 21.869965][ T310] kmem_cache_alloc+0x44/0x200 [ 21.874564][ T310] vm_area_dup+0x26/0x230 [ 21.878736][ T310] copy_mm+0x9a1/0x13e0 [ 21.882723][ T310] ? copy_signal+0x610/0x610 [ 21.887160][ T310] ? __init_rwsem+0xd6/0x1c0 [ 21.891575][ T310] ? copy_signal+0x4e3/0x610 [ 21.896003][ T310] copy_process+0x12bc/0x3260 [ 21.900525][ T310] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 21.905460][ T310] ? __kasan_check_write+0x14/0x20 [ 21.910409][ T310] kernel_clone+0x21e/0x9e0 [ 21.914748][ T310] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.919785][ T310] ? create_io_thread+0x1e0/0x1e0 [ 21.924644][ T310] __x64_sys_clone+0x23f/0x290 [ 21.929243][ T310] ? __do_sys_vfork+0x130/0x130 [ 21.933944][ T310] ? __kasan_check_read+0x11/0x20 [ 21.938891][ T310] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 21.944792][ T310] do_syscall_64+0x3d/0xb0 [ 21.949042][ T310] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.954769][ T310] RIP: 0033:0x7fee0c2830a9 [ 21.959022][ T310] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 21.978464][ T310] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 310] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 309] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 310] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] close(3 [pid 310] <... futex resumed>) = 0 [pid 309] <... close resumed>) = 0 [pid 310] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 309] close(4) = -1 EBADF (Bad file descriptor) [pid 309] close(5) = -1 EBADF (Bad file descriptor) [pid 309] close(6) = -1 EBADF (Bad file descriptor) [pid 309] close(7) = -1 EBADF (Bad file descriptor) [pid 309] close(8) = -1 EBADF (Bad file descriptor) [pid 309] close(9) = -1 EBADF (Bad file descriptor) [pid 309] close(10) = -1 EBADF (Bad file descriptor) [pid 309] close(11) = -1 EBADF (Bad file descriptor) [pid 309] close(12) = -1 EBADF (Bad file descriptor) [pid 309] close(13) = -1 EBADF (Bad file descriptor) [pid 309] close(14) = -1 EBADF (Bad file descriptor) [pid 309] close(15) = -1 EBADF (Bad file descriptor) [pid 309] close(16) = -1 EBADF (Bad file descriptor) [pid 309] close(17) = -1 EBADF (Bad file descriptor) [pid 309] close(18) = -1 EBADF (Bad file descriptor) [pid 309] close(19) = -1 EBADF (Bad file descriptor) [pid 309] close(20) = -1 EBADF (Bad file descriptor) [pid 309] close(21) = -1 EBADF (Bad file descriptor) [pid 309] close(22) = -1 EBADF (Bad file descriptor) [pid 309] close(23) = -1 EBADF (Bad file descriptor) [pid 309] close(24) = -1 EBADF (Bad file descriptor) [pid 309] close(25) = -1 EBADF (Bad file descriptor) [pid 309] close(26) = -1 EBADF (Bad file descriptor) [pid 309] close(27) = -1 EBADF (Bad file descriptor) [pid 309] close(28) = -1 EBADF (Bad file descriptor) [pid 309] close(29) = -1 EBADF (Bad file descriptor) [pid 309] exit_group(0) = ? [pid 310] <... futex resumed>) = ? [pid 310] +++ exited with 0 +++ [pid 309] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 16 ./strace-static-x86_64: Process 311 attached [pid 311] set_robust_list(0x5555560296a0, 24) = 0 [pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 311] setpgid(0, 0) = 0 [pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 311] write(3, "1000", 4) = 4 [pid 311] close(3) = 0 [pid 311] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 311] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 311] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 311] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 311] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 311] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 311] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[17]}, 88) = 17 ./strace-static-x86_64: Process 312 attached [pid 311] rt_sigprocmask(SIG_SETMASK, [], [pid 312] set_robust_list(0x7fee0c2439a0, 24 [pid 311] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 312] <... set_robust_list resumed>) = 0 [pid 311] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 312] rt_sigprocmask(SIG_SETMASK, [], [pid 311] <... futex resumed>) = 0 [pid 312] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 311] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 312] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 312] write(3, "65", 2) = 2 [ 21.986710][ T310] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 21.994519][ T310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 22.002337][ T310] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 22.010143][ T310] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 22.018039][ T310] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 22.025853][ T310] [ 22.042488][ T312] FAULT_INJECTION: forcing a failure. [ 22.042488][ T312] name failslab, interval 1, probability 0, space 0, times 0 [ 22.054911][ T312] CPU: 0 PID: 312 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 22.064949][ T312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 22.074842][ T312] Call Trace: [ 22.077969][ T312] [ 22.080744][ T312] dump_stack_lvl+0x151/0x1b7 [ 22.085260][ T312] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.090726][ T312] dump_stack+0x15/0x17 [ 22.094721][ T312] should_fail+0x3c6/0x510 [ 22.098972][ T312] __should_failslab+0xa4/0xe0 [ 22.103568][ T312] ? anon_vma_clone+0x9a/0x500 [ 22.108168][ T312] should_failslab+0x9/0x20 [ 22.112509][ T312] slab_pre_alloc_hook+0x37/0xd0 [ 22.117287][ T312] ? anon_vma_clone+0x9a/0x500 [ 22.121973][ T312] kmem_cache_alloc+0x44/0x200 [ 22.126575][ T312] anon_vma_clone+0x9a/0x500 [ 22.130998][ T312] anon_vma_fork+0x91/0x4e0 [ 22.135335][ T312] ? anon_vma_name+0x4c/0x70 [ 22.139764][ T312] ? vm_area_dup+0x17a/0x230 [ 22.144192][ T312] copy_mm+0xa3a/0x13e0 [ 22.148181][ T312] ? copy_signal+0x610/0x610 [ 22.152694][ T312] ? __init_rwsem+0xd6/0x1c0 [ 22.157120][ T312] ? copy_signal+0x4e3/0x610 [ 22.161545][ T312] copy_process+0x12bc/0x3260 [ 22.166068][ T312] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 22.171008][ T312] ? __kasan_check_write+0x14/0x20 [ 22.175954][ T312] kernel_clone+0x21e/0x9e0 [ 22.180292][ T312] ? _raw_spin_unlock_irq+0x4e/0x70 [ 22.185326][ T312] ? create_io_thread+0x1e0/0x1e0 [ 22.190187][ T312] __x64_sys_clone+0x23f/0x290 [ 22.194785][ T312] ? __do_sys_vfork+0x130/0x130 [ 22.199476][ T312] ? __kasan_check_read+0x11/0x20 [ 22.204339][ T312] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 22.210155][ T312] do_syscall_64+0x3d/0xb0 [ 22.214403][ T312] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.220135][ T312] RIP: 0033:0x7fee0c2830a9 [ 22.224387][ T312] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 22.245133][ T312] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 22.253379][ T312] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 22.261185][ T312] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 22.268995][ T312] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 22.276806][ T312] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 22.284618][ T312] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 312] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 311] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 312] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 312] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 312] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 311] close(3) = 0 [pid 311] close(4) = -1 EBADF (Bad file descriptor) [pid 311] close(5) = -1 EBADF (Bad file descriptor) [pid 311] close(6) = -1 EBADF (Bad file descriptor) [pid 311] close(7) = -1 EBADF (Bad file descriptor) [pid 311] close(8) = -1 EBADF (Bad file descriptor) [pid 311] close(9) = -1 EBADF (Bad file descriptor) [pid 311] close(10) = -1 EBADF (Bad file descriptor) [pid 311] close(11) = -1 EBADF (Bad file descriptor) [pid 311] close(12) = -1 EBADF (Bad file descriptor) [pid 311] close(13) = -1 EBADF (Bad file descriptor) [pid 311] close(14) = -1 EBADF (Bad file descriptor) [pid 311] close(15) = -1 EBADF (Bad file descriptor) [pid 311] close(16) = -1 EBADF (Bad file descriptor) [pid 311] close(17) = -1 EBADF (Bad file descriptor) [pid 311] close(18) = -1 EBADF (Bad file descriptor) [pid 311] close(19) = -1 EBADF (Bad file descriptor) [pid 311] close(20) = -1 EBADF (Bad file descriptor) [pid 311] close(21) = -1 EBADF (Bad file descriptor) [pid 311] close(22) = -1 EBADF (Bad file descriptor) [pid 311] close(23) = -1 EBADF (Bad file descriptor) [pid 311] close(24) = -1 EBADF (Bad file descriptor) [pid 311] close(25) = -1 EBADF (Bad file descriptor) [pid 311] close(26) = -1 EBADF (Bad file descriptor) [pid 311] close(27) = -1 EBADF (Bad file descriptor) [pid 311] close(28) = -1 EBADF (Bad file descriptor) [pid 311] close(29) = -1 EBADF (Bad file descriptor) [pid 311] exit_group(0 [pid 312] <... futex resumed>) = ? [pid 311] <... exit_group resumed>) = ? [pid 312] +++ exited with 0 +++ [pid 311] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 18 ./strace-static-x86_64: Process 313 attached [pid 313] set_robust_list(0x5555560296a0, 24) = 0 [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 313] setpgid(0, 0) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 313] close(3) = 0 [pid 313] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 313] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 313] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 313] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 313] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 313] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 313] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 313] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 314 attached => {parent_tid=[19]}, 88) = 19 [pid 314] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 314] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 314] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 313] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 313] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 314] <... futex resumed>) = 0 [pid 314] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 313] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 314] write(3, "65", 2) = 2 [ 22.292433][ T312] [ 22.309614][ T314] FAULT_INJECTION: forcing a failure. [ 22.309614][ T314] name failslab, interval 1, probability 0, space 0, times 0 [ 22.322115][ T314] CPU: 0 PID: 314 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 22.332071][ T314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 22.341966][ T314] Call Trace: [ 22.345089][ T314] [ 22.347867][ T314] dump_stack_lvl+0x151/0x1b7 [ 22.352382][ T314] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.357854][ T314] dump_stack+0x15/0x17 [ 22.361840][ T314] should_fail+0x3c6/0x510 [ 22.366097][ T314] __should_failslab+0xa4/0xe0 [ 22.370695][ T314] ? vm_area_dup+0x26/0x230 [ 22.375031][ T314] should_failslab+0x9/0x20 [ 22.379380][ T314] slab_pre_alloc_hook+0x37/0xd0 [ 22.384240][ T314] ? vm_area_dup+0x26/0x230 [ 22.388587][ T314] kmem_cache_alloc+0x44/0x200 [ 22.393177][ T314] vm_area_dup+0x26/0x230 [ 22.397346][ T314] copy_mm+0x9a1/0x13e0 [ 22.401339][ T314] ? copy_signal+0x610/0x610 [ 22.405761][ T314] ? __init_rwsem+0xd6/0x1c0 [ 22.410188][ T314] ? copy_signal+0x4e3/0x610 [ 22.414616][ T314] copy_process+0x12bc/0x3260 [ 22.419226][ T314] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 22.424163][ T314] ? __kasan_check_write+0x14/0x20 [ 22.429108][ T314] kernel_clone+0x21e/0x9e0 [ 22.433456][ T314] ? _raw_spin_unlock_irq+0x4e/0x70 [ 22.438483][ T314] ? create_io_thread+0x1e0/0x1e0 [ 22.443343][ T314] __x64_sys_clone+0x23f/0x290 [ 22.447944][ T314] ? __do_sys_vfork+0x130/0x130 [ 22.452631][ T314] ? __kasan_check_read+0x11/0x20 [ 22.457494][ T314] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 22.463478][ T314] do_syscall_64+0x3d/0xb0 [ 22.467819][ T314] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.473547][ T314] RIP: 0033:0x7fee0c2830a9 [ 22.477799][ T314] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 22.497244][ T314] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 22.505492][ T314] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 22.513300][ T314] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 22.521109][ T314] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 22.528921][ T314] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 22.536816][ T314] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 314] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 313] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 314] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 314] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 314] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 313] close(3) = 0 [pid 313] close(4) = -1 EBADF (Bad file descriptor) [pid 313] close(5) = -1 EBADF (Bad file descriptor) [pid 313] close(6) = -1 EBADF (Bad file descriptor) [pid 313] close(7) = -1 EBADF (Bad file descriptor) [pid 313] close(8) = -1 EBADF (Bad file descriptor) [pid 313] close(9) = -1 EBADF (Bad file descriptor) [pid 313] close(10) = -1 EBADF (Bad file descriptor) [pid 313] close(11) = -1 EBADF (Bad file descriptor) [pid 313] close(12) = -1 EBADF (Bad file descriptor) [pid 313] close(13) = -1 EBADF (Bad file descriptor) [pid 313] close(14) = -1 EBADF (Bad file descriptor) [pid 313] close(15) = -1 EBADF (Bad file descriptor) [pid 313] close(16) = -1 EBADF (Bad file descriptor) [pid 313] close(17) = -1 EBADF (Bad file descriptor) [pid 313] close(18) = -1 EBADF (Bad file descriptor) [pid 313] close(19) = -1 EBADF (Bad file descriptor) [pid 313] close(20) = -1 EBADF (Bad file descriptor) [pid 313] close(21) = -1 EBADF (Bad file descriptor) [pid 313] close(22) = -1 EBADF (Bad file descriptor) [pid 313] close(23) = -1 EBADF (Bad file descriptor) [pid 313] close(24) = -1 EBADF (Bad file descriptor) [pid 313] close(25) = -1 EBADF (Bad file descriptor) [pid 313] close(26) = -1 EBADF (Bad file descriptor) [pid 313] close(27) = -1 EBADF (Bad file descriptor) [pid 313] close(28) = -1 EBADF (Bad file descriptor) [pid 313] close(29) = -1 EBADF (Bad file descriptor) [pid 313] exit_group(0) = ? [pid 314] <... futex resumed>) = ? [pid 314] +++ exited with 0 +++ [pid 313] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 316 attached , child_tidptr=0x555556029690) = 20 [pid 316] set_robust_list(0x5555560296a0, 24) = 0 [pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 316] setpgid(0, 0) = 0 [pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 316] write(3, "1000", 4) = 4 [pid 316] close(3) = 0 [pid 316] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 316] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 316] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 316] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 316] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 316] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 316] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 316] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 317 attached => {parent_tid=[21]}, 88) = 21 [pid 317] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 317] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 317] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 316] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 316] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 317] <... futex resumed>) = 0 [pid 317] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 316] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 317] <... openat resumed>) = 3 [pid 317] write(3, "65", 2) = 2 [ 22.545066][ T314] [ 22.565737][ T317] FAULT_INJECTION: forcing a failure. [ 22.565737][ T317] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 22.578867][ T317] CPU: 1 PID: 317 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 22.588929][ T317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 22.598830][ T317] Call Trace: [ 22.601939][ T317] [ 22.604738][ T317] dump_stack_lvl+0x151/0x1b7 [ 22.609230][ T317] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.615062][ T317] ? arch_stack_walk+0xf3/0x140 [ 22.619736][ T317] dump_stack+0x15/0x17 [ 22.623723][ T317] should_fail+0x3c6/0x510 [ 22.627975][ T317] should_fail_alloc_page+0x5a/0x80 [ 22.633025][ T317] prepare_alloc_pages+0x15c/0x700 [ 22.637957][ T317] ? __alloc_pages_bulk+0xe60/0xe60 [ 22.642989][ T317] ? __kasan_slab_alloc+0xc3/0xe0 [ 22.647853][ T317] __alloc_pages+0x138/0x5e0 [ 22.652363][ T317] ? prep_new_page+0x110/0x110 [ 22.657067][ T317] new_slab+0x9a/0x4e0 [ 22.660982][ T317] ___slab_alloc+0x39e/0x830 [ 22.665382][ T317] ? anon_vma_clone+0x9a/0x500 [ 22.669988][ T317] ? anon_vma_clone+0x9a/0x500 [ 22.674580][ T317] __slab_alloc+0x4a/0x90 [ 22.678768][ T317] ? anon_vma_clone+0x9a/0x500 [ 22.683436][ T317] kmem_cache_alloc+0x134/0x200 [ 22.688124][ T317] anon_vma_clone+0x9a/0x500 [ 22.692561][ T317] anon_vma_fork+0x91/0x4e0 [ 22.696888][ T317] ? anon_vma_name+0x43/0x70 [ 22.701313][ T317] ? vm_area_dup+0x17a/0x230 [ 22.705737][ T317] copy_mm+0xa3a/0x13e0 [ 22.709735][ T317] ? copy_signal+0x610/0x610 [ 22.714158][ T317] ? __init_rwsem+0xd6/0x1c0 [ 22.718585][ T317] ? copy_signal+0x4e3/0x610 [ 22.723102][ T317] copy_process+0x12bc/0x3260 [ 22.727615][ T317] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 22.732952][ T317] ? __kasan_check_write+0x14/0x20 [ 22.737904][ T317] kernel_clone+0x21e/0x9e0 [ 22.742239][ T317] ? _raw_spin_unlock_irq+0x4e/0x70 [ 22.747270][ T317] ? create_io_thread+0x1e0/0x1e0 [ 22.752136][ T317] __x64_sys_clone+0x23f/0x290 [ 22.756730][ T317] ? __do_sys_vfork+0x130/0x130 [ 22.761515][ T317] ? __kasan_check_read+0x11/0x20 [ 22.766371][ T317] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 22.772195][ T317] do_syscall_64+0x3d/0xb0 [ 22.776434][ T317] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.782168][ T317] RIP: 0033:0x7fee0c2830a9 [ 22.786414][ T317] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 22.805861][ T317] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 317] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 316] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 317] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 317] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 317] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 316] close(3) = 0 [pid 316] close(4) = -1 EBADF (Bad file descriptor) [pid 316] close(5) = -1 EBADF (Bad file descriptor) [pid 316] close(6) = -1 EBADF (Bad file descriptor) [pid 316] close(7) = -1 EBADF (Bad file descriptor) [pid 316] close(8) = -1 EBADF (Bad file descriptor) [pid 316] close(9) = -1 EBADF (Bad file descriptor) [pid 316] close(10) = -1 EBADF (Bad file descriptor) [pid 316] close(11) = -1 EBADF (Bad file descriptor) [pid 316] close(12) = -1 EBADF (Bad file descriptor) [pid 316] close(13) = -1 EBADF (Bad file descriptor) [pid 316] close(14) = -1 EBADF (Bad file descriptor) [pid 316] close(15) = -1 EBADF (Bad file descriptor) [pid 316] close(16) = -1 EBADF (Bad file descriptor) [pid 316] close(17) = -1 EBADF (Bad file descriptor) [pid 316] close(18) = -1 EBADF (Bad file descriptor) [pid 316] close(19) = -1 EBADF (Bad file descriptor) [pid 316] close(20) = -1 EBADF (Bad file descriptor) [pid 316] close(21) = -1 EBADF (Bad file descriptor) [pid 316] close(22) = -1 EBADF (Bad file descriptor) [pid 316] close(23) = -1 EBADF (Bad file descriptor) [pid 316] close(24) = -1 EBADF (Bad file descriptor) [pid 316] close(25) = -1 EBADF (Bad file descriptor) [pid 316] close(26) = -1 EBADF (Bad file descriptor) [pid 316] close(27) = -1 EBADF (Bad file descriptor) [pid 316] close(28) = -1 EBADF (Bad file descriptor) [pid 316] close(29) = -1 EBADF (Bad file descriptor) [pid 316] exit_group(0 [pid 317] <... futex resumed>) = ? [pid 316] <... exit_group resumed>) = ? [pid 317] +++ exited with 0 +++ [pid 316] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 22 ./strace-static-x86_64: Process 318 attached [pid 318] set_robust_list(0x5555560296a0, 24) = 0 [pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 318] setpgid(0, 0) = 0 [pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 318] write(3, "1000", 4) = 4 [pid 318] close(3) = 0 [pid 318] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 318] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 318] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 318] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 318] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 318] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 318] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 318] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 319 attached [pid 319] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 319] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 318] <... clone3 resumed> => {parent_tid=[23]}, 88) = 23 [pid 319] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 318] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 318] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 319] <... futex resumed>) = 0 [pid 319] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 318] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 319] <... openat resumed>) = 3 [pid 319] write(3, "65", 2) = 2 [ 22.814099][ T317] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 22.821914][ T317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 22.829723][ T317] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 22.837535][ T317] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 22.845346][ T317] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 22.853244][ T317] [pid 319] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 318] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 22.875084][ T319] FAULT_INJECTION: forcing a failure. [ 22.875084][ T319] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 22.888169][ T319] CPU: 0 PID: 319 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 22.898152][ T319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 22.908046][ T319] Call Trace: [ 22.911169][ T319] [ 22.913950][ T319] dump_stack_lvl+0x151/0x1b7 [ 22.918461][ T319] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.923929][ T319] ? __alloc_pages+0x206/0x5e0 [ 22.928528][ T319] dump_stack+0x15/0x17 [ 22.932519][ T319] should_fail+0x3c6/0x510 [ 22.936775][ T319] should_fail_alloc_page+0x5a/0x80 [ 22.941813][ T319] prepare_alloc_pages+0x15c/0x700 [ 22.946755][ T319] ? __alloc_pages_bulk+0xe60/0xe60 [ 22.951797][ T319] __alloc_pages+0x138/0x5e0 [ 22.956223][ T319] ? prep_new_page+0x110/0x110 [ 22.960816][ T319] ? __alloc_pages+0x206/0x5e0 [ 22.965413][ T319] ? prep_new_page+0x110/0x110 [ 22.970014][ T319] ? __kasan_check_write+0x14/0x20 [ 22.974959][ T319] ? _raw_spin_lock+0xa4/0x1b0 [ 22.979561][ T319] pte_alloc_one+0x73/0x1b0 [ 22.983906][ T319] ? pfn_modify_allowed+0x2f0/0x2f0 [ 22.989025][ T319] ? __pmd_alloc+0x48d/0x550 [ 22.993544][ T319] __pte_alloc+0x86/0x350 [ 22.997787][ T319] ? __pud_alloc+0x260/0x260 [ 23.002386][ T319] ? free_pgtables+0x280/0x280 [ 23.006986][ T319] ? __stack_depot_save+0x34/0x470 [ 23.011931][ T319] ? anon_vma_clone+0x9a/0x500 [ 23.016564][ T319] copy_page_range+0x28a8/0x2f90 [ 23.021330][ T319] ? __kasan_slab_alloc+0xb1/0xe0 [ 23.026168][ T319] ? slab_post_alloc_hook+0x53/0x2c0 [ 23.031287][ T319] ? kernel_clone+0x21e/0x9e0 [ 23.035798][ T319] ? do_syscall_64+0x3d/0xb0 [ 23.040229][ T319] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.046132][ T319] ? pfn_valid+0x1e0/0x1e0 [ 23.050382][ T319] ? rwsem_write_trylock+0x15b/0x290 [ 23.055514][ T319] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 23.061751][ T319] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 23.067306][ T319] ? __rb_insert_augmented+0x5de/0x610 [ 23.072602][ T319] copy_mm+0xc7e/0x13e0 [ 23.076597][ T319] ? copy_signal+0x610/0x610 [ 23.081019][ T319] ? __init_rwsem+0xd6/0x1c0 [ 23.085451][ T319] ? copy_signal+0x4e3/0x610 [ 23.089872][ T319] copy_process+0x12bc/0x3260 [ 23.094564][ T319] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 23.099504][ T319] ? __kasan_check_write+0x14/0x20 [ 23.104456][ T319] kernel_clone+0x21e/0x9e0 [ 23.108794][ T319] ? _raw_spin_unlock_irq+0x4e/0x70 [ 23.114171][ T319] ? create_io_thread+0x1e0/0x1e0 [ 23.119038][ T319] __x64_sys_clone+0x23f/0x290 [ 23.123635][ T319] ? __do_sys_vfork+0x130/0x130 [ 23.128320][ T319] ? __kasan_check_read+0x11/0x20 [ 23.133192][ T319] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 23.139262][ T319] do_syscall_64+0x3d/0xb0 [ 23.143519][ T319] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.149309][ T319] RIP: 0033:0x7fee0c2830a9 [ 23.153490][ T319] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 319] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 319] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 319] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 318] close(3) = 0 [pid 318] close(4) = -1 EBADF (Bad file descriptor) [pid 318] close(5) = -1 EBADF (Bad file descriptor) [pid 318] close(6) = -1 EBADF (Bad file descriptor) [pid 318] close(7) = -1 EBADF (Bad file descriptor) [pid 318] close(8) = -1 EBADF (Bad file descriptor) [pid 318] close(9) = -1 EBADF (Bad file descriptor) [pid 318] close(10) = -1 EBADF (Bad file descriptor) [pid 318] close(11) = -1 EBADF (Bad file descriptor) [pid 318] close(12) = -1 EBADF (Bad file descriptor) [pid 318] close(13) = -1 EBADF (Bad file descriptor) [pid 318] close(14) = -1 EBADF (Bad file descriptor) [pid 318] close(15) = -1 EBADF (Bad file descriptor) [pid 318] close(16) = -1 EBADF (Bad file descriptor) [pid 318] close(17) = -1 EBADF (Bad file descriptor) [pid 318] close(18) = -1 EBADF (Bad file descriptor) [pid 318] close(19) = -1 EBADF (Bad file descriptor) [pid 318] close(20) = -1 EBADF (Bad file descriptor) [pid 318] close(21) = -1 EBADF (Bad file descriptor) [pid 318] close(22) = -1 EBADF (Bad file descriptor) [pid 318] close(23) = -1 EBADF (Bad file descriptor) [pid 318] close(24) = -1 EBADF (Bad file descriptor) [pid 318] close(25) = -1 EBADF (Bad file descriptor) [pid 318] close(26) = -1 EBADF (Bad file descriptor) [pid 318] close(27) = -1 EBADF (Bad file descriptor) [pid 318] close(28) = -1 EBADF (Bad file descriptor) [pid 318] close(29) = -1 EBADF (Bad file descriptor) [pid 318] exit_group(0 [pid 319] <... futex resumed>) = ? [pid 318] <... exit_group resumed>) = ? [pid 319] +++ exited with 0 +++ [pid 318] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 24 ./strace-static-x86_64: Process 320 attached [pid 320] set_robust_list(0x5555560296a0, 24) = 0 [pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 320] setpgid(0, 0) = 0 [pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 320] write(3, "1000", 4) = 4 [pid 320] close(3) = 0 [pid 320] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 320] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 320] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 320] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 320] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 320] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 320] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 321 attached [pid 321] set_robust_list(0x7fee0c2439a0, 24 [pid 320] <... clone3 resumed> => {parent_tid=[25]}, 88) = 25 [pid 321] <... set_robust_list resumed>) = 0 [pid 320] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 321] rt_sigprocmask(SIG_SETMASK, [], [pid 320] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 321] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 321] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 320] <... futex resumed>) = 0 [pid 320] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 321] write(3, "65", 2) = 2 [ 23.172937][ T319] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 23.181173][ T319] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 23.188986][ T319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 23.196799][ T319] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 23.204614][ T319] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 23.212421][ T319] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 23.220242][ T319] [ 23.238576][ T321] FAULT_INJECTION: forcing a failure. [ 23.238576][ T321] name failslab, interval 1, probability 0, space 0, times 0 [ 23.251101][ T321] CPU: 0 PID: 321 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.261211][ T321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 23.271114][ T321] Call Trace: [ 23.274228][ T321] [ 23.277094][ T321] dump_stack_lvl+0x151/0x1b7 [ 23.281607][ T321] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.287078][ T321] ? avc_denied+0x1b0/0x1b0 [ 23.291414][ T321] dump_stack+0x15/0x17 [ 23.295415][ T321] should_fail+0x3c6/0x510 [ 23.299657][ T321] __should_failslab+0xa4/0xe0 [ 23.304265][ T321] ? vm_area_dup+0x26/0x230 [ 23.308602][ T321] should_failslab+0x9/0x20 [ 23.312938][ T321] slab_pre_alloc_hook+0x37/0xd0 [ 23.317710][ T321] ? vm_area_dup+0x26/0x230 [ 23.322049][ T321] kmem_cache_alloc+0x44/0x200 [ 23.326651][ T321] vm_area_dup+0x26/0x230 [ 23.330818][ T321] copy_mm+0x9a1/0x13e0 [ 23.334809][ T321] ? copy_signal+0x610/0x610 [ 23.339233][ T321] ? __init_rwsem+0xd6/0x1c0 [ 23.343659][ T321] ? copy_signal+0x4e3/0x610 [ 23.348090][ T321] copy_process+0x12bc/0x3260 [ 23.352603][ T321] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 23.357550][ T321] ? __kasan_check_write+0x14/0x20 [ 23.362495][ T321] kernel_clone+0x21e/0x9e0 [ 23.366844][ T321] ? _raw_spin_unlock_irq+0x4e/0x70 [ 23.371869][ T321] ? create_io_thread+0x1e0/0x1e0 [ 23.376743][ T321] __x64_sys_clone+0x23f/0x290 [ 23.381327][ T321] ? __do_sys_vfork+0x130/0x130 [ 23.386016][ T321] ? __kasan_check_read+0x11/0x20 [ 23.390886][ T321] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 23.396692][ T321] do_syscall_64+0x3d/0xb0 [ 23.400942][ T321] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.406674][ T321] RIP: 0033:0x7fee0c2830a9 [ 23.410925][ T321] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 23.430369][ T321] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 321] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 320] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 321] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 321] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 320] close(3) = 0 [pid 320] close(4) = -1 EBADF (Bad file descriptor) [pid 320] close(5) = -1 EBADF (Bad file descriptor) [pid 320] close(6) = -1 EBADF (Bad file descriptor) [pid 320] close(7) = -1 EBADF (Bad file descriptor) [pid 320] close(8) = -1 EBADF (Bad file descriptor) [pid 320] close(9) = -1 EBADF (Bad file descriptor) [pid 320] close(10) = -1 EBADF (Bad file descriptor) [pid 320] close(11) = -1 EBADF (Bad file descriptor) [pid 320] close(12) = -1 EBADF (Bad file descriptor) [pid 320] close(13) = -1 EBADF (Bad file descriptor) [pid 320] close(14) = -1 EBADF (Bad file descriptor) [pid 320] close(15) = -1 EBADF (Bad file descriptor) [pid 320] close(16) = -1 EBADF (Bad file descriptor) [pid 320] close(17) = -1 EBADF (Bad file descriptor) [pid 320] close(18) = -1 EBADF (Bad file descriptor) [pid 320] close(19) = -1 EBADF (Bad file descriptor) [pid 320] close(20) = -1 EBADF (Bad file descriptor) [pid 320] close(21) = -1 EBADF (Bad file descriptor) [pid 320] close(22) = -1 EBADF (Bad file descriptor) [pid 320] close(23) = -1 EBADF (Bad file descriptor) [pid 320] close(24) = -1 EBADF (Bad file descriptor) [pid 320] close(25) = -1 EBADF (Bad file descriptor) [pid 320] close(26) = -1 EBADF (Bad file descriptor) [pid 320] close(27) = -1 EBADF (Bad file descriptor) [pid 320] close(28) = -1 EBADF (Bad file descriptor) [pid 320] close(29) = -1 EBADF (Bad file descriptor) [pid 320] exit_group(0 [pid 321] <... futex resumed>) = ? [pid 320] <... exit_group resumed>) = ? [pid 321] +++ exited with 0 +++ [pid 320] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 26 ./strace-static-x86_64: Process 322 attached [pid 322] set_robust_list(0x5555560296a0, 24) = 0 [pid 322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 322] setpgid(0, 0) = 0 [pid 322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 322] write(3, "1000", 4) = 4 [pid 322] close(3) = 0 [pid 322] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 322] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 322] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 322] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 322] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 322] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 322] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 322] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 323 attached [pid 323] set_robust_list(0x7fee0c2439a0, 24 [pid 322] <... clone3 resumed> => {parent_tid=[27]}, 88) = 27 [pid 322] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 322] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 322] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 323] <... set_robust_list resumed>) = 0 [pid 323] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 323] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 323] write(3, "65", 2) = 2 [ 23.438609][ T321] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 23.446419][ T321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 23.454232][ T321] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 23.462045][ T321] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 23.469860][ T321] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 23.477669][ T321] [pid 323] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 322] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 23.491592][ T323] FAULT_INJECTION: forcing a failure. [ 23.491592][ T323] name failslab, interval 1, probability 0, space 0, times 0 [ 23.504050][ T323] CPU: 1 PID: 323 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.514154][ T323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 23.524220][ T323] Call Trace: [ 23.527343][ T323] [ 23.530122][ T323] dump_stack_lvl+0x151/0x1b7 [ 23.534634][ T323] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.540102][ T323] dump_stack+0x15/0x17 [ 23.544092][ T323] should_fail+0x3c6/0x510 [ 23.548344][ T323] __should_failslab+0xa4/0xe0 [ 23.552948][ T323] ? vm_area_dup+0x26/0x230 [ 23.557289][ T323] should_failslab+0x9/0x20 [ 23.561629][ T323] slab_pre_alloc_hook+0x37/0xd0 [ 23.566398][ T323] ? vm_area_dup+0x26/0x230 [ 23.570735][ T323] kmem_cache_alloc+0x44/0x200 [ 23.575336][ T323] vm_area_dup+0x26/0x230 [ 23.579502][ T323] copy_mm+0x9a1/0x13e0 [ 23.583495][ T323] ? copy_signal+0x610/0x610 [ 23.587922][ T323] ? __init_rwsem+0xd6/0x1c0 [ 23.592346][ T323] ? copy_signal+0x4e3/0x610 [ 23.596777][ T323] copy_process+0x12bc/0x3260 [ 23.601290][ T323] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 23.606235][ T323] ? __kasan_check_write+0x14/0x20 [ 23.611191][ T323] kernel_clone+0x21e/0x9e0 [ 23.615528][ T323] ? _raw_spin_unlock_irq+0x4e/0x70 [ 23.620556][ T323] ? create_io_thread+0x1e0/0x1e0 [ 23.625425][ T323] __x64_sys_clone+0x23f/0x290 [ 23.630016][ T323] ? __do_sys_vfork+0x130/0x130 [ 23.634812][ T323] ? __kasan_check_read+0x11/0x20 [ 23.639695][ T323] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 23.645487][ T323] do_syscall_64+0x3d/0xb0 [ 23.649747][ T323] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.655470][ T323] RIP: 0033:0x7fee0c2830a9 [ 23.659806][ T323] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 23.679248][ T323] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 323] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 323] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 322] close(3) = 0 [pid 322] close(4 [pid 323] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 322] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 322] close(5) = -1 EBADF (Bad file descriptor) [pid 322] close(6) = -1 EBADF (Bad file descriptor) [pid 322] close(7) = -1 EBADF (Bad file descriptor) [pid 322] close(8) = -1 EBADF (Bad file descriptor) [pid 322] close(9) = -1 EBADF (Bad file descriptor) [pid 322] close(10) = -1 EBADF (Bad file descriptor) [pid 322] close(11) = -1 EBADF (Bad file descriptor) [pid 322] close(12) = -1 EBADF (Bad file descriptor) [pid 322] close(13) = -1 EBADF (Bad file descriptor) [pid 322] close(14) = -1 EBADF (Bad file descriptor) [pid 322] close(15) = -1 EBADF (Bad file descriptor) [pid 322] close(16) = -1 EBADF (Bad file descriptor) [pid 322] close(17) = -1 EBADF (Bad file descriptor) [pid 322] close(18) = -1 EBADF (Bad file descriptor) [pid 322] close(19) = -1 EBADF (Bad file descriptor) [pid 322] close(20) = -1 EBADF (Bad file descriptor) [pid 322] close(21) = -1 EBADF (Bad file descriptor) [pid 322] close(22) = -1 EBADF (Bad file descriptor) [pid 322] close(23) = -1 EBADF (Bad file descriptor) [pid 322] close(24) = -1 EBADF (Bad file descriptor) [pid 322] close(25) = -1 EBADF (Bad file descriptor) [pid 322] close(26) = -1 EBADF (Bad file descriptor) [pid 322] close(27) = -1 EBADF (Bad file descriptor) [pid 322] close(28) = -1 EBADF (Bad file descriptor) [pid 322] close(29) = -1 EBADF (Bad file descriptor) [pid 322] exit_group(0 [pid 323] <... futex resumed>) = ? [pid 322] <... exit_group resumed>) = ? [pid 323] +++ exited with 0 +++ [pid 322] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 28 ./strace-static-x86_64: Process 325 attached [pid 325] set_robust_list(0x5555560296a0, 24) = 0 [pid 325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 325] setpgid(0, 0) = 0 [pid 325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 325] write(3, "1000", 4) = 4 [pid 325] close(3) = 0 [pid 325] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 325] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 325] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 325] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 325] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 325] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 325] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 325] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 326 attached => {parent_tid=[29]}, 88) = 29 [pid 326] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 326] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 326] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 325] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 325] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 326] <... futex resumed>) = 0 [pid 326] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 325] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 326] <... openat resumed>) = 3 [pid 326] write(3, "65", 2) = 2 [ 23.687508][ T323] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 23.695565][ T323] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 23.703379][ T323] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 23.711186][ T323] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 23.719004][ T323] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 23.726813][ T323] [ 23.747012][ T326] FAULT_INJECTION: forcing a failure. [ 23.747012][ T326] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 23.760253][ T326] CPU: 1 PID: 326 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.770309][ T326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 23.780215][ T326] Call Trace: [ 23.783327][ T326] [ 23.786109][ T326] dump_stack_lvl+0x151/0x1b7 [ 23.790617][ T326] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.796084][ T326] ? sched_clock+0x9/0x10 [ 23.800252][ T326] dump_stack+0x15/0x17 [ 23.804244][ T326] should_fail+0x3c6/0x510 [ 23.808587][ T326] should_fail_alloc_page+0x5a/0x80 [ 23.815268][ T326] prepare_alloc_pages+0x15c/0x700 [ 23.820219][ T326] ? __alloc_pages_bulk+0xe60/0xe60 [ 23.825352][ T326] __alloc_pages+0x138/0x5e0 [ 23.829777][ T326] ? prep_new_page+0x110/0x110 [ 23.834400][ T326] ? __alloc_pages+0x206/0x5e0 [ 23.838980][ T326] ? prep_new_page+0x110/0x110 [ 23.843579][ T326] ? __kasan_check_write+0x14/0x20 [ 23.848523][ T326] ? _raw_spin_lock+0xa4/0x1b0 [ 23.853128][ T326] pte_alloc_one+0x73/0x1b0 [ 23.857581][ T326] ? pfn_modify_allowed+0x2f0/0x2f0 [ 23.862616][ T326] ? __pmd_alloc+0x48d/0x550 [ 23.867032][ T326] __pte_alloc+0x86/0x350 [ 23.871196][ T326] ? __pud_alloc+0x260/0x260 [ 23.875622][ T326] ? free_pgtables+0x280/0x280 [ 23.880230][ T326] ? __stack_depot_save+0x34/0x470 [ 23.885170][ T326] ? anon_vma_clone+0x9a/0x500 [ 23.889771][ T326] copy_page_range+0x28a8/0x2f90 [ 23.894547][ T326] ? __kasan_slab_alloc+0xb1/0xe0 [ 23.899407][ T326] ? slab_post_alloc_hook+0x53/0x2c0 [ 23.904524][ T326] ? kernel_clone+0x21e/0x9e0 [ 23.909036][ T326] ? do_syscall_64+0x3d/0xb0 [ 23.913469][ T326] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.919374][ T326] ? pfn_valid+0x1e0/0x1e0 [ 23.923617][ T326] ? rwsem_write_trylock+0x15b/0x290 [ 23.928743][ T326] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 23.934989][ T326] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 23.940544][ T326] ? __rb_insert_augmented+0x5de/0x610 [ 23.945927][ T326] copy_mm+0xc7e/0x13e0 [ 23.949918][ T326] ? copy_signal+0x610/0x610 [ 23.954344][ T326] ? __init_rwsem+0xd6/0x1c0 [ 23.958789][ T326] ? copy_signal+0x4e3/0x610 [ 23.963196][ T326] copy_process+0x12bc/0x3260 [ 23.967712][ T326] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 23.972654][ T326] ? __kasan_check_write+0x14/0x20 [ 23.977601][ T326] kernel_clone+0x21e/0x9e0 [ 23.981946][ T326] ? _raw_spin_unlock_irq+0x4e/0x70 [ 23.986976][ T326] ? create_io_thread+0x1e0/0x1e0 [ 23.991836][ T326] __x64_sys_clone+0x23f/0x290 [ 23.996434][ T326] ? __do_sys_vfork+0x130/0x130 [ 24.001732][ T326] ? __kasan_check_read+0x11/0x20 [ 24.006592][ T326] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 24.012419][ T326] do_syscall_64+0x3d/0xb0 [ 24.016660][ T326] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.022389][ T326] RIP: 0033:0x7fee0c2830a9 [ 24.026641][ T326] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 326] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 325] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 326] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 326] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 326] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 325] close(3) = 0 [pid 325] close(4) = -1 EBADF (Bad file descriptor) [pid 325] close(5) = -1 EBADF (Bad file descriptor) [pid 325] close(6) = -1 EBADF (Bad file descriptor) [pid 325] close(7) = -1 EBADF (Bad file descriptor) [pid 325] close(8) = -1 EBADF (Bad file descriptor) [pid 325] close(9) = -1 EBADF (Bad file descriptor) [pid 325] close(10) = -1 EBADF (Bad file descriptor) [pid 325] close(11) = -1 EBADF (Bad file descriptor) [pid 325] close(12) = -1 EBADF (Bad file descriptor) [pid 325] close(13) = -1 EBADF (Bad file descriptor) [pid 325] close(14) = -1 EBADF (Bad file descriptor) [pid 325] close(15) = -1 EBADF (Bad file descriptor) [pid 325] close(16) = -1 EBADF (Bad file descriptor) [pid 325] close(17) = -1 EBADF (Bad file descriptor) [pid 325] close(18) = -1 EBADF (Bad file descriptor) [pid 325] close(19) = -1 EBADF (Bad file descriptor) [pid 325] close(20) = -1 EBADF (Bad file descriptor) [pid 325] close(21) = -1 EBADF (Bad file descriptor) [pid 325] close(22) = -1 EBADF (Bad file descriptor) [pid 325] close(23) = -1 EBADF (Bad file descriptor) [pid 325] close(24) = -1 EBADF (Bad file descriptor) [pid 325] close(25) = -1 EBADF (Bad file descriptor) [pid 325] close(26) = -1 EBADF (Bad file descriptor) [pid 325] close(27) = -1 EBADF (Bad file descriptor) [pid 325] close(28) = -1 EBADF (Bad file descriptor) [pid 325] close(29) = -1 EBADF (Bad file descriptor) [pid 325] exit_group(0 [pid 326] <... futex resumed>) = ? [pid 325] <... exit_group resumed>) = ? [pid 326] +++ exited with 0 +++ [pid 325] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=28, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 30 ./strace-static-x86_64: Process 327 attached [pid 327] set_robust_list(0x5555560296a0, 24) = 0 [pid 327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 327] setpgid(0, 0) = 0 [pid 327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 327] write(3, "1000", 4) = 4 [pid 327] close(3) = 0 [pid 327] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 327] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 327] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 327] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 327] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 327] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 327] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 327] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 328 attached => {parent_tid=[31]}, 88) = 31 [pid 327] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 327] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 327] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 328] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 328] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 328] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 328] write(3, "65", 2) = 2 [ 24.046079][ T326] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 24.054326][ T326] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 24.062139][ T326] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 24.069947][ T326] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 24.077759][ T326] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 24.085580][ T326] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 24.093384][ T326] [pid 328] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 327] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 24.112718][ T328] FAULT_INJECTION: forcing a failure. [ 24.112718][ T328] name failslab, interval 1, probability 0, space 0, times 0 [ 24.125232][ T328] CPU: 1 PID: 328 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 24.135262][ T328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 24.145161][ T328] Call Trace: [ 24.148280][ T328] [ 24.151060][ T328] dump_stack_lvl+0x151/0x1b7 [ 24.155571][ T328] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.161123][ T328] ? avc_denied+0x1b0/0x1b0 [ 24.165466][ T328] dump_stack+0x15/0x17 [ 24.169458][ T328] should_fail+0x3c6/0x510 [ 24.173710][ T328] __should_failslab+0xa4/0xe0 [ 24.178310][ T328] ? vm_area_dup+0x26/0x230 [ 24.182648][ T328] should_failslab+0x9/0x20 [ 24.186986][ T328] slab_pre_alloc_hook+0x37/0xd0 [ 24.191761][ T328] ? vm_area_dup+0x26/0x230 [ 24.196099][ T328] kmem_cache_alloc+0x44/0x200 [ 24.200706][ T328] vm_area_dup+0x26/0x230 [ 24.204866][ T328] copy_mm+0x9a1/0x13e0 [ 24.209038][ T328] ? copy_signal+0x610/0x610 [ 24.213553][ T328] ? __init_rwsem+0xd6/0x1c0 [ 24.218060][ T328] ? copy_signal+0x4e3/0x610 [ 24.222486][ T328] copy_process+0x12bc/0x3260 [ 24.227000][ T328] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 24.232031][ T328] ? __kasan_check_write+0x14/0x20 [ 24.236981][ T328] kernel_clone+0x21e/0x9e0 [ 24.241320][ T328] ? _raw_spin_unlock_irq+0x4e/0x70 [ 24.246354][ T328] ? create_io_thread+0x1e0/0x1e0 [ 24.251304][ T328] __x64_sys_clone+0x23f/0x290 [ 24.255899][ T328] ? __do_sys_vfork+0x130/0x130 [ 24.260600][ T328] ? __kasan_check_read+0x11/0x20 [ 24.265446][ T328] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 24.271356][ T328] do_syscall_64+0x3d/0xb0 [ 24.275610][ T328] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.281428][ T328] RIP: 0033:0x7fee0c2830a9 [ 24.285675][ T328] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 24.305119][ T328] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 328] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 328] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 328] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 327] close(3) = 0 [pid 327] close(4) = -1 EBADF (Bad file descriptor) [pid 327] close(5) = -1 EBADF (Bad file descriptor) [pid 327] close(6) = -1 EBADF (Bad file descriptor) [pid 327] close(7) = -1 EBADF (Bad file descriptor) [pid 327] close(8) = -1 EBADF (Bad file descriptor) [pid 327] close(9) = -1 EBADF (Bad file descriptor) [pid 327] close(10) = -1 EBADF (Bad file descriptor) [pid 327] close(11) = -1 EBADF (Bad file descriptor) [pid 327] close(12) = -1 EBADF (Bad file descriptor) [pid 327] close(13) = -1 EBADF (Bad file descriptor) [pid 327] close(14) = -1 EBADF (Bad file descriptor) [pid 327] close(15) = -1 EBADF (Bad file descriptor) [pid 327] close(16) = -1 EBADF (Bad file descriptor) [pid 327] close(17) = -1 EBADF (Bad file descriptor) [pid 327] close(18) = -1 EBADF (Bad file descriptor) [pid 327] close(19) = -1 EBADF (Bad file descriptor) [pid 327] close(20) = -1 EBADF (Bad file descriptor) [pid 327] close(21) = -1 EBADF (Bad file descriptor) [pid 327] close(22) = -1 EBADF (Bad file descriptor) [pid 327] close(23) = -1 EBADF (Bad file descriptor) [pid 327] close(24) = -1 EBADF (Bad file descriptor) [pid 327] close(25) = -1 EBADF (Bad file descriptor) [pid 327] close(26) = -1 EBADF (Bad file descriptor) [pid 327] close(27) = -1 EBADF (Bad file descriptor) [pid 327] close(28) = -1 EBADF (Bad file descriptor) [pid 327] close(29) = -1 EBADF (Bad file descriptor) [pid 327] exit_group(0 [pid 328] <... futex resumed>) = ? [pid 327] <... exit_group resumed>) = ? [pid 328] +++ exited with 0 +++ [pid 327] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=30, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 32 ./strace-static-x86_64: Process 329 attached [pid 329] set_robust_list(0x5555560296a0, 24) = 0 [pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 329] setpgid(0, 0) = 0 [pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 329] write(3, "1000", 4) = 4 [pid 329] close(3) = 0 [pid 329] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 329] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 329] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 329] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 329] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 329] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 330 attached => {parent_tid=[33]}, 88) = 33 [pid 330] set_robust_list(0x7fee0c2439a0, 24 [pid 329] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 329] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 330] <... set_robust_list resumed>) = 0 [pid 329] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 330] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 330] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 330] write(3, "65", 2) = 2 [ 24.313365][ T328] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 24.321171][ T328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 24.328984][ T328] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 24.336796][ T328] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 24.344605][ T328] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 24.352422][ T328] [ 24.366933][ T330] FAULT_INJECTION: forcing a failure. [ 24.366933][ T330] name failslab, interval 1, probability 0, space 0, times 0 [ 24.379369][ T330] CPU: 0 PID: 330 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 24.389569][ T330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 24.399462][ T330] Call Trace: [ 24.402613][ T330] [ 24.405360][ T330] dump_stack_lvl+0x151/0x1b7 [ 24.409874][ T330] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.415350][ T330] dump_stack+0x15/0x17 [ 24.419335][ T330] should_fail+0x3c6/0x510 [ 24.423588][ T330] __should_failslab+0xa4/0xe0 [ 24.428185][ T330] ? anon_vma_fork+0x1df/0x4e0 [ 24.432786][ T330] should_failslab+0x9/0x20 [ 24.437125][ T330] slab_pre_alloc_hook+0x37/0xd0 [ 24.441901][ T330] ? anon_vma_fork+0x1df/0x4e0 [ 24.446497][ T330] kmem_cache_alloc+0x44/0x200 [ 24.451098][ T330] anon_vma_fork+0x1df/0x4e0 [ 24.455524][ T330] copy_mm+0xa3a/0x13e0 [ 24.459518][ T330] ? copy_signal+0x610/0x610 [ 24.463946][ T330] ? __init_rwsem+0xd6/0x1c0 [ 24.468373][ T330] ? copy_signal+0x4e3/0x610 [ 24.472798][ T330] copy_process+0x12bc/0x3260 [ 24.477400][ T330] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 24.482343][ T330] ? __kasan_check_write+0x14/0x20 [ 24.487728][ T330] kernel_clone+0x21e/0x9e0 [ 24.492150][ T330] ? _raw_spin_unlock_irq+0x4e/0x70 [ 24.497185][ T330] ? create_io_thread+0x1e0/0x1e0 [ 24.502308][ T330] __x64_sys_clone+0x23f/0x290 [ 24.506913][ T330] ? __do_sys_vfork+0x130/0x130 [ 24.511594][ T330] ? __kasan_check_read+0x11/0x20 [ 24.516454][ T330] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 24.522355][ T330] do_syscall_64+0x3d/0xb0 [ 24.526642][ T330] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.532333][ T330] RIP: 0033:0x7fee0c2830a9 [ 24.536588][ T330] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 24.556115][ T330] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 330] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 329] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 330] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 330] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 330] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] close(3) = 0 [pid 329] close(4) = -1 EBADF (Bad file descriptor) [pid 329] close(5) = -1 EBADF (Bad file descriptor) [pid 329] close(6) = -1 EBADF (Bad file descriptor) [pid 329] close(7) = -1 EBADF (Bad file descriptor) [pid 329] close(8) = -1 EBADF (Bad file descriptor) [pid 329] close(9) = -1 EBADF (Bad file descriptor) [pid 329] close(10) = -1 EBADF (Bad file descriptor) [pid 329] close(11) = -1 EBADF (Bad file descriptor) [pid 329] close(12) = -1 EBADF (Bad file descriptor) [pid 329] close(13) = -1 EBADF (Bad file descriptor) [pid 329] close(14) = -1 EBADF (Bad file descriptor) [pid 329] close(15) = -1 EBADF (Bad file descriptor) [pid 329] close(16) = -1 EBADF (Bad file descriptor) [pid 329] close(17) = -1 EBADF (Bad file descriptor) [pid 329] close(18) = -1 EBADF (Bad file descriptor) [pid 329] close(19) = -1 EBADF (Bad file descriptor) [pid 329] close(20) = -1 EBADF (Bad file descriptor) [pid 329] close(21) = -1 EBADF (Bad file descriptor) [pid 329] close(22) = -1 EBADF (Bad file descriptor) [pid 329] close(23) = -1 EBADF (Bad file descriptor) [pid 329] close(24) = -1 EBADF (Bad file descriptor) [pid 329] close(25) = -1 EBADF (Bad file descriptor) [pid 329] close(26) = -1 EBADF (Bad file descriptor) [pid 329] close(27) = -1 EBADF (Bad file descriptor) [pid 329] close(28) = -1 EBADF (Bad file descriptor) [pid 329] close(29) = -1 EBADF (Bad file descriptor) [pid 329] exit_group(0) = ? [pid 330] <... futex resumed>) = ? [pid 330] +++ exited with 0 +++ [pid 329] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 332 attached [pid 332] set_robust_list(0x5555560296a0, 24 [pid 294] <... clone resumed>, child_tidptr=0x555556029690) = 34 [pid 332] <... set_robust_list resumed>) = 0 [pid 332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 332] setpgid(0, 0) = 0 [pid 332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 332] write(3, "1000", 4) = 4 [pid 332] close(3) = 0 [pid 332] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 332] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 332] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 332] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 332] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 332] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 332] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 333 attached [pid 333] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 333] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 333] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 332] <... clone3 resumed> => {parent_tid=[35]}, 88) = 35 [pid 332] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 332] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 333] <... futex resumed>) = 0 [pid 333] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 332] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] write(3, "65", 2) = 2 [ 24.564364][ T330] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 24.572171][ T330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 24.580069][ T330] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 24.587880][ T330] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 24.595692][ T330] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 24.603506][ T330] [pid 333] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 332] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 24.621796][ T333] FAULT_INJECTION: forcing a failure. [ 24.621796][ T333] name failslab, interval 1, probability 0, space 0, times 0 [ 24.634320][ T333] CPU: 1 PID: 333 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 24.644343][ T333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 24.654450][ T333] Call Trace: [ 24.657556][ T333] [ 24.660354][ T333] dump_stack_lvl+0x151/0x1b7 [ 24.664871][ T333] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.670318][ T333] dump_stack+0x15/0x17 [ 24.674307][ T333] should_fail+0x3c6/0x510 [ 24.678560][ T333] __should_failslab+0xa4/0xe0 [ 24.683160][ T333] ? vm_area_dup+0x26/0x230 [ 24.687500][ T333] should_failslab+0x9/0x20 [ 24.691895][ T333] slab_pre_alloc_hook+0x37/0xd0 [ 24.696619][ T333] ? vm_area_dup+0x26/0x230 [ 24.700950][ T333] kmem_cache_alloc+0x44/0x200 [ 24.705551][ T333] vm_area_dup+0x26/0x230 [ 24.709716][ T333] copy_mm+0x9a1/0x13e0 [ 24.713712][ T333] ? copy_signal+0x610/0x610 [ 24.718135][ T333] ? __init_rwsem+0xd6/0x1c0 [ 24.722655][ T333] ? copy_signal+0x4e3/0x610 [ 24.727074][ T333] copy_process+0x12bc/0x3260 [ 24.731591][ T333] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 24.736542][ T333] ? __kasan_check_write+0x14/0x20 [ 24.741485][ T333] kernel_clone+0x21e/0x9e0 [ 24.745823][ T333] ? _raw_spin_unlock_irq+0x4e/0x70 [ 24.750855][ T333] ? create_io_thread+0x1e0/0x1e0 [ 24.755717][ T333] __x64_sys_clone+0x23f/0x290 [ 24.760366][ T333] ? __do_sys_vfork+0x130/0x130 [ 24.765004][ T333] ? __kasan_check_read+0x11/0x20 [ 24.769950][ T333] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 24.775765][ T333] do_syscall_64+0x3d/0xb0 [ 24.780018][ T333] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.785747][ T333] RIP: 0033:0x7fee0c2830a9 [ 24.789999][ T333] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 24.809442][ T333] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 333] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 333] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 333] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 332] close(3) = 0 [pid 332] close(4) = -1 EBADF (Bad file descriptor) [pid 332] close(5) = -1 EBADF (Bad file descriptor) [pid 332] close(6) = -1 EBADF (Bad file descriptor) [pid 332] close(7) = -1 EBADF (Bad file descriptor) [pid 332] close(8) = -1 EBADF (Bad file descriptor) [pid 332] close(9) = -1 EBADF (Bad file descriptor) [pid 332] close(10) = -1 EBADF (Bad file descriptor) [pid 332] close(11) = -1 EBADF (Bad file descriptor) [pid 332] close(12) = -1 EBADF (Bad file descriptor) [pid 332] close(13) = -1 EBADF (Bad file descriptor) [pid 332] close(14) = -1 EBADF (Bad file descriptor) [pid 332] close(15) = -1 EBADF (Bad file descriptor) [pid 332] close(16) = -1 EBADF (Bad file descriptor) [pid 332] close(17) = -1 EBADF (Bad file descriptor) [pid 332] close(18) = -1 EBADF (Bad file descriptor) [pid 332] close(19) = -1 EBADF (Bad file descriptor) [pid 332] close(20) = -1 EBADF (Bad file descriptor) [pid 332] close(21) = -1 EBADF (Bad file descriptor) [pid 332] close(22) = -1 EBADF (Bad file descriptor) [pid 332] close(23) = -1 EBADF (Bad file descriptor) [pid 332] close(24) = -1 EBADF (Bad file descriptor) [pid 332] close(25) = -1 EBADF (Bad file descriptor) [pid 332] close(26) = -1 EBADF (Bad file descriptor) [pid 332] close(27) = -1 EBADF (Bad file descriptor) [pid 332] close(28) = -1 EBADF (Bad file descriptor) [pid 332] close(29) = -1 EBADF (Bad file descriptor) [pid 332] exit_group(0) = ? [pid 333] <... futex resumed>) = ? [pid 333] +++ exited with 0 +++ [pid 332] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=34, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 36 ./strace-static-x86_64: Process 334 attached [pid 334] set_robust_list(0x5555560296a0, 24) = 0 [pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 334] setpgid(0, 0) = 0 [pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 334] write(3, "1000", 4) = 4 [pid 334] close(3) = 0 [pid 334] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 334] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 334] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 334] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 334] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 334] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 334] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 335 attached [pid 335] set_robust_list(0x7fee0c2439a0, 24 [pid 334] <... clone3 resumed> => {parent_tid=[37]}, 88) = 37 [pid 335] <... set_robust_list resumed>) = 0 [pid 334] rt_sigprocmask(SIG_SETMASK, [], [pid 335] rt_sigprocmask(SIG_SETMASK, [], [pid 334] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 335] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 334] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 334] <... futex resumed>) = 0 [pid 335] <... openat resumed>) = 3 [pid 334] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] write(3, "65", 2) = 2 [ 24.817686][ T333] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 24.825588][ T333] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 24.833393][ T333] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 24.841378][ T333] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 24.849191][ T333] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 24.857010][ T333] [ 24.874776][ T335] FAULT_INJECTION: forcing a failure. [ 24.874776][ T335] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 24.887823][ T335] CPU: 1 PID: 335 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 24.897859][ T335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 24.907753][ T335] Call Trace: [ 24.910877][ T335] [ 24.913662][ T335] dump_stack_lvl+0x151/0x1b7 [ 24.918180][ T335] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.923634][ T335] ? sched_clock+0x9/0x10 [ 24.927801][ T335] dump_stack+0x15/0x17 [ 24.931803][ T335] should_fail+0x3c6/0x510 [ 24.936050][ T335] should_fail_alloc_page+0x5a/0x80 [ 24.941078][ T335] prepare_alloc_pages+0x15c/0x700 [ 24.946033][ T335] ? __alloc_pages_bulk+0xe60/0xe60 [ 24.951238][ T335] __alloc_pages+0x138/0x5e0 [ 24.955665][ T335] ? prep_new_page+0x110/0x110 [ 24.960267][ T335] ? __alloc_pages+0x206/0x5e0 [ 24.964859][ T335] ? prep_new_page+0x110/0x110 [ 24.969462][ T335] ? __kasan_check_write+0x14/0x20 [ 24.974406][ T335] ? _raw_spin_lock+0xa4/0x1b0 [ 24.979006][ T335] pte_alloc_one+0x73/0x1b0 [ 24.983349][ T335] ? pfn_modify_allowed+0x2f0/0x2f0 [ 24.988391][ T335] ? __pmd_alloc+0x48d/0x550 [ 24.992804][ T335] __pte_alloc+0x86/0x350 [ 24.996981][ T335] ? __pud_alloc+0x260/0x260 [ 25.001411][ T335] ? free_pgtables+0x280/0x280 [ 25.006000][ T335] ? __stack_depot_save+0x34/0x470 [ 25.010945][ T335] ? anon_vma_clone+0x9a/0x500 [ 25.015545][ T335] copy_page_range+0x28a8/0x2f90 [ 25.020319][ T335] ? __kasan_slab_alloc+0xb1/0xe0 [ 25.025180][ T335] ? slab_post_alloc_hook+0x53/0x2c0 [ 25.030300][ T335] ? kernel_clone+0x21e/0x9e0 [ 25.034899][ T335] ? do_syscall_64+0x3d/0xb0 [ 25.039342][ T335] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.045234][ T335] ? pfn_valid+0x1e0/0x1e0 [ 25.049484][ T335] ? rwsem_write_trylock+0x15b/0x290 [ 25.054610][ T335] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 25.060855][ T335] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 25.066406][ T335] ? __rb_insert_augmented+0x5de/0x610 [ 25.071702][ T335] copy_mm+0xc7e/0x13e0 [ 25.075697][ T335] ? copy_signal+0x610/0x610 [ 25.080120][ T335] ? __init_rwsem+0xd6/0x1c0 [ 25.084545][ T335] ? copy_signal+0x4e3/0x610 [ 25.088970][ T335] copy_process+0x12bc/0x3260 [ 25.093485][ T335] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 25.098430][ T335] ? __kasan_check_write+0x14/0x20 [ 25.103382][ T335] kernel_clone+0x21e/0x9e0 [ 25.107720][ T335] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.112754][ T335] ? create_io_thread+0x1e0/0x1e0 [ 25.117615][ T335] __x64_sys_clone+0x23f/0x290 [ 25.122302][ T335] ? __do_sys_vfork+0x130/0x130 [ 25.126984][ T335] ? __kasan_check_read+0x11/0x20 [ 25.131846][ T335] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 25.137661][ T335] do_syscall_64+0x3d/0xb0 [ 25.141917][ T335] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.147643][ T335] RIP: 0033:0x7fee0c2830a9 [ 25.151893][ T335] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 335] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 334] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 335] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 335] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 335] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] close(3) = 0 [pid 334] close(4) = -1 EBADF (Bad file descriptor) [pid 334] close(5) = -1 EBADF (Bad file descriptor) [pid 334] close(6) = -1 EBADF (Bad file descriptor) [pid 334] close(7) = -1 EBADF (Bad file descriptor) [pid 334] close(8) = -1 EBADF (Bad file descriptor) [pid 334] close(9) = -1 EBADF (Bad file descriptor) [pid 334] close(10) = -1 EBADF (Bad file descriptor) [pid 334] close(11) = -1 EBADF (Bad file descriptor) [pid 334] close(12) = -1 EBADF (Bad file descriptor) [pid 334] close(13) = -1 EBADF (Bad file descriptor) [pid 334] close(14) = -1 EBADF (Bad file descriptor) [pid 334] close(15) = -1 EBADF (Bad file descriptor) [pid 334] close(16) = -1 EBADF (Bad file descriptor) [pid 334] close(17) = -1 EBADF (Bad file descriptor) [pid 334] close(18) = -1 EBADF (Bad file descriptor) [pid 334] close(19) = -1 EBADF (Bad file descriptor) [pid 334] close(20) = -1 EBADF (Bad file descriptor) [pid 334] close(21) = -1 EBADF (Bad file descriptor) [pid 334] close(22) = -1 EBADF (Bad file descriptor) [pid 334] close(23) = -1 EBADF (Bad file descriptor) [pid 334] close(24) = -1 EBADF (Bad file descriptor) [pid 334] close(25) = -1 EBADF (Bad file descriptor) [pid 334] close(26) = -1 EBADF (Bad file descriptor) [pid 334] close(27) = -1 EBADF (Bad file descriptor) [pid 334] close(28) = -1 EBADF (Bad file descriptor) [pid 334] close(29) = -1 EBADF (Bad file descriptor) [pid 334] exit_group(0) = ? [pid 335] <... futex resumed>) = ? [pid 335] +++ exited with 0 +++ [pid 334] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 38 ./strace-static-x86_64: Process 336 attached [pid 336] set_robust_list(0x5555560296a0, 24) = 0 [pid 336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 336] setpgid(0, 0) = 0 [pid 336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 336] write(3, "1000", 4) = 4 [pid 336] close(3) = 0 [pid 336] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 336] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 336] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 336] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 336] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 336] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 336] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 337 attached => {parent_tid=[39]}, 88) = 39 [pid 337] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 336] rt_sigprocmask(SIG_SETMASK, [], [pid 337] rt_sigprocmask(SIG_SETMASK, [], [pid 336] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 337] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 336] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 336] <... futex resumed>) = 0 [pid 337] <... openat resumed>) = 3 [pid 336] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 337] write(3, "65", 2) = 2 [ 25.171368][ T335] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 25.179585][ T335] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 25.187392][ T335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 25.195204][ T335] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 25.203016][ T335] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 25.210830][ T335] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 25.218639][ T335] [pid 337] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 336] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 25.235328][ T337] FAULT_INJECTION: forcing a failure. [ 25.235328][ T337] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 25.248463][ T337] CPU: 1 PID: 337 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 25.258535][ T337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 25.268581][ T337] Call Trace: [ 25.271702][ T337] [ 25.274471][ T337] dump_stack_lvl+0x151/0x1b7 [ 25.278986][ T337] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.284451][ T337] dump_stack+0x15/0x17 [ 25.288447][ T337] should_fail+0x3c6/0x510 [ 25.292701][ T337] should_fail_alloc_page+0x5a/0x80 [ 25.297730][ T337] prepare_alloc_pages+0x15c/0x700 [ 25.302686][ T337] ? __alloc_pages_bulk+0xe60/0xe60 [ 25.307711][ T337] __alloc_pages+0x138/0x5e0 [ 25.312144][ T337] ? prep_new_page+0x110/0x110 [ 25.316743][ T337] ? __alloc_pages+0x206/0x5e0 [ 25.321349][ T337] ? prep_new_page+0x110/0x110 [ 25.325941][ T337] ? __kasan_check_write+0x14/0x20 [ 25.330883][ T337] ? _raw_spin_lock+0xa4/0x1b0 [ 25.335484][ T337] pte_alloc_one+0x73/0x1b0 [ 25.339825][ T337] ? pfn_modify_allowed+0x2f0/0x2f0 [ 25.344855][ T337] ? __pmd_alloc+0x48d/0x550 [ 25.349298][ T337] __pte_alloc+0x86/0x350 [ 25.353449][ T337] ? __pud_alloc+0x260/0x260 [ 25.357875][ T337] ? free_pgtables+0x280/0x280 [ 25.362476][ T337] ? __stack_depot_save+0x34/0x470 [ 25.367425][ T337] ? anon_vma_clone+0x9a/0x500 [ 25.372024][ T337] copy_page_range+0x28a8/0x2f90 [ 25.376794][ T337] ? __kasan_slab_alloc+0xb1/0xe0 [ 25.381654][ T337] ? slab_post_alloc_hook+0x53/0x2c0 [ 25.386779][ T337] ? kernel_clone+0x21e/0x9e0 [ 25.391290][ T337] ? do_syscall_64+0x3d/0xb0 [ 25.395714][ T337] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.401623][ T337] ? pfn_valid+0x1e0/0x1e0 [ 25.405872][ T337] ? rwsem_write_trylock+0x15b/0x290 [ 25.410991][ T337] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 25.417240][ T337] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 25.422799][ T337] ? __rb_insert_augmented+0x5de/0x610 [ 25.428095][ T337] copy_mm+0xc7e/0x13e0 [ 25.432084][ T337] ? copy_signal+0x610/0x610 [ 25.436509][ T337] ? __init_rwsem+0xd6/0x1c0 [ 25.440933][ T337] ? copy_signal+0x4e3/0x610 [ 25.445364][ T337] copy_process+0x12bc/0x3260 [ 25.449874][ T337] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 25.454819][ T337] ? __kasan_check_write+0x14/0x20 [ 25.459767][ T337] kernel_clone+0x21e/0x9e0 [ 25.464107][ T337] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.469150][ T337] ? create_io_thread+0x1e0/0x1e0 [ 25.474004][ T337] __x64_sys_clone+0x23f/0x290 [ 25.478695][ T337] ? __do_sys_vfork+0x130/0x130 [ 25.483378][ T337] ? __kasan_check_read+0x11/0x20 [ 25.488239][ T337] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 25.494054][ T337] do_syscall_64+0x3d/0xb0 [ 25.498311][ T337] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.504028][ T337] RIP: 0033:0x7fee0c2830a9 [ 25.508287][ T337] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 25.527811][ T337] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 337] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 337] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 336] close(3) = 0 [pid 336] close(4) = -1 EBADF (Bad file descriptor) [pid 336] close(5) = -1 EBADF (Bad file descriptor) [pid 336] close(6) = -1 EBADF (Bad file descriptor) [pid 336] close(7) = -1 EBADF (Bad file descriptor) [pid 336] close(8) = -1 EBADF (Bad file descriptor) [pid 336] close(9) = -1 EBADF (Bad file descriptor) [pid 336] close(10) = -1 EBADF (Bad file descriptor) [pid 336] close(11) = -1 EBADF (Bad file descriptor) [pid 336] close(12) = -1 EBADF (Bad file descriptor) [pid 336] close(13) = -1 EBADF (Bad file descriptor) [pid 336] close(14) = -1 EBADF (Bad file descriptor) [pid 336] close(15) = -1 EBADF (Bad file descriptor) [pid 336] close(16) = -1 EBADF (Bad file descriptor) [pid 336] close(17) = -1 EBADF (Bad file descriptor) [pid 336] close(18) = -1 EBADF (Bad file descriptor) [pid 336] close(19) = -1 EBADF (Bad file descriptor) [pid 336] close(20) = -1 EBADF (Bad file descriptor) [pid 336] close(21) = -1 EBADF (Bad file descriptor) [pid 336] close(22) = -1 EBADF (Bad file descriptor) [pid 336] close(23) = -1 EBADF (Bad file descriptor) [pid 336] close(24) = -1 EBADF (Bad file descriptor) [pid 336] close(25) = -1 EBADF (Bad file descriptor) [pid 336] close(26) = -1 EBADF (Bad file descriptor) [pid 336] close(27) = -1 EBADF (Bad file descriptor) [pid 336] close(28) = -1 EBADF (Bad file descriptor) [pid 336] close(29) = -1 EBADF (Bad file descriptor) [pid 336] exit_group(0) = ? [pid 337] <... futex resumed>) = ? [pid 337] +++ exited with 0 +++ [pid 336] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 40 ./strace-static-x86_64: Process 338 attached [pid 338] set_robust_list(0x5555560296a0, 24) = 0 [pid 338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 338] setpgid(0, 0) = 0 [pid 338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 338] write(3, "1000", 4) = 4 [pid 338] close(3) = 0 [pid 338] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 338] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 338] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 338] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 338] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 338] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 338] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 338] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[41]}, 88) = 41 ./strace-static-x86_64: Process 339 attached [pid 338] rt_sigprocmask(SIG_SETMASK, [], [pid 339] set_robust_list(0x7fee0c2439a0, 24 [pid 338] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 339] <... set_robust_list resumed>) = 0 [pid 338] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 339] rt_sigprocmask(SIG_SETMASK, [], [pid 338] <... futex resumed>) = 0 [pid 339] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 338] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 339] write(3, "65", 2) = 2 [ 25.536058][ T337] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 25.543879][ T337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 25.551859][ T337] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 25.559671][ T337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 25.567474][ T337] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 25.575291][ T337] [ 25.588747][ T339] FAULT_INJECTION: forcing a failure. [ 25.588747][ T339] name failslab, interval 1, probability 0, space 0, times 0 [ 25.601293][ T339] CPU: 0 PID: 339 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 25.611328][ T339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 25.621233][ T339] Call Trace: [ 25.624376][ T339] [ 25.627122][ T339] dump_stack_lvl+0x151/0x1b7 [ 25.631633][ T339] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.637103][ T339] dump_stack+0x15/0x17 [ 25.641094][ T339] should_fail+0x3c6/0x510 [ 25.645347][ T339] __should_failslab+0xa4/0xe0 [ 25.649948][ T339] ? vm_area_dup+0x26/0x230 [ 25.654288][ T339] should_failslab+0x9/0x20 [ 25.658628][ T339] slab_pre_alloc_hook+0x37/0xd0 [ 25.663400][ T339] ? vm_area_dup+0x26/0x230 [ 25.667738][ T339] kmem_cache_alloc+0x44/0x200 [ 25.672358][ T339] vm_area_dup+0x26/0x230 [ 25.676506][ T339] copy_mm+0x9a1/0x13e0 [ 25.680500][ T339] ? copy_signal+0x610/0x610 [ 25.684923][ T339] ? __init_rwsem+0xd6/0x1c0 [ 25.689354][ T339] ? copy_signal+0x4e3/0x610 [ 25.693777][ T339] copy_process+0x12bc/0x3260 [ 25.698292][ T339] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 25.703246][ T339] ? __kasan_check_write+0x14/0x20 [ 25.708186][ T339] kernel_clone+0x21e/0x9e0 [ 25.712528][ T339] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.717571][ T339] ? create_io_thread+0x1e0/0x1e0 [ 25.722418][ T339] __x64_sys_clone+0x23f/0x290 [ 25.727018][ T339] ? __do_sys_vfork+0x130/0x130 [ 25.731703][ T339] ? __kasan_check_read+0x11/0x20 [ 25.736564][ T339] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 25.742465][ T339] do_syscall_64+0x3d/0xb0 [ 25.746717][ T339] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.752448][ T339] RIP: 0033:0x7fee0c2830a9 [ 25.756701][ T339] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 25.776141][ T339] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 339] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 338] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 339] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 339] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 339] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 338] close(3) = 0 [pid 338] close(4) = -1 EBADF (Bad file descriptor) [pid 338] close(5) = -1 EBADF (Bad file descriptor) [pid 338] close(6) = -1 EBADF (Bad file descriptor) [pid 338] close(7) = -1 EBADF (Bad file descriptor) [pid 338] close(8) = -1 EBADF (Bad file descriptor) [pid 338] close(9) = -1 EBADF (Bad file descriptor) [pid 338] close(10) = -1 EBADF (Bad file descriptor) [pid 338] close(11) = -1 EBADF (Bad file descriptor) [pid 338] close(12) = -1 EBADF (Bad file descriptor) [pid 338] close(13) = -1 EBADF (Bad file descriptor) [pid 338] close(14) = -1 EBADF (Bad file descriptor) [pid 338] close(15) = -1 EBADF (Bad file descriptor) [pid 338] close(16) = -1 EBADF (Bad file descriptor) [pid 338] close(17) = -1 EBADF (Bad file descriptor) [pid 338] close(18) = -1 EBADF (Bad file descriptor) [pid 338] close(19) = -1 EBADF (Bad file descriptor) [pid 338] close(20) = -1 EBADF (Bad file descriptor) [pid 338] close(21) = -1 EBADF (Bad file descriptor) [pid 338] close(22) = -1 EBADF (Bad file descriptor) [pid 338] close(23) = -1 EBADF (Bad file descriptor) [pid 338] close(24) = -1 EBADF (Bad file descriptor) [pid 338] close(25) = -1 EBADF (Bad file descriptor) [pid 338] close(26) = -1 EBADF (Bad file descriptor) [pid 338] close(27) = -1 EBADF (Bad file descriptor) [pid 338] close(28) = -1 EBADF (Bad file descriptor) [pid 338] close(29) = -1 EBADF (Bad file descriptor) [pid 338] exit_group(0) = ? [pid 339] <... futex resumed>) = ? [pid 339] +++ exited with 0 +++ [pid 338] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=40, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 42 ./strace-static-x86_64: Process 341 attached [pid 341] set_robust_list(0x5555560296a0, 24) = 0 [pid 341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 341] setpgid(0, 0) = 0 [pid 341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 341] write(3, "1000", 4) = 4 [pid 341] close(3) = 0 [pid 341] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 341] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 341] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 341] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 341] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 341] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 341] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 341] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[43]}, 88) = 43 [pid 341] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 341] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 341] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 342 attached [pid 342] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 342] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 342] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 342] write(3, "65", 2) = 2 [ 25.784387][ T339] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 25.792543][ T339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 25.800354][ T339] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 25.808168][ T339] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 25.815976][ T339] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 25.823791][ T339] [pid 342] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 341] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 25.836323][ T342] FAULT_INJECTION: forcing a failure. [ 25.836323][ T342] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 25.849443][ T342] CPU: 0 PID: 342 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 25.859490][ T342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 25.869387][ T342] Call Trace: [ 25.872509][ T342] [ 25.875291][ T342] dump_stack_lvl+0x151/0x1b7 [ 25.879798][ T342] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.885271][ T342] dump_stack+0x15/0x17 [ 25.889269][ T342] should_fail+0x3c6/0x510 [ 25.893513][ T342] should_fail_alloc_page+0x5a/0x80 [ 25.898548][ T342] prepare_alloc_pages+0x15c/0x700 [ 25.903501][ T342] ? __alloc_pages_bulk+0xe60/0xe60 [ 25.908531][ T342] __alloc_pages+0x138/0x5e0 [ 25.912958][ T342] ? prep_new_page+0x110/0x110 [ 25.917565][ T342] ? __alloc_pages+0x206/0x5e0 [ 25.922155][ T342] ? prep_new_page+0x110/0x110 [ 25.926754][ T342] ? __kasan_check_write+0x14/0x20 [ 25.931703][ T342] ? _raw_spin_lock+0xa4/0x1b0 [ 25.936301][ T342] pte_alloc_one+0x73/0x1b0 [ 25.940640][ T342] ? pfn_modify_allowed+0x2f0/0x2f0 [ 25.945673][ T342] ? __pmd_alloc+0x48d/0x550 [ 25.950099][ T342] __pte_alloc+0x86/0x350 [ 25.954267][ T342] ? __pud_alloc+0x260/0x260 [ 25.958694][ T342] ? free_pgtables+0x280/0x280 [ 25.963292][ T342] ? __stack_depot_save+0x34/0x470 [ 25.968240][ T342] ? anon_vma_clone+0x9a/0x500 [ 25.972842][ T342] copy_page_range+0x28a8/0x2f90 [ 25.977610][ T342] ? __kasan_slab_alloc+0xb1/0xe0 [ 25.982474][ T342] ? slab_post_alloc_hook+0x53/0x2c0 [ 25.987596][ T342] ? kernel_clone+0x21e/0x9e0 [ 25.992110][ T342] ? do_syscall_64+0x3d/0xb0 [ 25.996532][ T342] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.002441][ T342] ? pfn_valid+0x1e0/0x1e0 [ 26.006688][ T342] ? rwsem_write_trylock+0x15b/0x290 [ 26.011810][ T342] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 26.018061][ T342] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 26.023613][ T342] ? __rb_insert_augmented+0x5de/0x610 [ 26.028907][ T342] copy_mm+0xc7e/0x13e0 [ 26.032987][ T342] ? copy_signal+0x610/0x610 [ 26.037411][ T342] ? __init_rwsem+0xd6/0x1c0 [ 26.041847][ T342] ? copy_signal+0x4e3/0x610 [ 26.046265][ T342] copy_process+0x12bc/0x3260 [ 26.050782][ T342] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 26.055724][ T342] ? __kasan_check_write+0x14/0x20 [ 26.060671][ T342] kernel_clone+0x21e/0x9e0 [ 26.065015][ T342] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.070046][ T342] ? create_io_thread+0x1e0/0x1e0 [ 26.074924][ T342] __x64_sys_clone+0x23f/0x290 [ 26.079505][ T342] ? __do_sys_vfork+0x130/0x130 [ 26.084209][ T342] ? __kasan_check_read+0x11/0x20 [ 26.089060][ T342] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 26.094869][ T342] do_syscall_64+0x3d/0xb0 [ 26.099120][ T342] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.104848][ T342] RIP: 0033:0x7fee0c2830a9 [ 26.109101][ T342] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 26.128541][ T342] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 342] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 342] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 342] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 341] close(3) = 0 [pid 341] close(4) = -1 EBADF (Bad file descriptor) [pid 341] close(5) = -1 EBADF (Bad file descriptor) [pid 341] close(6) = -1 EBADF (Bad file descriptor) [pid 341] close(7) = -1 EBADF (Bad file descriptor) [pid 341] close(8) = -1 EBADF (Bad file descriptor) [pid 341] close(9) = -1 EBADF (Bad file descriptor) [pid 341] close(10) = -1 EBADF (Bad file descriptor) [pid 341] close(11) = -1 EBADF (Bad file descriptor) [pid 341] close(12) = -1 EBADF (Bad file descriptor) [pid 341] close(13) = -1 EBADF (Bad file descriptor) [pid 341] close(14) = -1 EBADF (Bad file descriptor) [pid 341] close(15) = -1 EBADF (Bad file descriptor) [pid 341] close(16) = -1 EBADF (Bad file descriptor) [pid 341] close(17) = -1 EBADF (Bad file descriptor) [pid 341] close(18) = -1 EBADF (Bad file descriptor) [pid 341] close(19) = -1 EBADF (Bad file descriptor) [pid 341] close(20) = -1 EBADF (Bad file descriptor) [pid 341] close(21) = -1 EBADF (Bad file descriptor) [pid 341] close(22) = -1 EBADF (Bad file descriptor) [pid 341] close(23) = -1 EBADF (Bad file descriptor) [pid 341] close(24) = -1 EBADF (Bad file descriptor) [pid 341] close(25) = -1 EBADF (Bad file descriptor) [pid 341] close(26) = -1 EBADF (Bad file descriptor) [pid 341] close(27) = -1 EBADF (Bad file descriptor) [pid 341] close(28) = -1 EBADF (Bad file descriptor) [pid 341] close(29) = -1 EBADF (Bad file descriptor) [pid 341] exit_group(0 [pid 342] <... futex resumed>) = ? [pid 341] <... exit_group resumed>) = ? [pid 342] +++ exited with 0 +++ [pid 341] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=42, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 343 attached , child_tidptr=0x555556029690) = 44 [pid 343] set_robust_list(0x5555560296a0, 24) = 0 [pid 343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 343] setpgid(0, 0) = 0 [pid 343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 343] write(3, "1000", 4) = 4 [pid 343] close(3) = 0 [pid 343] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 343] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 343] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 343] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 343] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 343] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 343] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 343] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[45]}, 88) = 45 [pid 343] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 343] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 343] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 344 attached [pid 344] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 344] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 344] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 344] write(3, "65", 2) = 2 [ 26.136968][ T342] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 26.144868][ T342] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 26.152676][ T342] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 26.160487][ T342] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 26.168301][ T342] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 26.176202][ T342] [pid 344] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 343] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 26.189442][ T344] FAULT_INJECTION: forcing a failure. [ 26.189442][ T344] name failslab, interval 1, probability 0, space 0, times 0 [ 26.201936][ T344] CPU: 0 PID: 344 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 26.212001][ T344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 26.221901][ T344] Call Trace: [ 26.225017][ T344] [ 26.227799][ T344] dump_stack_lvl+0x151/0x1b7 [ 26.232309][ T344] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.237779][ T344] dump_stack+0x15/0x17 [ 26.241781][ T344] should_fail+0x3c6/0x510 [ 26.246034][ T344] __should_failslab+0xa4/0xe0 [ 26.250638][ T344] ? anon_vma_fork+0x1df/0x4e0 [ 26.255259][ T344] should_failslab+0x9/0x20 [ 26.259562][ T344] slab_pre_alloc_hook+0x37/0xd0 [ 26.264337][ T344] ? anon_vma_fork+0x1df/0x4e0 [ 26.268934][ T344] kmem_cache_alloc+0x44/0x200 [ 26.273542][ T344] anon_vma_fork+0x1df/0x4e0 [ 26.277960][ T344] copy_mm+0xa3a/0x13e0 [ 26.281954][ T344] ? copy_signal+0x610/0x610 [ 26.286381][ T344] ? __init_rwsem+0xd6/0x1c0 [ 26.290804][ T344] ? copy_signal+0x4e3/0x610 [ 26.295230][ T344] copy_process+0x12bc/0x3260 [ 26.299748][ T344] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 26.304691][ T344] ? __kasan_check_write+0x14/0x20 [ 26.309639][ T344] kernel_clone+0x21e/0x9e0 [ 26.313980][ T344] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.319012][ T344] ? create_io_thread+0x1e0/0x1e0 [ 26.323959][ T344] __x64_sys_clone+0x23f/0x290 [ 26.328560][ T344] ? __do_sys_vfork+0x130/0x130 [ 26.333248][ T344] ? __kasan_check_read+0x11/0x20 [ 26.338108][ T344] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 26.343922][ T344] do_syscall_64+0x3d/0xb0 [ 26.348176][ T344] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.353905][ T344] RIP: 0033:0x7fee0c2830a9 [ 26.358160][ T344] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 26.377684][ T344] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 344] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 344] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 344] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 343] close(3) = 0 [pid 343] close(4) = -1 EBADF (Bad file descriptor) [pid 343] close(5) = -1 EBADF (Bad file descriptor) [pid 343] close(6) = -1 EBADF (Bad file descriptor) [pid 343] close(7) = -1 EBADF (Bad file descriptor) [pid 343] close(8) = -1 EBADF (Bad file descriptor) [pid 343] close(9) = -1 EBADF (Bad file descriptor) [pid 343] close(10) = -1 EBADF (Bad file descriptor) [pid 343] close(11) = -1 EBADF (Bad file descriptor) [pid 343] close(12) = -1 EBADF (Bad file descriptor) [pid 343] close(13) = -1 EBADF (Bad file descriptor) [pid 343] close(14) = -1 EBADF (Bad file descriptor) [pid 343] close(15) = -1 EBADF (Bad file descriptor) [pid 343] close(16) = -1 EBADF (Bad file descriptor) [pid 343] close(17) = -1 EBADF (Bad file descriptor) [pid 343] close(18) = -1 EBADF (Bad file descriptor) [pid 343] close(19) = -1 EBADF (Bad file descriptor) [pid 343] close(20) = -1 EBADF (Bad file descriptor) [pid 343] close(21) = -1 EBADF (Bad file descriptor) [pid 343] close(22) = -1 EBADF (Bad file descriptor) [pid 343] close(23) = -1 EBADF (Bad file descriptor) [pid 343] close(24) = -1 EBADF (Bad file descriptor) [pid 343] close(25) = -1 EBADF (Bad file descriptor) [pid 343] close(26) = -1 EBADF (Bad file descriptor) [pid 343] close(27) = -1 EBADF (Bad file descriptor) [pid 343] close(28) = -1 EBADF (Bad file descriptor) [pid 343] close(29) = -1 EBADF (Bad file descriptor) [pid 343] exit_group(0 [pid 344] <... futex resumed>) = ? [pid 343] <... exit_group resumed>) = ? [pid 344] +++ exited with 0 +++ [pid 343] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 46 ./strace-static-x86_64: Process 345 attached [pid 345] set_robust_list(0x5555560296a0, 24) = 0 [pid 345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 345] setpgid(0, 0) = 0 [pid 345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 345] write(3, "1000", 4) = 4 [pid 345] close(3) = 0 [pid 345] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 345] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 345] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 345] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 345] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 345] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 345] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 345] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[47]}, 88) = 47 [pid 345] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 345] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 345] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 346 attached [pid 346] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 346] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 346] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 346] write(3, "65", 2) = 2 [ 26.386039][ T344] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 26.393849][ T344] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 26.401660][ T344] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 26.409471][ T344] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 26.417298][ T344] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 26.425096][ T344] [ 26.440147][ T346] FAULT_INJECTION: forcing a failure. [ 26.440147][ T346] name failslab, interval 1, probability 0, space 0, times 0 [ 26.452646][ T346] CPU: 1 PID: 346 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 26.462612][ T346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 26.472509][ T346] Call Trace: [ 26.475622][ T346] [ 26.478401][ T346] dump_stack_lvl+0x151/0x1b7 [ 26.482912][ T346] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.488383][ T346] ? avc_denied+0x1b0/0x1b0 [ 26.492723][ T346] dump_stack+0x15/0x17 [ 26.496715][ T346] should_fail+0x3c6/0x510 [ 26.500964][ T346] __should_failslab+0xa4/0xe0 [ 26.505688][ T346] ? vm_area_dup+0x26/0x230 [ 26.510001][ T346] should_failslab+0x9/0x20 [ 26.514567][ T346] slab_pre_alloc_hook+0x37/0xd0 [ 26.519426][ T346] ? vm_area_dup+0x26/0x230 [ 26.523763][ T346] kmem_cache_alloc+0x44/0x200 [ 26.528361][ T346] vm_area_dup+0x26/0x230 [ 26.532531][ T346] copy_mm+0x9a1/0x13e0 [ 26.536523][ T346] ? copy_signal+0x610/0x610 [ 26.540945][ T346] ? __init_rwsem+0xd6/0x1c0 [ 26.545376][ T346] ? copy_signal+0x4e3/0x610 [ 26.549799][ T346] copy_process+0x12bc/0x3260 [ 26.554314][ T346] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 26.559262][ T346] ? __kasan_check_write+0x14/0x20 [ 26.564208][ T346] kernel_clone+0x21e/0x9e0 [ 26.568546][ T346] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.573581][ T346] ? create_io_thread+0x1e0/0x1e0 [ 26.578454][ T346] __x64_sys_clone+0x23f/0x290 [ 26.583046][ T346] ? __do_sys_vfork+0x130/0x130 [ 26.587733][ T346] ? __kasan_check_read+0x11/0x20 [ 26.592587][ T346] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 26.598404][ T346] do_syscall_64+0x3d/0xb0 [ 26.602655][ T346] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.608383][ T346] RIP: 0033:0x7fee0c2830a9 [ 26.612749][ T346] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 26.632192][ T346] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 346] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 345] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 346] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 345] close(3 [pid 346] <... futex resumed>) = 0 [pid 345] <... close resumed>) = 0 [pid 346] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 345] close(4) = -1 EBADF (Bad file descriptor) [pid 345] close(5) = -1 EBADF (Bad file descriptor) [pid 345] close(6) = -1 EBADF (Bad file descriptor) [pid 345] close(7) = -1 EBADF (Bad file descriptor) [pid 345] close(8) = -1 EBADF (Bad file descriptor) [pid 345] close(9) = -1 EBADF (Bad file descriptor) [pid 345] close(10) = -1 EBADF (Bad file descriptor) [pid 345] close(11) = -1 EBADF (Bad file descriptor) [pid 345] close(12) = -1 EBADF (Bad file descriptor) [pid 345] close(13) = -1 EBADF (Bad file descriptor) [pid 345] close(14) = -1 EBADF (Bad file descriptor) [pid 345] close(15) = -1 EBADF (Bad file descriptor) [pid 345] close(16) = -1 EBADF (Bad file descriptor) [pid 345] close(17) = -1 EBADF (Bad file descriptor) [pid 345] close(18) = -1 EBADF (Bad file descriptor) [pid 345] close(19) = -1 EBADF (Bad file descriptor) [pid 345] close(20) = -1 EBADF (Bad file descriptor) [pid 345] close(21) = -1 EBADF (Bad file descriptor) [pid 345] close(22) = -1 EBADF (Bad file descriptor) [pid 345] close(23) = -1 EBADF (Bad file descriptor) [pid 345] close(24) = -1 EBADF (Bad file descriptor) [pid 345] close(25) = -1 EBADF (Bad file descriptor) [pid 345] close(26) = -1 EBADF (Bad file descriptor) [pid 345] close(27) = -1 EBADF (Bad file descriptor) [pid 345] close(28) = -1 EBADF (Bad file descriptor) [pid 345] close(29) = -1 EBADF (Bad file descriptor) [pid 345] exit_group(0 [pid 346] <... futex resumed>) = ? [pid 345] <... exit_group resumed>) = ? [pid 346] +++ exited with 0 +++ [pid 345] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=46, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 48 [ 26.640438][ T346] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 26.648251][ T346] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 26.656061][ T346] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 26.664033][ T346] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 26.671840][ T346] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 26.679661][ T346] [ 26.683845][ T30] kauditd_printk_skb: 2 callbacks suppressed ./strace-static-x86_64: Process 348 attached [pid 348] set_robust_list(0x5555560296a0, 24) = 0 [pid 348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 348] setpgid(0, 0) = 0 [pid 348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 348] write(3, "1000", 4) = 4 [pid 348] close(3) = 0 [pid 348] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 348] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 348] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 348] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 348] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 348] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 348] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 348] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[49]}, 88) = 49 [pid 348] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 348] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 348] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 349 attached [pid 349] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 349] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 349] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 349] write(3, "65", 2) = 2 [ 26.683857][ T30] audit: type=1400 audit(1697032632.576:78): avc: denied { remove_name } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 26.698725][ T349] FAULT_INJECTION: forcing a failure. [ 26.698725][ T349] name failslab, interval 1, probability 0, space 0, times 0 [ 26.724505][ T30] audit: type=1400 audit(1697032632.576:79): avc: denied { rename } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 26.724776][ T349] CPU: 1 PID: 349 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 26.756398][ T349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 26.766287][ T349] Call Trace: [ 26.769424][ T349] [ 26.772190][ T349] dump_stack_lvl+0x151/0x1b7 [ 26.776701][ T349] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.782172][ T349] ? avc_denied+0x1b0/0x1b0 [ 26.786513][ T349] dump_stack+0x15/0x17 [ 26.790592][ T349] should_fail+0x3c6/0x510 [ 26.794842][ T349] __should_failslab+0xa4/0xe0 [ 26.799528][ T349] ? vm_area_dup+0x26/0x230 [ 26.803868][ T349] should_failslab+0x9/0x20 [ 26.808209][ T349] slab_pre_alloc_hook+0x37/0xd0 [ 26.812979][ T349] ? vm_area_dup+0x26/0x230 [ 26.817319][ T349] kmem_cache_alloc+0x44/0x200 [ 26.821921][ T349] vm_area_dup+0x26/0x230 [ 26.826085][ T349] copy_mm+0x9a1/0x13e0 [ 26.830082][ T349] ? copy_signal+0x610/0x610 [ 26.834504][ T349] ? __init_rwsem+0xd6/0x1c0 [ 26.838930][ T349] ? copy_signal+0x4e3/0x610 [ 26.843708][ T349] copy_process+0x12bc/0x3260 [ 26.848221][ T349] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 26.853262][ T349] ? __kasan_check_write+0x14/0x20 [ 26.858208][ T349] kernel_clone+0x21e/0x9e0 [ 26.862545][ T349] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.867573][ T349] ? create_io_thread+0x1e0/0x1e0 [ 26.872435][ T349] __x64_sys_clone+0x23f/0x290 [ 26.877036][ T349] ? __do_sys_vfork+0x130/0x130 [ 26.881721][ T349] ? __kasan_check_read+0x11/0x20 [ 26.886581][ T349] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 26.892569][ T349] do_syscall_64+0x3d/0xb0 [ 26.896821][ T349] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.902550][ T349] RIP: 0033:0x7fee0c2830a9 [ 26.906806][ T349] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 26.926256][ T349] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 26.934500][ T349] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 349] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 348] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 349] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 349] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 349] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 348] close(3) = 0 [pid 348] close(4) = -1 EBADF (Bad file descriptor) [pid 348] close(5) = -1 EBADF (Bad file descriptor) [pid 348] close(6) = -1 EBADF (Bad file descriptor) [pid 348] close(7) = -1 EBADF (Bad file descriptor) [pid 348] close(8) = -1 EBADF (Bad file descriptor) [pid 348] close(9) = -1 EBADF (Bad file descriptor) [pid 348] close(10) = -1 EBADF (Bad file descriptor) [pid 348] close(11) = -1 EBADF (Bad file descriptor) [pid 348] close(12) = -1 EBADF (Bad file descriptor) [pid 348] close(13) = -1 EBADF (Bad file descriptor) [pid 348] close(14) = -1 EBADF (Bad file descriptor) [pid 348] close(15) = -1 EBADF (Bad file descriptor) [pid 348] close(16) = -1 EBADF (Bad file descriptor) [pid 348] close(17) = -1 EBADF (Bad file descriptor) [pid 348] close(18) = -1 EBADF (Bad file descriptor) [pid 348] close(19) = -1 EBADF (Bad file descriptor) [pid 348] close(20) = -1 EBADF (Bad file descriptor) [pid 348] close(21) = -1 EBADF (Bad file descriptor) [pid 348] close(22) = -1 EBADF (Bad file descriptor) [pid 348] close(23) = -1 EBADF (Bad file descriptor) [pid 348] close(24) = -1 EBADF (Bad file descriptor) [pid 348] close(25) = -1 EBADF (Bad file descriptor) [pid 348] close(26) = -1 EBADF (Bad file descriptor) [pid 348] close(27) = -1 EBADF (Bad file descriptor) [pid 348] close(28) = -1 EBADF (Bad file descriptor) [pid 348] close(29) = -1 EBADF (Bad file descriptor) [pid 348] exit_group(0 [pid 349] <... futex resumed>) = ? [pid 348] <... exit_group resumed>) = ? [pid 349] +++ exited with 0 +++ [pid 348] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=48, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 50 ./strace-static-x86_64: Process 350 attached [pid 350] set_robust_list(0x5555560296a0, 24) = 0 [pid 350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 350] setpgid(0, 0) = 0 [pid 350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 350] write(3, "1000", 4) = 4 [pid 350] close(3) = 0 [pid 350] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 350] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 350] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 350] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 350] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 350] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 350] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 350] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[51]}, 88) = 51 [pid 350] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 350] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 350] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 351 attached [pid 351] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 351] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 351] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 351] write(3, "65", 2) = 2 [ 26.942299][ T349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 26.950201][ T349] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 26.958096][ T349] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 26.965917][ T349] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 26.973730][ T349] [ 26.985015][ T351] FAULT_INJECTION: forcing a failure. [pid 351] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 350] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 26.985015][ T351] name failslab, interval 1, probability 0, space 0, times 0 [ 26.997503][ T351] CPU: 0 PID: 351 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 27.007490][ T351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 27.017386][ T351] Call Trace: [ 27.020509][ T351] [ 27.023289][ T351] dump_stack_lvl+0x151/0x1b7 [ 27.027800][ T351] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.033267][ T351] dump_stack+0x15/0x17 [ 27.037259][ T351] should_fail+0x3c6/0x510 [ 27.041517][ T351] __should_failslab+0xa4/0xe0 [ 27.046110][ T351] ? anon_vma_clone+0x9a/0x500 [ 27.050711][ T351] should_failslab+0x9/0x20 [ 27.055054][ T351] slab_pre_alloc_hook+0x37/0xd0 [ 27.059827][ T351] ? anon_vma_clone+0x9a/0x500 [ 27.064426][ T351] kmem_cache_alloc+0x44/0x200 [ 27.069022][ T351] anon_vma_clone+0x9a/0x500 [ 27.073449][ T351] anon_vma_fork+0x91/0x4e0 [ 27.077789][ T351] ? anon_vma_name+0x4c/0x70 [ 27.082303][ T351] ? vm_area_dup+0x17a/0x230 [ 27.086744][ T351] copy_mm+0xa3a/0x13e0 [ 27.090816][ T351] ? copy_signal+0x610/0x610 [ 27.095235][ T351] ? __init_rwsem+0xd6/0x1c0 [ 27.099663][ T351] ? copy_signal+0x4e3/0x610 [ 27.104091][ T351] copy_process+0x12bc/0x3260 [ 27.108603][ T351] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 27.113547][ T351] ? __kasan_check_write+0x14/0x20 [ 27.118498][ T351] kernel_clone+0x21e/0x9e0 [ 27.122836][ T351] ? _raw_spin_unlock_irq+0x4e/0x70 [ 27.127956][ T351] ? create_io_thread+0x1e0/0x1e0 [ 27.132842][ T351] __x64_sys_clone+0x23f/0x290 [ 27.137416][ T351] ? __do_sys_vfork+0x130/0x130 [ 27.142113][ T351] ? __kasan_check_read+0x11/0x20 [ 27.146967][ T351] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 27.152784][ T351] do_syscall_64+0x3d/0xb0 [ 27.157039][ T351] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.163041][ T351] RIP: 0033:0x7fee0c2830a9 [ 27.167282][ T351] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 27.186801][ T351] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 351] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 351] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 351] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 350] close(3) = 0 [pid 350] close(4) = -1 EBADF (Bad file descriptor) [pid 350] close(5) = -1 EBADF (Bad file descriptor) [pid 350] close(6) = -1 EBADF (Bad file descriptor) [pid 350] close(7) = -1 EBADF (Bad file descriptor) [pid 350] close(8) = -1 EBADF (Bad file descriptor) [pid 350] close(9) = -1 EBADF (Bad file descriptor) [pid 350] close(10) = -1 EBADF (Bad file descriptor) [pid 350] close(11) = -1 EBADF (Bad file descriptor) [pid 350] close(12) = -1 EBADF (Bad file descriptor) [pid 350] close(13) = -1 EBADF (Bad file descriptor) [pid 350] close(14) = -1 EBADF (Bad file descriptor) [pid 350] close(15) = -1 EBADF (Bad file descriptor) [pid 350] close(16) = -1 EBADF (Bad file descriptor) [pid 350] close(17) = -1 EBADF (Bad file descriptor) [pid 350] close(18) = -1 EBADF (Bad file descriptor) [pid 350] close(19) = -1 EBADF (Bad file descriptor) [pid 350] close(20) = -1 EBADF (Bad file descriptor) [pid 350] close(21) = -1 EBADF (Bad file descriptor) [pid 350] close(22) = -1 EBADF (Bad file descriptor) [pid 350] close(23) = -1 EBADF (Bad file descriptor) [pid 350] close(24) = -1 EBADF (Bad file descriptor) [pid 350] close(25) = -1 EBADF (Bad file descriptor) [pid 350] close(26) = -1 EBADF (Bad file descriptor) [pid 350] close(27) = -1 EBADF (Bad file descriptor) [pid 350] close(28) = -1 EBADF (Bad file descriptor) [pid 350] close(29) = -1 EBADF (Bad file descriptor) [pid 350] exit_group(0) = ? [pid 351] <... futex resumed>) = ? [pid 351] +++ exited with 0 +++ [pid 350] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 52 ./strace-static-x86_64: Process 352 attached [pid 352] set_robust_list(0x5555560296a0, 24) = 0 [pid 352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 352] setpgid(0, 0) = 0 [pid 352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 352] write(3, "1000", 4) = 4 [pid 352] close(3) = 0 [pid 352] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 352] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 352] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 352] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 352] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 352] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 352] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[53]}, 88) = 53 [pid 352] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 352] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 353 attached [pid 353] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 353] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 353] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 353] write(3, "65", 2) = 2 [ 27.195058][ T351] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 27.202856][ T351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 27.210666][ T351] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 27.218513][ T351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 27.226290][ T351] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 27.234199][ T351] [ 27.247185][ T353] FAULT_INJECTION: forcing a failure. [ 27.247185][ T353] name failslab, interval 1, probability 0, space 0, times 0 [ 27.259648][ T353] CPU: 1 PID: 353 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 27.269678][ T353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 27.279575][ T353] Call Trace: [ 27.282698][ T353] [ 27.285479][ T353] dump_stack_lvl+0x151/0x1b7 [ 27.289990][ T353] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.295459][ T353] dump_stack+0x15/0x17 [ 27.299448][ T353] should_fail+0x3c6/0x510 [ 27.303788][ T353] __should_failslab+0xa4/0xe0 [ 27.308391][ T353] ? vm_area_dup+0x26/0x230 [ 27.312750][ T353] should_failslab+0x9/0x20 [ 27.317067][ T353] slab_pre_alloc_hook+0x37/0xd0 [ 27.321841][ T353] ? vm_area_dup+0x26/0x230 [ 27.326179][ T353] kmem_cache_alloc+0x44/0x200 [ 27.330785][ T353] vm_area_dup+0x26/0x230 [ 27.334944][ T353] copy_mm+0x9a1/0x13e0 [ 27.338946][ T353] ? copy_signal+0x610/0x610 [ 27.343363][ T353] ? __init_rwsem+0xd6/0x1c0 [ 27.347790][ T353] ? copy_signal+0x4e3/0x610 [ 27.352218][ T353] copy_process+0x12bc/0x3260 [ 27.356732][ T353] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 27.361676][ T353] ? __kasan_check_write+0x14/0x20 [ 27.366626][ T353] kernel_clone+0x21e/0x9e0 [ 27.370962][ T353] ? _raw_spin_unlock_irq+0x4e/0x70 [ 27.376089][ T353] ? create_io_thread+0x1e0/0x1e0 [ 27.381315][ T353] __x64_sys_clone+0x23f/0x290 [ 27.385894][ T353] ? __do_sys_vfork+0x130/0x130 [ 27.390582][ T353] ? __kasan_check_read+0x11/0x20 [ 27.395441][ T353] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 27.401351][ T353] do_syscall_64+0x3d/0xb0 [ 27.405595][ T353] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.411440][ T353] RIP: 0033:0x7fee0c2830a9 [ 27.415704][ T353] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 27.435246][ T353] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 353] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 352] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 353] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 352] close(3 [pid 353] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 352] <... close resumed>) = 0 [pid 352] close(4) = -1 EBADF (Bad file descriptor) [pid 352] close(5) = -1 EBADF (Bad file descriptor) [pid 352] close(6) = -1 EBADF (Bad file descriptor) [pid 352] close(7) = -1 EBADF (Bad file descriptor) [pid 352] close(8) = -1 EBADF (Bad file descriptor) [pid 352] close(9) = -1 EBADF (Bad file descriptor) [pid 352] close(10) = -1 EBADF (Bad file descriptor) [pid 352] close(11) = -1 EBADF (Bad file descriptor) [pid 352] close(12) = -1 EBADF (Bad file descriptor) [pid 352] close(13) = -1 EBADF (Bad file descriptor) [pid 352] close(14) = -1 EBADF (Bad file descriptor) [pid 352] close(15) = -1 EBADF (Bad file descriptor) [pid 352] close(16) = -1 EBADF (Bad file descriptor) [pid 352] close(17) = -1 EBADF (Bad file descriptor) [pid 352] close(18) = -1 EBADF (Bad file descriptor) [pid 352] close(19) = -1 EBADF (Bad file descriptor) [pid 352] close(20) = -1 EBADF (Bad file descriptor) [pid 352] close(21) = -1 EBADF (Bad file descriptor) [pid 352] close(22) = -1 EBADF (Bad file descriptor) [pid 352] close(23) = -1 EBADF (Bad file descriptor) [pid 352] close(24) = -1 EBADF (Bad file descriptor) [pid 352] close(25) = -1 EBADF (Bad file descriptor) [pid 352] close(26) = -1 EBADF (Bad file descriptor) [pid 352] close(27) = -1 EBADF (Bad file descriptor) [pid 352] close(28) = -1 EBADF (Bad file descriptor) [pid 352] close(29) = -1 EBADF (Bad file descriptor) [pid 352] exit_group(0) = ? [pid 353] <... futex resumed>) = ? [pid 353] +++ exited with 0 +++ [pid 352] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=52, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 54 ./strace-static-x86_64: Process 354 attached [pid 354] set_robust_list(0x5555560296a0, 24) = 0 [pid 354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 354] setpgid(0, 0) = 0 [pid 354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 354] write(3, "1000", 4) = 4 [pid 354] close(3) = 0 [pid 354] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 354] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 354] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 354] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 354] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 354] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 354] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 354] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 355 attached [pid 355] set_robust_list(0x7fee0c2439a0, 24 [pid 354] <... clone3 resumed> => {parent_tid=[55]}, 88) = 55 [pid 355] <... set_robust_list resumed>) = 0 [pid 354] rt_sigprocmask(SIG_SETMASK, [], [pid 355] rt_sigprocmask(SIG_SETMASK, [], [pid 354] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 355] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 354] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 355] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 354] <... futex resumed>) = 0 [pid 355] <... openat resumed>) = 3 [pid 354] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 355] write(3, "65", 2) = 2 [ 27.443491][ T353] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 27.451302][ T353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 27.459112][ T353] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 27.467366][ T353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 27.475175][ T353] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 27.482984][ T353] [ 27.494560][ T355] FAULT_INJECTION: forcing a failure. [ 27.494560][ T355] name failslab, interval 1, probability 0, space 0, times 0 [ 27.506968][ T355] CPU: 1 PID: 355 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 27.517029][ T355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 27.526908][ T355] Call Trace: [ 27.530033][ T355] [ 27.532810][ T355] dump_stack_lvl+0x151/0x1b7 [ 27.537321][ T355] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.542792][ T355] dump_stack+0x15/0x17 [ 27.546783][ T355] should_fail+0x3c6/0x510 [ 27.551036][ T355] __should_failslab+0xa4/0xe0 [ 27.555648][ T355] ? vm_area_dup+0x26/0x230 [ 27.559975][ T355] should_failslab+0x9/0x20 [ 27.564315][ T355] slab_pre_alloc_hook+0x37/0xd0 [ 27.569090][ T355] ? vm_area_dup+0x26/0x230 [ 27.573433][ T355] kmem_cache_alloc+0x44/0x200 [ 27.578026][ T355] vm_area_dup+0x26/0x230 [ 27.582192][ T355] copy_mm+0x9a1/0x13e0 [ 27.586188][ T355] ? copy_signal+0x610/0x610 [ 27.590611][ T355] ? __init_rwsem+0xd6/0x1c0 [ 27.595040][ T355] ? copy_signal+0x4e3/0x610 [ 27.599468][ T355] copy_process+0x12bc/0x3260 [ 27.603980][ T355] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 27.608924][ T355] ? __kasan_check_write+0x14/0x20 [ 27.613872][ T355] kernel_clone+0x21e/0x9e0 [ 27.618211][ T355] ? _raw_spin_unlock_irq+0x4e/0x70 [ 27.623245][ T355] ? create_io_thread+0x1e0/0x1e0 [ 27.628106][ T355] __x64_sys_clone+0x23f/0x290 [ 27.632706][ T355] ? __do_sys_vfork+0x130/0x130 [ 27.637396][ T355] ? __kasan_check_read+0x11/0x20 [ 27.642257][ T355] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 27.648072][ T355] do_syscall_64+0x3d/0xb0 [ 27.652322][ T355] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.658048][ T355] RIP: 0033:0x7fee0c2830a9 [ 27.662420][ T355] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 27.681876][ T355] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 27.690107][ T355] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 355] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 354] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 355] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 355] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 355] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 354] close(3) = 0 [pid 354] close(4) = -1 EBADF (Bad file descriptor) [pid 354] close(5) = -1 EBADF (Bad file descriptor) [pid 354] close(6) = -1 EBADF (Bad file descriptor) [pid 354] close(7) = -1 EBADF (Bad file descriptor) [pid 354] close(8) = -1 EBADF (Bad file descriptor) [pid 354] close(9) = -1 EBADF (Bad file descriptor) [pid 354] close(10) = -1 EBADF (Bad file descriptor) [pid 354] close(11) = -1 EBADF (Bad file descriptor) [pid 354] close(12) = -1 EBADF (Bad file descriptor) [pid 354] close(13) = -1 EBADF (Bad file descriptor) [pid 354] close(14) = -1 EBADF (Bad file descriptor) [pid 354] close(15) = -1 EBADF (Bad file descriptor) [pid 354] close(16) = -1 EBADF (Bad file descriptor) [pid 354] close(17) = -1 EBADF (Bad file descriptor) [pid 354] close(18) = -1 EBADF (Bad file descriptor) [pid 354] close(19) = -1 EBADF (Bad file descriptor) [pid 354] close(20) = -1 EBADF (Bad file descriptor) [pid 354] close(21) = -1 EBADF (Bad file descriptor) [pid 354] close(22) = -1 EBADF (Bad file descriptor) [pid 354] close(23) = -1 EBADF (Bad file descriptor) [pid 354] close(24) = -1 EBADF (Bad file descriptor) [pid 354] close(25) = -1 EBADF (Bad file descriptor) [pid 354] close(26) = -1 EBADF (Bad file descriptor) [pid 354] close(27) = -1 EBADF (Bad file descriptor) [pid 354] close(28) = -1 EBADF (Bad file descriptor) [pid 354] close(29) = -1 EBADF (Bad file descriptor) [pid 354] exit_group(0) = ? [pid 355] <... futex resumed>) = ? [pid 355] +++ exited with 0 +++ [pid 354] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=54, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 56 ./strace-static-x86_64: Process 357 attached [pid 357] set_robust_list(0x5555560296a0, 24) = 0 [pid 357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 357] setpgid(0, 0) = 0 [pid 357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 357] write(3, "1000", 4) = 4 [pid 357] close(3) = 0 [pid 357] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 357] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 357] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 357] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 357] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 357] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 357] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 357] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 358 attached => {parent_tid=[57]}, 88) = 57 [pid 358] set_robust_list(0x7fee0c2439a0, 24 [pid 357] rt_sigprocmask(SIG_SETMASK, [], [pid 358] <... set_robust_list resumed>) = 0 [pid 357] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 358] rt_sigprocmask(SIG_SETMASK, [], [pid 357] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 358] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 357] <... futex resumed>) = 0 [pid 358] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 357] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 358] <... openat resumed>) = 3 [pid 358] write(3, "65", 2) = 2 [ 27.698058][ T355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 27.705811][ T355] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 27.713632][ T355] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 27.721433][ T355] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 27.729261][ T355] [ 27.748821][ T358] FAULT_INJECTION: forcing a failure. [ 27.748821][ T358] name failslab, interval 1, probability 0, space 0, times 0 [ 27.761353][ T358] CPU: 0 PID: 358 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 27.771417][ T358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 27.781301][ T358] Call Trace: [ 27.784430][ T358] [ 27.787204][ T358] dump_stack_lvl+0x151/0x1b7 [ 27.791718][ T358] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.797185][ T358] ? avc_denied+0x1b0/0x1b0 [ 27.801525][ T358] dump_stack+0x15/0x17 [ 27.805515][ T358] should_fail+0x3c6/0x510 [ 27.809771][ T358] __should_failslab+0xa4/0xe0 [ 27.814369][ T358] ? vm_area_dup+0x26/0x230 [ 27.818710][ T358] should_failslab+0x9/0x20 [ 27.823049][ T358] slab_pre_alloc_hook+0x37/0xd0 [ 27.827820][ T358] ? vm_area_dup+0x26/0x230 [ 27.832159][ T358] kmem_cache_alloc+0x44/0x200 [ 27.836764][ T358] vm_area_dup+0x26/0x230 [ 27.840926][ T358] copy_mm+0x9a1/0x13e0 [ 27.844920][ T358] ? copy_signal+0x610/0x610 [ 27.849346][ T358] ? __init_rwsem+0xd6/0x1c0 [ 27.853771][ T358] ? copy_signal+0x4e3/0x610 [ 27.858200][ T358] copy_process+0x12bc/0x3260 [ 27.862712][ T358] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 27.867660][ T358] ? __kasan_check_write+0x14/0x20 [ 27.872715][ T358] kernel_clone+0x21e/0x9e0 [ 27.877147][ T358] ? _raw_spin_unlock_irq+0x4e/0x70 [ 27.882171][ T358] ? create_io_thread+0x1e0/0x1e0 [ 27.887041][ T358] __x64_sys_clone+0x23f/0x290 [ 27.891639][ T358] ? __do_sys_vfork+0x130/0x130 [ 27.896320][ T358] ? __kasan_check_read+0x11/0x20 [ 27.901182][ T358] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 27.907006][ T358] do_syscall_64+0x3d/0xb0 [ 27.911247][ T358] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.916978][ T358] RIP: 0033:0x7fee0c2830a9 [ 27.921343][ T358] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 27.940755][ T358] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 358] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 357] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 358] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 358] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 358] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 357] close(3) = 0 [pid 357] close(4) = -1 EBADF (Bad file descriptor) [pid 357] close(5) = -1 EBADF (Bad file descriptor) [pid 357] close(6) = -1 EBADF (Bad file descriptor) [pid 357] close(7) = -1 EBADF (Bad file descriptor) [pid 357] close(8) = -1 EBADF (Bad file descriptor) [pid 357] close(9) = -1 EBADF (Bad file descriptor) [pid 357] close(10) = -1 EBADF (Bad file descriptor) [pid 357] close(11) = -1 EBADF (Bad file descriptor) [pid 357] close(12) = -1 EBADF (Bad file descriptor) [pid 357] close(13) = -1 EBADF (Bad file descriptor) [pid 357] close(14) = -1 EBADF (Bad file descriptor) [pid 357] close(15) = -1 EBADF (Bad file descriptor) [pid 357] close(16) = -1 EBADF (Bad file descriptor) [pid 357] close(17) = -1 EBADF (Bad file descriptor) [pid 357] close(18) = -1 EBADF (Bad file descriptor) [pid 357] close(19) = -1 EBADF (Bad file descriptor) [pid 357] close(20) = -1 EBADF (Bad file descriptor) [pid 357] close(21) = -1 EBADF (Bad file descriptor) [pid 357] close(22) = -1 EBADF (Bad file descriptor) [pid 357] close(23) = -1 EBADF (Bad file descriptor) [pid 357] close(24) = -1 EBADF (Bad file descriptor) [pid 357] close(25) = -1 EBADF (Bad file descriptor) [pid 357] close(26) = -1 EBADF (Bad file descriptor) [pid 357] close(27) = -1 EBADF (Bad file descriptor) [pid 357] close(28) = -1 EBADF (Bad file descriptor) [pid 357] close(29) = -1 EBADF (Bad file descriptor) [pid 357] exit_group(0) = ? [pid 358] <... futex resumed>) = ? [pid 358] +++ exited with 0 +++ [pid 357] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 58 ./strace-static-x86_64: Process 359 attached [pid 359] set_robust_list(0x5555560296a0, 24) = 0 [pid 359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 359] setpgid(0, 0) = 0 [pid 359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 359] write(3, "1000", 4) = 4 [pid 359] close(3) = 0 [pid 359] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 359] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 359] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 359] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 359] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 359] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 359] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 359] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 360 attached [pid 360] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 360] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 360] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 359] <... clone3 resumed> => {parent_tid=[59]}, 88) = 59 [pid 359] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 359] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 360] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 359] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 360] write(3, "65", 2) = 2 [ 27.949003][ T358] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 27.956812][ T358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 27.964622][ T358] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 27.972443][ T358] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 27.980255][ T358] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 27.988063][ T358] [ 28.003647][ T360] FAULT_INJECTION: forcing a failure. [ 28.003647][ T360] name failslab, interval 1, probability 0, space 0, times 0 [ 28.016151][ T360] CPU: 1 PID: 360 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 28.026108][ T360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 28.036090][ T360] Call Trace: [ 28.039208][ T360] [ 28.041989][ T360] dump_stack_lvl+0x151/0x1b7 [ 28.046499][ T360] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.051976][ T360] ? avc_denied+0x1b0/0x1b0 [ 28.056311][ T360] dump_stack+0x15/0x17 [ 28.060300][ T360] should_fail+0x3c6/0x510 [ 28.064588][ T360] __should_failslab+0xa4/0xe0 [ 28.069156][ T360] ? vm_area_dup+0x26/0x230 [ 28.073491][ T360] should_failslab+0x9/0x20 [ 28.077832][ T360] slab_pre_alloc_hook+0x37/0xd0 [ 28.082605][ T360] ? vm_area_dup+0x26/0x230 [ 28.086945][ T360] kmem_cache_alloc+0x44/0x200 [ 28.091547][ T360] vm_area_dup+0x26/0x230 [ 28.095710][ T360] copy_mm+0x9a1/0x13e0 [ 28.099790][ T360] ? copy_signal+0x610/0x610 [ 28.104215][ T360] ? __init_rwsem+0xd6/0x1c0 [ 28.108641][ T360] ? copy_signal+0x4e3/0x610 [ 28.113071][ T360] copy_process+0x12bc/0x3260 [ 28.117588][ T360] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 28.122547][ T360] ? __kasan_check_write+0x14/0x20 [ 28.127477][ T360] kernel_clone+0x21e/0x9e0 [ 28.131820][ T360] ? _raw_spin_unlock_irq+0x4e/0x70 [ 28.136848][ T360] ? create_io_thread+0x1e0/0x1e0 [ 28.141712][ T360] __x64_sys_clone+0x23f/0x290 [ 28.146318][ T360] ? __do_sys_vfork+0x130/0x130 [ 28.150998][ T360] ? __kasan_check_read+0x11/0x20 [ 28.155858][ T360] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 28.161672][ T360] do_syscall_64+0x3d/0xb0 [ 28.165935][ T360] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.171913][ T360] RIP: 0033:0x7fee0c2830a9 [ 28.176175][ T360] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 28.195608][ T360] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 360] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 359] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 360] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 359] close(3 [pid 360] <... futex resumed>) = 0 [pid 359] <... close resumed>) = 0 [pid 360] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 359] close(4) = -1 EBADF (Bad file descriptor) [pid 359] close(5) = -1 EBADF (Bad file descriptor) [pid 359] close(6) = -1 EBADF (Bad file descriptor) [pid 359] close(7) = -1 EBADF (Bad file descriptor) [pid 359] close(8) = -1 EBADF (Bad file descriptor) [pid 359] close(9) = -1 EBADF (Bad file descriptor) [pid 359] close(10) = -1 EBADF (Bad file descriptor) [pid 359] close(11) = -1 EBADF (Bad file descriptor) [pid 359] close(12) = -1 EBADF (Bad file descriptor) [pid 359] close(13) = -1 EBADF (Bad file descriptor) [pid 359] close(14) = -1 EBADF (Bad file descriptor) [pid 359] close(15) = -1 EBADF (Bad file descriptor) [pid 359] close(16) = -1 EBADF (Bad file descriptor) [pid 359] close(17) = -1 EBADF (Bad file descriptor) [pid 359] close(18) = -1 EBADF (Bad file descriptor) [pid 359] close(19) = -1 EBADF (Bad file descriptor) [pid 359] close(20) = -1 EBADF (Bad file descriptor) [pid 359] close(21) = -1 EBADF (Bad file descriptor) [pid 359] close(22) = -1 EBADF (Bad file descriptor) [pid 359] close(23) = -1 EBADF (Bad file descriptor) [pid 359] close(24) = -1 EBADF (Bad file descriptor) [pid 359] close(25) = -1 EBADF (Bad file descriptor) [pid 359] close(26) = -1 EBADF (Bad file descriptor) [pid 359] close(27) = -1 EBADF (Bad file descriptor) [pid 359] close(28) = -1 EBADF (Bad file descriptor) [pid 359] close(29) = -1 EBADF (Bad file descriptor) [pid 359] exit_group(0 [pid 360] <... futex resumed>) = ? [pid 359] <... exit_group resumed>) = ? [pid 360] +++ exited with 0 +++ [pid 359] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=58, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 60 ./strace-static-x86_64: Process 361 attached [pid 361] set_robust_list(0x5555560296a0, 24) = 0 [pid 361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 361] setpgid(0, 0) = 0 [pid 361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 361] write(3, "1000", 4) = 4 [pid 361] close(3) = 0 [pid 361] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 361] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 361] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 361] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 361] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 361] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[61]}, 88) = 61 [pid 361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 361] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 362 attached [pid 362] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 362] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 362] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 362] write(3, "65", 2) = 2 [ 28.203851][ T360] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 28.211670][ T360] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 28.219475][ T360] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 28.227287][ T360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 28.235095][ T360] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 28.242916][ T360] [ 28.255506][ T362] FAULT_INJECTION: forcing a failure. [ 28.255506][ T362] name failslab, interval 1, probability 0, space 0, times 0 [ 28.268110][ T362] CPU: 1 PID: 362 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 28.278067][ T362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 28.287978][ T362] Call Trace: [ 28.291179][ T362] [ 28.294042][ T362] dump_stack_lvl+0x151/0x1b7 [ 28.298552][ T362] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.304022][ T362] dump_stack+0x15/0x17 [ 28.308010][ T362] should_fail+0x3c6/0x510 [ 28.312265][ T362] __should_failslab+0xa4/0xe0 [ 28.316862][ T362] ? vm_area_dup+0x26/0x230 [ 28.321205][ T362] should_failslab+0x9/0x20 [ 28.325542][ T362] slab_pre_alloc_hook+0x37/0xd0 [ 28.330316][ T362] ? vm_area_dup+0x26/0x230 [ 28.334653][ T362] kmem_cache_alloc+0x44/0x200 [ 28.339261][ T362] vm_area_dup+0x26/0x230 [ 28.343420][ T362] copy_mm+0x9a1/0x13e0 [ 28.347416][ T362] ? copy_signal+0x610/0x610 [ 28.351837][ T362] ? __init_rwsem+0xd6/0x1c0 [ 28.356275][ T362] ? copy_signal+0x4e3/0x610 [ 28.360721][ T362] copy_process+0x12bc/0x3260 [ 28.365207][ T362] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 28.370158][ T362] ? __kasan_check_write+0x14/0x20 [ 28.375097][ T362] kernel_clone+0x21e/0x9e0 [ 28.379439][ T362] ? _raw_spin_unlock_irq+0x4e/0x70 [ 28.384470][ T362] ? create_io_thread+0x1e0/0x1e0 [ 28.389680][ T362] __x64_sys_clone+0x23f/0x290 [ 28.394279][ T362] ? __do_sys_vfork+0x130/0x130 [ 28.398994][ T362] ? __kasan_check_read+0x11/0x20 [ 28.403830][ T362] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 28.409645][ T362] do_syscall_64+0x3d/0xb0 [ 28.413895][ T362] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.419622][ T362] RIP: 0033:0x7fee0c2830a9 [ 28.423875][ T362] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 28.443322][ T362] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 362] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 361] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 362] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 362] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 362] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 361] close(3) = 0 [pid 361] close(4) = -1 EBADF (Bad file descriptor) [pid 361] close(5) = -1 EBADF (Bad file descriptor) [pid 361] close(6) = -1 EBADF (Bad file descriptor) [pid 361] close(7) = -1 EBADF (Bad file descriptor) [pid 361] close(8) = -1 EBADF (Bad file descriptor) [pid 361] close(9) = -1 EBADF (Bad file descriptor) [pid 361] close(10) = -1 EBADF (Bad file descriptor) [pid 361] close(11) = -1 EBADF (Bad file descriptor) [pid 361] close(12) = -1 EBADF (Bad file descriptor) [pid 361] close(13) = -1 EBADF (Bad file descriptor) [pid 361] close(14) = -1 EBADF (Bad file descriptor) [pid 361] close(15) = -1 EBADF (Bad file descriptor) [pid 361] close(16) = -1 EBADF (Bad file descriptor) [pid 361] close(17) = -1 EBADF (Bad file descriptor) [pid 361] close(18) = -1 EBADF (Bad file descriptor) [pid 361] close(19) = -1 EBADF (Bad file descriptor) [pid 361] close(20) = -1 EBADF (Bad file descriptor) [pid 361] close(21) = -1 EBADF (Bad file descriptor) [pid 361] close(22) = -1 EBADF (Bad file descriptor) [pid 361] close(23) = -1 EBADF (Bad file descriptor) [pid 361] close(24) = -1 EBADF (Bad file descriptor) [pid 361] close(25) = -1 EBADF (Bad file descriptor) [pid 361] close(26) = -1 EBADF (Bad file descriptor) [pid 361] close(27) = -1 EBADF (Bad file descriptor) [pid 361] close(28) = -1 EBADF (Bad file descriptor) [pid 361] close(29) = -1 EBADF (Bad file descriptor) [pid 361] exit_group(0 [pid 362] <... futex resumed>) = ? [pid 361] <... exit_group resumed>) = ? [pid 362] +++ exited with 0 +++ [pid 361] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=60, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 62 ./strace-static-x86_64: Process 363 attached [pid 363] set_robust_list(0x5555560296a0, 24) = 0 [pid 363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 363] setpgid(0, 0) = 0 [pid 363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 363] write(3, "1000", 4) = 4 [pid 363] close(3) = 0 [pid 363] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 363] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 363] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 363] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 363] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 363] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 363] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 363] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 364 attached => {parent_tid=[63]}, 88) = 63 [pid 364] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 364] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 364] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 363] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 363] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 364] <... futex resumed>) = 0 [pid 364] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 363] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] write(3, "65", 2) = 2 [ 28.451561][ T362] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 28.459372][ T362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 28.467185][ T362] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 28.474997][ T362] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 28.482809][ T362] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 28.490623][ T362] [pid 364] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 363] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 28.505676][ T364] FAULT_INJECTION: forcing a failure. [ 28.505676][ T364] name failslab, interval 1, probability 0, space 0, times 0 [ 28.518422][ T364] CPU: 1 PID: 364 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 28.528460][ T364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 28.538363][ T364] Call Trace: [ 28.541479][ T364] [ 28.544264][ T364] dump_stack_lvl+0x151/0x1b7 [ 28.548872][ T364] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.554330][ T364] dump_stack+0x15/0x17 [ 28.558404][ T364] should_fail+0x3c6/0x510 [ 28.562652][ T364] __should_failslab+0xa4/0xe0 [ 28.567258][ T364] ? vm_area_dup+0x26/0x230 [ 28.571592][ T364] should_failslab+0x9/0x20 [ 28.575931][ T364] slab_pre_alloc_hook+0x37/0xd0 [ 28.580705][ T364] ? vm_area_dup+0x26/0x230 [ 28.585053][ T364] kmem_cache_alloc+0x44/0x200 [ 28.589646][ T364] vm_area_dup+0x26/0x230 [ 28.593810][ T364] copy_mm+0x9a1/0x13e0 [ 28.597802][ T364] ? copy_signal+0x610/0x610 [ 28.602228][ T364] ? __init_rwsem+0xd6/0x1c0 [ 28.606653][ T364] ? copy_signal+0x4e3/0x610 [ 28.611081][ T364] copy_process+0x12bc/0x3260 [ 28.615599][ T364] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 28.620542][ T364] ? __kasan_check_write+0x14/0x20 [ 28.625503][ T364] kernel_clone+0x21e/0x9e0 [ 28.629877][ T364] ? _raw_spin_unlock_irq+0x4e/0x70 [ 28.634951][ T364] ? create_io_thread+0x1e0/0x1e0 [ 28.639955][ T364] __x64_sys_clone+0x23f/0x290 [ 28.644848][ T364] ? __do_sys_vfork+0x130/0x130 [ 28.649534][ T364] ? __kasan_check_read+0x11/0x20 [ 28.654390][ T364] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 28.660208][ T364] do_syscall_64+0x3d/0xb0 [ 28.664459][ T364] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.670188][ T364] RIP: 0033:0x7fee0c2830a9 [ 28.674441][ T364] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 28.694057][ T364] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 364] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 364] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 363] close(3) = 0 [pid 363] close(4) = -1 EBADF (Bad file descriptor) [pid 363] close(5) = -1 EBADF (Bad file descriptor) [pid 363] close(6) = -1 EBADF (Bad file descriptor) [pid 363] close(7) = -1 EBADF (Bad file descriptor) [pid 363] close(8) = -1 EBADF (Bad file descriptor) [pid 363] close(9) = -1 EBADF (Bad file descriptor) [pid 363] close(10) = -1 EBADF (Bad file descriptor) [pid 363] close(11) = -1 EBADF (Bad file descriptor) [pid 364] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 363] close(12) = -1 EBADF (Bad file descriptor) [pid 363] close(13) = -1 EBADF (Bad file descriptor) [pid 363] close(14) = -1 EBADF (Bad file descriptor) [pid 363] close(15) = -1 EBADF (Bad file descriptor) [pid 363] close(16) = -1 EBADF (Bad file descriptor) [pid 363] close(17) = -1 EBADF (Bad file descriptor) [pid 363] close(18) = -1 EBADF (Bad file descriptor) [pid 363] close(19) = -1 EBADF (Bad file descriptor) [pid 363] close(20) = -1 EBADF (Bad file descriptor) [pid 363] close(21) = -1 EBADF (Bad file descriptor) [pid 363] close(22) = -1 EBADF (Bad file descriptor) [pid 363] close(23) = -1 EBADF (Bad file descriptor) [pid 363] close(24) = -1 EBADF (Bad file descriptor) [pid 363] close(25) = -1 EBADF (Bad file descriptor) [pid 363] close(26) = -1 EBADF (Bad file descriptor) [pid 363] close(27) = -1 EBADF (Bad file descriptor) [pid 363] close(28) = -1 EBADF (Bad file descriptor) [pid 363] close(29) = -1 EBADF (Bad file descriptor) [pid 363] exit_group(0) = ? [pid 364] <... futex resumed>) = ? [pid 364] +++ exited with 0 +++ [pid 363] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=62, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 366 attached , child_tidptr=0x555556029690) = 64 [pid 366] set_robust_list(0x5555560296a0, 24) = 0 [pid 366] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 366] setpgid(0, 0) = 0 [pid 366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 366] write(3, "1000", 4) = 4 [pid 366] close(3) = 0 [pid 366] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 366] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 366] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 366] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 366] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 366] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 366] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[65]}, 88) = 65 ./strace-static-x86_64: Process 367 attached [pid 366] rt_sigprocmask(SIG_SETMASK, [], [pid 367] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 367] rt_sigprocmask(SIG_SETMASK, [], [pid 366] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 367] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 367] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 367] <... futex resumed>) = 0 [pid 367] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 366] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... openat resumed>) = 3 [pid 367] write(3, "65", 2) = 2 [ 28.702393][ T364] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 28.710200][ T364] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 28.718007][ T364] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 28.725819][ T364] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 28.733777][ T364] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 28.741587][ T364] [ 28.757940][ T367] FAULT_INJECTION: forcing a failure. [ 28.757940][ T367] name failslab, interval 1, probability 0, space 0, times 0 [ 28.770375][ T367] CPU: 0 PID: 367 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 28.780402][ T367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 28.790299][ T367] Call Trace: [ 28.793429][ T367] [ 28.796198][ T367] dump_stack_lvl+0x151/0x1b7 [ 28.800717][ T367] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.806180][ T367] dump_stack+0x15/0x17 [ 28.810182][ T367] should_fail+0x3c6/0x510 [ 28.814513][ T367] __should_failslab+0xa4/0xe0 [ 28.819113][ T367] ? vm_area_dup+0x26/0x230 [ 28.823448][ T367] should_failslab+0x9/0x20 [ 28.827791][ T367] slab_pre_alloc_hook+0x37/0xd0 [ 28.832567][ T367] ? vm_area_dup+0x26/0x230 [ 28.836902][ T367] kmem_cache_alloc+0x44/0x200 [ 28.841534][ T367] vm_area_dup+0x26/0x230 [ 28.845667][ T367] copy_mm+0x9a1/0x13e0 [ 28.849661][ T367] ? copy_signal+0x610/0x610 [ 28.854173][ T367] ? __init_rwsem+0xd6/0x1c0 [ 28.858599][ T367] ? copy_signal+0x4e3/0x610 [ 28.863031][ T367] copy_process+0x12bc/0x3260 [ 28.867543][ T367] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 28.872495][ T367] ? __kasan_check_write+0x14/0x20 [ 28.877437][ T367] kernel_clone+0x21e/0x9e0 [ 28.881783][ T367] ? _raw_spin_unlock_irq+0x4e/0x70 [ 28.886807][ T367] ? create_io_thread+0x1e0/0x1e0 [ 28.891668][ T367] __x64_sys_clone+0x23f/0x290 [ 28.896270][ T367] ? __do_sys_vfork+0x130/0x130 [ 28.900964][ T367] ? __kasan_check_read+0x11/0x20 [ 28.905899][ T367] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 28.911733][ T367] do_syscall_64+0x3d/0xb0 [ 28.915969][ T367] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.921698][ T367] RIP: 0033:0x7fee0c2830a9 [ 28.925950][ T367] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 28.945392][ T367] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 367] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 366] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 367] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 367] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] close(3) = 0 [pid 366] close(4) = -1 EBADF (Bad file descriptor) [pid 366] close(5) = -1 EBADF (Bad file descriptor) [pid 366] close(6) = -1 EBADF (Bad file descriptor) [pid 366] close(7) = -1 EBADF (Bad file descriptor) [pid 366] close(8) = -1 EBADF (Bad file descriptor) [pid 366] close(9) = -1 EBADF (Bad file descriptor) [pid 366] close(10) = -1 EBADF (Bad file descriptor) [pid 366] close(11) = -1 EBADF (Bad file descriptor) [pid 366] close(12) = -1 EBADF (Bad file descriptor) [pid 366] close(13) = -1 EBADF (Bad file descriptor) [pid 366] close(14) = -1 EBADF (Bad file descriptor) [pid 366] close(15) = -1 EBADF (Bad file descriptor) [pid 366] close(16) = -1 EBADF (Bad file descriptor) [pid 366] close(17) = -1 EBADF (Bad file descriptor) [pid 366] close(18) = -1 EBADF (Bad file descriptor) [pid 366] close(19) = -1 EBADF (Bad file descriptor) [pid 366] close(20) = -1 EBADF (Bad file descriptor) [pid 366] close(21) = -1 EBADF (Bad file descriptor) [pid 366] close(22) = -1 EBADF (Bad file descriptor) [pid 366] close(23) = -1 EBADF (Bad file descriptor) [pid 366] close(24) = -1 EBADF (Bad file descriptor) [pid 366] close(25) = -1 EBADF (Bad file descriptor) [pid 366] close(26) = -1 EBADF (Bad file descriptor) [pid 366] close(27) = -1 EBADF (Bad file descriptor) [pid 366] close(28) = -1 EBADF (Bad file descriptor) [pid 366] close(29) = -1 EBADF (Bad file descriptor) [pid 366] exit_group(0) = ? [pid 367] <... futex resumed>) = ? [pid 367] +++ exited with 0 +++ [pid 366] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=64, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 66 ./strace-static-x86_64: Process 368 attached [pid 368] set_robust_list(0x5555560296a0, 24) = 0 [pid 368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 368] setpgid(0, 0) = 0 [pid 368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 368] write(3, "1000", 4) = 4 [pid 368] close(3) = 0 [pid 368] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 368] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 368] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 368] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 368] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 368] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 368] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 368] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[67]}, 88) = 67 [pid 368] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 368] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 368] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 369 attached [pid 369] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 369] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 369] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 369] write(3, "65", 2) = 2 [ 28.953638][ T367] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 28.961543][ T367] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 28.969344][ T367] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 28.977154][ T367] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 28.985002][ T367] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 28.992781][ T367] [ 29.006681][ T369] FAULT_INJECTION: forcing a failure. [ 29.006681][ T369] name failslab, interval 1, probability 0, space 0, times 0 [ 29.019209][ T369] CPU: 0 PID: 369 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 29.029260][ T369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 29.039151][ T369] Call Trace: [ 29.042358][ T369] [ 29.045225][ T369] dump_stack_lvl+0x151/0x1b7 [ 29.049737][ T369] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.055208][ T369] dump_stack+0x15/0x17 [ 29.059200][ T369] should_fail+0x3c6/0x510 [ 29.063539][ T369] __should_failslab+0xa4/0xe0 [ 29.068139][ T369] ? anon_vma_clone+0x9a/0x500 [ 29.072744][ T369] should_failslab+0x9/0x20 [ 29.077075][ T369] slab_pre_alloc_hook+0x37/0xd0 [ 29.081848][ T369] ? anon_vma_clone+0x9a/0x500 [ 29.086800][ T369] kmem_cache_alloc+0x44/0x200 [ 29.091407][ T369] anon_vma_clone+0x9a/0x500 [ 29.095822][ T369] anon_vma_fork+0x91/0x4e0 [ 29.100163][ T369] ? anon_vma_name+0x4c/0x70 [ 29.104587][ T369] ? vm_area_dup+0x17a/0x230 [ 29.109014][ T369] copy_mm+0xa3a/0x13e0 [ 29.113009][ T369] ? copy_signal+0x610/0x610 [ 29.117433][ T369] ? __init_rwsem+0xd6/0x1c0 [ 29.121859][ T369] ? copy_signal+0x4e3/0x610 [ 29.126285][ T369] copy_process+0x12bc/0x3260 [ 29.130801][ T369] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 29.135745][ T369] ? __kasan_check_write+0x14/0x20 [ 29.140703][ T369] kernel_clone+0x21e/0x9e0 [ 29.145031][ T369] ? _raw_spin_unlock_irq+0x4e/0x70 [ 29.150067][ T369] ? create_io_thread+0x1e0/0x1e0 [ 29.154933][ T369] __x64_sys_clone+0x23f/0x290 [ 29.159534][ T369] ? __do_sys_vfork+0x130/0x130 [ 29.164215][ T369] ? __kasan_check_read+0x11/0x20 [ 29.169074][ T369] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 29.175153][ T369] do_syscall_64+0x3d/0xb0 [ 29.179408][ T369] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 29.185129][ T369] RIP: 0033:0x7fee0c2830a9 [ 29.189383][ T369] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 369] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 368] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 369] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] close(3 [pid 369] <... futex resumed>) = 0 [pid 368] <... close resumed>) = 0 [pid 369] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 368] close(4) = -1 EBADF (Bad file descriptor) [pid 368] close(5) = -1 EBADF (Bad file descriptor) [pid 368] close(6) = -1 EBADF (Bad file descriptor) [pid 368] close(7) = -1 EBADF (Bad file descriptor) [pid 368] close(8) = -1 EBADF (Bad file descriptor) [pid 368] close(9) = -1 EBADF (Bad file descriptor) [pid 368] close(10) = -1 EBADF (Bad file descriptor) [pid 368] close(11) = -1 EBADF (Bad file descriptor) [pid 368] close(12) = -1 EBADF (Bad file descriptor) [pid 368] close(13) = -1 EBADF (Bad file descriptor) [pid 368] close(14) = -1 EBADF (Bad file descriptor) [pid 368] close(15) = -1 EBADF (Bad file descriptor) [pid 368] close(16) = -1 EBADF (Bad file descriptor) [pid 368] close(17) = -1 EBADF (Bad file descriptor) [pid 368] close(18) = -1 EBADF (Bad file descriptor) [pid 368] close(19) = -1 EBADF (Bad file descriptor) [pid 368] close(20) = -1 EBADF (Bad file descriptor) [pid 368] close(21) = -1 EBADF (Bad file descriptor) [pid 368] close(22) = -1 EBADF (Bad file descriptor) [pid 368] close(23) = -1 EBADF (Bad file descriptor) [pid 368] close(24) = -1 EBADF (Bad file descriptor) [pid 368] close(25) = -1 EBADF (Bad file descriptor) [pid 368] close(26) = -1 EBADF (Bad file descriptor) [pid 368] close(27) = -1 EBADF (Bad file descriptor) [pid 368] close(28) = -1 EBADF (Bad file descriptor) [pid 368] close(29) = -1 EBADF (Bad file descriptor) [pid 368] exit_group(0) = ? [pid 369] <... futex resumed>) = ? [pid 369] +++ exited with 0 +++ [pid 368] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=66, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 68 ./strace-static-x86_64: Process 370 attached [pid 370] set_robust_list(0x5555560296a0, 24) = 0 [pid 370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 370] setpgid(0, 0) = 0 [pid 370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 370] write(3, "1000", 4) = 4 [pid 370] close(3) = 0 [pid 370] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 370] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 370] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 370] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 370] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 370] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 370] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 371 attached => {parent_tid=[69]}, 88) = 69 [pid 370] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 370] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 370] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 371] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 371] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 371] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 371] write(3, "65", 2) = 2 [ 29.208923][ T369] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 29.217253][ T369] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 29.225074][ T369] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 29.232891][ T369] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 29.240689][ T369] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 29.248496][ T369] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 29.256309][ T369] [pid 371] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 370] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 29.272898][ T371] FAULT_INJECTION: forcing a failure. [ 29.272898][ T371] name failslab, interval 1, probability 0, space 0, times 0 [ 29.285457][ T371] CPU: 1 PID: 371 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 29.295449][ T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 29.305338][ T371] Call Trace: [ 29.308466][ T371] [ 29.311243][ T371] dump_stack_lvl+0x151/0x1b7 [ 29.315761][ T371] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.321235][ T371] dump_stack+0x15/0x17 [ 29.325212][ T371] should_fail+0x3c6/0x510 [ 29.329474][ T371] __should_failslab+0xa4/0xe0 [ 29.334066][ T371] ? vm_area_dup+0x26/0x230 [ 29.338413][ T371] should_failslab+0x9/0x20 [ 29.342746][ T371] slab_pre_alloc_hook+0x37/0xd0 [ 29.347519][ T371] ? vm_area_dup+0x26/0x230 [ 29.351860][ T371] kmem_cache_alloc+0x44/0x200 [ 29.356459][ T371] vm_area_dup+0x26/0x230 [ 29.360623][ T371] copy_mm+0x9a1/0x13e0 [ 29.364616][ T371] ? copy_signal+0x610/0x610 [ 29.369040][ T371] ? __init_rwsem+0xd6/0x1c0 [ 29.373471][ T371] ? copy_signal+0x4e3/0x610 [ 29.377895][ T371] copy_process+0x12bc/0x3260 [ 29.382409][ T371] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 29.387355][ T371] ? __kasan_check_write+0x14/0x20 [ 29.392306][ T371] kernel_clone+0x21e/0x9e0 [ 29.396649][ T371] ? _raw_spin_unlock_irq+0x4e/0x70 [ 29.401676][ T371] ? create_io_thread+0x1e0/0x1e0 [ 29.406536][ T371] __x64_sys_clone+0x23f/0x290 [ 29.411137][ T371] ? __do_sys_vfork+0x130/0x130 [ 29.415820][ T371] ? __kasan_check_read+0x11/0x20 [ 29.420682][ T371] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 29.426500][ T371] do_syscall_64+0x3d/0xb0 [ 29.430749][ T371] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 29.436644][ T371] RIP: 0033:0x7fee0c2830a9 [ 29.440823][ T371] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 29.460348][ T371] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 371] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 371] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 371] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 370] close(3) = 0 [pid 370] close(4) = -1 EBADF (Bad file descriptor) [pid 370] close(5) = -1 EBADF (Bad file descriptor) [pid 370] close(6) = -1 EBADF (Bad file descriptor) [pid 370] close(7) = -1 EBADF (Bad file descriptor) [pid 370] close(8) = -1 EBADF (Bad file descriptor) [pid 370] close(9) = -1 EBADF (Bad file descriptor) [pid 370] close(10) = -1 EBADF (Bad file descriptor) [pid 370] close(11) = -1 EBADF (Bad file descriptor) [pid 370] close(12) = -1 EBADF (Bad file descriptor) [pid 370] close(13) = -1 EBADF (Bad file descriptor) [pid 370] close(14) = -1 EBADF (Bad file descriptor) [pid 370] close(15) = -1 EBADF (Bad file descriptor) [pid 370] close(16) = -1 EBADF (Bad file descriptor) [pid 370] close(17) = -1 EBADF (Bad file descriptor) [pid 370] close(18) = -1 EBADF (Bad file descriptor) [pid 370] close(19) = -1 EBADF (Bad file descriptor) [pid 370] close(20) = -1 EBADF (Bad file descriptor) [pid 370] close(21) = -1 EBADF (Bad file descriptor) [pid 370] close(22) = -1 EBADF (Bad file descriptor) [pid 370] close(23) = -1 EBADF (Bad file descriptor) [pid 370] close(24) = -1 EBADF (Bad file descriptor) [pid 370] close(25) = -1 EBADF (Bad file descriptor) [pid 370] close(26) = -1 EBADF (Bad file descriptor) [pid 370] close(27) = -1 EBADF (Bad file descriptor) [pid 370] close(28) = -1 EBADF (Bad file descriptor) [pid 370] close(29) = -1 EBADF (Bad file descriptor) [pid 370] exit_group(0 [pid 371] <... futex resumed>) = ? [pid 370] <... exit_group resumed>) = ? [pid 371] +++ exited with 0 +++ [pid 370] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=68, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 70 ./strace-static-x86_64: Process 372 attached [pid 372] set_robust_list(0x5555560296a0, 24) = 0 [pid 372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 372] setpgid(0, 0) = 0 [pid 372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 372] write(3, "1000", 4) = 4 [pid 372] close(3) = 0 [pid 372] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 372] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 372] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 372] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 372] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 372] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 372] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 372] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 373 attached => {parent_tid=[71]}, 88) = 71 [pid 373] set_robust_list(0x7fee0c2439a0, 24 [pid 372] rt_sigprocmask(SIG_SETMASK, [], [pid 373] <... set_robust_list resumed>) = 0 [pid 372] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 373] rt_sigprocmask(SIG_SETMASK, [], [pid 372] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 372] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 373] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 373] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 373] write(3, "65", 2) = 2 [ 29.468604][ T371] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 29.476411][ T371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 29.484301][ T371] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 29.492110][ T371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 29.499931][ T371] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 29.507734][ T371] [ 29.525334][ T373] FAULT_INJECTION: forcing a failure. [ 29.525334][ T373] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 29.538508][ T373] CPU: 0 PID: 373 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 29.548556][ T373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 29.558452][ T373] Call Trace: [ 29.561574][ T373] [ 29.564354][ T373] dump_stack_lvl+0x151/0x1b7 [ 29.568866][ T373] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.574333][ T373] ? _raw_spin_lock+0xa4/0x1b0 [ 29.578933][ T373] ? _raw_spin_trylock_bh+0x190/0x190 [ 29.584141][ T373] dump_stack+0x15/0x17 [ 29.588136][ T373] should_fail+0x3c6/0x510 [ 29.592394][ T373] should_fail_alloc_page+0x5a/0x80 [ 29.597420][ T373] prepare_alloc_pages+0x15c/0x700 [ 29.602368][ T373] ? __kasan_check_write+0x14/0x20 [ 29.607316][ T373] ? __alloc_pages_bulk+0xe60/0xe60 [ 29.612345][ T373] ? copy_page_range+0x2deb/0x2f90 [ 29.617394][ T373] ? __kasan_slab_alloc+0xb1/0xe0 [ 29.622242][ T373] ? slab_post_alloc_hook+0x53/0x2c0 [ 29.627361][ T373] __alloc_pages+0x138/0x5e0 [ 29.631788][ T373] ? prep_new_page+0x110/0x110 [ 29.636479][ T373] new_slab+0x9a/0x4e0 [ 29.640383][ T373] ___slab_alloc+0x39e/0x830 [ 29.644808][ T373] ? vm_area_dup+0x26/0x230 [ 29.649156][ T373] ? rwsem_write_trylock+0x15b/0x290 [ 29.654268][ T373] ? vm_area_dup+0x26/0x230 [ 29.658608][ T373] __slab_alloc+0x4a/0x90 [ 29.662775][ T373] ? vm_area_dup+0x26/0x230 [ 29.667124][ T373] kmem_cache_alloc+0x134/0x200 [ 29.671800][ T373] vm_area_dup+0x26/0x230 [ 29.675977][ T373] copy_mm+0x9a1/0x13e0 [ 29.680053][ T373] ? copy_signal+0x610/0x610 [ 29.684471][ T373] ? __init_rwsem+0xd6/0x1c0 [ 29.688899][ T373] ? copy_signal+0x4e3/0x610 [ 29.693324][ T373] copy_process+0x12bc/0x3260 [ 29.697845][ T373] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 29.702783][ T373] ? __kasan_check_write+0x14/0x20 [ 29.707730][ T373] kernel_clone+0x21e/0x9e0 [ 29.712070][ T373] ? _raw_spin_unlock_irq+0x4e/0x70 [ 29.717103][ T373] ? create_io_thread+0x1e0/0x1e0 [ 29.721971][ T373] __x64_sys_clone+0x23f/0x290 [ 29.726564][ T373] ? __do_sys_vfork+0x130/0x130 [ 29.731252][ T373] ? __kasan_check_read+0x11/0x20 [ 29.736119][ T373] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 29.741930][ T373] do_syscall_64+0x3d/0xb0 [ 29.746184][ T373] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 29.751909][ T373] RIP: 0033:0x7fee0c2830a9 [ 29.756165][ T373] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 373] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 372] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 373] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 373] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 373] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 372] close(3) = 0 [pid 372] close(4) = -1 EBADF (Bad file descriptor) [pid 372] close(5) = -1 EBADF (Bad file descriptor) [pid 372] close(6) = -1 EBADF (Bad file descriptor) [pid 372] close(7) = -1 EBADF (Bad file descriptor) [pid 372] close(8) = -1 EBADF (Bad file descriptor) [pid 372] close(9) = -1 EBADF (Bad file descriptor) [pid 372] close(10) = -1 EBADF (Bad file descriptor) [pid 372] close(11) = -1 EBADF (Bad file descriptor) [pid 372] close(12) = -1 EBADF (Bad file descriptor) [pid 372] close(13) = -1 EBADF (Bad file descriptor) [pid 372] close(14) = -1 EBADF (Bad file descriptor) [pid 372] close(15) = -1 EBADF (Bad file descriptor) [pid 372] close(16) = -1 EBADF (Bad file descriptor) [pid 372] close(17) = -1 EBADF (Bad file descriptor) [pid 372] close(18) = -1 EBADF (Bad file descriptor) [pid 372] close(19) = -1 EBADF (Bad file descriptor) [pid 372] close(20) = -1 EBADF (Bad file descriptor) [pid 372] close(21) = -1 EBADF (Bad file descriptor) [pid 372] close(22) = -1 EBADF (Bad file descriptor) [pid 372] close(23) = -1 EBADF (Bad file descriptor) [pid 372] close(24) = -1 EBADF (Bad file descriptor) [pid 372] close(25) = -1 EBADF (Bad file descriptor) [pid 372] close(26) = -1 EBADF (Bad file descriptor) [pid 372] close(27) = -1 EBADF (Bad file descriptor) [pid 372] close(28) = -1 EBADF (Bad file descriptor) [pid 372] close(29) = -1 EBADF (Bad file descriptor) [pid 372] exit_group(0) = ? [pid 373] <... futex resumed>) = ? [pid 373] +++ exited with 0 +++ [pid 372] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=70, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 72 ./strace-static-x86_64: Process 375 attached [pid 375] set_robust_list(0x5555560296a0, 24) = 0 [pid 375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 375] setpgid(0, 0) = 0 [pid 375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 375] write(3, "1000", 4) = 4 [pid 375] close(3) = 0 [pid 375] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 375] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 375] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 375] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 375] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 375] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 375] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 375] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 376 attached => {parent_tid=[73]}, 88) = 73 [pid 375] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 375] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 375] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 376] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 376] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 376] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 376] write(3, "65", 2) = 2 [ 29.775699][ T373] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 29.783935][ T373] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 29.791856][ T373] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 29.799671][ T373] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 29.807484][ T373] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 29.815287][ T373] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 29.823109][ T373] [pid 376] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 375] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 29.839746][ T376] FAULT_INJECTION: forcing a failure. [ 29.839746][ T376] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 29.852915][ T376] CPU: 0 PID: 376 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 29.863085][ T376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 29.872993][ T376] Call Trace: [ 29.876095][ T376] [ 29.878839][ T376] dump_stack_lvl+0x151/0x1b7 [ 29.883350][ T376] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.888820][ T376] ? sched_clock+0x9/0x10 [ 29.892985][ T376] dump_stack+0x15/0x17 [ 29.896986][ T376] should_fail+0x3c6/0x510 [ 29.901229][ T376] should_fail_alloc_page+0x5a/0x80 [ 29.906264][ T376] prepare_alloc_pages+0x15c/0x700 [ 29.911211][ T376] ? __alloc_pages_bulk+0xe60/0xe60 [ 29.916243][ T376] __alloc_pages+0x138/0x5e0 [ 29.920667][ T376] ? prep_new_page+0x110/0x110 [ 29.925279][ T376] ? __alloc_pages+0x206/0x5e0 [ 29.929870][ T376] ? prep_new_page+0x110/0x110 [ 29.934470][ T376] ? __kasan_check_write+0x14/0x20 [ 29.939417][ T376] ? _raw_spin_lock+0xa4/0x1b0 [ 29.944017][ T376] pte_alloc_one+0x73/0x1b0 [ 29.948355][ T376] ? pfn_modify_allowed+0x2f0/0x2f0 [ 29.953476][ T376] ? __pmd_alloc+0x48d/0x550 [ 29.957913][ T376] __pte_alloc+0x86/0x350 [ 29.962071][ T376] ? __pud_alloc+0x260/0x260 [ 29.966497][ T376] ? free_pgtables+0x280/0x280 [ 29.971268][ T376] ? __stack_depot_save+0x34/0x470 [ 29.976223][ T376] ? anon_vma_clone+0x9a/0x500 [ 29.980816][ T376] copy_page_range+0x28a8/0x2f90 [ 29.985589][ T376] ? __kasan_slab_alloc+0xb1/0xe0 [ 29.990448][ T376] ? slab_post_alloc_hook+0x53/0x2c0 [ 29.995571][ T376] ? kernel_clone+0x21e/0x9e0 [ 30.000084][ T376] ? do_syscall_64+0x3d/0xb0 [ 30.004510][ T376] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.010510][ T376] ? pfn_valid+0x1e0/0x1e0 [ 30.014767][ T376] ? rwsem_write_trylock+0x15b/0x290 [ 30.019880][ T376] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 30.026129][ T376] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 30.031683][ T376] ? __rb_insert_augmented+0x5de/0x610 [ 30.036979][ T376] copy_mm+0xc7e/0x13e0 [ 30.040971][ T376] ? copy_signal+0x610/0x610 [ 30.045397][ T376] ? __init_rwsem+0xd6/0x1c0 [ 30.049831][ T376] ? copy_signal+0x4e3/0x610 [ 30.054247][ T376] copy_process+0x12bc/0x3260 [ 30.058763][ T376] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 30.063708][ T376] ? __kasan_check_write+0x14/0x20 [ 30.068657][ T376] kernel_clone+0x21e/0x9e0 [ 30.072998][ T376] ? _raw_spin_unlock_irq+0x4e/0x70 [ 30.078028][ T376] ? create_io_thread+0x1e0/0x1e0 [ 30.083152][ T376] __x64_sys_clone+0x23f/0x290 [ 30.087843][ T376] ? __do_sys_vfork+0x130/0x130 [ 30.092525][ T376] ? __kasan_check_read+0x11/0x20 [ 30.097385][ T376] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 30.103198][ T376] do_syscall_64+0x3d/0xb0 [ 30.107450][ T376] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.113181][ T376] RIP: 0033:0x7fee0c2830a9 [ 30.117441][ T376] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 376] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 376] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 376] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 375] close(3) = 0 [pid 375] close(4) = -1 EBADF (Bad file descriptor) [pid 375] close(5) = -1 EBADF (Bad file descriptor) [pid 375] close(6) = -1 EBADF (Bad file descriptor) [pid 375] close(7) = -1 EBADF (Bad file descriptor) [pid 375] close(8) = -1 EBADF (Bad file descriptor) [pid 375] close(9) = -1 EBADF (Bad file descriptor) [pid 375] close(10) = -1 EBADF (Bad file descriptor) [pid 375] close(11) = -1 EBADF (Bad file descriptor) [pid 375] close(12) = -1 EBADF (Bad file descriptor) [pid 375] close(13) = -1 EBADF (Bad file descriptor) [pid 375] close(14) = -1 EBADF (Bad file descriptor) [pid 375] close(15) = -1 EBADF (Bad file descriptor) [pid 375] close(16) = -1 EBADF (Bad file descriptor) [pid 375] close(17) = -1 EBADF (Bad file descriptor) [pid 375] close(18) = -1 EBADF (Bad file descriptor) [pid 375] close(19) = -1 EBADF (Bad file descriptor) [pid 375] close(20) = -1 EBADF (Bad file descriptor) [pid 375] close(21) = -1 EBADF (Bad file descriptor) [pid 375] close(22) = -1 EBADF (Bad file descriptor) [pid 375] close(23) = -1 EBADF (Bad file descriptor) [pid 375] close(24) = -1 EBADF (Bad file descriptor) [pid 375] close(25) = -1 EBADF (Bad file descriptor) [pid 375] close(26) = -1 EBADF (Bad file descriptor) [pid 375] close(27) = -1 EBADF (Bad file descriptor) [pid 375] close(28) = -1 EBADF (Bad file descriptor) [pid 375] close(29) = -1 EBADF (Bad file descriptor) [pid 375] exit_group(0) = ? [pid 376] <... futex resumed>) = ? [pid 376] +++ exited with 0 +++ [pid 375] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=72, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 74 ./strace-static-x86_64: Process 377 attached [pid 377] set_robust_list(0x5555560296a0, 24) = 0 [pid 377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 377] setpgid(0, 0) = 0 [pid 377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 377] write(3, "1000", 4) = 4 [pid 377] close(3) = 0 [pid 377] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 377] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 377] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 377] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 377] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 377] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 377] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 377] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[75]}, 88) = 75 ./strace-static-x86_64: Process 378 attached [pid 377] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 377] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 377] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 378] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 378] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 378] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 378] write(3, "65", 2) = 2 [ 30.136986][ T376] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 30.145293][ T376] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 30.153104][ T376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 30.160922][ T376] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 30.168820][ T376] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 30.176625][ T376] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 30.184445][ T376] [pid 378] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 377] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 30.200621][ T378] FAULT_INJECTION: forcing a failure. [ 30.200621][ T378] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 30.213668][ T378] CPU: 1 PID: 378 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 30.223687][ T378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 30.233584][ T378] Call Trace: [ 30.236707][ T378] [ 30.239497][ T378] dump_stack_lvl+0x151/0x1b7 [ 30.243997][ T378] ? io_uring_drop_tctx_refs+0x190/0x190 [ 30.249478][ T378] dump_stack+0x15/0x17 [ 30.253453][ T378] should_fail+0x3c6/0x510 [ 30.257906][ T378] should_fail_alloc_page+0x5a/0x80 [ 30.262952][ T378] prepare_alloc_pages+0x15c/0x700 [ 30.267979][ T378] ? __alloc_pages_bulk+0xe60/0xe60 [ 30.273013][ T378] __alloc_pages+0x138/0x5e0 [ 30.277620][ T378] ? prep_new_page+0x110/0x110 [ 30.282217][ T378] ? __alloc_pages+0x206/0x5e0 [ 30.286881][ T378] ? prep_new_page+0x110/0x110 [ 30.291419][ T378] ? __kasan_check_write+0x14/0x20 [ 30.296361][ T378] ? _raw_spin_lock+0xa4/0x1b0 [ 30.300963][ T378] pte_alloc_one+0x73/0x1b0 [ 30.305301][ T378] ? pfn_modify_allowed+0x2f0/0x2f0 [ 30.310336][ T378] ? __pmd_alloc+0x48d/0x550 [ 30.314766][ T378] __pte_alloc+0x86/0x350 [ 30.318931][ T378] ? __pud_alloc+0x260/0x260 [ 30.323353][ T378] ? free_pgtables+0x280/0x280 [ 30.327955][ T378] ? __stack_depot_save+0x34/0x470 [ 30.332899][ T378] ? anon_vma_clone+0x9a/0x500 [ 30.337500][ T378] copy_page_range+0x28a8/0x2f90 [ 30.342272][ T378] ? __kasan_slab_alloc+0xb1/0xe0 [ 30.347133][ T378] ? slab_post_alloc_hook+0x53/0x2c0 [ 30.352342][ T378] ? kernel_clone+0x21e/0x9e0 [ 30.356856][ T378] ? do_syscall_64+0x3d/0xb0 [ 30.361373][ T378] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.367272][ T378] ? pfn_valid+0x1e0/0x1e0 [ 30.371520][ T378] ? rwsem_write_trylock+0x15b/0x290 [ 30.376643][ T378] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 30.382981][ T378] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 30.388536][ T378] ? __rb_insert_augmented+0x5de/0x610 [ 30.393829][ T378] copy_mm+0xc7e/0x13e0 [ 30.397826][ T378] ? copy_signal+0x610/0x610 [ 30.402246][ T378] ? __init_rwsem+0xd6/0x1c0 [ 30.406682][ T378] ? copy_signal+0x4e3/0x610 [ 30.411108][ T378] copy_process+0x12bc/0x3260 [ 30.415615][ T378] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 30.420737][ T378] ? __kasan_check_write+0x14/0x20 [ 30.425685][ T378] kernel_clone+0x21e/0x9e0 [ 30.430105][ T378] ? _raw_spin_unlock_irq+0x4e/0x70 [ 30.435923][ T378] ? create_io_thread+0x1e0/0x1e0 [ 30.440793][ T378] __x64_sys_clone+0x23f/0x290 [ 30.445381][ T378] ? __do_sys_vfork+0x130/0x130 [ 30.450339][ T378] ? __kasan_check_read+0x11/0x20 [ 30.455189][ T378] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 30.461030][ T378] do_syscall_64+0x3d/0xb0 [ 30.465256][ T378] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.470986][ T378] RIP: 0033:0x7fee0c2830a9 [ 30.475240][ T378] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 378] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 378] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 377] close(3) = 0 [pid 377] close(4) = -1 EBADF (Bad file descriptor) [pid 377] close(5) = -1 EBADF (Bad file descriptor) [pid 377] close(6) = -1 EBADF (Bad file descriptor) [pid 377] close(7) = -1 EBADF (Bad file descriptor) [pid 377] close(8) = -1 EBADF (Bad file descriptor) [pid 377] close(9) = -1 EBADF (Bad file descriptor) [pid 377] close(10) = -1 EBADF (Bad file descriptor) [pid 377] close(11) = -1 EBADF (Bad file descriptor) [pid 377] close(12) = -1 EBADF (Bad file descriptor) [pid 377] close(13) = -1 EBADF (Bad file descriptor) [pid 377] close(14) = -1 EBADF (Bad file descriptor) [pid 377] close(15) = -1 EBADF (Bad file descriptor) [pid 377] close(16) = -1 EBADF (Bad file descriptor) [pid 377] close(17) = -1 EBADF (Bad file descriptor) [pid 377] close(18) = -1 EBADF (Bad file descriptor) [pid 377] close(19) = -1 EBADF (Bad file descriptor) [pid 377] close(20) = -1 EBADF (Bad file descriptor) [pid 377] close(21) = -1 EBADF (Bad file descriptor) [pid 377] close(22) = -1 EBADF (Bad file descriptor) [pid 377] close(23) = -1 EBADF (Bad file descriptor) [pid 377] close(24) = -1 EBADF (Bad file descriptor) [pid 377] close(25) = -1 EBADF (Bad file descriptor) [pid 377] close(26) = -1 EBADF (Bad file descriptor) [pid 377] close(27) = -1 EBADF (Bad file descriptor) [pid 377] close(28) = -1 EBADF (Bad file descriptor) [pid 377] close(29) = -1 EBADF (Bad file descriptor) [pid 377] exit_group(0) = ? [pid 378] +++ exited with 0 +++ [pid 377] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=74, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 76 ./strace-static-x86_64: Process 379 attached [pid 379] set_robust_list(0x5555560296a0, 24) = 0 [pid 379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 379] setpgid(0, 0) = 0 [pid 379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 379] write(3, "1000", 4) = 4 [pid 379] close(3) = 0 [pid 379] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 379] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 379] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 379] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 379] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 379] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 379] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 380 attached => {parent_tid=[77]}, 88) = 77 [pid 379] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 379] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 380] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 380] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 380] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 380] write(3, "65", 2) = 2 [ 30.494680][ T378] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 30.502925][ T378] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 30.510737][ T378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 30.520715][ T378] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 30.529141][ T378] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 30.536946][ T378] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 30.544872][ T378] [ 30.558479][ T380] FAULT_INJECTION: forcing a failure. [ 30.558479][ T380] name failslab, interval 1, probability 0, space 0, times 0 [ 30.571295][ T380] CPU: 1 PID: 380 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 30.581333][ T380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 30.591221][ T380] Call Trace: [ 30.594344][ T380] [ 30.597122][ T380] dump_stack_lvl+0x151/0x1b7 [ 30.601635][ T380] ? io_uring_drop_tctx_refs+0x190/0x190 [ 30.607104][ T380] ? avc_denied+0x1b0/0x1b0 [ 30.611444][ T380] dump_stack+0x15/0x17 [ 30.615448][ T380] should_fail+0x3c6/0x510 [ 30.619710][ T380] __should_failslab+0xa4/0xe0 [ 30.624301][ T380] ? vm_area_dup+0x26/0x230 [ 30.628627][ T380] should_failslab+0x9/0x20 [ 30.632965][ T380] slab_pre_alloc_hook+0x37/0xd0 [ 30.637740][ T380] ? vm_area_dup+0x26/0x230 [ 30.642079][ T380] kmem_cache_alloc+0x44/0x200 [ 30.646699][ T380] vm_area_dup+0x26/0x230 [ 30.650855][ T380] copy_mm+0x9a1/0x13e0 [ 30.654850][ T380] ? copy_signal+0x610/0x610 [ 30.659267][ T380] ? __init_rwsem+0xd6/0x1c0 [ 30.663696][ T380] ? copy_signal+0x4e3/0x610 [ 30.668120][ T380] copy_process+0x12bc/0x3260 [ 30.672630][ T380] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 30.677577][ T380] ? __kasan_check_write+0x14/0x20 [ 30.682523][ T380] kernel_clone+0x21e/0x9e0 [ 30.686872][ T380] ? _raw_spin_unlock_irq+0x4e/0x70 [ 30.691900][ T380] ? create_io_thread+0x1e0/0x1e0 [ 30.696771][ T380] __x64_sys_clone+0x23f/0x290 [ 30.701359][ T380] ? __do_sys_vfork+0x130/0x130 [ 30.706044][ T380] ? __kasan_check_read+0x11/0x20 [ 30.710903][ T380] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 30.716902][ T380] do_syscall_64+0x3d/0xb0 [ 30.721147][ T380] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.726874][ T380] RIP: 0033:0x7fee0c2830a9 [ 30.731129][ T380] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 30.750568][ T380] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 380] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 379] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 380] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 380] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 379] close(3) = 0 [pid 379] close(4) = -1 EBADF (Bad file descriptor) [pid 379] close(5) = -1 EBADF (Bad file descriptor) [pid 379] close(6) = -1 EBADF (Bad file descriptor) [pid 379] close(7) = -1 EBADF (Bad file descriptor) [pid 379] close(8) = -1 EBADF (Bad file descriptor) [pid 379] close(9) = -1 EBADF (Bad file descriptor) [pid 379] close(10) = -1 EBADF (Bad file descriptor) [pid 379] close(11) = -1 EBADF (Bad file descriptor) [pid 379] close(12) = -1 EBADF (Bad file descriptor) [pid 379] close(13) = -1 EBADF (Bad file descriptor) [pid 379] close(14) = -1 EBADF (Bad file descriptor) [pid 379] close(15) = -1 EBADF (Bad file descriptor) [pid 379] close(16) = -1 EBADF (Bad file descriptor) [pid 379] close(17) = -1 EBADF (Bad file descriptor) [pid 379] close(18) = -1 EBADF (Bad file descriptor) [pid 379] close(19) = -1 EBADF (Bad file descriptor) [pid 379] close(20) = -1 EBADF (Bad file descriptor) [pid 379] close(21) = -1 EBADF (Bad file descriptor) [pid 379] close(22) = -1 EBADF (Bad file descriptor) [pid 379] close(23) = -1 EBADF (Bad file descriptor) [pid 379] close(24) = -1 EBADF (Bad file descriptor) [pid 379] close(25) = -1 EBADF (Bad file descriptor) [pid 379] close(26) = -1 EBADF (Bad file descriptor) [pid 379] close(27) = -1 EBADF (Bad file descriptor) [pid 379] close(28) = -1 EBADF (Bad file descriptor) [pid 379] close(29) = -1 EBADF (Bad file descriptor) [pid 379] exit_group(0) = ? [pid 380] <... futex resumed>) = ? [pid 380] +++ exited with 0 +++ [pid 379] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=76, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 78 ./strace-static-x86_64: Process 382 attached [pid 382] set_robust_list(0x5555560296a0, 24) = 0 [pid 382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 382] setpgid(0, 0) = 0 [pid 382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 382] write(3, "1000", 4) = 4 [pid 382] close(3) = 0 [pid 382] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 382] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 382] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 382] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 382] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 382] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 382] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 382] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[79]}, 88) = 79 ./strace-static-x86_64: Process 383 attached [pid 382] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 382] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 382] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 383] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 383] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 383] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 383] write(3, "65", 2) = 2 [ 30.758814][ T380] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 30.766624][ T380] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 30.774435][ T380] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 30.782250][ T380] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 30.790149][ T380] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 30.797961][ T380] [pid 383] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 382] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 30.812436][ T383] FAULT_INJECTION: forcing a failure. [ 30.812436][ T383] name failslab, interval 1, probability 0, space 0, times 0 [ 30.824866][ T383] CPU: 0 PID: 383 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 30.834899][ T383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 30.844794][ T383] Call Trace: [ 30.847927][ T383] [ 30.850696][ T383] dump_stack_lvl+0x151/0x1b7 [ 30.855213][ T383] ? io_uring_drop_tctx_refs+0x190/0x190 [ 30.860695][ T383] dump_stack+0x15/0x17 [ 30.864668][ T383] should_fail+0x3c6/0x510 [ 30.868923][ T383] __should_failslab+0xa4/0xe0 [ 30.873521][ T383] ? vm_area_dup+0x26/0x230 [ 30.878119][ T383] should_failslab+0x9/0x20 [ 30.882459][ T383] slab_pre_alloc_hook+0x37/0xd0 [ 30.887236][ T383] ? vm_area_dup+0x26/0x230 [ 30.891573][ T383] kmem_cache_alloc+0x44/0x200 [ 30.896175][ T383] vm_area_dup+0x26/0x230 [ 30.900338][ T383] copy_mm+0x9a1/0x13e0 [ 30.904334][ T383] ? copy_signal+0x610/0x610 [ 30.908755][ T383] ? __init_rwsem+0xd6/0x1c0 [ 30.913182][ T383] ? copy_signal+0x4e3/0x610 [ 30.917611][ T383] copy_process+0x12bc/0x3260 [ 30.922123][ T383] ? finish_task_switch+0x16f/0x7b0 [ 30.927161][ T383] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 30.932108][ T383] ? __kasan_check_write+0x14/0x20 [ 30.937050][ T383] kernel_clone+0x21e/0x9e0 [ 30.941392][ T383] ? _raw_spin_unlock_irq+0x4e/0x70 [ 30.946425][ T383] ? create_io_thread+0x1e0/0x1e0 [ 30.951285][ T383] __x64_sys_clone+0x23f/0x290 [ 30.955886][ T383] ? __do_sys_vfork+0x130/0x130 [ 30.960572][ T383] ? __kasan_check_read+0x11/0x20 [ 30.965447][ T383] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 30.971247][ T383] do_syscall_64+0x3d/0xb0 [ 30.975501][ T383] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.981227][ T383] RIP: 0033:0x7fee0c2830a9 [ 30.985506][ T383] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 31.004927][ T383] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 383] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 383] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 383] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 382] close(3) = 0 [pid 382] close(4) = -1 EBADF (Bad file descriptor) [pid 382] close(5) = -1 EBADF (Bad file descriptor) [pid 382] close(6) = -1 EBADF (Bad file descriptor) [pid 382] close(7) = -1 EBADF (Bad file descriptor) [pid 382] close(8) = -1 EBADF (Bad file descriptor) [pid 382] close(9) = -1 EBADF (Bad file descriptor) [pid 382] close(10) = -1 EBADF (Bad file descriptor) [pid 382] close(11) = -1 EBADF (Bad file descriptor) [pid 382] close(12) = -1 EBADF (Bad file descriptor) [pid 382] close(13) = -1 EBADF (Bad file descriptor) [pid 382] close(14) = -1 EBADF (Bad file descriptor) [pid 382] close(15) = -1 EBADF (Bad file descriptor) [pid 382] close(16) = -1 EBADF (Bad file descriptor) [pid 382] close(17) = -1 EBADF (Bad file descriptor) [pid 382] close(18) = -1 EBADF (Bad file descriptor) [pid 382] close(19) = -1 EBADF (Bad file descriptor) [pid 382] close(20) = -1 EBADF (Bad file descriptor) [pid 382] close(21) = -1 EBADF (Bad file descriptor) [pid 382] close(22) = -1 EBADF (Bad file descriptor) [pid 382] close(23) = -1 EBADF (Bad file descriptor) [pid 382] close(24) = -1 EBADF (Bad file descriptor) [pid 382] close(25) = -1 EBADF (Bad file descriptor) [pid 382] close(26) = -1 EBADF (Bad file descriptor) [pid 382] close(27) = -1 EBADF (Bad file descriptor) [pid 382] close(28) = -1 EBADF (Bad file descriptor) [pid 382] close(29) = -1 EBADF (Bad file descriptor) [pid 382] exit_group(0 [pid 383] <... futex resumed>) = ? [pid 382] <... exit_group resumed>) = ? [pid 383] +++ exited with 0 +++ [pid 382] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=78, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 80 ./strace-static-x86_64: Process 384 attached [pid 384] set_robust_list(0x5555560296a0, 24) = 0 [pid 384] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 384] setpgid(0, 0) = 0 [pid 384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 384] write(3, "1000", 4) = 4 [pid 384] close(3) = 0 [pid 384] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 384] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 384] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 384] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 384] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 384] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 384] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 384] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[81]}, 88) = 81 [pid 384] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 384] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 384] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 385 attached [pid 385] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 385] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 385] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 385] write(3, "65", 2) = 2 [ 31.013168][ T383] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 31.021064][ T383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 31.028878][ T383] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 31.036689][ T383] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 31.044589][ T383] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 31.052400][ T383] [ 31.064691][ T385] FAULT_INJECTION: forcing a failure. [ 31.064691][ T385] name failslab, interval 1, probability 0, space 0, times 0 [ 31.077231][ T385] CPU: 1 PID: 385 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 31.087285][ T385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 31.097270][ T385] Call Trace: [ 31.100406][ T385] [ 31.103169][ T385] dump_stack_lvl+0x151/0x1b7 [ 31.107795][ T385] ? io_uring_drop_tctx_refs+0x190/0x190 [ 31.113257][ T385] ? avc_denied+0x1b0/0x1b0 [ 31.117597][ T385] dump_stack+0x15/0x17 [ 31.121592][ T385] should_fail+0x3c6/0x510 [ 31.125927][ T385] __should_failslab+0xa4/0xe0 [ 31.130622][ T385] ? vm_area_dup+0x26/0x230 [ 31.134954][ T385] should_failslab+0x9/0x20 [ 31.139291][ T385] slab_pre_alloc_hook+0x37/0xd0 [ 31.144068][ T385] ? vm_area_dup+0x26/0x230 [ 31.148416][ T385] kmem_cache_alloc+0x44/0x200 [ 31.153095][ T385] vm_area_dup+0x26/0x230 [ 31.157440][ T385] copy_mm+0x9a1/0x13e0 [ 31.161433][ T385] ? copy_signal+0x610/0x610 [ 31.165949][ T385] ? __init_rwsem+0xd6/0x1c0 [ 31.170378][ T385] ? copy_signal+0x4e3/0x610 [ 31.174813][ T385] copy_process+0x12bc/0x3260 [ 31.179313][ T385] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 31.184259][ T385] ? __kasan_check_write+0x14/0x20 [ 31.189219][ T385] kernel_clone+0x21e/0x9e0 [ 31.193633][ T385] ? _raw_spin_unlock_irq+0x4e/0x70 [ 31.198666][ T385] ? create_io_thread+0x1e0/0x1e0 [ 31.203527][ T385] __x64_sys_clone+0x23f/0x290 [ 31.208132][ T385] ? __do_sys_vfork+0x130/0x130 [ 31.212814][ T385] ? __kasan_check_read+0x11/0x20 [ 31.217678][ T385] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 31.223491][ T385] do_syscall_64+0x3d/0xb0 [ 31.227837][ T385] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 31.233559][ T385] RIP: 0033:0x7fee0c2830a9 [ 31.237821][ T385] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 31.257427][ T385] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 385] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 384] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 385] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 385] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 385] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 384] close(3) = 0 [pid 384] close(4) = -1 EBADF (Bad file descriptor) [pid 384] close(5) = -1 EBADF (Bad file descriptor) [pid 384] close(6) = -1 EBADF (Bad file descriptor) [pid 384] close(7) = -1 EBADF (Bad file descriptor) [pid 384] close(8) = -1 EBADF (Bad file descriptor) [pid 384] close(9) = -1 EBADF (Bad file descriptor) [pid 384] close(10) = -1 EBADF (Bad file descriptor) [pid 384] close(11) = -1 EBADF (Bad file descriptor) [pid 384] close(12) = -1 EBADF (Bad file descriptor) [pid 384] close(13) = -1 EBADF (Bad file descriptor) [pid 384] close(14) = -1 EBADF (Bad file descriptor) [pid 384] close(15) = -1 EBADF (Bad file descriptor) [pid 384] close(16) = -1 EBADF (Bad file descriptor) [pid 384] close(17) = -1 EBADF (Bad file descriptor) [pid 384] close(18) = -1 EBADF (Bad file descriptor) [pid 384] close(19) = -1 EBADF (Bad file descriptor) [pid 384] close(20) = -1 EBADF (Bad file descriptor) [pid 384] close(21) = -1 EBADF (Bad file descriptor) [pid 384] close(22) = -1 EBADF (Bad file descriptor) [pid 384] close(23) = -1 EBADF (Bad file descriptor) [pid 384] close(24) = -1 EBADF (Bad file descriptor) [pid 384] close(25) = -1 EBADF (Bad file descriptor) [pid 384] close(26) = -1 EBADF (Bad file descriptor) [pid 384] close(27) = -1 EBADF (Bad file descriptor) [pid 384] close(28) = -1 EBADF (Bad file descriptor) [pid 384] close(29) = -1 EBADF (Bad file descriptor) [pid 384] exit_group(0) = ? [pid 385] <... futex resumed>) = ? [pid 385] +++ exited with 0 +++ [pid 384] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=80, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 82 ./strace-static-x86_64: Process 386 attached [pid 386] set_robust_list(0x5555560296a0, 24) = 0 [pid 386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 386] setpgid(0, 0) = 0 [pid 386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 386] write(3, "1000", 4) = 4 [pid 386] close(3) = 0 [pid 386] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 386] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 386] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 386] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 386] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 386] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 386] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 386] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[83]}, 88) = 83 [pid 386] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 386] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 386] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 387 attached [pid 387] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 387] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 387] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 387] write(3, "65", 2) = 2 [ 31.265678][ T385] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 31.273478][ T385] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 31.281297][ T385] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 31.289104][ T385] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 31.296917][ T385] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 31.304787][ T385] [ 31.317146][ T387] FAULT_INJECTION: forcing a failure. [ 31.317146][ T387] name failslab, interval 1, probability 0, space 0, times 0 [ 31.329599][ T387] CPU: 1 PID: 387 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 31.339629][ T387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 31.349525][ T387] Call Trace: [ 31.352644][ T387] [ 31.355429][ T387] dump_stack_lvl+0x151/0x1b7 [ 31.359936][ T387] ? io_uring_drop_tctx_refs+0x190/0x190 [ 31.365404][ T387] dump_stack+0x15/0x17 [ 31.369395][ T387] should_fail+0x3c6/0x510 [ 31.373648][ T387] __should_failslab+0xa4/0xe0 [ 31.378251][ T387] ? vm_area_dup+0x26/0x230 [ 31.382588][ T387] should_failslab+0x9/0x20 [ 31.386929][ T387] slab_pre_alloc_hook+0x37/0xd0 [ 31.391713][ T387] ? vm_area_dup+0x26/0x230 [ 31.396044][ T387] kmem_cache_alloc+0x44/0x200 [ 31.400667][ T387] vm_area_dup+0x26/0x230 [ 31.404810][ T387] copy_mm+0x9a1/0x13e0 [ 31.408800][ T387] ? copy_signal+0x610/0x610 [ 31.413224][ T387] ? __init_rwsem+0xd6/0x1c0 [ 31.417655][ T387] ? copy_signal+0x4e3/0x610 [ 31.422079][ T387] copy_process+0x12bc/0x3260 [ 31.426593][ T387] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 31.431541][ T387] ? __kasan_check_write+0x14/0x20 [ 31.436497][ T387] kernel_clone+0x21e/0x9e0 [ 31.440836][ T387] ? _raw_spin_unlock_irq+0x4e/0x70 [ 31.445859][ T387] ? create_io_thread+0x1e0/0x1e0 [ 31.450727][ T387] __x64_sys_clone+0x23f/0x290 [ 31.455321][ T387] ? __do_sys_vfork+0x130/0x130 [ 31.460052][ T387] ? __kasan_check_read+0x11/0x20 [ 31.464866][ T387] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 31.470683][ T387] do_syscall_64+0x3d/0xb0 [ 31.474935][ T387] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 31.480677][ T387] RIP: 0033:0x7fee0c2830a9 [ 31.484968][ T387] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 31.504362][ T387] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 387] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 386] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 387] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 386] close(3 [pid 387] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 386] <... close resumed>) = 0 [pid 386] close(4) = -1 EBADF (Bad file descriptor) [pid 386] close(5) = -1 EBADF (Bad file descriptor) [pid 386] close(6) = -1 EBADF (Bad file descriptor) [pid 386] close(7) = -1 EBADF (Bad file descriptor) [pid 386] close(8) = -1 EBADF (Bad file descriptor) [pid 386] close(9) = -1 EBADF (Bad file descriptor) [pid 386] close(10) = -1 EBADF (Bad file descriptor) [pid 386] close(11) = -1 EBADF (Bad file descriptor) [pid 386] close(12) = -1 EBADF (Bad file descriptor) [pid 386] close(13) = -1 EBADF (Bad file descriptor) [pid 386] close(14) = -1 EBADF (Bad file descriptor) [pid 386] close(15) = -1 EBADF (Bad file descriptor) [pid 386] close(16) = -1 EBADF (Bad file descriptor) [pid 386] close(17) = -1 EBADF (Bad file descriptor) [pid 386] close(18) = -1 EBADF (Bad file descriptor) [pid 386] close(19) = -1 EBADF (Bad file descriptor) [pid 386] close(20) = -1 EBADF (Bad file descriptor) [pid 386] close(21) = -1 EBADF (Bad file descriptor) [pid 386] close(22) = -1 EBADF (Bad file descriptor) [pid 386] close(23) = -1 EBADF (Bad file descriptor) [pid 386] close(24) = -1 EBADF (Bad file descriptor) [pid 386] close(25) = -1 EBADF (Bad file descriptor) [pid 386] close(26) = -1 EBADF (Bad file descriptor) [pid 386] close(27) = -1 EBADF (Bad file descriptor) [pid 386] close(28) = -1 EBADF (Bad file descriptor) [pid 386] close(29) = -1 EBADF (Bad file descriptor) [pid 386] exit_group(0) = ? [pid 387] <... futex resumed>) = ? [pid 387] +++ exited with 0 +++ [pid 386] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=82, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 84 ./strace-static-x86_64: Process 388 attached [pid 388] set_robust_list(0x5555560296a0, 24) = 0 [pid 388] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 388] setpgid(0, 0) = 0 [pid 388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 388] write(3, "1000", 4) = 4 [pid 388] close(3) = 0 [pid 388] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 388] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 388] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 388] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 388] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 388] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 388] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 388] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[85]}, 88) = 85 [pid 388] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 388] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 388] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 389 attached [pid 389] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 389] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 389] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 389] write(3, "65", 2) = 2 [ 31.512603][ T387] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 31.520444][ T387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 31.528224][ T387] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 31.536038][ T387] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 31.543849][ T387] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 31.551660][ T387] [ 31.566384][ T389] FAULT_INJECTION: forcing a failure. [ 31.566384][ T389] name failslab, interval 1, probability 0, space 0, times 0 [ 31.578832][ T389] CPU: 0 PID: 389 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 31.588858][ T389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 31.598755][ T389] Call Trace: [ 31.601876][ T389] [ 31.604653][ T389] dump_stack_lvl+0x151/0x1b7 [ 31.609172][ T389] ? io_uring_drop_tctx_refs+0x190/0x190 [ 31.614636][ T389] dump_stack+0x15/0x17 [ 31.618627][ T389] should_fail+0x3c6/0x510 [ 31.622877][ T389] __should_failslab+0xa4/0xe0 [ 31.627476][ T389] ? vm_area_dup+0x26/0x230 [ 31.631814][ T389] should_failslab+0x9/0x20 [ 31.636170][ T389] slab_pre_alloc_hook+0x37/0xd0 [ 31.640938][ T389] ? vm_area_dup+0x26/0x230 [ 31.645273][ T389] kmem_cache_alloc+0x44/0x200 [ 31.649882][ T389] vm_area_dup+0x26/0x230 [ 31.654034][ T389] copy_mm+0x9a1/0x13e0 [ 31.658036][ T389] ? copy_signal+0x610/0x610 [ 31.662541][ T389] ? __init_rwsem+0xd6/0x1c0 [ 31.667056][ T389] ? copy_signal+0x4e3/0x610 [ 31.671483][ T389] copy_process+0x12bc/0x3260 [ 31.676010][ T389] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 31.680940][ T389] ? __kasan_check_write+0x14/0x20 [ 31.685891][ T389] kernel_clone+0x21e/0x9e0 [ 31.690490][ T389] ? _raw_spin_unlock_irq+0x4e/0x70 [ 31.695522][ T389] ? create_io_thread+0x1e0/0x1e0 [ 31.700384][ T389] __x64_sys_clone+0x23f/0x290 [ 31.704988][ T389] ? __do_sys_vfork+0x130/0x130 [ 31.709680][ T389] do_syscall_64+0x3d/0xb0 [ 31.713926][ T389] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 31.719660][ T389] RIP: 0033:0x7fee0c2830a9 [ 31.723913][ T389] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 31.743343][ T389] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 31.751617][ T389] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 31.759399][ T389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [pid 389] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 388] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 389] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] close(3 [pid 389] <... futex resumed>) = 0 [pid 389] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 388] <... close resumed>) = 0 [pid 388] close(4) = -1 EBADF (Bad file descriptor) [pid 388] close(5) = -1 EBADF (Bad file descriptor) [pid 388] close(6) = -1 EBADF (Bad file descriptor) [pid 388] close(7) = -1 EBADF (Bad file descriptor) [pid 388] close(8) = -1 EBADF (Bad file descriptor) [pid 388] close(9) = -1 EBADF (Bad file descriptor) [pid 388] close(10) = -1 EBADF (Bad file descriptor) [pid 388] close(11) = -1 EBADF (Bad file descriptor) [pid 388] close(12) = -1 EBADF (Bad file descriptor) [pid 388] close(13) = -1 EBADF (Bad file descriptor) [pid 388] close(14) = -1 EBADF (Bad file descriptor) [pid 388] close(15) = -1 EBADF (Bad file descriptor) [pid 388] close(16) = -1 EBADF (Bad file descriptor) [pid 388] close(17) = -1 EBADF (Bad file descriptor) [pid 388] close(18) = -1 EBADF (Bad file descriptor) [pid 388] close(19) = -1 EBADF (Bad file descriptor) [pid 388] close(20) = -1 EBADF (Bad file descriptor) [pid 388] close(21) = -1 EBADF (Bad file descriptor) [pid 388] close(22) = -1 EBADF (Bad file descriptor) [pid 388] close(23) = -1 EBADF (Bad file descriptor) [pid 388] close(24) = -1 EBADF (Bad file descriptor) [pid 388] close(25) = -1 EBADF (Bad file descriptor) [pid 388] close(26) = -1 EBADF (Bad file descriptor) [pid 388] close(27) = -1 EBADF (Bad file descriptor) [pid 388] close(28) = -1 EBADF (Bad file descriptor) [pid 388] close(29) = -1 EBADF (Bad file descriptor) [pid 388] exit_group(0 [pid 389] <... futex resumed>) = ? [pid 388] <... exit_group resumed>) = ? [pid 389] +++ exited with 0 +++ [pid 388] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=84, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 390 attached , child_tidptr=0x555556029690) = 86 [pid 390] set_robust_list(0x5555560296a0, 24) = 0 [pid 390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 390] setpgid(0, 0) = 0 [pid 390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 390] write(3, "1000", 4) = 4 [pid 390] close(3) = 0 [pid 390] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 390] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 390] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 390] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 390] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 390] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 390] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[87]}, 88) = 87 [pid 390] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 390] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 390] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 391 attached [pid 391] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 391] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 391] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 391] write(3, "65", 2) = 2 [ 31.767211][ T389] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 31.775372][ T389] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 31.783182][ T389] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 31.790994][ T389] [ 31.804428][ T391] FAULT_INJECTION: forcing a failure. [ 31.804428][ T391] name failslab, interval 1, probability 0, space 0, times 0 [pid 391] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 390] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 31.816979][ T391] CPU: 0 PID: 391 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 31.827033][ T391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 31.836940][ T391] Call Trace: [ 31.840034][ T391] [ 31.842811][ T391] dump_stack_lvl+0x151/0x1b7 [ 31.847325][ T391] ? io_uring_drop_tctx_refs+0x190/0x190 [ 31.852798][ T391] dump_stack+0x15/0x17 [ 31.856787][ T391] should_fail+0x3c6/0x510 [ 31.861036][ T391] __should_failslab+0xa4/0xe0 [ 31.865721][ T391] ? anon_vma_clone+0x9a/0x500 [ 31.870324][ T391] should_failslab+0x9/0x20 [ 31.874662][ T391] slab_pre_alloc_hook+0x37/0xd0 [ 31.879435][ T391] ? anon_vma_clone+0x9a/0x500 [ 31.884040][ T391] kmem_cache_alloc+0x44/0x200 [ 31.888646][ T391] anon_vma_clone+0x9a/0x500 [ 31.893066][ T391] anon_vma_fork+0x91/0x4e0 [ 31.897404][ T391] ? anon_vma_name+0x4c/0x70 [ 31.901841][ T391] ? vm_area_dup+0x17a/0x230 [ 31.906336][ T391] copy_mm+0xa3a/0x13e0 [ 31.910248][ T391] ? copy_signal+0x610/0x610 [ 31.914674][ T391] ? __init_rwsem+0xd6/0x1c0 [ 31.919107][ T391] ? copy_signal+0x4e3/0x610 [ 31.923526][ T391] copy_process+0x12bc/0x3260 [ 31.928041][ T391] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 31.932987][ T391] ? __kasan_check_write+0x14/0x20 [ 31.938019][ T391] kernel_clone+0x21e/0x9e0 [ 31.942358][ T391] ? _raw_spin_unlock_irq+0x4e/0x70 [ 31.947393][ T391] ? create_io_thread+0x1e0/0x1e0 [ 31.952253][ T391] __x64_sys_clone+0x23f/0x290 [ 31.956856][ T391] ? __do_sys_vfork+0x130/0x130 [ 31.961540][ T391] ? __kasan_check_read+0x11/0x20 [ 31.966399][ T391] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 31.972214][ T391] do_syscall_64+0x3d/0xb0 [ 31.976467][ T391] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 31.982196][ T391] RIP: 0033:0x7fee0c2830a9 [ 31.986458][ T391] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 32.006156][ T391] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 391] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 391] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 391] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] close(3) = 0 [pid 390] close(4) = -1 EBADF (Bad file descriptor) [pid 390] close(5) = -1 EBADF (Bad file descriptor) [pid 390] close(6) = -1 EBADF (Bad file descriptor) [pid 390] close(7) = -1 EBADF (Bad file descriptor) [pid 390] close(8) = -1 EBADF (Bad file descriptor) [pid 390] close(9) = -1 EBADF (Bad file descriptor) [pid 390] close(10) = -1 EBADF (Bad file descriptor) [pid 390] close(11) = -1 EBADF (Bad file descriptor) [pid 390] close(12) = -1 EBADF (Bad file descriptor) [pid 390] close(13) = -1 EBADF (Bad file descriptor) [pid 390] close(14) = -1 EBADF (Bad file descriptor) [pid 390] close(15) = -1 EBADF (Bad file descriptor) [pid 390] close(16) = -1 EBADF (Bad file descriptor) [pid 390] close(17) = -1 EBADF (Bad file descriptor) [pid 390] close(18) = -1 EBADF (Bad file descriptor) [pid 390] close(19) = -1 EBADF (Bad file descriptor) [pid 390] close(20) = -1 EBADF (Bad file descriptor) [pid 390] close(21) = -1 EBADF (Bad file descriptor) [pid 390] close(22) = -1 EBADF (Bad file descriptor) [pid 390] close(23) = -1 EBADF (Bad file descriptor) [pid 390] close(24) = -1 EBADF (Bad file descriptor) [pid 390] close(25) = -1 EBADF (Bad file descriptor) [pid 390] close(26) = -1 EBADF (Bad file descriptor) [pid 390] close(27) = -1 EBADF (Bad file descriptor) [pid 390] close(28) = -1 EBADF (Bad file descriptor) [pid 390] close(29) = -1 EBADF (Bad file descriptor) [pid 390] exit_group(0 [pid 391] <... futex resumed>) = ? [pid 390] <... exit_group resumed>) = ? [pid 391] +++ exited with 0 +++ [pid 390] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=86, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 88 ./strace-static-x86_64: Process 393 attached [pid 393] set_robust_list(0x5555560296a0, 24) = 0 [pid 393] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 393] setpgid(0, 0) = 0 [pid 393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 393] write(3, "1000", 4) = 4 [pid 393] close(3) = 0 [pid 393] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 393] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 393] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 393] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 393] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 393] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 393] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 393] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 394 attached => {parent_tid=[89]}, 88) = 89 [pid 394] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 394] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 394] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 393] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 394] <... futex resumed>) = 0 [pid 393] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 394] write(3, "65", 2) = 2 [ 32.014484][ T391] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 32.022295][ T391] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 32.030105][ T391] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 32.037914][ T391] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 32.045729][ T391] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 32.053736][ T391] [ 32.068036][ T394] FAULT_INJECTION: forcing a failure. [ 32.068036][ T394] name failslab, interval 1, probability 0, space 0, times 0 [ 32.080782][ T394] CPU: 1 PID: 394 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 32.090827][ T394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 32.100716][ T394] Call Trace: [ 32.103836][ T394] [ 32.106615][ T394] dump_stack_lvl+0x151/0x1b7 [ 32.111127][ T394] ? io_uring_drop_tctx_refs+0x190/0x190 [ 32.116596][ T394] dump_stack+0x15/0x17 [ 32.120587][ T394] should_fail+0x3c6/0x510 [ 32.124840][ T394] __should_failslab+0xa4/0xe0 [ 32.129465][ T394] ? vm_area_dup+0x26/0x230 [ 32.133777][ T394] should_failslab+0x9/0x20 [ 32.138121][ T394] slab_pre_alloc_hook+0x37/0xd0 [ 32.142893][ T394] ? vm_area_dup+0x26/0x230 [ 32.147242][ T394] kmem_cache_alloc+0x44/0x200 [ 32.151842][ T394] vm_area_dup+0x26/0x230 [ 32.155999][ T394] copy_mm+0x9a1/0x13e0 [ 32.159996][ T394] ? copy_signal+0x610/0x610 [ 32.164415][ T394] ? __init_rwsem+0xd6/0x1c0 [ 32.168892][ T394] ? copy_signal+0x4e3/0x610 [ 32.173267][ T394] copy_process+0x12bc/0x3260 [ 32.177790][ T394] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 32.182822][ T394] ? __kasan_check_write+0x14/0x20 [ 32.187761][ T394] kernel_clone+0x21e/0x9e0 [ 32.192110][ T394] ? _raw_spin_unlock_irq+0x4e/0x70 [ 32.197138][ T394] ? create_io_thread+0x1e0/0x1e0 [ 32.201998][ T394] __x64_sys_clone+0x23f/0x290 [ 32.206645][ T394] ? __do_sys_vfork+0x130/0x130 [ 32.211289][ T394] ? __kasan_check_read+0x11/0x20 [ 32.216143][ T394] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 32.221959][ T394] do_syscall_64+0x3d/0xb0 [ 32.226208][ T394] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 32.231939][ T394] RIP: 0033:0x7fee0c2830a9 [ 32.236193][ T394] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 32.255648][ T394] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 394] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 393] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 394] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 394] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] close(3) = 0 [pid 393] close(4) = -1 EBADF (Bad file descriptor) [pid 393] close(5) = -1 EBADF (Bad file descriptor) [pid 393] close(6) = -1 EBADF (Bad file descriptor) [pid 393] close(7) = -1 EBADF (Bad file descriptor) [pid 393] close(8) = -1 EBADF (Bad file descriptor) [pid 393] close(9) = -1 EBADF (Bad file descriptor) [pid 393] close(10) = -1 EBADF (Bad file descriptor) [pid 393] close(11) = -1 EBADF (Bad file descriptor) [pid 393] close(12) = -1 EBADF (Bad file descriptor) [pid 393] close(13) = -1 EBADF (Bad file descriptor) [pid 393] close(14) = -1 EBADF (Bad file descriptor) [pid 393] close(15) = -1 EBADF (Bad file descriptor) [pid 393] close(16) = -1 EBADF (Bad file descriptor) [pid 393] close(17) = -1 EBADF (Bad file descriptor) [pid 393] close(18) = -1 EBADF (Bad file descriptor) [pid 393] close(19) = -1 EBADF (Bad file descriptor) [pid 393] close(20) = -1 EBADF (Bad file descriptor) [pid 393] close(21) = -1 EBADF (Bad file descriptor) [pid 393] close(22) = -1 EBADF (Bad file descriptor) [pid 393] close(23) = -1 EBADF (Bad file descriptor) [pid 393] close(24) = -1 EBADF (Bad file descriptor) [pid 393] close(25) = -1 EBADF (Bad file descriptor) [pid 393] close(26) = -1 EBADF (Bad file descriptor) [pid 393] close(27) = -1 EBADF (Bad file descriptor) [pid 393] close(28) = -1 EBADF (Bad file descriptor) [pid 393] close(29) = -1 EBADF (Bad file descriptor) [pid 393] exit_group(0) = ? [pid 394] <... futex resumed>) = ? [pid 394] +++ exited with 0 +++ [pid 393] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=88, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 395 attached , child_tidptr=0x555556029690) = 90 [pid 395] set_robust_list(0x5555560296a0, 24) = 0 [pid 395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 395] setpgid(0, 0) = 0 [pid 395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 395] write(3, "1000", 4) = 4 [pid 395] close(3) = 0 [pid 395] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 395] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 395] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 395] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 395] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 395] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 396 attached => {parent_tid=[91]}, 88) = 91 [pid 396] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 395] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 395] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 396] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 396] write(3, "65", 2) = 2 [ 32.264050][ T394] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 32.271863][ T394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 32.279796][ T394] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 32.287582][ T394] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 32.295393][ T394] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 32.303597][ T394] [pid 396] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 395] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 32.320238][ T396] FAULT_INJECTION: forcing a failure. [ 32.320238][ T396] name failslab, interval 1, probability 0, space 0, times 0 [ 32.332706][ T396] CPU: 1 PID: 396 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 32.342720][ T396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 32.352613][ T396] Call Trace: [ 32.355730][ T396] [ 32.358511][ T396] dump_stack_lvl+0x151/0x1b7 [ 32.363025][ T396] ? io_uring_drop_tctx_refs+0x190/0x190 [ 32.368487][ T396] dump_stack+0x15/0x17 [ 32.372483][ T396] should_fail+0x3c6/0x510 [ 32.376732][ T396] __should_failslab+0xa4/0xe0 [ 32.381335][ T396] ? vm_area_dup+0x26/0x230 [ 32.385671][ T396] should_failslab+0x9/0x20 [ 32.390013][ T396] slab_pre_alloc_hook+0x37/0xd0 [ 32.394792][ T396] ? vm_area_dup+0x26/0x230 [ 32.399125][ T396] kmem_cache_alloc+0x44/0x200 [ 32.403724][ T396] vm_area_dup+0x26/0x230 [ 32.407891][ T396] copy_mm+0x9a1/0x13e0 [ 32.411883][ T396] ? copy_signal+0x610/0x610 [ 32.416310][ T396] ? __init_rwsem+0xd6/0x1c0 [ 32.420738][ T396] ? copy_signal+0x4e3/0x610 [ 32.425166][ T396] copy_process+0x12bc/0x3260 [ 32.429678][ T396] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 32.434627][ T396] ? __kasan_check_write+0x14/0x20 [ 32.439572][ T396] kernel_clone+0x21e/0x9e0 [ 32.443914][ T396] ? _raw_spin_unlock_irq+0x4e/0x70 [ 32.448944][ T396] ? create_io_thread+0x1e0/0x1e0 [ 32.453808][ T396] __x64_sys_clone+0x23f/0x290 [ 32.458406][ T396] ? __do_sys_vfork+0x130/0x130 [ 32.463102][ T396] ? __kasan_check_read+0x11/0x20 [ 32.467950][ T396] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 32.473777][ T396] do_syscall_64+0x3d/0xb0 [ 32.478111][ T396] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 32.483835][ T396] RIP: 0033:0x7fee0c2830a9 [ 32.488089][ T396] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 32.507533][ T396] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 396] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 396] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] close(3) = 0 [pid 395] close(4) = -1 EBADF (Bad file descriptor) [pid 395] close(5) = -1 EBADF (Bad file descriptor) [pid 395] close(6) = -1 EBADF (Bad file descriptor) [pid 395] close(7) = -1 EBADF (Bad file descriptor) [pid 395] close(8) = -1 EBADF (Bad file descriptor) [pid 395] close(9) = -1 EBADF (Bad file descriptor) [pid 395] close(10) = -1 EBADF (Bad file descriptor) [pid 395] close(11) = -1 EBADF (Bad file descriptor) [pid 395] close(12) = -1 EBADF (Bad file descriptor) [pid 395] close(13) = -1 EBADF (Bad file descriptor) [pid 395] close(14) = -1 EBADF (Bad file descriptor) [pid 395] close(15) = -1 EBADF (Bad file descriptor) [pid 395] close(16) = -1 EBADF (Bad file descriptor) [pid 395] close(17) = -1 EBADF (Bad file descriptor) [pid 395] close(18) = -1 EBADF (Bad file descriptor) [pid 395] close(19) = -1 EBADF (Bad file descriptor) [pid 395] close(20) = -1 EBADF (Bad file descriptor) [pid 395] close(21) = -1 EBADF (Bad file descriptor) [pid 395] close(22) = -1 EBADF (Bad file descriptor) [pid 395] close(23) = -1 EBADF (Bad file descriptor) [pid 395] close(24) = -1 EBADF (Bad file descriptor) [pid 395] close(25) = -1 EBADF (Bad file descriptor) [pid 395] close(26) = -1 EBADF (Bad file descriptor) [pid 395] close(27) = -1 EBADF (Bad file descriptor) [pid 395] close(28) = -1 EBADF (Bad file descriptor) [pid 395] close(29) = -1 EBADF (Bad file descriptor) [pid 395] exit_group(0 [pid 396] <... futex resumed>) = ? [pid 395] <... exit_group resumed>) = ? [pid 396] +++ exited with 0 +++ [pid 395] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=90, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 92 ./strace-static-x86_64: Process 397 attached [pid 397] set_robust_list(0x5555560296a0, 24) = 0 [pid 397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 397] setpgid(0, 0) = 0 [pid 397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 397] write(3, "1000", 4) = 4 [pid 397] close(3) = 0 [pid 397] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 397] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 397] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 397] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 397] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 397] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 397] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 398 attached => {parent_tid=[93]}, 88) = 93 [pid 398] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 398] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 398] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 397] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 397] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 398] <... futex resumed>) = 0 [pid 398] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 398] write(3, "65", 2) = 2 [ 32.515781][ T396] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 32.523593][ T396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 32.531394][ T396] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 32.539209][ T396] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 32.547021][ T396] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 32.554830][ T396] [ 32.575343][ T398] FAULT_INJECTION: forcing a failure. [ 32.575343][ T398] name failslab, interval 1, probability 0, space 0, times 0 [ 32.587792][ T398] CPU: 0 PID: 398 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 32.597813][ T398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 32.607709][ T398] Call Trace: [ 32.610824][ T398] [ 32.613611][ T398] dump_stack_lvl+0x151/0x1b7 [ 32.618118][ T398] ? io_uring_drop_tctx_refs+0x190/0x190 [ 32.623591][ T398] dump_stack+0x15/0x17 [ 32.627573][ T398] should_fail+0x3c6/0x510 [ 32.631827][ T398] __should_failslab+0xa4/0xe0 [ 32.636516][ T398] ? vm_area_dup+0x26/0x230 [ 32.640939][ T398] should_failslab+0x9/0x20 [ 32.645287][ T398] slab_pre_alloc_hook+0x37/0xd0 [ 32.650058][ T398] ? vm_area_dup+0x26/0x230 [ 32.654491][ T398] kmem_cache_alloc+0x44/0x200 [ 32.659173][ T398] vm_area_dup+0x26/0x230 [ 32.663332][ T398] copy_mm+0x9a1/0x13e0 [ 32.667326][ T398] ? copy_signal+0x610/0x610 [ 32.671759][ T398] ? __init_rwsem+0xd6/0x1c0 [ 32.676451][ T398] ? copy_signal+0x4e3/0x610 [ 32.680867][ T398] copy_process+0x12bc/0x3260 [ 32.685378][ T398] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 32.690332][ T398] ? __kasan_check_write+0x14/0x20 [ 32.695272][ T398] kernel_clone+0x21e/0x9e0 [ 32.699631][ T398] ? _raw_spin_unlock_irq+0x4e/0x70 [ 32.704656][ T398] ? create_io_thread+0x1e0/0x1e0 [ 32.709518][ T398] __x64_sys_clone+0x23f/0x290 [ 32.714104][ T398] ? __do_sys_vfork+0x130/0x130 [ 32.718796][ T398] ? __kasan_check_read+0x11/0x20 [ 32.723659][ T398] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 32.729467][ T398] do_syscall_64+0x3d/0xb0 [ 32.733731][ T398] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 32.739450][ T398] RIP: 0033:0x7fee0c2830a9 [ 32.743705][ T398] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 32.763316][ T398] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 398] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 397] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 398] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 398] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] close(3) = 0 [pid 397] close(4) = -1 EBADF (Bad file descriptor) [pid 397] close(5) = -1 EBADF (Bad file descriptor) [pid 397] close(6) = -1 EBADF (Bad file descriptor) [pid 397] close(7) = -1 EBADF (Bad file descriptor) [pid 397] close(8) = -1 EBADF (Bad file descriptor) [pid 397] close(9) = -1 EBADF (Bad file descriptor) [pid 397] close(10) = -1 EBADF (Bad file descriptor) [pid 397] close(11) = -1 EBADF (Bad file descriptor) [pid 397] close(12) = -1 EBADF (Bad file descriptor) [pid 397] close(13) = -1 EBADF (Bad file descriptor) [pid 397] close(14) = -1 EBADF (Bad file descriptor) [pid 397] close(15) = -1 EBADF (Bad file descriptor) [pid 397] close(16) = -1 EBADF (Bad file descriptor) [pid 397] close(17) = -1 EBADF (Bad file descriptor) [pid 397] close(18) = -1 EBADF (Bad file descriptor) [pid 397] close(19) = -1 EBADF (Bad file descriptor) [pid 397] close(20) = -1 EBADF (Bad file descriptor) [pid 397] close(21) = -1 EBADF (Bad file descriptor) [pid 397] close(22) = -1 EBADF (Bad file descriptor) [pid 397] close(23) = -1 EBADF (Bad file descriptor) [pid 397] close(24) = -1 EBADF (Bad file descriptor) [pid 397] close(25) = -1 EBADF (Bad file descriptor) [pid 397] close(26) = -1 EBADF (Bad file descriptor) [pid 397] close(27) = -1 EBADF (Bad file descriptor) [pid 397] close(28) = -1 EBADF (Bad file descriptor) [pid 397] close(29) = -1 EBADF (Bad file descriptor) [pid 397] exit_group(0) = ? [pid 398] <... futex resumed>) = ? [pid 398] +++ exited with 0 +++ [pid 397] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=92, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 94 ./strace-static-x86_64: Process 400 attached [pid 400] set_robust_list(0x5555560296a0, 24) = 0 [pid 400] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 400] setpgid(0, 0) = 0 [pid 400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 400] write(3, "1000", 4) = 4 [pid 400] close(3) = 0 [pid 400] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 400] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 400] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 400] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 400] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 400] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 400] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[95]}, 88) = 95 [pid 400] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 400] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 400] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 401 attached [pid 401] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 401] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 401] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 401] write(3, "65", 2) = 2 [ 32.771561][ T398] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 32.779378][ T398] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 32.787185][ T398] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 32.794995][ T398] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 32.802807][ T398] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 32.810622][ T398] [ 32.825587][ T401] FAULT_INJECTION: forcing a failure. [ 32.825587][ T401] name failslab, interval 1, probability 0, space 0, times 0 [ 32.838062][ T401] CPU: 1 PID: 401 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 32.848167][ T401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 32.858059][ T401] Call Trace: [ 32.861177][ T401] [ 32.863959][ T401] dump_stack_lvl+0x151/0x1b7 [ 32.868476][ T401] ? io_uring_drop_tctx_refs+0x190/0x190 [ 32.873939][ T401] dump_stack+0x15/0x17 [ 32.877931][ T401] should_fail+0x3c6/0x510 [ 32.882197][ T401] __should_failslab+0xa4/0xe0 [ 32.886789][ T401] ? vm_area_dup+0x26/0x230 [ 32.891206][ T401] should_failslab+0x9/0x20 [ 32.895547][ T401] slab_pre_alloc_hook+0x37/0xd0 [ 32.900321][ T401] ? vm_area_dup+0x26/0x230 [ 32.904663][ T401] kmem_cache_alloc+0x44/0x200 [ 32.909266][ T401] vm_area_dup+0x26/0x230 [ 32.913426][ T401] copy_mm+0x9a1/0x13e0 [ 32.917421][ T401] ? copy_signal+0x610/0x610 [ 32.921874][ T401] ? __init_rwsem+0xd6/0x1c0 [ 32.926364][ T401] ? copy_signal+0x4e3/0x610 [ 32.930788][ T401] copy_process+0x12bc/0x3260 [ 32.935304][ T401] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 32.940248][ T401] ? __kasan_check_write+0x14/0x20 [ 32.945199][ T401] kernel_clone+0x21e/0x9e0 [ 32.949534][ T401] ? _raw_spin_unlock_irq+0x4e/0x70 [ 32.954678][ T401] ? create_io_thread+0x1e0/0x1e0 [ 32.959538][ T401] __x64_sys_clone+0x23f/0x290 [ 32.964130][ T401] ? __do_sys_vfork+0x130/0x130 [ 32.968816][ T401] ? __kasan_check_read+0x11/0x20 [ 32.973688][ T401] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 32.979491][ T401] do_syscall_64+0x3d/0xb0 [ 32.983743][ T401] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 32.989471][ T401] RIP: 0033:0x7fee0c2830a9 [ 32.993724][ T401] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 33.013166][ T401] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 401] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 400] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 401] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] close(3 [pid 401] <... futex resumed>) = 0 [pid 400] <... close resumed>) = 0 [pid 401] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 400] close(4) = -1 EBADF (Bad file descriptor) [pid 400] close(5) = -1 EBADF (Bad file descriptor) [pid 400] close(6) = -1 EBADF (Bad file descriptor) [pid 400] close(7) = -1 EBADF (Bad file descriptor) [pid 400] close(8) = -1 EBADF (Bad file descriptor) [pid 400] close(9) = -1 EBADF (Bad file descriptor) [pid 400] close(10) = -1 EBADF (Bad file descriptor) [pid 400] close(11) = -1 EBADF (Bad file descriptor) [pid 400] close(12) = -1 EBADF (Bad file descriptor) [pid 400] close(13) = -1 EBADF (Bad file descriptor) [pid 400] close(14) = -1 EBADF (Bad file descriptor) [pid 400] close(15) = -1 EBADF (Bad file descriptor) [pid 400] close(16) = -1 EBADF (Bad file descriptor) [pid 400] close(17) = -1 EBADF (Bad file descriptor) [pid 400] close(18) = -1 EBADF (Bad file descriptor) [pid 400] close(19) = -1 EBADF (Bad file descriptor) [pid 400] close(20) = -1 EBADF (Bad file descriptor) [pid 400] close(21) = -1 EBADF (Bad file descriptor) [pid 400] close(22) = -1 EBADF (Bad file descriptor) [pid 400] close(23) = -1 EBADF (Bad file descriptor) [pid 400] close(24) = -1 EBADF (Bad file descriptor) [pid 400] close(25) = -1 EBADF (Bad file descriptor) [pid 400] close(26) = -1 EBADF (Bad file descriptor) [pid 400] close(27) = -1 EBADF (Bad file descriptor) [pid 400] close(28) = -1 EBADF (Bad file descriptor) [pid 400] close(29) = -1 EBADF (Bad file descriptor) [pid 400] exit_group(0) = ? [pid 401] <... futex resumed>) = ? [pid 401] +++ exited with 0 +++ [pid 400] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=94, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 96 ./strace-static-x86_64: Process 402 attached [pid 402] set_robust_list(0x5555560296a0, 24) = 0 [pid 402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 402] setpgid(0, 0) = 0 [pid 402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 402] write(3, "1000", 4) = 4 [pid 402] close(3) = 0 [pid 402] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 402] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 402] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 402] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 402] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 402] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 402] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 402] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[97]}, 88) = 97 ./strace-static-x86_64: Process 403 attached [pid 402] rt_sigprocmask(SIG_SETMASK, [], [pid 403] set_robust_list(0x7fee0c2439a0, 24 [pid 402] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 403] <... set_robust_list resumed>) = 0 [pid 402] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] rt_sigprocmask(SIG_SETMASK, [], [pid 402] <... futex resumed>) = 0 [pid 403] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 402] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 403] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 403] write(3, "65", 2) = 2 [ 33.021412][ T401] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 33.029222][ T401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 33.037032][ T401] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 33.044969][ T401] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 33.052861][ T401] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 33.060682][ T401] [ 33.080137][ T403] FAULT_INJECTION: forcing a failure. [ 33.080137][ T403] name failslab, interval 1, probability 0, space 0, times 0 [ 33.093112][ T403] CPU: 0 PID: 403 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 33.103170][ T403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 33.113039][ T403] Call Trace: [ 33.116162][ T403] [ 33.119383][ T403] dump_stack_lvl+0x151/0x1b7 [ 33.123885][ T403] ? io_uring_drop_tctx_refs+0x190/0x190 [ 33.129358][ T403] ? avc_denied+0x1b0/0x1b0 [ 33.133780][ T403] dump_stack+0x15/0x17 [ 33.137774][ T403] should_fail+0x3c6/0x510 [ 33.142048][ T403] __should_failslab+0xa4/0xe0 [ 33.146625][ T403] ? vm_area_dup+0x26/0x230 [ 33.151051][ T403] should_failslab+0x9/0x20 [ 33.155392][ T403] slab_pre_alloc_hook+0x37/0xd0 [ 33.160164][ T403] ? vm_area_dup+0x26/0x230 [ 33.164939][ T403] kmem_cache_alloc+0x44/0x200 [ 33.169540][ T403] vm_area_dup+0x26/0x230 [ 33.173703][ T403] copy_mm+0x9a1/0x13e0 [ 33.177697][ T403] ? copy_signal+0x610/0x610 [ 33.182123][ T403] ? __init_rwsem+0xd6/0x1c0 [ 33.186550][ T403] ? copy_signal+0x4e3/0x610 [ 33.190977][ T403] copy_process+0x12bc/0x3260 [ 33.195492][ T403] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 33.200531][ T403] ? __kasan_check_write+0x14/0x20 [ 33.205469][ T403] kernel_clone+0x21e/0x9e0 [ 33.209808][ T403] ? _raw_spin_unlock_irq+0x4e/0x70 [ 33.214843][ T403] ? create_io_thread+0x1e0/0x1e0 [ 33.219774][ T403] __x64_sys_clone+0x23f/0x290 [ 33.224390][ T403] ? __do_sys_vfork+0x130/0x130 [ 33.229077][ T403] ? __kasan_check_read+0x11/0x20 [ 33.233937][ T403] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 33.239756][ T403] do_syscall_64+0x3d/0xb0 [ 33.244006][ T403] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 33.249731][ T403] RIP: 0033:0x7fee0c2830a9 [ 33.253988][ T403] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 403] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 402] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 403] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 403] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 403] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 402] close(3) = 0 [pid 402] close(4) = -1 EBADF (Bad file descriptor) [pid 402] close(5) = -1 EBADF (Bad file descriptor) [pid 402] close(6) = -1 EBADF (Bad file descriptor) [pid 402] close(7) = -1 EBADF (Bad file descriptor) [pid 402] close(8) = -1 EBADF (Bad file descriptor) [pid 402] close(9) = -1 EBADF (Bad file descriptor) [pid 402] close(10) = -1 EBADF (Bad file descriptor) [pid 402] close(11) = -1 EBADF (Bad file descriptor) [pid 402] close(12) = -1 EBADF (Bad file descriptor) [pid 402] close(13) = -1 EBADF (Bad file descriptor) [pid 402] close(14) = -1 EBADF (Bad file descriptor) [pid 402] close(15) = -1 EBADF (Bad file descriptor) [pid 402] close(16) = -1 EBADF (Bad file descriptor) [pid 402] close(17) = -1 EBADF (Bad file descriptor) [pid 402] close(18) = -1 EBADF (Bad file descriptor) [pid 402] close(19) = -1 EBADF (Bad file descriptor) [pid 402] close(20) = -1 EBADF (Bad file descriptor) [pid 402] close(21) = -1 EBADF (Bad file descriptor) [pid 402] close(22) = -1 EBADF (Bad file descriptor) [pid 402] close(23) = -1 EBADF (Bad file descriptor) [pid 402] close(24) = -1 EBADF (Bad file descriptor) [pid 402] close(25) = -1 EBADF (Bad file descriptor) [pid 402] close(26) = -1 EBADF (Bad file descriptor) [pid 402] close(27) = -1 EBADF (Bad file descriptor) [pid 402] close(28) = -1 EBADF (Bad file descriptor) [pid 402] close(29) = -1 EBADF (Bad file descriptor) [pid 402] exit_group(0) = ? [pid 403] <... futex resumed>) = ? [pid 403] +++ exited with 0 +++ [pid 402] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=96, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 98 ./strace-static-x86_64: Process 404 attached [pid 404] set_robust_list(0x5555560296a0, 24) = 0 [pid 404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 404] setpgid(0, 0) = 0 [pid 404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 404] write(3, "1000", 4) = 4 [pid 404] close(3) = 0 [pid 404] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 404] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 404] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 404] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 404] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 404] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 404] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 404] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 405 attached => {parent_tid=[99]}, 88) = 99 [pid 405] set_robust_list(0x7fee0c2439a0, 24 [pid 404] rt_sigprocmask(SIG_SETMASK, [], [pid 405] <... set_robust_list resumed>) = 0 [pid 404] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 405] rt_sigprocmask(SIG_SETMASK, [], [pid 404] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 405] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 404] <... futex resumed>) = 0 [pid 405] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 404] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 405] <... openat resumed>) = 3 [pid 405] write(3, "65", 2) = 2 [ 33.273439][ T403] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 33.281674][ T403] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 33.289483][ T403] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 33.297299][ T403] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 33.305104][ T403] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 33.312924][ T403] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 33.320759][ T403] [pid 405] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 404] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 33.335140][ T405] FAULT_INJECTION: forcing a failure. [ 33.335140][ T405] name failslab, interval 1, probability 0, space 0, times 0 [ 33.347953][ T405] CPU: 0 PID: 405 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 33.358002][ T405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 33.367992][ T405] Call Trace: [ 33.371200][ T405] [ 33.373969][ T405] dump_stack_lvl+0x151/0x1b7 [ 33.378570][ T405] ? io_uring_drop_tctx_refs+0x190/0x190 [ 33.384041][ T405] dump_stack+0x15/0x17 [ 33.388153][ T405] should_fail+0x3c6/0x510 [ 33.392404][ T405] __should_failslab+0xa4/0xe0 [ 33.396997][ T405] ? vm_area_dup+0x26/0x230 [ 33.401342][ T405] should_failslab+0x9/0x20 [ 33.405680][ T405] slab_pre_alloc_hook+0x37/0xd0 [ 33.410466][ T405] ? vm_area_dup+0x26/0x230 [ 33.415431][ T405] kmem_cache_alloc+0x44/0x200 [ 33.420114][ T405] vm_area_dup+0x26/0x230 [ 33.424282][ T405] copy_mm+0x9a1/0x13e0 [ 33.428271][ T405] ? copy_signal+0x610/0x610 [ 33.432692][ T405] ? __init_rwsem+0xd6/0x1c0 [ 33.437126][ T405] ? copy_signal+0x4e3/0x610 [ 33.441546][ T405] copy_process+0x12bc/0x3260 [ 33.446151][ T405] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 33.451181][ T405] ? __kasan_check_write+0x14/0x20 [ 33.456130][ T405] kernel_clone+0x21e/0x9e0 [ 33.460466][ T405] ? _raw_spin_unlock_irq+0x4e/0x70 [ 33.465499][ T405] ? create_io_thread+0x1e0/0x1e0 [ 33.470362][ T405] __x64_sys_clone+0x23f/0x290 [ 33.474964][ T405] ? __do_sys_vfork+0x130/0x130 [ 33.479735][ T405] ? __kasan_check_read+0x11/0x20 [ 33.484597][ T405] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 33.490417][ T405] do_syscall_64+0x3d/0xb0 [ 33.494689][ T405] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 33.500394][ T405] RIP: 0033:0x7fee0c2830a9 [ 33.504654][ T405] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 33.524229][ T405] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 405] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 405] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 405] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 404] close(3) = 0 [pid 404] close(4) = -1 EBADF (Bad file descriptor) [pid 404] close(5) = -1 EBADF (Bad file descriptor) [pid 404] close(6) = -1 EBADF (Bad file descriptor) [pid 404] close(7) = -1 EBADF (Bad file descriptor) [pid 404] close(8) = -1 EBADF (Bad file descriptor) [pid 404] close(9) = -1 EBADF (Bad file descriptor) [pid 404] close(10) = -1 EBADF (Bad file descriptor) [pid 404] close(11) = -1 EBADF (Bad file descriptor) [pid 404] close(12) = -1 EBADF (Bad file descriptor) [pid 404] close(13) = -1 EBADF (Bad file descriptor) [pid 404] close(14) = -1 EBADF (Bad file descriptor) [pid 404] close(15) = -1 EBADF (Bad file descriptor) [pid 404] close(16) = -1 EBADF (Bad file descriptor) [pid 404] close(17) = -1 EBADF (Bad file descriptor) [pid 404] close(18) = -1 EBADF (Bad file descriptor) [pid 404] close(19) = -1 EBADF (Bad file descriptor) [pid 404] close(20) = -1 EBADF (Bad file descriptor) [pid 404] close(21) = -1 EBADF (Bad file descriptor) [pid 404] close(22) = -1 EBADF (Bad file descriptor) [pid 404] close(23) = -1 EBADF (Bad file descriptor) [pid 404] close(24) = -1 EBADF (Bad file descriptor) [pid 404] close(25) = -1 EBADF (Bad file descriptor) [pid 404] close(26) = -1 EBADF (Bad file descriptor) [pid 404] close(27) = -1 EBADF (Bad file descriptor) [pid 404] close(28) = -1 EBADF (Bad file descriptor) [pid 404] close(29) = -1 EBADF (Bad file descriptor) [pid 404] exit_group(0) = ? [pid 405] <... futex resumed>) = ? [pid 405] +++ exited with 0 +++ [pid 404] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=98, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 406 attached , child_tidptr=0x555556029690) = 100 [pid 406] set_robust_list(0x5555560296a0, 24) = 0 [pid 406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 406] setpgid(0, 0) = 0 [pid 406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 406] write(3, "1000", 4) = 4 [pid 406] close(3) = 0 [pid 406] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 406] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 406] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 406] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 406] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 406] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 406] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 406] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 407 attached => {parent_tid=[101]}, 88) = 101 [pid 407] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 407] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 407] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 406] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 406] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 407] <... futex resumed>) = 0 [pid 407] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 406] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 407] write(3, "65", 2) = 2 [ 33.532487][ T405] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 33.540276][ T405] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 33.548088][ T405] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 33.555897][ T405] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 33.563716][ T405] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 33.571555][ T405] [pid 407] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 406] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 33.588948][ T407] FAULT_INJECTION: forcing a failure. [ 33.588948][ T407] name failslab, interval 1, probability 0, space 0, times 0 [ 33.601744][ T407] CPU: 1 PID: 407 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 33.611884][ T407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 33.621783][ T407] Call Trace: [ 33.624914][ T407] [ 33.627678][ T407] dump_stack_lvl+0x151/0x1b7 [ 33.632193][ T407] ? io_uring_drop_tctx_refs+0x190/0x190 [ 33.637658][ T407] ? avc_denied+0x1b0/0x1b0 [ 33.642001][ T407] dump_stack+0x15/0x17 [ 33.645995][ T407] should_fail+0x3c6/0x510 [ 33.650273][ T407] __should_failslab+0xa4/0xe0 [ 33.654843][ T407] ? vm_area_dup+0x26/0x230 [ 33.659184][ T407] should_failslab+0x9/0x20 [ 33.663609][ T407] slab_pre_alloc_hook+0x37/0xd0 [ 33.668400][ T407] ? vm_area_dup+0x26/0x230 [ 33.672722][ T407] kmem_cache_alloc+0x44/0x200 [ 33.677327][ T407] vm_area_dup+0x26/0x230 [ 33.681489][ T407] copy_mm+0x9a1/0x13e0 [ 33.685490][ T407] ? copy_signal+0x610/0x610 [ 33.689911][ T407] ? __init_rwsem+0xd6/0x1c0 [ 33.694335][ T407] ? copy_signal+0x4e3/0x610 [ 33.699196][ T407] copy_process+0x12bc/0x3260 [ 33.703712][ T407] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 33.708741][ T407] ? __kasan_check_write+0x14/0x20 [ 33.713688][ T407] kernel_clone+0x21e/0x9e0 [ 33.718114][ T407] ? _raw_spin_unlock_irq+0x4e/0x70 [ 33.723146][ T407] ? create_io_thread+0x1e0/0x1e0 [ 33.728009][ T407] __x64_sys_clone+0x23f/0x290 [ 33.732693][ T407] ? __do_sys_vfork+0x130/0x130 [ 33.737383][ T407] ? __kasan_check_read+0x11/0x20 [ 33.742249][ T407] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 33.748061][ T407] do_syscall_64+0x3d/0xb0 [ 33.752311][ T407] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 33.758036][ T407] RIP: 0033:0x7fee0c2830a9 [ 33.762290][ T407] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 407] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 407] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 406] close(3) = 0 [pid 406] close(4) = -1 EBADF (Bad file descriptor) [pid 406] close(5 [pid 407] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 406] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 406] close(6) = -1 EBADF (Bad file descriptor) [pid 406] close(7) = -1 EBADF (Bad file descriptor) [pid 406] close(8) = -1 EBADF (Bad file descriptor) [pid 406] close(9) = -1 EBADF (Bad file descriptor) [pid 406] close(10) = -1 EBADF (Bad file descriptor) [pid 406] close(11) = -1 EBADF (Bad file descriptor) [pid 406] close(12) = -1 EBADF (Bad file descriptor) [pid 406] close(13) = -1 EBADF (Bad file descriptor) [pid 406] close(14) = -1 EBADF (Bad file descriptor) [pid 406] close(15) = -1 EBADF (Bad file descriptor) [pid 406] close(16) = -1 EBADF (Bad file descriptor) [pid 406] close(17) = -1 EBADF (Bad file descriptor) [pid 406] close(18) = -1 EBADF (Bad file descriptor) [pid 406] close(19) = -1 EBADF (Bad file descriptor) [pid 406] close(20) = -1 EBADF (Bad file descriptor) [pid 406] close(21) = -1 EBADF (Bad file descriptor) [pid 406] close(22) = -1 EBADF (Bad file descriptor) [pid 406] close(23) = -1 EBADF (Bad file descriptor) [pid 406] close(24) = -1 EBADF (Bad file descriptor) [pid 406] close(25) = -1 EBADF (Bad file descriptor) [pid 406] close(26) = -1 EBADF (Bad file descriptor) [pid 406] close(27) = -1 EBADF (Bad file descriptor) [pid 406] close(28) = -1 EBADF (Bad file descriptor) [pid 406] close(29) = -1 EBADF (Bad file descriptor) [pid 406] exit_group(0 [pid 407] <... futex resumed>) = ? [pid 406] <... exit_group resumed>) = ? [pid 407] +++ exited with 0 +++ [pid 406] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=100, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 102 ./strace-static-x86_64: Process 409 attached [pid 409] set_robust_list(0x5555560296a0, 24) = 0 [pid 409] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 409] setpgid(0, 0) = 0 [pid 409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 409] write(3, "1000", 4) = 4 [pid 409] close(3) = 0 [pid 409] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 409] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 409] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 409] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 409] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 409] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 409] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 410 attached => {parent_tid=[103]}, 88) = 103 [pid 410] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 410] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 410] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 409] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 410] <... futex resumed>) = 0 [pid 410] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 409] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] write(3, "65", 2) = 2 [ 33.781737][ T407] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 33.790083][ T407] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 33.797894][ T407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 33.805704][ T407] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 33.813607][ T407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 33.821430][ T407] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 33.829240][ T407] [pid 410] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 409] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 33.850195][ T410] FAULT_INJECTION: forcing a failure. [ 33.850195][ T410] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 33.863336][ T410] CPU: 1 PID: 410 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 33.873298][ T410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 33.883195][ T410] Call Trace: [ 33.886320][ T410] [ 33.889092][ T410] dump_stack_lvl+0x151/0x1b7 [ 33.893604][ T410] ? io_uring_drop_tctx_refs+0x190/0x190 [ 33.899073][ T410] ? sched_clock+0x9/0x10 [ 33.903241][ T410] dump_stack+0x15/0x17 [ 33.907231][ T410] should_fail+0x3c6/0x510 [ 33.911485][ T410] should_fail_alloc_page+0x5a/0x80 [ 33.916516][ T410] prepare_alloc_pages+0x15c/0x700 [ 33.921471][ T410] ? __alloc_pages_bulk+0xe60/0xe60 [ 33.926498][ T410] __alloc_pages+0x138/0x5e0 [ 33.930923][ T410] ? prep_new_page+0x110/0x110 [ 33.935525][ T410] ? __alloc_pages+0x206/0x5e0 [ 33.940123][ T410] ? prep_new_page+0x110/0x110 [ 33.944724][ T410] ? __kasan_check_write+0x14/0x20 [ 33.949676][ T410] ? _raw_spin_lock+0xa4/0x1b0 [ 33.954274][ T410] pte_alloc_one+0x73/0x1b0 [ 33.958629][ T410] ? pfn_modify_allowed+0x2f0/0x2f0 [ 33.963644][ T410] ? __pmd_alloc+0x48d/0x550 [ 33.968069][ T410] __pte_alloc+0x86/0x350 [ 33.972239][ T410] ? __pud_alloc+0x260/0x260 [ 33.976847][ T410] ? free_pgtables+0x280/0x280 [ 33.981441][ T410] ? __stack_depot_save+0x34/0x470 [ 33.986396][ T410] ? anon_vma_clone+0x9a/0x500 [ 33.990988][ T410] copy_page_range+0x28a8/0x2f90 [ 33.995757][ T410] ? __kasan_slab_alloc+0xb1/0xe0 [ 34.000617][ T410] ? slab_post_alloc_hook+0x53/0x2c0 [ 34.005738][ T410] ? kernel_clone+0x21e/0x9e0 [ 34.010252][ T410] ? do_syscall_64+0x3d/0xb0 [ 34.014676][ T410] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 34.020673][ T410] ? pfn_valid+0x1e0/0x1e0 [ 34.025041][ T410] ? rwsem_write_trylock+0x15b/0x290 [ 34.030155][ T410] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 34.036401][ T410] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 34.041954][ T410] ? __rb_insert_augmented+0x5de/0x610 [ 34.047252][ T410] copy_mm+0xc7e/0x13e0 [ 34.051244][ T410] ? copy_signal+0x610/0x610 [ 34.055710][ T410] ? __init_rwsem+0xd6/0x1c0 [ 34.060098][ T410] ? copy_signal+0x4e3/0x610 [ 34.064522][ T410] copy_process+0x12bc/0x3260 [ 34.069037][ T410] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 34.073978][ T410] ? __kasan_check_write+0x14/0x20 [ 34.078928][ T410] kernel_clone+0x21e/0x9e0 [ 34.083267][ T410] ? _raw_spin_unlock_irq+0x4e/0x70 [ 34.088300][ T410] ? create_io_thread+0x1e0/0x1e0 [ 34.093160][ T410] __x64_sys_clone+0x23f/0x290 [ 34.097847][ T410] ? __do_sys_vfork+0x130/0x130 [ 34.102534][ T410] ? __kasan_check_read+0x11/0x20 [ 34.107418][ T410] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 34.113226][ T410] do_syscall_64+0x3d/0xb0 [ 34.117468][ T410] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 34.123192][ T410] RIP: 0033:0x7fee0c2830a9 [ 34.127442][ T410] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 410] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 410] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 409] close(3) = 0 [pid 409] close(4 [pid 410] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 409] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 409] close(5) = -1 EBADF (Bad file descriptor) [pid 409] close(6) = -1 EBADF (Bad file descriptor) [pid 409] close(7) = -1 EBADF (Bad file descriptor) [pid 409] close(8) = -1 EBADF (Bad file descriptor) [pid 409] close(9) = -1 EBADF (Bad file descriptor) [pid 409] close(10) = -1 EBADF (Bad file descriptor) [pid 409] close(11) = -1 EBADF (Bad file descriptor) [pid 409] close(12) = -1 EBADF (Bad file descriptor) [pid 409] close(13) = -1 EBADF (Bad file descriptor) [pid 409] close(14) = -1 EBADF (Bad file descriptor) [pid 409] close(15) = -1 EBADF (Bad file descriptor) [pid 409] close(16) = -1 EBADF (Bad file descriptor) [pid 409] close(17) = -1 EBADF (Bad file descriptor) [pid 409] close(18) = -1 EBADF (Bad file descriptor) [pid 409] close(19) = -1 EBADF (Bad file descriptor) [pid 409] close(20) = -1 EBADF (Bad file descriptor) [pid 409] close(21) = -1 EBADF (Bad file descriptor) [pid 409] close(22) = -1 EBADF (Bad file descriptor) [pid 409] close(23) = -1 EBADF (Bad file descriptor) [pid 409] close(24) = -1 EBADF (Bad file descriptor) [pid 409] close(25) = -1 EBADF (Bad file descriptor) [pid 409] close(26) = -1 EBADF (Bad file descriptor) [pid 409] close(27) = -1 EBADF (Bad file descriptor) [pid 409] close(28) = -1 EBADF (Bad file descriptor) [pid 409] close(29) = -1 EBADF (Bad file descriptor) [pid 409] exit_group(0 [pid 410] <... futex resumed>) = ? [pid 409] <... exit_group resumed>) = ? [pid 410] +++ exited with 0 +++ [pid 409] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=102, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 104 ./strace-static-x86_64: Process 411 attached [pid 411] set_robust_list(0x5555560296a0, 24) = 0 [pid 411] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 411] setpgid(0, 0) = 0 [pid 411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 411] write(3, "1000", 4) = 4 [pid 411] close(3) = 0 [pid 411] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 411] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 411] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 411] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 411] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 411] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 411] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 411] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 412 attached => {parent_tid=[105]}, 88) = 105 [pid 411] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 411] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 411] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 412] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 412] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 412] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 412] write(3, "65", 2) = 2 [ 34.146885][ T410] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 34.155217][ T410] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 34.163030][ T410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 34.170844][ T410] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 34.178653][ T410] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 34.186461][ T410] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 34.194278][ T410] [ 34.210431][ T412] FAULT_INJECTION: forcing a failure. [ 34.210431][ T412] name failslab, interval 1, probability 0, space 0, times 0 [ 34.223086][ T412] CPU: 0 PID: 412 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 34.233141][ T412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 34.243099][ T412] Call Trace: [ 34.246224][ T412] [ 34.249001][ T412] dump_stack_lvl+0x151/0x1b7 [ 34.253517][ T412] ? io_uring_drop_tctx_refs+0x190/0x190 [ 34.258984][ T412] dump_stack+0x15/0x17 [ 34.262973][ T412] should_fail+0x3c6/0x510 [ 34.267229][ T412] __should_failslab+0xa4/0xe0 [ 34.271825][ T412] ? anon_vma_clone+0x9a/0x500 [ 34.276426][ T412] should_failslab+0x9/0x20 [ 34.280767][ T412] slab_pre_alloc_hook+0x37/0xd0 [ 34.285550][ T412] ? anon_vma_clone+0x9a/0x500 [ 34.290139][ T412] kmem_cache_alloc+0x44/0x200 [ 34.294742][ T412] anon_vma_clone+0x9a/0x500 [ 34.299163][ T412] anon_vma_fork+0x91/0x4e0 [ 34.303503][ T412] ? anon_vma_name+0x4c/0x70 [ 34.307929][ T412] ? vm_area_dup+0x17a/0x230 [ 34.312359][ T412] copy_mm+0xa3a/0x13e0 [ 34.316350][ T412] ? copy_signal+0x610/0x610 [ 34.320784][ T412] ? __init_rwsem+0xd6/0x1c0 [ 34.325214][ T412] ? copy_signal+0x4e3/0x610 [ 34.329640][ T412] copy_process+0x12bc/0x3260 [ 34.334498][ T412] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 34.339479][ T412] ? __kasan_check_write+0x14/0x20 [ 34.344385][ T412] kernel_clone+0x21e/0x9e0 [ 34.348727][ T412] ? _raw_spin_unlock_irq+0x4e/0x70 [ 34.353757][ T412] ? create_io_thread+0x1e0/0x1e0 [ 34.358622][ T412] __x64_sys_clone+0x23f/0x290 [ 34.363218][ T412] ? __do_sys_vfork+0x130/0x130 [ 34.367991][ T412] ? __kasan_check_read+0x11/0x20 [ 34.372880][ T412] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 34.378670][ T412] do_syscall_64+0x3d/0xb0 [ 34.382925][ T412] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 34.388654][ T412] RIP: 0033:0x7fee0c2830a9 [ 34.392901][ T412] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 34.412362][ T412] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 34.420687][ T412] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 34.428495][ T412] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 34.436305][ T412] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 34.444131][ T412] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 34.451926][ T412] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 412] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 411] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 412] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 412] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 412] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 411] close(3) = 0 [pid 411] close(4) = -1 EBADF (Bad file descriptor) [pid 411] close(5) = -1 EBADF (Bad file descriptor) [pid 411] close(6) = -1 EBADF (Bad file descriptor) [pid 411] close(7) = -1 EBADF (Bad file descriptor) [pid 411] close(8) = -1 EBADF (Bad file descriptor) [pid 411] close(9) = -1 EBADF (Bad file descriptor) [pid 411] close(10) = -1 EBADF (Bad file descriptor) [pid 411] close(11) = -1 EBADF (Bad file descriptor) [pid 411] close(12) = -1 EBADF (Bad file descriptor) [pid 411] close(13) = -1 EBADF (Bad file descriptor) [pid 411] close(14) = -1 EBADF (Bad file descriptor) [pid 411] close(15) = -1 EBADF (Bad file descriptor) [pid 411] close(16) = -1 EBADF (Bad file descriptor) [pid 411] close(17) = -1 EBADF (Bad file descriptor) [pid 411] close(18) = -1 EBADF (Bad file descriptor) [pid 411] close(19) = -1 EBADF (Bad file descriptor) [pid 411] close(20) = -1 EBADF (Bad file descriptor) [pid 411] close(21) = -1 EBADF (Bad file descriptor) [pid 411] close(22) = -1 EBADF (Bad file descriptor) [pid 411] close(23) = -1 EBADF (Bad file descriptor) [pid 411] close(24) = -1 EBADF (Bad file descriptor) [pid 411] close(25) = -1 EBADF (Bad file descriptor) [pid 411] close(26) = -1 EBADF (Bad file descriptor) [pid 411] close(27) = -1 EBADF (Bad file descriptor) [pid 411] close(28) = -1 EBADF (Bad file descriptor) [pid 411] close(29) = -1 EBADF (Bad file descriptor) [pid 411] exit_group(0) = ? [pid 412] <... futex resumed>) = ? [pid 412] +++ exited with 0 +++ [pid 411] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=104, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 413 attached , child_tidptr=0x555556029690) = 106 [pid 413] set_robust_list(0x5555560296a0, 24) = 0 [pid 413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 413] setpgid(0, 0) = 0 [pid 413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 413] write(3, "1000", 4) = 4 [pid 413] close(3) = 0 [pid 413] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 413] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 413] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 413] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 413] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 413] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 413] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 413] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[107]}, 88) = 107 [pid 413] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 413] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 413] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 414 attached [pid 414] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 414] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 414] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 414] write(3, "65", 2) = 2 [ 34.460026][ T412] [ 34.473084][ T414] FAULT_INJECTION: forcing a failure. [ 34.473084][ T414] name failslab, interval 1, probability 0, space 0, times 0 [ 34.485569][ T414] CPU: 1 PID: 414 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 34.495562][ T414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 34.505460][ T414] Call Trace: [ 34.508576][ T414] [ 34.511359][ T414] dump_stack_lvl+0x151/0x1b7 [ 34.515870][ T414] ? io_uring_drop_tctx_refs+0x190/0x190 [ 34.521338][ T414] dump_stack+0x15/0x17 [ 34.525326][ T414] should_fail+0x3c6/0x510 [ 34.529579][ T414] __should_failslab+0xa4/0xe0 [ 34.534178][ T414] ? vm_area_dup+0x26/0x230 [ 34.538522][ T414] should_failslab+0x9/0x20 [ 34.542857][ T414] slab_pre_alloc_hook+0x37/0xd0 [ 34.547629][ T414] ? vm_area_dup+0x26/0x230 [ 34.552001][ T414] kmem_cache_alloc+0x44/0x200 [ 34.556570][ T414] vm_area_dup+0x26/0x230 [ 34.560739][ T414] copy_mm+0x9a1/0x13e0 [ 34.564729][ T414] ? copy_signal+0x610/0x610 [ 34.569154][ T414] ? __init_rwsem+0xd6/0x1c0 [ 34.573581][ T414] ? copy_signal+0x4e3/0x610 [ 34.578006][ T414] copy_process+0x12bc/0x3260 [ 34.582525][ T414] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 34.587471][ T414] ? __kasan_check_write+0x14/0x20 [ 34.592419][ T414] kernel_clone+0x21e/0x9e0 [ 34.596763][ T414] ? _raw_spin_unlock_irq+0x4e/0x70 [ 34.602308][ T414] ? create_io_thread+0x1e0/0x1e0 [ 34.607172][ T414] __x64_sys_clone+0x23f/0x290 [ 34.611768][ T414] ? __do_sys_vfork+0x130/0x130 [ 34.616548][ T414] ? __kasan_check_read+0x11/0x20 [ 34.621401][ T414] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 34.627316][ T414] do_syscall_64+0x3d/0xb0 [ 34.631557][ T414] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 34.637290][ T414] RIP: 0033:0x7fee0c2830a9 [ 34.641572][ T414] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 414] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 413] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 414] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 414] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 414] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 413] close(3) = 0 [pid 413] close(4) = -1 EBADF (Bad file descriptor) [pid 413] close(5) = -1 EBADF (Bad file descriptor) [pid 413] close(6) = -1 EBADF (Bad file descriptor) [pid 413] close(7) = -1 EBADF (Bad file descriptor) [pid 413] close(8) = -1 EBADF (Bad file descriptor) [pid 413] close(9) = -1 EBADF (Bad file descriptor) [pid 413] close(10) = -1 EBADF (Bad file descriptor) [pid 413] close(11) = -1 EBADF (Bad file descriptor) [pid 413] close(12) = -1 EBADF (Bad file descriptor) [pid 413] close(13) = -1 EBADF (Bad file descriptor) [pid 413] close(14) = -1 EBADF (Bad file descriptor) [pid 413] close(15) = -1 EBADF (Bad file descriptor) [pid 413] close(16) = -1 EBADF (Bad file descriptor) [pid 413] close(17) = -1 EBADF (Bad file descriptor) [pid 413] close(18) = -1 EBADF (Bad file descriptor) [pid 413] close(19) = -1 EBADF (Bad file descriptor) [pid 413] close(20) = -1 EBADF (Bad file descriptor) [pid 413] close(21) = -1 EBADF (Bad file descriptor) [pid 413] close(22) = -1 EBADF (Bad file descriptor) [pid 413] close(23) = -1 EBADF (Bad file descriptor) [pid 413] close(24) = -1 EBADF (Bad file descriptor) [pid 413] close(25) = -1 EBADF (Bad file descriptor) [pid 413] close(26) = -1 EBADF (Bad file descriptor) [pid 413] close(27) = -1 EBADF (Bad file descriptor) [pid 413] close(28) = -1 EBADF (Bad file descriptor) [pid 413] close(29) = -1 EBADF (Bad file descriptor) [pid 413] exit_group(0 [pid 414] <... futex resumed>) = ? [pid 413] <... exit_group resumed>) = ? [pid 414] +++ exited with 0 +++ [pid 413] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=106, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 415 attached [pid 415] set_robust_list(0x5555560296a0, 24) = 0 [pid 415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 415] setpgid(0, 0) = 0 [pid 415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 415] write(3, "1000", 4) = 4 [pid 415] close(3) = 0 [pid 415] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 415] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 415] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 415] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 415] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 415] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 415] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[109]}, 88) = 109 [pid 294] <... clone resumed>, child_tidptr=0x555556029690) = 108 [pid 415] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 415] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 416 attached [pid 416] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 416] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 416] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 416] write(3, "65", 2) = 2 [ 34.660979][ T414] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 34.669225][ T414] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 34.677124][ T414] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 34.684931][ T414] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 34.692745][ T414] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 34.700555][ T414] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 34.708647][ T414] [pid 416] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 415] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 34.720344][ T416] FAULT_INJECTION: forcing a failure. [ 34.720344][ T416] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 34.733554][ T416] CPU: 0 PID: 416 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 34.743606][ T416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 34.753500][ T416] Call Trace: [ 34.756626][ T416] [ 34.759402][ T416] dump_stack_lvl+0x151/0x1b7 [ 34.763913][ T416] ? io_uring_drop_tctx_refs+0x190/0x190 [ 34.769386][ T416] dump_stack+0x15/0x17 [ 34.773378][ T416] should_fail+0x3c6/0x510 [ 34.777630][ T416] should_fail_alloc_page+0x5a/0x80 [ 34.782659][ T416] prepare_alloc_pages+0x15c/0x700 [ 34.787607][ T416] ? __alloc_pages_bulk+0xe60/0xe60 [ 34.792643][ T416] __alloc_pages+0x138/0x5e0 [ 34.797070][ T416] ? prep_new_page+0x110/0x110 [ 34.801669][ T416] ? __alloc_pages+0x206/0x5e0 [ 34.806270][ T416] ? prep_new_page+0x110/0x110 [ 34.810872][ T416] ? __kasan_check_write+0x14/0x20 [ 34.815816][ T416] ? _raw_spin_lock+0xa4/0x1b0 [ 34.820416][ T416] pte_alloc_one+0x73/0x1b0 [ 34.824756][ T416] ? pfn_modify_allowed+0x2f0/0x2f0 [ 34.829786][ T416] ? __pmd_alloc+0x48d/0x550 [ 34.834215][ T416] __pte_alloc+0x86/0x350 [ 34.838385][ T416] ? __pud_alloc+0x260/0x260 [ 34.842894][ T416] ? free_pgtables+0x280/0x280 [ 34.847496][ T416] ? __stack_depot_save+0x34/0x470 [ 34.852457][ T416] ? anon_vma_clone+0x9a/0x500 [ 34.857041][ T416] copy_page_range+0x28a8/0x2f90 [ 34.861825][ T416] ? __kasan_slab_alloc+0xb1/0xe0 [ 34.866682][ T416] ? slab_post_alloc_hook+0x53/0x2c0 [ 34.871801][ T416] ? kernel_clone+0x21e/0x9e0 [ 34.876308][ T416] ? do_syscall_64+0x3d/0xb0 [ 34.880746][ T416] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 34.886639][ T416] ? pfn_valid+0x1e0/0x1e0 [ 34.890891][ T416] ? rwsem_write_trylock+0x15b/0x290 [ 34.896009][ T416] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 34.902260][ T416] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 34.907815][ T416] ? __rb_insert_augmented+0x5de/0x610 [ 34.913108][ T416] copy_mm+0xc7e/0x13e0 [ 34.917101][ T416] ? copy_signal+0x610/0x610 [ 34.921593][ T416] ? __init_rwsem+0xd6/0x1c0 [ 34.925952][ T416] ? copy_signal+0x4e3/0x610 [ 34.930378][ T416] copy_process+0x12bc/0x3260 [ 34.934898][ T416] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 34.939927][ T416] ? __kasan_check_write+0x14/0x20 [ 34.944873][ T416] kernel_clone+0x21e/0x9e0 [ 34.949214][ T416] ? _raw_spin_unlock_irq+0x4e/0x70 [ 34.954252][ T416] ? create_io_thread+0x1e0/0x1e0 [ 34.959107][ T416] __x64_sys_clone+0x23f/0x290 [ 34.963705][ T416] ? __do_sys_vfork+0x130/0x130 [ 34.968657][ T416] ? __kasan_check_read+0x11/0x20 [ 34.973516][ T416] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 34.979330][ T416] do_syscall_64+0x3d/0xb0 [ 34.983585][ T416] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 34.989310][ T416] RIP: 0033:0x7fee0c2830a9 [ 34.993568][ T416] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 35.013005][ T416] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 416] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 416] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 416] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 415] close(3) = 0 [pid 415] close(4) = -1 EBADF (Bad file descriptor) [pid 415] close(5) = -1 EBADF (Bad file descriptor) [pid 415] close(6) = -1 EBADF (Bad file descriptor) [pid 415] close(7) = -1 EBADF (Bad file descriptor) [pid 415] close(8) = -1 EBADF (Bad file descriptor) [pid 415] close(9) = -1 EBADF (Bad file descriptor) [pid 415] close(10) = -1 EBADF (Bad file descriptor) [pid 415] close(11) = -1 EBADF (Bad file descriptor) [pid 415] close(12) = -1 EBADF (Bad file descriptor) [pid 415] close(13) = -1 EBADF (Bad file descriptor) [pid 415] close(14) = -1 EBADF (Bad file descriptor) [pid 415] close(15) = -1 EBADF (Bad file descriptor) [pid 415] close(16) = -1 EBADF (Bad file descriptor) [pid 415] close(17) = -1 EBADF (Bad file descriptor) [pid 415] close(18) = -1 EBADF (Bad file descriptor) [pid 415] close(19) = -1 EBADF (Bad file descriptor) [pid 415] close(20) = -1 EBADF (Bad file descriptor) [pid 415] close(21) = -1 EBADF (Bad file descriptor) [pid 415] close(22) = -1 EBADF (Bad file descriptor) [pid 415] close(23) = -1 EBADF (Bad file descriptor) [pid 415] close(24) = -1 EBADF (Bad file descriptor) [pid 415] close(25) = -1 EBADF (Bad file descriptor) [pid 415] close(26) = -1 EBADF (Bad file descriptor) [pid 415] close(27) = -1 EBADF (Bad file descriptor) [pid 415] close(28) = -1 EBADF (Bad file descriptor) [pid 415] close(29) = -1 EBADF (Bad file descriptor) [pid 415] exit_group(0) = ? [pid 416] <... futex resumed>) = ? [pid 416] +++ exited with 0 +++ [pid 415] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=108, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 110 ./strace-static-x86_64: Process 418 attached [pid 418] set_robust_list(0x5555560296a0, 24) = 0 [pid 418] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 418] setpgid(0, 0) = 0 [pid 418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 418] write(3, "1000", 4) = 4 [pid 418] close(3) = 0 [pid 418] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 418] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 418] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 418] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 418] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 418] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 418] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 418] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 419 attached => {parent_tid=[111]}, 88) = 111 [pid 419] set_robust_list(0x7fee0c2439a0, 24 [pid 418] rt_sigprocmask(SIG_SETMASK, [], [pid 419] <... set_robust_list resumed>) = 0 [pid 418] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 419] rt_sigprocmask(SIG_SETMASK, [], [pid 418] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 419] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 418] <... futex resumed>) = 0 [pid 419] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 418] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 419] <... openat resumed>) = 3 [pid 419] write(3, "65", 2) = 2 [ 35.021251][ T416] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 35.029068][ T416] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 35.036870][ T416] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 35.044693][ T416] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 35.052502][ T416] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 35.060485][ T416] [ 35.074182][ T419] FAULT_INJECTION: forcing a failure. [ 35.074182][ T419] name failslab, interval 1, probability 0, space 0, times 0 [ 35.086696][ T419] CPU: 1 PID: 419 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 35.096753][ T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 35.106650][ T419] Call Trace: [ 35.109772][ T419] [ 35.112554][ T419] dump_stack_lvl+0x151/0x1b7 [ 35.117061][ T419] ? io_uring_drop_tctx_refs+0x190/0x190 [ 35.122527][ T419] dump_stack+0x15/0x17 [ 35.126548][ T419] should_fail+0x3c6/0x510 [ 35.130774][ T419] __should_failslab+0xa4/0xe0 [ 35.135375][ T419] ? anon_vma_clone+0x9a/0x500 [ 35.139974][ T419] should_failslab+0x9/0x20 [ 35.144315][ T419] slab_pre_alloc_hook+0x37/0xd0 [ 35.149093][ T419] ? anon_vma_clone+0x9a/0x500 [ 35.153775][ T419] kmem_cache_alloc+0x44/0x200 [ 35.158372][ T419] anon_vma_clone+0x9a/0x500 [ 35.162798][ T419] anon_vma_fork+0x91/0x4e0 [ 35.167145][ T419] ? anon_vma_name+0x4c/0x70 [ 35.171564][ T419] ? vm_area_dup+0x17a/0x230 [ 35.175994][ T419] copy_mm+0xa3a/0x13e0 [ 35.179983][ T419] ? copy_signal+0x610/0x610 [ 35.184416][ T419] ? __init_rwsem+0xd6/0x1c0 [ 35.188836][ T419] ? copy_signal+0x4e3/0x610 [ 35.193269][ T419] copy_process+0x12bc/0x3260 [ 35.197778][ T419] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 35.202726][ T419] ? __kasan_check_write+0x14/0x20 [ 35.207673][ T419] kernel_clone+0x21e/0x9e0 [ 35.212009][ T419] ? _raw_spin_unlock_irq+0x4e/0x70 [ 35.217047][ T419] ? create_io_thread+0x1e0/0x1e0 [ 35.221905][ T419] __x64_sys_clone+0x23f/0x290 [ 35.226504][ T419] ? __do_sys_vfork+0x130/0x130 [ 35.231191][ T419] ? __kasan_check_read+0x11/0x20 [ 35.236051][ T419] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 35.241866][ T419] do_syscall_64+0x3d/0xb0 [ 35.246121][ T419] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 35.251933][ T419] RIP: 0033:0x7fee0c2830a9 [ 35.256368][ T419] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 35.275801][ T419] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 35.284045][ T419] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 35.291857][ T419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 35.299681][ T419] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 35.307601][ T419] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 35.315402][ T419] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 419] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 418] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 419] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 419] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 419] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 418] close(3) = 0 [pid 418] close(4) = -1 EBADF (Bad file descriptor) [pid 418] close(5) = -1 EBADF (Bad file descriptor) [pid 418] close(6) = -1 EBADF (Bad file descriptor) [pid 418] close(7) = -1 EBADF (Bad file descriptor) [pid 418] close(8) = -1 EBADF (Bad file descriptor) [pid 418] close(9) = -1 EBADF (Bad file descriptor) [pid 418] close(10) = -1 EBADF (Bad file descriptor) [pid 418] close(11) = -1 EBADF (Bad file descriptor) [pid 418] close(12) = -1 EBADF (Bad file descriptor) [pid 418] close(13) = -1 EBADF (Bad file descriptor) [pid 418] close(14) = -1 EBADF (Bad file descriptor) [pid 418] close(15) = -1 EBADF (Bad file descriptor) [pid 418] close(16) = -1 EBADF (Bad file descriptor) [pid 418] close(17) = -1 EBADF (Bad file descriptor) [pid 418] close(18) = -1 EBADF (Bad file descriptor) [pid 418] close(19) = -1 EBADF (Bad file descriptor) [pid 418] close(20) = -1 EBADF (Bad file descriptor) [pid 418] close(21) = -1 EBADF (Bad file descriptor) [pid 418] close(22) = -1 EBADF (Bad file descriptor) [pid 418] close(23) = -1 EBADF (Bad file descriptor) [pid 418] close(24) = -1 EBADF (Bad file descriptor) [pid 418] close(25) = -1 EBADF (Bad file descriptor) [pid 418] close(26) = -1 EBADF (Bad file descriptor) [pid 418] close(27) = -1 EBADF (Bad file descriptor) [pid 418] close(28) = -1 EBADF (Bad file descriptor) [pid 418] close(29) = -1 EBADF (Bad file descriptor) [pid 418] exit_group(0) = ? [pid 419] <... futex resumed>) = ? [pid 419] +++ exited with 0 +++ [pid 418] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=110, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 420 attached [pid 420] set_robust_list(0x5555560296a0, 24) = 0 [pid 420] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 420] setpgid(0, 0) = 0 [pid 294] <... clone resumed>, child_tidptr=0x555556029690) = 112 [pid 420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 420] write(3, "1000", 4) = 4 [pid 420] close(3) = 0 [pid 420] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 420] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 420] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 420] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 420] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 420] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 420] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 420] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[113]}, 88) = 113 ./strace-static-x86_64: Process 421 attached [pid 420] rt_sigprocmask(SIG_SETMASK, [], [pid 421] set_robust_list(0x7fee0c2439a0, 24 [pid 420] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 421] <... set_robust_list resumed>) = 0 [pid 420] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 421] rt_sigprocmask(SIG_SETMASK, [], [pid 420] <... futex resumed>) = 0 [pid 421] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 420] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 421] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 421] write(3, "65", 2) = 2 [ 35.323214][ T419] [ 35.337603][ T421] FAULT_INJECTION: forcing a failure. [ 35.337603][ T421] name failslab, interval 1, probability 0, space 0, times 0 [ 35.350067][ T421] CPU: 0 PID: 421 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 35.360062][ T421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 35.370045][ T421] Call Trace: [ 35.373255][ T421] [ 35.376036][ T421] dump_stack_lvl+0x151/0x1b7 [ 35.380545][ T421] ? io_uring_drop_tctx_refs+0x190/0x190 [ 35.386276][ T421] dump_stack+0x15/0x17 [ 35.390264][ T421] should_fail+0x3c6/0x510 [ 35.394517][ T421] __should_failslab+0xa4/0xe0 [ 35.399116][ T421] ? vm_area_dup+0x26/0x230 [ 35.403458][ T421] should_failslab+0x9/0x20 [ 35.407797][ T421] slab_pre_alloc_hook+0x37/0xd0 [ 35.412570][ T421] ? vm_area_dup+0x26/0x230 [ 35.416907][ T421] kmem_cache_alloc+0x44/0x200 [ 35.421597][ T421] vm_area_dup+0x26/0x230 [ 35.425762][ T421] copy_mm+0x9a1/0x13e0 [ 35.429756][ T421] ? copy_signal+0x610/0x610 [ 35.434271][ T421] ? __init_rwsem+0xd6/0x1c0 [ 35.439041][ T421] ? copy_signal+0x4e3/0x610 [ 35.443512][ T421] copy_process+0x12bc/0x3260 [ 35.447987][ T421] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 35.452930][ T421] ? __kasan_check_write+0x14/0x20 [ 35.457875][ T421] kernel_clone+0x21e/0x9e0 [ 35.462220][ T421] ? _raw_spin_unlock_irq+0x4e/0x70 [ 35.467334][ T421] ? create_io_thread+0x1e0/0x1e0 [ 35.472212][ T421] __x64_sys_clone+0x23f/0x290 [ 35.476889][ T421] ? __do_sys_vfork+0x130/0x130 [ 35.481569][ T421] ? __kasan_check_read+0x11/0x20 [ 35.486429][ T421] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 35.492253][ T421] do_syscall_64+0x3d/0xb0 [ 35.496514][ T421] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 35.502224][ T421] RIP: 0033:0x7fee0c2830a9 [ 35.506492][ T421] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 421] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 420] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 421] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 420] close(3 [pid 421] <... futex resumed>) = 0 [pid 420] <... close resumed>) = 0 [pid 421] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 420] close(4) = -1 EBADF (Bad file descriptor) [pid 420] close(5) = -1 EBADF (Bad file descriptor) [pid 420] close(6) = -1 EBADF (Bad file descriptor) [pid 420] close(7) = -1 EBADF (Bad file descriptor) [pid 420] close(8) = -1 EBADF (Bad file descriptor) [pid 420] close(9) = -1 EBADF (Bad file descriptor) [pid 420] close(10) = -1 EBADF (Bad file descriptor) [pid 420] close(11) = -1 EBADF (Bad file descriptor) [pid 420] close(12) = -1 EBADF (Bad file descriptor) [pid 420] close(13) = -1 EBADF (Bad file descriptor) [pid 420] close(14) = -1 EBADF (Bad file descriptor) [pid 420] close(15) = -1 EBADF (Bad file descriptor) [pid 420] close(16) = -1 EBADF (Bad file descriptor) [pid 420] close(17) = -1 EBADF (Bad file descriptor) [pid 420] close(18) = -1 EBADF (Bad file descriptor) [pid 420] close(19) = -1 EBADF (Bad file descriptor) [pid 420] close(20) = -1 EBADF (Bad file descriptor) [pid 420] close(21) = -1 EBADF (Bad file descriptor) [pid 420] close(22) = -1 EBADF (Bad file descriptor) [pid 420] close(23) = -1 EBADF (Bad file descriptor) [pid 420] close(24) = -1 EBADF (Bad file descriptor) [pid 420] close(25) = -1 EBADF (Bad file descriptor) [pid 420] close(26) = -1 EBADF (Bad file descriptor) [pid 420] close(27) = -1 EBADF (Bad file descriptor) [pid 420] close(28) = -1 EBADF (Bad file descriptor) [pid 420] close(29) = -1 EBADF (Bad file descriptor) [pid 420] exit_group(0) = ? [pid 421] <... futex resumed>) = ? [pid 421] +++ exited with 0 +++ [pid 420] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=112, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 114 ./strace-static-x86_64: Process 422 attached [pid 422] set_robust_list(0x5555560296a0, 24) = 0 [pid 422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 422] setpgid(0, 0) = 0 [pid 422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 422] write(3, "1000", 4) = 4 [pid 422] close(3) = 0 [pid 422] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 422] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 422] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 422] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 422] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 422] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 422] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 422] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[115]}, 88) = 115 [pid 422] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 422] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 422] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 423 attached [pid 423] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 423] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 423] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 423] write(3, "65", 2) = 2 [ 35.525922][ T421] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 35.534250][ T421] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 35.542063][ T421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 35.549876][ T421] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 35.557684][ T421] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 35.565496][ T421] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 35.573309][ T421] [pid 423] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 422] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 35.584953][ T423] FAULT_INJECTION: forcing a failure. [ 35.584953][ T423] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 35.598064][ T423] CPU: 0 PID: 423 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 35.608032][ T423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 35.617928][ T423] Call Trace: [ 35.621055][ T423] [ 35.623828][ T423] dump_stack_lvl+0x151/0x1b7 [ 35.628347][ T423] ? io_uring_drop_tctx_refs+0x190/0x190 [ 35.633895][ T423] ? kmem_cache_alloc+0x134/0x200 [ 35.638848][ T423] ? copy_mm+0x9a1/0x13e0 [ 35.643015][ T423] ? kvm_sched_clock_read+0x18/0x40 [ 35.648044][ T423] dump_stack+0x15/0x17 [ 35.652035][ T423] should_fail+0x3c6/0x510 [ 35.656288][ T423] should_fail_alloc_page+0x5a/0x80 [ 35.661322][ T423] prepare_alloc_pages+0x15c/0x700 [ 35.666277][ T423] ? __alloc_pages_bulk+0xe60/0xe60 [ 35.671308][ T423] __alloc_pages+0x138/0x5e0 [ 35.675730][ T423] ? prep_new_page+0x110/0x110 [ 35.680331][ T423] ? stack_trace_save+0x1c0/0x1c0 [ 35.685188][ T423] ? unwind_get_return_address+0x4d/0x90 [ 35.690657][ T423] ? arch_stack_walk+0xf3/0x140 [ 35.695342][ T423] __pmd_alloc+0xb1/0x550 [ 35.699508][ T423] ? stack_trace_save+0x113/0x1c0 [ 35.704370][ T423] ? __pud_alloc+0x260/0x260 [ 35.708797][ T423] ? stack_trace_snprint+0xf0/0xf0 [ 35.713744][ T423] ? __stack_depot_save+0x34/0x470 [ 35.718951][ T423] ? anon_vma_clone+0x9a/0x500 [ 35.723549][ T423] copy_page_range+0x2b3d/0x2f90 [ 35.728327][ T423] ? __kasan_slab_alloc+0xb1/0xe0 [ 35.733184][ T423] ? slab_post_alloc_hook+0x53/0x2c0 [ 35.738305][ T423] ? copy_mm+0xa3a/0x13e0 [ 35.742471][ T423] ? copy_process+0x12bc/0x3260 [ 35.747180][ T423] ? kernel_clone+0x21e/0x9e0 [ 35.751670][ T423] ? do_syscall_64+0x3d/0xb0 [ 35.756096][ T423] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 35.762001][ T423] ? pfn_valid+0x1e0/0x1e0 [ 35.766252][ T423] ? rwsem_write_trylock+0x15b/0x290 [ 35.771371][ T423] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 35.777621][ T423] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 35.783177][ T423] ? __rb_insert_augmented+0x5de/0x610 [ 35.788472][ T423] copy_mm+0xc7e/0x13e0 [ 35.792468][ T423] ? copy_signal+0x610/0x610 [ 35.796890][ T423] ? __init_rwsem+0xd6/0x1c0 [ 35.801318][ T423] ? copy_signal+0x4e3/0x610 [ 35.805742][ T423] copy_process+0x12bc/0x3260 [ 35.810259][ T423] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 35.815300][ T423] ? __kasan_check_write+0x14/0x20 [ 35.820236][ T423] kernel_clone+0x21e/0x9e0 [ 35.824581][ T423] ? _raw_spin_unlock_irq+0x4e/0x70 [ 35.829609][ T423] ? create_io_thread+0x1e0/0x1e0 [ 35.834482][ T423] __x64_sys_clone+0x23f/0x290 [ 35.839240][ T423] ? __do_sys_vfork+0x130/0x130 [ 35.843936][ T423] ? __kasan_check_read+0x11/0x20 [ 35.848798][ T423] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 35.854706][ T423] do_syscall_64+0x3d/0xb0 [ 35.858953][ T423] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 35.864679][ T423] RIP: 0033:0x7fee0c2830a9 [ 35.868937][ T423] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 35.888373][ T423] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 35.896617][ T423] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 35.904437][ T423] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 35.912242][ T423] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 35.920051][ T423] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 35.927864][ T423] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 423] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 423] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 423] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 422] close(3) = 0 [pid 422] close(4) = -1 EBADF (Bad file descriptor) [pid 422] close(5) = -1 EBADF (Bad file descriptor) [pid 422] close(6) = -1 EBADF (Bad file descriptor) [pid 422] close(7) = -1 EBADF (Bad file descriptor) [pid 422] close(8) = -1 EBADF (Bad file descriptor) [pid 422] close(9) = -1 EBADF (Bad file descriptor) [pid 422] close(10) = -1 EBADF (Bad file descriptor) [pid 422] close(11) = -1 EBADF (Bad file descriptor) [pid 422] close(12) = -1 EBADF (Bad file descriptor) [pid 422] close(13) = -1 EBADF (Bad file descriptor) [pid 422] close(14) = -1 EBADF (Bad file descriptor) [pid 422] close(15) = -1 EBADF (Bad file descriptor) [pid 422] close(16) = -1 EBADF (Bad file descriptor) [pid 422] close(17) = -1 EBADF (Bad file descriptor) [pid 422] close(18) = -1 EBADF (Bad file descriptor) [pid 422] close(19) = -1 EBADF (Bad file descriptor) [pid 422] close(20) = -1 EBADF (Bad file descriptor) [pid 422] close(21) = -1 EBADF (Bad file descriptor) [pid 422] close(22) = -1 EBADF (Bad file descriptor) [pid 422] close(23) = -1 EBADF (Bad file descriptor) [pid 422] close(24) = -1 EBADF (Bad file descriptor) [pid 422] close(25) = -1 EBADF (Bad file descriptor) [pid 422] close(26) = -1 EBADF (Bad file descriptor) [pid 422] close(27) = -1 EBADF (Bad file descriptor) [pid 422] close(28) = -1 EBADF (Bad file descriptor) [pid 422] close(29) = -1 EBADF (Bad file descriptor) [pid 422] exit_group(0) = ? [pid 423] <... futex resumed>) = ? [pid 423] +++ exited with 0 +++ [pid 422] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=114, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 425 attached , child_tidptr=0x555556029690) = 116 [pid 425] set_robust_list(0x5555560296a0, 24) = 0 [pid 425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 425] setpgid(0, 0) = 0 [pid 425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 425] write(3, "1000", 4) = 4 [pid 425] close(3) = 0 [pid 425] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 425] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 425] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 425] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 425] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 425] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 425] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[117]}, 88) = 117 [pid 425] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 425] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 426 attached [pid 426] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 426] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 426] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 426] write(3, "65", 2) = 2 [ 35.935676][ T423] [ 35.949189][ T426] FAULT_INJECTION: forcing a failure. [ 35.949189][ T426] name failslab, interval 1, probability 0, space 0, times 0 [ 35.961655][ T426] CPU: 1 PID: 426 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 35.971671][ T426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 35.981648][ T426] Call Trace: [ 35.984778][ T426] [ 35.987548][ T426] dump_stack_lvl+0x151/0x1b7 [ 35.992058][ T426] ? io_uring_drop_tctx_refs+0x190/0x190 [ 35.997535][ T426] ? avc_denied+0x1b0/0x1b0 [ 36.001875][ T426] dump_stack+0x15/0x17 [ 36.005858][ T426] should_fail+0x3c6/0x510 [ 36.010117][ T426] __should_failslab+0xa4/0xe0 [ 36.014718][ T426] ? vm_area_dup+0x26/0x230 [ 36.019055][ T426] should_failslab+0x9/0x20 [ 36.023404][ T426] slab_pre_alloc_hook+0x37/0xd0 [ 36.028173][ T426] ? vm_area_dup+0x26/0x230 [ 36.032677][ T426] kmem_cache_alloc+0x44/0x200 [ 36.037283][ T426] vm_area_dup+0x26/0x230 [ 36.041444][ T426] copy_mm+0x9a1/0x13e0 [ 36.045441][ T426] ? copy_signal+0x610/0x610 [ 36.049862][ T426] ? __init_rwsem+0xd6/0x1c0 [ 36.054293][ T426] ? copy_signal+0x4e3/0x610 [ 36.058720][ T426] copy_process+0x12bc/0x3260 [ 36.063240][ T426] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 36.068531][ T426] ? __kasan_check_write+0x14/0x20 [ 36.073475][ T426] kernel_clone+0x21e/0x9e0 [ 36.077816][ T426] ? _raw_spin_unlock_irq+0x4e/0x70 [ 36.082877][ T426] ? create_io_thread+0x1e0/0x1e0 [ 36.087711][ T426] __x64_sys_clone+0x23f/0x290 [ 36.092405][ T426] ? __do_sys_vfork+0x130/0x130 [ 36.097086][ T426] ? __kasan_check_read+0x11/0x20 [ 36.101941][ T426] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 36.107756][ T426] do_syscall_64+0x3d/0xb0 [ 36.112010][ T426] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 36.117738][ T426] RIP: 0033:0x7fee0c2830a9 [ 36.121990][ T426] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 36.141430][ T426] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 36.149680][ T426] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 36.157834][ T426] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 36.165994][ T426] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 36.174504][ T426] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [pid 426] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 425] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 426] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 425] close(3 [pid 426] <... futex resumed>) = 0 [pid 425] <... close resumed>) = 0 [pid 426] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] close(4) = -1 EBADF (Bad file descriptor) [pid 425] close(5) = -1 EBADF (Bad file descriptor) [pid 425] close(6) = -1 EBADF (Bad file descriptor) [pid 425] close(7) = -1 EBADF (Bad file descriptor) [pid 425] close(8) = -1 EBADF (Bad file descriptor) [pid 425] close(9) = -1 EBADF (Bad file descriptor) [pid 425] close(10) = -1 EBADF (Bad file descriptor) [pid 425] close(11) = -1 EBADF (Bad file descriptor) [pid 425] close(12) = -1 EBADF (Bad file descriptor) [pid 425] close(13) = -1 EBADF (Bad file descriptor) [pid 425] close(14) = -1 EBADF (Bad file descriptor) [pid 425] close(15) = -1 EBADF (Bad file descriptor) [pid 425] close(16) = -1 EBADF (Bad file descriptor) [pid 425] close(17) = -1 EBADF (Bad file descriptor) [pid 425] close(18) = -1 EBADF (Bad file descriptor) [pid 425] close(19) = -1 EBADF (Bad file descriptor) [pid 425] close(20) = -1 EBADF (Bad file descriptor) [pid 425] close(21) = -1 EBADF (Bad file descriptor) [pid 425] close(22) = -1 EBADF (Bad file descriptor) [pid 425] close(23) = -1 EBADF (Bad file descriptor) [pid 425] close(24) = -1 EBADF (Bad file descriptor) [pid 425] close(25) = -1 EBADF (Bad file descriptor) [pid 425] close(26) = -1 EBADF (Bad file descriptor) [pid 425] close(27) = -1 EBADF (Bad file descriptor) [pid 425] close(28) = -1 EBADF (Bad file descriptor) [pid 425] close(29) = -1 EBADF (Bad file descriptor) [pid 425] exit_group(0 [pid 426] <... futex resumed>) = ? [pid 425] <... exit_group resumed>) = ? [pid 426] +++ exited with 0 +++ [pid 425] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=116, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 118 ./strace-static-x86_64: Process 427 attached [pid 427] set_robust_list(0x5555560296a0, 24) = 0 [pid 427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 427] setpgid(0, 0) = 0 [pid 427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 427] write(3, "1000", 4) = 4 [pid 427] close(3) = 0 [pid 427] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 427] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 427] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 427] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 427] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[119]}, 88) = 119 [pid 427] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 427] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 428 attached [pid 428] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 428] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 428] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 428] write(3, "65", 2) = 2 [ 36.182313][ T426] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 36.190132][ T426] [ 36.201613][ T428] FAULT_INJECTION: forcing a failure. [ 36.201613][ T428] name failslab, interval 1, probability 0, space 0, times 0 [ 36.214107][ T428] CPU: 1 PID: 428 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 36.224087][ T428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 36.233980][ T428] Call Trace: [ 36.237104][ T428] [ 36.239882][ T428] dump_stack_lvl+0x151/0x1b7 [ 36.244399][ T428] ? io_uring_drop_tctx_refs+0x190/0x190 [ 36.249863][ T428] dump_stack+0x15/0x17 [ 36.253859][ T428] should_fail+0x3c6/0x510 [ 36.258116][ T428] __should_failslab+0xa4/0xe0 [ 36.262711][ T428] ? vm_area_dup+0x26/0x230 [ 36.267046][ T428] should_failslab+0x9/0x20 [ 36.271388][ T428] slab_pre_alloc_hook+0x37/0xd0 [ 36.276162][ T428] ? vm_area_dup+0x26/0x230 [ 36.280501][ T428] kmem_cache_alloc+0x44/0x200 [ 36.285109][ T428] vm_area_dup+0x26/0x230 [ 36.289275][ T428] copy_mm+0x9a1/0x13e0 [ 36.293262][ T428] ? copy_signal+0x610/0x610 [ 36.297683][ T428] ? __init_rwsem+0xd6/0x1c0 [ 36.302113][ T428] ? copy_signal+0x4e3/0x610 [ 36.306538][ T428] copy_process+0x12bc/0x3260 [ 36.311058][ T428] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 36.315997][ T428] ? __kasan_check_write+0x14/0x20 [ 36.320946][ T428] kernel_clone+0x21e/0x9e0 [ 36.325287][ T428] ? _raw_spin_unlock_irq+0x4e/0x70 [ 36.330323][ T428] ? create_io_thread+0x1e0/0x1e0 [ 36.335180][ T428] __x64_sys_clone+0x23f/0x290 [ 36.339777][ T428] ? __do_sys_vfork+0x130/0x130 [ 36.344468][ T428] ? __kasan_check_read+0x11/0x20 [ 36.349326][ T428] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 36.355212][ T428] do_syscall_64+0x3d/0xb0 [ 36.359480][ T428] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 36.365212][ T428] RIP: 0033:0x7fee0c2830a9 [ 36.369462][ T428] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 36.388906][ T428] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 36.397244][ T428] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 36.405044][ T428] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 36.412858][ T428] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 36.420666][ T428] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 36.428478][ T428] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 36.436381][ T428] [pid 428] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 427] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 428] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 428] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] close(3) = 0 [pid 427] close(4) = -1 EBADF (Bad file descriptor) [pid 427] close(5) = -1 EBADF (Bad file descriptor) [pid 427] close(6) = -1 EBADF (Bad file descriptor) [pid 427] close(7) = -1 EBADF (Bad file descriptor) [pid 427] close(8) = -1 EBADF (Bad file descriptor) [pid 427] close(9) = -1 EBADF (Bad file descriptor) [pid 427] close(10) = -1 EBADF (Bad file descriptor) [pid 427] close(11) = -1 EBADF (Bad file descriptor) [pid 427] close(12) = -1 EBADF (Bad file descriptor) [pid 427] close(13) = -1 EBADF (Bad file descriptor) [pid 427] close(14) = -1 EBADF (Bad file descriptor) [pid 427] close(15) = -1 EBADF (Bad file descriptor) [pid 427] close(16) = -1 EBADF (Bad file descriptor) [pid 427] close(17) = -1 EBADF (Bad file descriptor) [pid 427] close(18) = -1 EBADF (Bad file descriptor) [pid 427] close(19) = -1 EBADF (Bad file descriptor) [pid 427] close(20) = -1 EBADF (Bad file descriptor) [pid 427] close(21) = -1 EBADF (Bad file descriptor) [pid 427] close(22) = -1 EBADF (Bad file descriptor) [pid 427] close(23) = -1 EBADF (Bad file descriptor) [pid 427] close(24) = -1 EBADF (Bad file descriptor) [pid 427] close(25) = -1 EBADF (Bad file descriptor) [pid 427] close(26) = -1 EBADF (Bad file descriptor) [pid 427] close(27) = -1 EBADF (Bad file descriptor) [pid 427] close(28) = -1 EBADF (Bad file descriptor) [pid 427] close(29) = -1 EBADF (Bad file descriptor) [pid 427] exit_group(0 [pid 428] <... futex resumed>) = ? [pid 427] <... exit_group resumed>) = ? [pid 428] +++ exited with 0 +++ [pid 427] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=118, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 120 ./strace-static-x86_64: Process 429 attached [pid 429] set_robust_list(0x5555560296a0, 24) = 0 [pid 429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 429] setpgid(0, 0) = 0 [pid 429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 429] write(3, "1000", 4) = 4 [pid 429] close(3) = 0 [pid 429] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 429] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 429] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 429] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 429] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 429] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 430 attached => {parent_tid=[121]}, 88) = 121 [pid 429] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 429] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 430] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 430] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 430] write(3, "65", 2) = 2 [pid 430] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 429] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 36.449461][ T430] FAULT_INJECTION: forcing a failure. [ 36.449461][ T430] name failslab, interval 1, probability 0, space 0, times 0 [ 36.462057][ T430] CPU: 1 PID: 430 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 36.472116][ T430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 36.482530][ T430] Call Trace: [ 36.485647][ T430] [ 36.488428][ T430] dump_stack_lvl+0x151/0x1b7 [ 36.492937][ T430] ? io_uring_drop_tctx_refs+0x190/0x190 [ 36.498412][ T430] ? avc_denied+0x1b0/0x1b0 [ 36.502758][ T430] dump_stack+0x15/0x17 [ 36.506739][ T430] should_fail+0x3c6/0x510 [ 36.511001][ T430] __should_failslab+0xa4/0xe0 [ 36.515679][ T430] ? vm_area_dup+0x26/0x230 [ 36.520018][ T430] should_failslab+0x9/0x20 [ 36.524355][ T430] slab_pre_alloc_hook+0x37/0xd0 [ 36.529147][ T430] ? vm_area_dup+0x26/0x230 [ 36.533556][ T430] kmem_cache_alloc+0x44/0x200 [ 36.538247][ T430] vm_area_dup+0x26/0x230 [ 36.542517][ T430] copy_mm+0x9a1/0x13e0 [ 36.546491][ T430] ? copy_signal+0x610/0x610 [ 36.550917][ T430] ? __init_rwsem+0xd6/0x1c0 [ 36.555385][ T430] ? copy_signal+0x4e3/0x610 [ 36.559767][ T430] copy_process+0x12bc/0x3260 [ 36.564283][ T430] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 36.569232][ T430] ? __kasan_check_write+0x14/0x20 [ 36.574185][ T430] kernel_clone+0x21e/0x9e0 [ 36.578519][ T430] ? _raw_spin_unlock_irq+0x4e/0x70 [ 36.583551][ T430] ? create_io_thread+0x1e0/0x1e0 [ 36.588409][ T430] __x64_sys_clone+0x23f/0x290 [ 36.593009][ T430] ? __do_sys_vfork+0x130/0x130 [ 36.597695][ T430] ? __kasan_check_read+0x11/0x20 [ 36.602554][ T430] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 36.608372][ T430] do_syscall_64+0x3d/0xb0 [ 36.612634][ T430] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 36.618459][ T430] RIP: 0033:0x7fee0c2830a9 [ 36.622695][ T430] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 36.642139][ T430] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 430] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 430] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] close(3) = 0 [pid 429] close(4 [pid 430] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 429] close(5) = -1 EBADF (Bad file descriptor) [pid 429] close(6) = -1 EBADF (Bad file descriptor) [pid 429] close(7) = -1 EBADF (Bad file descriptor) [pid 429] close(8) = -1 EBADF (Bad file descriptor) [pid 429] close(9) = -1 EBADF (Bad file descriptor) [pid 429] close(10) = -1 EBADF (Bad file descriptor) [pid 429] close(11) = -1 EBADF (Bad file descriptor) [pid 429] close(12) = -1 EBADF (Bad file descriptor) [pid 429] close(13) = -1 EBADF (Bad file descriptor) [pid 429] close(14) = -1 EBADF (Bad file descriptor) [pid 429] close(15) = -1 EBADF (Bad file descriptor) [pid 429] close(16) = -1 EBADF (Bad file descriptor) [pid 429] close(17) = -1 EBADF (Bad file descriptor) [pid 429] close(18) = -1 EBADF (Bad file descriptor) [pid 429] close(19) = -1 EBADF (Bad file descriptor) [pid 429] close(20) = -1 EBADF (Bad file descriptor) [pid 429] close(21) = -1 EBADF (Bad file descriptor) [pid 429] close(22) = -1 EBADF (Bad file descriptor) [pid 429] close(23) = -1 EBADF (Bad file descriptor) [pid 429] close(24) = -1 EBADF (Bad file descriptor) [pid 429] close(25) = -1 EBADF (Bad file descriptor) [pid 429] close(26) = -1 EBADF (Bad file descriptor) [pid 429] close(27) = -1 EBADF (Bad file descriptor) [pid 429] close(28) = -1 EBADF (Bad file descriptor) [pid 429] close(29) = -1 EBADF (Bad file descriptor) [pid 429] exit_group(0 [pid 430] <... futex resumed>) = ? [pid 429] <... exit_group resumed>) = ? [pid 430] +++ exited with 0 +++ [pid 429] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=120, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 122 ./strace-static-x86_64: Process 431 attached [pid 431] set_robust_list(0x5555560296a0, 24) = 0 [pid 431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 431] setpgid(0, 0) = 0 [pid 431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 431] write(3, "1000", 4) = 4 [pid 431] close(3) = 0 [pid 431] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 431] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 431] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 431] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 431] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 431] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 431] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 432 attached => {parent_tid=[123]}, 88) = 123 [pid 431] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 431] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 431] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 432] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 432] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 432] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 432] write(3, "65", 2) = 2 [ 36.650379][ T430] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 36.658189][ T430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 36.666010][ T430] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 36.673812][ T430] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 36.681734][ T430] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 36.689543][ T430] [ 36.704013][ T432] FAULT_INJECTION: forcing a failure. [ 36.704013][ T432] name failslab, interval 1, probability 0, space 0, times 0 [ 36.716626][ T432] CPU: 0 PID: 432 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 36.726664][ T432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 36.736641][ T432] Call Trace: [ 36.739764][ T432] [ 36.742542][ T432] dump_stack_lvl+0x151/0x1b7 [ 36.747056][ T432] ? io_uring_drop_tctx_refs+0x190/0x190 [ 36.752533][ T432] dump_stack+0x15/0x17 [ 36.756520][ T432] should_fail+0x3c6/0x510 [ 36.760767][ T432] __should_failslab+0xa4/0xe0 [ 36.765368][ T432] ? anon_vma_fork+0x1df/0x4e0 [ 36.769971][ T432] should_failslab+0x9/0x20 [ 36.774313][ T432] slab_pre_alloc_hook+0x37/0xd0 [ 36.779175][ T432] ? anon_vma_fork+0x1df/0x4e0 [ 36.783767][ T432] kmem_cache_alloc+0x44/0x200 [ 36.788381][ T432] anon_vma_fork+0x1df/0x4e0 [ 36.792921][ T432] copy_mm+0xa3a/0x13e0 [ 36.796913][ T432] ? copy_signal+0x610/0x610 [ 36.801352][ T432] ? __init_rwsem+0xd6/0x1c0 [ 36.805753][ T432] ? copy_signal+0x4e3/0x610 [ 36.810180][ T432] copy_process+0x12bc/0x3260 [ 36.814697][ T432] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 36.819731][ T432] ? __kasan_check_write+0x14/0x20 [ 36.824674][ T432] kernel_clone+0x21e/0x9e0 [ 36.829012][ T432] ? _raw_spin_unlock_irq+0x4e/0x70 [ 36.834051][ T432] ? create_io_thread+0x1e0/0x1e0 [ 36.838924][ T432] __x64_sys_clone+0x23f/0x290 [ 36.843511][ T432] ? __do_sys_vfork+0x130/0x130 [ 36.848195][ T432] ? __kasan_check_read+0x11/0x20 [ 36.853062][ T432] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 36.858871][ T432] do_syscall_64+0x3d/0xb0 [ 36.863210][ T432] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 36.869040][ T432] RIP: 0033:0x7fee0c2830a9 [ 36.873278][ T432] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 36.892720][ T432] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 432] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 431] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 432] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 432] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 431] close(3) = 0 [pid 431] close(4) = -1 EBADF (Bad file descriptor) [pid 431] close(5) = -1 EBADF (Bad file descriptor) [pid 431] close(6) = -1 EBADF (Bad file descriptor) [pid 431] close(7) = -1 EBADF (Bad file descriptor) [pid 431] close(8) = -1 EBADF (Bad file descriptor) [pid 431] close(9) = -1 EBADF (Bad file descriptor) [pid 431] close(10) = -1 EBADF (Bad file descriptor) [pid 431] close(11) = -1 EBADF (Bad file descriptor) [pid 431] close(12) = -1 EBADF (Bad file descriptor) [pid 431] close(13) = -1 EBADF (Bad file descriptor) [pid 431] close(14) = -1 EBADF (Bad file descriptor) [pid 431] close(15) = -1 EBADF (Bad file descriptor) [pid 431] close(16) = -1 EBADF (Bad file descriptor) [pid 431] close(17) = -1 EBADF (Bad file descriptor) [pid 431] close(18) = -1 EBADF (Bad file descriptor) [pid 431] close(19) = -1 EBADF (Bad file descriptor) [pid 431] close(20) = -1 EBADF (Bad file descriptor) [pid 431] close(21) = -1 EBADF (Bad file descriptor) [pid 431] close(22) = -1 EBADF (Bad file descriptor) [pid 431] close(23) = -1 EBADF (Bad file descriptor) [pid 431] close(24) = -1 EBADF (Bad file descriptor) [pid 431] close(25) = -1 EBADF (Bad file descriptor) [pid 431] close(26) = -1 EBADF (Bad file descriptor) [pid 431] close(27) = -1 EBADF (Bad file descriptor) [pid 431] close(28) = -1 EBADF (Bad file descriptor) [pid 431] close(29) = -1 EBADF (Bad file descriptor) [pid 431] exit_group(0) = ? [pid 432] <... futex resumed>) = ? [pid 432] +++ exited with 0 +++ [pid 431] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=122, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 124 ./strace-static-x86_64: Process 434 attached [pid 434] set_robust_list(0x5555560296a0, 24) = 0 [pid 434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 434] setpgid(0, 0) = 0 [pid 434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 434] write(3, "1000", 4) = 4 [pid 434] close(3) = 0 [pid 434] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 434] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 434] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 434] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 434] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 434] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 434] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 434] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 435 attached => {parent_tid=[125]}, 88) = 125 [pid 435] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 435] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 435] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 434] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 434] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 435] <... futex resumed>) = 0 [pid 434] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 435] write(3, "65", 2) = 2 [ 36.900966][ T432] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 36.908775][ T432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 36.916598][ T432] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 36.924399][ T432] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 36.932297][ T432] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 36.940119][ T432] [ 36.957141][ T435] FAULT_INJECTION: forcing a failure. [ 36.957141][ T435] name failslab, interval 1, probability 0, space 0, times 0 [ 36.969614][ T435] CPU: 0 PID: 435 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 36.979605][ T435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 36.989499][ T435] Call Trace: [ 36.992622][ T435] [ 36.995401][ T435] dump_stack_lvl+0x151/0x1b7 [ 36.999918][ T435] ? io_uring_drop_tctx_refs+0x190/0x190 [ 37.005391][ T435] dump_stack+0x15/0x17 [ 37.009381][ T435] should_fail+0x3c6/0x510 [ 37.013637][ T435] __should_failslab+0xa4/0xe0 [ 37.018229][ T435] ? anon_vma_clone+0x9a/0x500 [ 37.022911][ T435] should_failslab+0x9/0x20 [ 37.027253][ T435] slab_pre_alloc_hook+0x37/0xd0 [ 37.032027][ T435] ? anon_vma_clone+0x9a/0x500 [ 37.036630][ T435] kmem_cache_alloc+0x44/0x200 [ 37.041230][ T435] anon_vma_clone+0x9a/0x500 [ 37.045659][ T435] anon_vma_fork+0x91/0x4e0 [ 37.049993][ T435] ? anon_vma_name+0x4c/0x70 [ 37.054419][ T435] ? vm_area_dup+0x17a/0x230 [ 37.058845][ T435] copy_mm+0xa3a/0x13e0 [ 37.062842][ T435] ? copy_signal+0x610/0x610 [ 37.067264][ T435] ? __init_rwsem+0xd6/0x1c0 [ 37.071693][ T435] ? copy_signal+0x4e3/0x610 [ 37.076120][ T435] copy_process+0x12bc/0x3260 [ 37.080630][ T435] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 37.085674][ T435] ? __kasan_check_write+0x14/0x20 [ 37.090613][ T435] kernel_clone+0x21e/0x9e0 [ 37.094952][ T435] ? _raw_spin_unlock_irq+0x4e/0x70 [ 37.099982][ T435] ? create_io_thread+0x1e0/0x1e0 [ 37.104842][ T435] __x64_sys_clone+0x23f/0x290 [ 37.109445][ T435] ? __do_sys_vfork+0x130/0x130 [ 37.114130][ T435] ? __kasan_check_read+0x11/0x20 [ 37.118990][ T435] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 37.124894][ T435] do_syscall_64+0x3d/0xb0 [ 37.129150][ T435] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 37.134876][ T435] RIP: 0033:0x7fee0c2830a9 [ 37.139128][ T435] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 37.158569][ T435] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 37.166913][ T435] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 37.174718][ T435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 37.182533][ T435] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 37.190337][ T435] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 37.198244][ T435] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 435] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 434] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 435] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 435] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 435] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 434] close(3) = 0 [pid 434] close(4) = -1 EBADF (Bad file descriptor) [pid 434] close(5) = -1 EBADF (Bad file descriptor) [pid 434] close(6) = -1 EBADF (Bad file descriptor) [pid 434] close(7) = -1 EBADF (Bad file descriptor) [pid 434] close(8) = -1 EBADF (Bad file descriptor) [pid 434] close(9) = -1 EBADF (Bad file descriptor) [pid 434] close(10) = -1 EBADF (Bad file descriptor) [pid 434] close(11) = -1 EBADF (Bad file descriptor) [pid 434] close(12) = -1 EBADF (Bad file descriptor) [pid 434] close(13) = -1 EBADF (Bad file descriptor) [pid 434] close(14) = -1 EBADF (Bad file descriptor) [pid 434] close(15) = -1 EBADF (Bad file descriptor) [pid 434] close(16) = -1 EBADF (Bad file descriptor) [pid 434] close(17) = -1 EBADF (Bad file descriptor) [pid 434] close(18) = -1 EBADF (Bad file descriptor) [pid 434] close(19) = -1 EBADF (Bad file descriptor) [pid 434] close(20) = -1 EBADF (Bad file descriptor) [pid 434] close(21) = -1 EBADF (Bad file descriptor) [pid 434] close(22) = -1 EBADF (Bad file descriptor) [pid 434] close(23) = -1 EBADF (Bad file descriptor) [pid 434] close(24) = -1 EBADF (Bad file descriptor) [pid 434] close(25) = -1 EBADF (Bad file descriptor) [pid 434] close(26) = -1 EBADF (Bad file descriptor) [pid 434] close(27) = -1 EBADF (Bad file descriptor) [pid 434] close(28) = -1 EBADF (Bad file descriptor) [pid 434] close(29) = -1 EBADF (Bad file descriptor) [pid 434] exit_group(0) = ? [pid 435] <... futex resumed>) = ? [pid 435] +++ exited with 0 +++ [pid 434] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=124, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 126 ./strace-static-x86_64: Process 436 attached [pid 436] set_robust_list(0x5555560296a0, 24) = 0 [pid 436] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 436] setpgid(0, 0) = 0 [pid 436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 436] write(3, "1000", 4) = 4 [pid 436] close(3) = 0 [pid 436] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 436] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 436] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 436] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 436] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 436] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 436] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 436] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 437 attached => {parent_tid=[127]}, 88) = 127 [pid 436] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 436] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 436] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 437] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 437] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 437] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 437] write(3, "65", 2) = 2 [ 37.206062][ T435] [ 37.224125][ T437] FAULT_INJECTION: forcing a failure. [ 37.224125][ T437] name failslab, interval 1, probability 0, space 0, times 0 [ 37.236645][ T437] CPU: 0 PID: 437 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 37.246681][ T437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 37.256573][ T437] Call Trace: [ 37.259698][ T437] [ 37.262475][ T437] dump_stack_lvl+0x151/0x1b7 [ 37.266988][ T437] ? io_uring_drop_tctx_refs+0x190/0x190 [ 37.272481][ T437] dump_stack+0x15/0x17 [ 37.276449][ T437] should_fail+0x3c6/0x510 [ 37.280704][ T437] __should_failslab+0xa4/0xe0 [ 37.285302][ T437] ? vm_area_dup+0x26/0x230 [ 37.289641][ T437] should_failslab+0x9/0x20 [ 37.293977][ T437] slab_pre_alloc_hook+0x37/0xd0 [ 37.298753][ T437] ? vm_area_dup+0x26/0x230 [ 37.303095][ T437] kmem_cache_alloc+0x44/0x200 [ 37.307692][ T437] vm_area_dup+0x26/0x230 [ 37.311945][ T437] copy_mm+0x9a1/0x13e0 [ 37.315937][ T437] ? copy_signal+0x610/0x610 [ 37.320452][ T437] ? __init_rwsem+0xd6/0x1c0 [ 37.324876][ T437] ? copy_signal+0x4e3/0x610 [ 37.329302][ T437] copy_process+0x12bc/0x3260 [ 37.333844][ T437] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 37.338765][ T437] ? __kasan_check_write+0x14/0x20 [ 37.343711][ T437] kernel_clone+0x21e/0x9e0 [ 37.348161][ T437] ? _raw_spin_unlock_irq+0x4e/0x70 [ 37.353171][ T437] ? create_io_thread+0x1e0/0x1e0 [ 37.358034][ T437] __x64_sys_clone+0x23f/0x290 [ 37.362629][ T437] ? __do_sys_vfork+0x130/0x130 [ 37.367327][ T437] ? __kasan_check_read+0x11/0x20 [ 37.373049][ T437] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 37.378868][ T437] do_syscall_64+0x3d/0xb0 [ 37.383114][ T437] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 37.388847][ T437] RIP: 0033:0x7fee0c2830a9 [ 37.393101][ T437] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 37.412631][ T437] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 37.420869][ T437] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 37.428814][ T437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 37.436585][ T437] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 37.444415][ T437] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [pid 437] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 436] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 437] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 437] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 437] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 436] close(3) = 0 [pid 436] close(4) = -1 EBADF (Bad file descriptor) [pid 436] close(5) = -1 EBADF (Bad file descriptor) [pid 436] close(6) = -1 EBADF (Bad file descriptor) [pid 436] close(7) = -1 EBADF (Bad file descriptor) [pid 436] close(8) = -1 EBADF (Bad file descriptor) [pid 436] close(9) = -1 EBADF (Bad file descriptor) [pid 436] close(10) = -1 EBADF (Bad file descriptor) [pid 436] close(11) = -1 EBADF (Bad file descriptor) [pid 436] close(12) = -1 EBADF (Bad file descriptor) [pid 436] close(13) = -1 EBADF (Bad file descriptor) [pid 436] close(14) = -1 EBADF (Bad file descriptor) [pid 436] close(15) = -1 EBADF (Bad file descriptor) [pid 436] close(16) = -1 EBADF (Bad file descriptor) [pid 436] close(17) = -1 EBADF (Bad file descriptor) [pid 436] close(18) = -1 EBADF (Bad file descriptor) [pid 436] close(19) = -1 EBADF (Bad file descriptor) [pid 436] close(20) = -1 EBADF (Bad file descriptor) [pid 436] close(21) = -1 EBADF (Bad file descriptor) [pid 436] close(22) = -1 EBADF (Bad file descriptor) [pid 436] close(23) = -1 EBADF (Bad file descriptor) [pid 436] close(24) = -1 EBADF (Bad file descriptor) [pid 436] close(25) = -1 EBADF (Bad file descriptor) [pid 436] close(26) = -1 EBADF (Bad file descriptor) [pid 436] close(27) = -1 EBADF (Bad file descriptor) [pid 436] close(28) = -1 EBADF (Bad file descriptor) [pid 436] close(29) = -1 EBADF (Bad file descriptor) [pid 436] exit_group(0 [pid 437] <... futex resumed>) = ? [pid 436] <... exit_group resumed>) = ? [pid 437] +++ exited with 0 +++ [pid 436] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=126, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 128 ./strace-static-x86_64: Process 438 attached [pid 438] set_robust_list(0x5555560296a0, 24) = 0 [pid 438] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 438] setpgid(0, 0) = 0 [pid 438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 438] write(3, "1000", 4) = 4 [pid 438] close(3) = 0 [pid 438] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 438] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 438] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 438] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 438] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 438] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 438] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 438] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[129]}, 88) = 129 [pid 438] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 438] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 438] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 439 attached [pid 439] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 439] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 439] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 439] write(3, "65", 2) = 2 [ 37.452207][ T437] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 37.460020][ T437] [ 37.472271][ T439] FAULT_INJECTION: forcing a failure. [ 37.472271][ T439] name failslab, interval 1, probability 0, space 0, times 0 [ 37.484767][ T439] CPU: 1 PID: 439 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 37.494775][ T439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 37.504672][ T439] Call Trace: [ 37.507797][ T439] [ 37.510588][ T439] dump_stack_lvl+0x151/0x1b7 [ 37.515083][ T439] ? io_uring_drop_tctx_refs+0x190/0x190 [ 37.520552][ T439] dump_stack+0x15/0x17 [ 37.524541][ T439] should_fail+0x3c6/0x510 [ 37.528796][ T439] __should_failslab+0xa4/0xe0 [ 37.533396][ T439] ? vm_area_dup+0x26/0x230 [ 37.537735][ T439] should_failslab+0x9/0x20 [ 37.542262][ T439] slab_pre_alloc_hook+0x37/0xd0 [ 37.547024][ T439] ? vm_area_dup+0x26/0x230 [ 37.551359][ T439] kmem_cache_alloc+0x44/0x200 [ 37.556222][ T439] vm_area_dup+0x26/0x230 [ 37.560387][ T439] copy_mm+0x9a1/0x13e0 [ 37.564388][ T439] ? copy_signal+0x610/0x610 [ 37.568978][ T439] ? __init_rwsem+0xd6/0x1c0 [ 37.573407][ T439] ? copy_signal+0x4e3/0x610 [ 37.577831][ T439] copy_process+0x12bc/0x3260 [ 37.582348][ T439] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 37.587318][ T439] ? __kasan_check_write+0x14/0x20 [ 37.592238][ T439] kernel_clone+0x21e/0x9e0 [ 37.596582][ T439] ? _raw_spin_unlock_irq+0x4e/0x70 [ 37.601612][ T439] ? create_io_thread+0x1e0/0x1e0 [ 37.606560][ T439] __x64_sys_clone+0x23f/0x290 [ 37.611160][ T439] ? __do_sys_vfork+0x130/0x130 [ 37.615847][ T439] ? __kasan_check_read+0x11/0x20 [ 37.620718][ T439] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 37.626525][ T439] do_syscall_64+0x3d/0xb0 [ 37.630774][ T439] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 37.636501][ T439] RIP: 0033:0x7fee0c2830a9 [ 37.640759][ T439] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 439] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 438] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 37.660200][ T439] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 37.668549][ T439] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 37.676426][ T439] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 37.684412][ T439] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 37.692220][ T439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 37.700123][ T439] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 37.707932][ T439] [pid 439] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 439] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 439] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 438] close(3) = 0 [pid 438] close(4) = -1 EBADF (Bad file descriptor) [pid 438] close(5) = -1 EBADF (Bad file descriptor) [pid 438] close(6) = -1 EBADF (Bad file descriptor) [pid 438] close(7) = -1 EBADF (Bad file descriptor) [pid 438] close(8) = -1 EBADF (Bad file descriptor) [pid 438] close(9) = -1 EBADF (Bad file descriptor) [pid 438] close(10) = -1 EBADF (Bad file descriptor) [pid 438] close(11) = -1 EBADF (Bad file descriptor) [pid 438] close(12) = -1 EBADF (Bad file descriptor) [pid 438] close(13) = -1 EBADF (Bad file descriptor) [pid 438] close(14) = -1 EBADF (Bad file descriptor) [pid 438] close(15) = -1 EBADF (Bad file descriptor) [pid 438] close(16) = -1 EBADF (Bad file descriptor) [pid 438] close(17) = -1 EBADF (Bad file descriptor) [pid 438] close(18) = -1 EBADF (Bad file descriptor) [pid 438] close(19) = -1 EBADF (Bad file descriptor) [pid 438] close(20) = -1 EBADF (Bad file descriptor) [pid 438] close(21) = -1 EBADF (Bad file descriptor) [pid 438] close(22) = -1 EBADF (Bad file descriptor) [pid 438] close(23) = -1 EBADF (Bad file descriptor) [pid 438] close(24) = -1 EBADF (Bad file descriptor) [pid 438] close(25) = -1 EBADF (Bad file descriptor) [pid 438] close(26) = -1 EBADF (Bad file descriptor) [pid 438] close(27) = -1 EBADF (Bad file descriptor) [pid 438] close(28) = -1 EBADF (Bad file descriptor) [pid 438] close(29) = -1 EBADF (Bad file descriptor) [pid 438] exit_group(0 [pid 439] <... futex resumed>) = ? [pid 438] <... exit_group resumed>) = ? [pid 439] +++ exited with 0 +++ [pid 438] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=128, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 130 ./strace-static-x86_64: Process 440 attached [pid 440] set_robust_list(0x5555560296a0, 24) = 0 [pid 440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 440] setpgid(0, 0) = 0 [pid 440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 440] write(3, "1000", 4) = 4 [pid 440] close(3) = 0 [pid 440] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 440] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 440] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 440] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 440] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 440] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 440] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 440] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[131]}, 88) = 131 [pid 440] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 440] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 440] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 441 attached [pid 441] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 441] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 441] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 441] write(3, "65", 2) = 2 [ 37.712733][ T30] audit: type=1400 audit(1697032643.606:80): avc: denied { unlink } for pid=82 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 37.735547][ T441] FAULT_INJECTION: forcing a failure. [ 37.735547][ T441] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 37.748722][ T441] CPU: 1 PID: 441 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [pid 441] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 440] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 37.758702][ T441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 37.768594][ T441] Call Trace: [ 37.771721][ T441] [ 37.774496][ T441] dump_stack_lvl+0x151/0x1b7 [ 37.779122][ T441] ? io_uring_drop_tctx_refs+0x190/0x190 [ 37.784589][ T441] ? arch_stack_walk+0xf3/0x140 [ 37.789304][ T441] dump_stack+0x15/0x17 [ 37.793356][ T441] should_fail+0x3c6/0x510 [ 37.797609][ T441] should_fail_alloc_page+0x5a/0x80 [ 37.802641][ T441] prepare_alloc_pages+0x15c/0x700 [ 37.807592][ T441] ? __kasan_check_write+0x14/0x20 [ 37.812551][ T441] ? __alloc_pages_bulk+0xe60/0xe60 [ 37.817568][ T441] ? copy_page_range+0x2deb/0x2f90 [ 37.822518][ T441] ? __kasan_slab_alloc+0xb1/0xe0 [ 37.827373][ T441] ? slab_post_alloc_hook+0x53/0x2c0 [ 37.832777][ T441] __alloc_pages+0x138/0x5e0 [ 37.837257][ T441] ? prep_new_page+0x110/0x110 [ 37.841795][ T441] ? avc_has_perm_noaudit+0x2dd/0x430 [ 37.846997][ T441] new_slab+0x9a/0x4e0 [ 37.850902][ T441] ___slab_alloc+0x39e/0x830 [ 37.855332][ T441] ? vm_area_dup+0x26/0x230 [ 37.859681][ T441] ? vm_area_dup+0x26/0x230 [ 37.864014][ T441] __slab_alloc+0x4a/0x90 [ 37.868264][ T441] ? vm_area_dup+0x26/0x230 [ 37.872602][ T441] kmem_cache_alloc+0x134/0x200 [ 37.877290][ T441] vm_area_dup+0x26/0x230 [ 37.881459][ T441] copy_mm+0x9a1/0x13e0 [ 37.885448][ T441] ? copy_signal+0x610/0x610 [ 37.889872][ T441] ? __init_rwsem+0xd6/0x1c0 [ 37.894304][ T441] ? copy_signal+0x4e3/0x610 [ 37.898838][ T441] copy_process+0x12bc/0x3260 [ 37.903346][ T441] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 37.908301][ T441] ? __kasan_check_write+0x14/0x20 [ 37.913323][ T441] kernel_clone+0x21e/0x9e0 [ 37.917662][ T441] ? _raw_spin_unlock_irq+0x4e/0x70 [ 37.922795][ T441] ? create_io_thread+0x1e0/0x1e0 [ 37.927653][ T441] __x64_sys_clone+0x23f/0x290 [ 37.932262][ T441] ? __do_sys_vfork+0x130/0x130 [ 37.936941][ T441] ? __kasan_check_read+0x11/0x20 [ 37.941798][ T441] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 37.947798][ T441] do_syscall_64+0x3d/0xb0 [ 37.952471][ T441] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 37.958203][ T441] RIP: 0033:0x7fee0c2830a9 [ 37.962452][ T441] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 37.981903][ T441] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 37.990227][ T441] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 37.998038][ T441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 38.005854][ T441] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [pid 441] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 441] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 441] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 440] close(3) = 0 [pid 440] close(4) = -1 EBADF (Bad file descriptor) [pid 440] close(5) = -1 EBADF (Bad file descriptor) [pid 440] close(6) = -1 EBADF (Bad file descriptor) [pid 440] close(7) = -1 EBADF (Bad file descriptor) [pid 440] close(8) = -1 EBADF (Bad file descriptor) [pid 440] close(9) = -1 EBADF (Bad file descriptor) [pid 440] close(10) = -1 EBADF (Bad file descriptor) [pid 440] close(11) = -1 EBADF (Bad file descriptor) [pid 440] close(12) = -1 EBADF (Bad file descriptor) [pid 440] close(13) = -1 EBADF (Bad file descriptor) [pid 440] close(14) = -1 EBADF (Bad file descriptor) [pid 440] close(15) = -1 EBADF (Bad file descriptor) [pid 440] close(16) = -1 EBADF (Bad file descriptor) [pid 440] close(17) = -1 EBADF (Bad file descriptor) [pid 440] close(18) = -1 EBADF (Bad file descriptor) [pid 440] close(19) = -1 EBADF (Bad file descriptor) [pid 440] close(20) = -1 EBADF (Bad file descriptor) [pid 440] close(21) = -1 EBADF (Bad file descriptor) [pid 440] close(22) = -1 EBADF (Bad file descriptor) [pid 440] close(23) = -1 EBADF (Bad file descriptor) [pid 440] close(24) = -1 EBADF (Bad file descriptor) [pid 440] close(25) = -1 EBADF (Bad file descriptor) [pid 440] close(26) = -1 EBADF (Bad file descriptor) [pid 440] close(27) = -1 EBADF (Bad file descriptor) [pid 440] close(28) = -1 EBADF (Bad file descriptor) [pid 440] close(29) = -1 EBADF (Bad file descriptor) [pid 440] exit_group(0) = ? [pid 441] <... futex resumed>) = ? [pid 441] +++ exited with 0 +++ [pid 440] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=130, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 132 ./strace-static-x86_64: Process 443 attached [pid 443] set_robust_list(0x5555560296a0, 24) = 0 [pid 443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 443] setpgid(0, 0) = 0 [pid 443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 443] write(3, "1000", 4) = 4 [pid 443] close(3) = 0 [pid 443] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 443] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 443] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 443] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 443] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 443] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 443] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 443] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[133]}, 88) = 133 [pid 443] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 443] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 443] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 444 attached [pid 444] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 444] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 444] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 444] write(3, "65", 2) = 2 [ 38.013661][ T441] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 38.021475][ T441] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 38.029285][ T441] [ 38.043085][ T444] FAULT_INJECTION: forcing a failure. [ 38.043085][ T444] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 38.056145][ T444] CPU: 1 PID: 444 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 38.066157][ T444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 38.076047][ T444] Call Trace: [ 38.079171][ T444] [ 38.081948][ T444] dump_stack_lvl+0x151/0x1b7 [ 38.086463][ T444] ? io_uring_drop_tctx_refs+0x190/0x190 [ 38.091934][ T444] ? vm_area_dup+0x26/0x230 [ 38.096402][ T444] ? copy_mm+0x9a1/0x13e0 [ 38.100524][ T444] dump_stack+0x15/0x17 [ 38.104606][ T444] should_fail+0x3c6/0x510 [ 38.108863][ T444] should_fail_alloc_page+0x5a/0x80 [ 38.113916][ T444] prepare_alloc_pages+0x15c/0x700 [ 38.118835][ T444] ? __alloc_pages_bulk+0xe60/0xe60 [ 38.123869][ T444] __alloc_pages+0x138/0x5e0 [ 38.128296][ T444] ? prep_new_page+0x110/0x110 [ 38.132895][ T444] ? __alloc_pages+0x206/0x5e0 [ 38.137495][ T444] ? prep_new_page+0x110/0x110 [ 38.142095][ T444] ? __kasan_check_write+0x14/0x20 [ 38.147040][ T444] ? _raw_spin_lock+0xa4/0x1b0 [ 38.151643][ T444] pte_alloc_one+0x73/0x1b0 [ 38.155981][ T444] ? pfn_modify_allowed+0x2f0/0x2f0 [ 38.161026][ T444] ? __pmd_alloc+0x48d/0x550 [ 38.165451][ T444] __pte_alloc+0x86/0x350 [ 38.169611][ T444] ? __pud_alloc+0x260/0x260 [ 38.174035][ T444] ? free_pgtables+0x280/0x280 [ 38.178634][ T444] ? __stack_depot_save+0x34/0x470 [ 38.183580][ T444] ? anon_vma_clone+0x9a/0x500 [ 38.188182][ T444] copy_page_range+0x28a8/0x2f90 [ 38.192966][ T444] ? __kasan_slab_alloc+0xb1/0xe0 [ 38.197814][ T444] ? slab_post_alloc_hook+0x53/0x2c0 [ 38.202940][ T444] ? kernel_clone+0x21e/0x9e0 [ 38.207537][ T444] ? do_syscall_64+0x3d/0xb0 [ 38.211964][ T444] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 38.217867][ T444] ? pfn_valid+0x1e0/0x1e0 [ 38.222120][ T444] ? rwsem_write_trylock+0x15b/0x290 [ 38.227238][ T444] ? vma_interval_tree_augment_rotate+0x1d0/0x1d0 [ 38.233630][ T444] ? vma_gap_callbacks_rotate+0x1e2/0x210 [ 38.239196][ T444] ? __rb_insert_augmented+0x5de/0x610 [ 38.244478][ T444] copy_mm+0xc7e/0x13e0 [ 38.248470][ T444] ? copy_signal+0x610/0x610 [ 38.252893][ T444] ? __init_rwsem+0xd6/0x1c0 [ 38.257319][ T444] ? copy_signal+0x4e3/0x610 [ 38.261746][ T444] copy_process+0x12bc/0x3260 [ 38.266261][ T444] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 38.271213][ T444] ? __kasan_check_write+0x14/0x20 [ 38.276161][ T444] kernel_clone+0x21e/0x9e0 [ 38.280511][ T444] ? _raw_spin_unlock_irq+0x4e/0x70 [ 38.285540][ T444] ? create_io_thread+0x1e0/0x1e0 [ 38.290390][ T444] __x64_sys_clone+0x23f/0x290 [ 38.294988][ T444] ? __do_sys_vfork+0x130/0x130 [ 38.299675][ T444] ? __kasan_check_read+0x11/0x20 [ 38.304538][ T444] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 38.310355][ T444] do_syscall_64+0x3d/0xb0 [ 38.314600][ T444] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 38.320330][ T444] RIP: 0033:0x7fee0c2830a9 [ 38.324582][ T444] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 38.344031][ T444] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 38.352368][ T444] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 444] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 443] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 444] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 444] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 443] close(3) = 0 [pid 443] close(4) = -1 EBADF (Bad file descriptor) [pid 444] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 443] close(5) = -1 EBADF (Bad file descriptor) [pid 443] close(6) = -1 EBADF (Bad file descriptor) [pid 443] close(7) = -1 EBADF (Bad file descriptor) [pid 443] close(8) = -1 EBADF (Bad file descriptor) [pid 443] close(9) = -1 EBADF (Bad file descriptor) [pid 443] close(10) = -1 EBADF (Bad file descriptor) [pid 443] close(11) = -1 EBADF (Bad file descriptor) [pid 443] close(12) = -1 EBADF (Bad file descriptor) [pid 443] close(13) = -1 EBADF (Bad file descriptor) [pid 443] close(14) = -1 EBADF (Bad file descriptor) [pid 443] close(15) = -1 EBADF (Bad file descriptor) [pid 443] close(16) = -1 EBADF (Bad file descriptor) [pid 443] close(17) = -1 EBADF (Bad file descriptor) [pid 443] close(18) = -1 EBADF (Bad file descriptor) [pid 443] close(19) = -1 EBADF (Bad file descriptor) [pid 443] close(20) = -1 EBADF (Bad file descriptor) [pid 443] close(21) = -1 EBADF (Bad file descriptor) [pid 443] close(22) = -1 EBADF (Bad file descriptor) [pid 443] close(23) = -1 EBADF (Bad file descriptor) [pid 443] close(24) = -1 EBADF (Bad file descriptor) [pid 443] close(25) = -1 EBADF (Bad file descriptor) [pid 443] close(26) = -1 EBADF (Bad file descriptor) [pid 443] close(27) = -1 EBADF (Bad file descriptor) [pid 443] close(28) = -1 EBADF (Bad file descriptor) [pid 443] close(29) = -1 EBADF (Bad file descriptor) [pid 443] exit_group(0 [pid 444] <... futex resumed>) = ? [pid 443] <... exit_group resumed>) = ? [pid 444] +++ exited with 0 +++ [pid 443] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=132, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 134 ./strace-static-x86_64: Process 445 attached [pid 445] set_robust_list(0x5555560296a0, 24) = 0 [pid 445] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 445] setpgid(0, 0) = 0 [pid 445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 445] write(3, "1000", 4) = 4 [pid 445] close(3) = 0 [pid 445] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 445] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 445] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 445] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 445] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 445] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 445] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 445] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[135]}, 88) = 135 [pid 445] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 445] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 445] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 446 attached [pid 446] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 446] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 446] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 446] write(3, "65", 2) = 2 [ 38.360166][ T444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 38.367979][ T444] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 38.375790][ T444] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 38.383603][ T444] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 38.391414][ T444] [ 38.404339][ T446] FAULT_INJECTION: forcing a failure. [ 38.404339][ T446] name failslab, interval 1, probability 0, space 0, times 0 [ 38.416766][ T446] CPU: 1 PID: 446 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 38.426801][ T446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 38.436693][ T446] Call Trace: [ 38.439818][ T446] [ 38.442593][ T446] dump_stack_lvl+0x151/0x1b7 [ 38.447109][ T446] ? io_uring_drop_tctx_refs+0x190/0x190 [ 38.452574][ T446] dump_stack+0x15/0x17 [ 38.456566][ T446] should_fail+0x3c6/0x510 [ 38.460833][ T446] __should_failslab+0xa4/0xe0 [ 38.465424][ T446] ? anon_vma_clone+0x9a/0x500 [ 38.470022][ T446] should_failslab+0x9/0x20 [ 38.474362][ T446] slab_pre_alloc_hook+0x37/0xd0 [ 38.479136][ T446] ? anon_vma_clone+0x9a/0x500 [ 38.483819][ T446] kmem_cache_alloc+0x44/0x200 [ 38.488423][ T446] anon_vma_clone+0x9a/0x500 [ 38.492856][ T446] anon_vma_fork+0x91/0x4e0 [ 38.497188][ T446] ? anon_vma_name+0x4c/0x70 [ 38.501708][ T446] ? vm_area_dup+0x17a/0x230 [ 38.506133][ T446] copy_mm+0xa3a/0x13e0 [ 38.510133][ T446] ? copy_signal+0x610/0x610 [ 38.514551][ T446] ? __init_rwsem+0xd6/0x1c0 [ 38.519243][ T446] ? copy_signal+0x4e3/0x610 [ 38.523663][ T446] copy_process+0x12bc/0x3260 [ 38.528199][ T446] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 38.533125][ T446] ? __kasan_check_write+0x14/0x20 [ 38.538075][ T446] kernel_clone+0x21e/0x9e0 [ 38.542413][ T446] ? _raw_spin_unlock_irq+0x4e/0x70 [ 38.547445][ T446] ? create_io_thread+0x1e0/0x1e0 [ 38.552307][ T446] __x64_sys_clone+0x23f/0x290 [ 38.556927][ T446] ? __do_sys_vfork+0x130/0x130 [ 38.561592][ T446] ? __kasan_check_read+0x11/0x20 [ 38.566456][ T446] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 38.572279][ T446] do_syscall_64+0x3d/0xb0 [ 38.576528][ T446] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 38.582259][ T446] RIP: 0033:0x7fee0c2830a9 [ 38.586503][ T446] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 38.606399][ T446] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 446] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 445] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 446] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 446] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 446] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 445] close(3) = 0 [pid 445] close(4) = -1 EBADF (Bad file descriptor) [pid 445] close(5) = -1 EBADF (Bad file descriptor) [pid 445] close(6) = -1 EBADF (Bad file descriptor) [pid 445] close(7) = -1 EBADF (Bad file descriptor) [pid 445] close(8) = -1 EBADF (Bad file descriptor) [pid 445] close(9) = -1 EBADF (Bad file descriptor) [pid 445] close(10) = -1 EBADF (Bad file descriptor) [pid 445] close(11) = -1 EBADF (Bad file descriptor) [pid 445] close(12) = -1 EBADF (Bad file descriptor) [pid 445] close(13) = -1 EBADF (Bad file descriptor) [pid 445] close(14) = -1 EBADF (Bad file descriptor) [pid 445] close(15) = -1 EBADF (Bad file descriptor) [pid 445] close(16) = -1 EBADF (Bad file descriptor) [pid 445] close(17) = -1 EBADF (Bad file descriptor) [pid 445] close(18) = -1 EBADF (Bad file descriptor) [pid 445] close(19) = -1 EBADF (Bad file descriptor) [pid 445] close(20) = -1 EBADF (Bad file descriptor) [pid 445] close(21) = -1 EBADF (Bad file descriptor) [pid 445] close(22) = -1 EBADF (Bad file descriptor) [pid 445] close(23) = -1 EBADF (Bad file descriptor) [pid 445] close(24) = -1 EBADF (Bad file descriptor) [pid 445] close(25) = -1 EBADF (Bad file descriptor) [pid 445] close(26) = -1 EBADF (Bad file descriptor) [pid 445] close(27) = -1 EBADF (Bad file descriptor) [pid 445] close(28) = -1 EBADF (Bad file descriptor) [pid 445] close(29) = -1 EBADF (Bad file descriptor) [pid 445] exit_group(0 [pid 446] <... futex resumed>) = ? [pid 445] <... exit_group resumed>) = ? [pid 446] +++ exited with 0 +++ [pid 445] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=134, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 136 ./strace-static-x86_64: Process 447 attached [pid 447] set_robust_list(0x5555560296a0, 24) = 0 [pid 447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 447] setpgid(0, 0) = 0 [pid 447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 447] write(3, "1000", 4) = 4 [pid 447] close(3) = 0 [pid 447] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 447] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 447] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 447] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 447] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 447] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 447] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 448 attached [pid 448] set_robust_list(0x7fee0c2439a0, 24 [pid 447] <... clone3 resumed> => {parent_tid=[137]}, 88) = 137 [pid 448] <... set_robust_list resumed>) = 0 [pid 447] rt_sigprocmask(SIG_SETMASK, [], [pid 448] rt_sigprocmask(SIG_SETMASK, [], [pid 447] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 448] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 447] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 447] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 448] write(3, "65", 2) = 2 [ 38.614742][ T446] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 38.622551][ T446] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 38.630365][ T446] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 38.638272][ T446] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 38.646159][ T446] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 38.653976][ T446] [pid 448] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 447] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 38.671730][ T448] FAULT_INJECTION: forcing a failure. [ 38.671730][ T448] name failslab, interval 1, probability 0, space 0, times 0 [ 38.684518][ T448] CPU: 0 PID: 448 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 38.694467][ T448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 38.704444][ T448] Call Trace: [ 38.707569][ T448] [ 38.710436][ T448] dump_stack_lvl+0x151/0x1b7 [ 38.714948][ T448] ? io_uring_drop_tctx_refs+0x190/0x190 [ 38.720411][ T448] dump_stack+0x15/0x17 [ 38.724413][ T448] should_fail+0x3c6/0x510 [ 38.728746][ T448] __should_failslab+0xa4/0xe0 [ 38.733342][ T448] ? anon_vma_clone+0x9a/0x500 [ 38.737948][ T448] should_failslab+0x9/0x20 [ 38.742369][ T448] slab_pre_alloc_hook+0x37/0xd0 [ 38.747144][ T448] ? anon_vma_clone+0x9a/0x500 [ 38.751748][ T448] kmem_cache_alloc+0x44/0x200 [ 38.756343][ T448] anon_vma_clone+0x9a/0x500 [ 38.760770][ T448] anon_vma_fork+0x91/0x4e0 [ 38.765106][ T448] ? anon_vma_name+0x4c/0x70 [ 38.769534][ T448] ? vm_area_dup+0x17a/0x230 [ 38.773963][ T448] copy_mm+0xa3a/0x13e0 [ 38.777957][ T448] ? copy_signal+0x610/0x610 [ 38.782378][ T448] ? __init_rwsem+0xd6/0x1c0 [ 38.786805][ T448] ? copy_signal+0x4e3/0x610 [ 38.791233][ T448] copy_process+0x12bc/0x3260 [ 38.795773][ T448] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 38.800694][ T448] ? __kasan_check_write+0x14/0x20 [ 38.805640][ T448] kernel_clone+0x21e/0x9e0 [ 38.809980][ T448] ? _raw_spin_unlock_irq+0x4e/0x70 [ 38.815014][ T448] ? create_io_thread+0x1e0/0x1e0 [ 38.819874][ T448] __x64_sys_clone+0x23f/0x290 [ 38.824473][ T448] ? __do_sys_vfork+0x130/0x130 [ 38.829161][ T448] ? __kasan_check_read+0x11/0x20 [ 38.834020][ T448] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 38.839834][ T448] do_syscall_64+0x3d/0xb0 [ 38.844175][ T448] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 38.849907][ T448] RIP: 0033:0x7fee0c2830a9 [ 38.854186][ T448] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 38.873861][ T448] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 38.882142][ T448] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 38.889914][ T448] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 38.897726][ T448] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 38.905535][ T448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 38.913350][ T448] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 448] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 448] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 448] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] close(3) = 0 [pid 447] close(4) = -1 EBADF (Bad file descriptor) [pid 447] close(5) = -1 EBADF (Bad file descriptor) [pid 447] close(6) = -1 EBADF (Bad file descriptor) [pid 447] close(7) = -1 EBADF (Bad file descriptor) [pid 447] close(8) = -1 EBADF (Bad file descriptor) [pid 447] close(9) = -1 EBADF (Bad file descriptor) [pid 447] close(10) = -1 EBADF (Bad file descriptor) [pid 447] close(11) = -1 EBADF (Bad file descriptor) [pid 447] close(12) = -1 EBADF (Bad file descriptor) [pid 447] close(13) = -1 EBADF (Bad file descriptor) [pid 447] close(14) = -1 EBADF (Bad file descriptor) [pid 447] close(15) = -1 EBADF (Bad file descriptor) [pid 447] close(16) = -1 EBADF (Bad file descriptor) [pid 447] close(17) = -1 EBADF (Bad file descriptor) [pid 447] close(18) = -1 EBADF (Bad file descriptor) [pid 447] close(19) = -1 EBADF (Bad file descriptor) [pid 447] close(20) = -1 EBADF (Bad file descriptor) [pid 447] close(21) = -1 EBADF (Bad file descriptor) [pid 447] close(22) = -1 EBADF (Bad file descriptor) [pid 447] close(23) = -1 EBADF (Bad file descriptor) [pid 447] close(24) = -1 EBADF (Bad file descriptor) [pid 447] close(25) = -1 EBADF (Bad file descriptor) [pid 447] close(26) = -1 EBADF (Bad file descriptor) [pid 447] close(27) = -1 EBADF (Bad file descriptor) [pid 447] close(28) = -1 EBADF (Bad file descriptor) [pid 447] close(29) = -1 EBADF (Bad file descriptor) [pid 447] exit_group(0) = ? [pid 448] <... futex resumed>) = ? [pid 448] +++ exited with 0 +++ [pid 447] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=136, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 138 ./strace-static-x86_64: Process 449 attached [pid 449] set_robust_list(0x5555560296a0, 24) = 0 [pid 449] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 449] setpgid(0, 0) = 0 [pid 449] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 449] write(3, "1000", 4) = 4 [pid 449] close(3) = 0 [pid 449] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 449] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 449] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 449] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 449] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 449] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 449] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 449] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 450 attached [pid 450] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 450] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 450] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 449] <... clone3 resumed> => {parent_tid=[139]}, 88) = 139 [pid 449] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 449] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 450] <... futex resumed>) = 0 [pid 450] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 449] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 450] <... openat resumed>) = 3 [pid 450] write(3, "65", 2) = 2 [ 38.921161][ T448] [ 38.938188][ T450] FAULT_INJECTION: forcing a failure. [ 38.938188][ T450] name failslab, interval 1, probability 0, space 0, times 0 [ 38.950640][ T450] CPU: 1 PID: 450 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 38.960664][ T450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [pid 450] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 449] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 38.970558][ T450] Call Trace: [ 38.973679][ T450] [ 38.976462][ T450] dump_stack_lvl+0x151/0x1b7 [ 38.980970][ T450] ? io_uring_drop_tctx_refs+0x190/0x190 [ 38.986529][ T450] ? dup_userfaultfd_complete+0x295/0x2f0 [ 38.992113][ T450] ? dup_userfaultfd+0x5d0/0x5d0 [ 38.996856][ T450] dump_stack+0x15/0x17 [ 39.000845][ T450] should_fail+0x3c6/0x510 [ 39.005101][ T450] __should_failslab+0xa4/0xe0 [ 39.009697][ T450] ? create_new_namespaces+0x34/0x670 [ 39.014908][ T450] should_failslab+0x9/0x20 [ 39.019249][ T450] slab_pre_alloc_hook+0x37/0xd0 [ 39.024017][ T450] ? create_new_namespaces+0x34/0x670 [ 39.029228][ T450] kmem_cache_alloc+0x44/0x200 [ 39.033836][ T450] ? cap_capable+0x1d2/0x270 [ 39.038690][ T450] create_new_namespaces+0x34/0x670 [ 39.043852][ T450] ? security_capable+0x87/0xb0 [ 39.048520][ T450] ? ns_capable+0x89/0xe0 [ 39.052686][ T450] copy_namespaces+0x1d1/0x220 [ 39.057286][ T450] copy_process+0x12e7/0x3260 [ 39.061813][ T450] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 39.066744][ T450] ? __kasan_check_write+0x14/0x20 [ 39.071697][ T450] kernel_clone+0x21e/0x9e0 [ 39.076033][ T450] ? _raw_spin_unlock_irq+0x4e/0x70 [ 39.081064][ T450] ? create_io_thread+0x1e0/0x1e0 [ 39.085925][ T450] __x64_sys_clone+0x23f/0x290 [ 39.090527][ T450] ? __do_sys_vfork+0x130/0x130 [ 39.095385][ T450] ? __kasan_check_read+0x11/0x20 [ 39.100340][ T450] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 39.106328][ T450] do_syscall_64+0x3d/0xb0 [ 39.110585][ T450] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.116309][ T450] RIP: 0033:0x7fee0c2830a9 [ 39.120562][ T450] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 39.140013][ T450] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 39.148249][ T450] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 39.156060][ T450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 39.163870][ T450] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [pid 450] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 450] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 449] close(3) = 0 [pid 449] close(4) = -1 EBADF (Bad file descriptor) [pid 449] close(5) = -1 EBADF (Bad file descriptor) [pid 449] close(6) = -1 EBADF (Bad file descriptor) [pid 449] close(7) = -1 EBADF (Bad file descriptor) [pid 449] close(8) = -1 EBADF (Bad file descriptor) [pid 449] close(9) = -1 EBADF (Bad file descriptor) [pid 449] close(10) = -1 EBADF (Bad file descriptor) [pid 449] close(11) = -1 EBADF (Bad file descriptor) [pid 449] close(12) = -1 EBADF (Bad file descriptor) [pid 449] close(13) = -1 EBADF (Bad file descriptor) [pid 449] close(14) = -1 EBADF (Bad file descriptor) [pid 449] close(15) = -1 EBADF (Bad file descriptor) [pid 449] close(16) = -1 EBADF (Bad file descriptor) [pid 449] close(17) = -1 EBADF (Bad file descriptor) [pid 449] close(18) = -1 EBADF (Bad file descriptor) [pid 449] close(19 [pid 450] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 449] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 449] close(20) = -1 EBADF (Bad file descriptor) [pid 449] close(21) = -1 EBADF (Bad file descriptor) [pid 449] close(22) = -1 EBADF (Bad file descriptor) [pid 449] close(23) = -1 EBADF (Bad file descriptor) [pid 449] close(24) = -1 EBADF (Bad file descriptor) [pid 449] close(25) = -1 EBADF (Bad file descriptor) [pid 449] close(26) = -1 EBADF (Bad file descriptor) [pid 449] close(27) = -1 EBADF (Bad file descriptor) [pid 449] close(28) = -1 EBADF (Bad file descriptor) [pid 449] close(29) = -1 EBADF (Bad file descriptor) [pid 449] exit_group(0) = ? [pid 450] <... futex resumed>) = ? [pid 450] +++ exited with 0 +++ [pid 449] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=138, si_uid=0, si_status=0, si_utime=0, si_stime=22} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 140 ./strace-static-x86_64: Process 452 attached [pid 452] set_robust_list(0x5555560296a0, 24) = 0 [pid 452] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 452] setpgid(0, 0) = 0 [pid 452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 452] write(3, "1000", 4) = 4 [pid 452] close(3) = 0 [pid 452] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 452] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 452] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 452] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 452] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 452] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 452] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 452] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[141]}, 88) = 141 [pid 452] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 452] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 452] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 453 attached [pid 453] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 453] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 453] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 453] write(3, "65", 2) = 2 [ 39.171681][ T450] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 39.179491][ T450] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 39.187306][ T450] [ 39.203243][ T453] FAULT_INJECTION: forcing a failure. [ 39.203243][ T453] name failslab, interval 1, probability 0, space 0, times 0 [ 39.215792][ T453] CPU: 0 PID: 453 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 39.225809][ T453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 39.235703][ T453] Call Trace: [ 39.238830][ T453] [ 39.241690][ T453] dump_stack_lvl+0x151/0x1b7 [ 39.246202][ T453] ? io_uring_drop_tctx_refs+0x190/0x190 [ 39.251672][ T453] ? dup_userfaultfd_complete+0x295/0x2f0 [ 39.257224][ T453] ? dup_userfaultfd+0x5d0/0x5d0 [ 39.261995][ T453] dump_stack+0x15/0x17 [ 39.265991][ T453] should_fail+0x3c6/0x510 [ 39.270249][ T453] __should_failslab+0xa4/0xe0 [ 39.274842][ T453] ? create_new_namespaces+0x34/0x670 [ 39.280049][ T453] should_failslab+0x9/0x20 [ 39.284389][ T453] slab_pre_alloc_hook+0x37/0xd0 [ 39.289161][ T453] ? create_new_namespaces+0x34/0x670 [ 39.294370][ T453] kmem_cache_alloc+0x44/0x200 [ 39.298969][ T453] ? cap_capable+0x1d2/0x270 [ 39.303490][ T453] create_new_namespaces+0x34/0x670 [ 39.308517][ T453] ? security_capable+0x87/0xb0 [ 39.313216][ T453] ? ns_capable+0x89/0xe0 [ 39.317372][ T453] copy_namespaces+0x1d1/0x220 [ 39.321971][ T453] copy_process+0x12e7/0x3260 [ 39.326488][ T453] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 39.331431][ T453] ? __kasan_check_write+0x14/0x20 [ 39.336377][ T453] kernel_clone+0x21e/0x9e0 [ 39.340716][ T453] ? _raw_spin_unlock_irq+0x4e/0x70 [ 39.345749][ T453] ? create_io_thread+0x1e0/0x1e0 [ 39.350609][ T453] __x64_sys_clone+0x23f/0x290 [ 39.355215][ T453] ? __do_sys_vfork+0x130/0x130 [ 39.359897][ T453] ? __kasan_check_read+0x11/0x20 [ 39.364778][ T453] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 39.370572][ T453] do_syscall_64+0x3d/0xb0 [ 39.374825][ T453] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.380551][ T453] RIP: 0033:0x7fee0c2830a9 [ 39.384808][ T453] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 39.404247][ T453] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 39.412493][ T453] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 453] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 452] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 453] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 453] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 453] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 452] close(3) = 0 [pid 452] close(4) = -1 EBADF (Bad file descriptor) [pid 452] close(5) = -1 EBADF (Bad file descriptor) [pid 452] close(6) = -1 EBADF (Bad file descriptor) [pid 452] close(7) = -1 EBADF (Bad file descriptor) [pid 452] close(8) = -1 EBADF (Bad file descriptor) [pid 452] close(9) = -1 EBADF (Bad file descriptor) [pid 452] close(10) = -1 EBADF (Bad file descriptor) [pid 452] close(11) = -1 EBADF (Bad file descriptor) [pid 452] close(12) = -1 EBADF (Bad file descriptor) [pid 452] close(13) = -1 EBADF (Bad file descriptor) [pid 452] close(14) = -1 EBADF (Bad file descriptor) [pid 452] close(15) = -1 EBADF (Bad file descriptor) [pid 452] close(16) = -1 EBADF (Bad file descriptor) [pid 452] close(17) = -1 EBADF (Bad file descriptor) [pid 452] close(18) = -1 EBADF (Bad file descriptor) [pid 452] close(19) = -1 EBADF (Bad file descriptor) [pid 452] close(20) = -1 EBADF (Bad file descriptor) [pid 452] close(21) = -1 EBADF (Bad file descriptor) [pid 452] close(22) = -1 EBADF (Bad file descriptor) [pid 452] close(23) = -1 EBADF (Bad file descriptor) [pid 452] close(24) = -1 EBADF (Bad file descriptor) [pid 452] close(25) = -1 EBADF (Bad file descriptor) [pid 452] close(26) = -1 EBADF (Bad file descriptor) [pid 452] close(27) = -1 EBADF (Bad file descriptor) [pid 452] close(28) = -1 EBADF (Bad file descriptor) [pid 452] close(29) = -1 EBADF (Bad file descriptor) [pid 452] exit_group(0) = ? [pid 453] <... futex resumed>) = ? [pid 453] +++ exited with 0 +++ [pid 452] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=140, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 142 ./strace-static-x86_64: Process 454 attached [pid 454] set_robust_list(0x5555560296a0, 24) = 0 [pid 454] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 454] setpgid(0, 0) = 0 [pid 454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 454] write(3, "1000", 4) = 4 [pid 454] close(3) = 0 [pid 454] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 454] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 454] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 454] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 454] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 454] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 454] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 454] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[143]}, 88) = 143 [pid 454] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 454] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 454] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 455 attached [pid 455] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 455] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 455] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 455] write(3, "65", 2) = 2 [ 39.420302][ T453] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 39.428115][ T453] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 39.435927][ T453] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 39.443737][ T453] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 39.451548][ T453] [ 39.464023][ T455] FAULT_INJECTION: forcing a failure. [pid 455] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 454] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 39.464023][ T455] name failslab, interval 1, probability 0, space 0, times 0 [ 39.476466][ T455] CPU: 0 PID: 455 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 39.486487][ T455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 39.496466][ T455] Call Trace: [ 39.499592][ T455] [ 39.502366][ T455] dump_stack_lvl+0x151/0x1b7 [ 39.506879][ T455] ? io_uring_drop_tctx_refs+0x190/0x190 [ 39.512348][ T455] ? avc_denied+0x1b0/0x1b0 [ 39.516688][ T455] dump_stack+0x15/0x17 [ 39.520774][ T455] should_fail+0x3c6/0x510 [ 39.525020][ T455] __should_failslab+0xa4/0xe0 [ 39.529618][ T455] ? vm_area_dup+0x26/0x230 [ 39.533961][ T455] should_failslab+0x9/0x20 [ 39.538383][ T455] slab_pre_alloc_hook+0x37/0xd0 [ 39.543158][ T455] ? vm_area_dup+0x26/0x230 [ 39.547588][ T455] kmem_cache_alloc+0x44/0x200 [ 39.552193][ T455] vm_area_dup+0x26/0x230 [ 39.556351][ T455] copy_mm+0x9a1/0x13e0 [ 39.560342][ T455] ? copy_signal+0x610/0x610 [ 39.564770][ T455] ? __init_rwsem+0xd6/0x1c0 [ 39.569197][ T455] ? copy_signal+0x4e3/0x610 [ 39.573620][ T455] copy_process+0x12bc/0x3260 [ 39.578137][ T455] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 39.583079][ T455] ? __kasan_check_write+0x14/0x20 [ 39.588029][ T455] kernel_clone+0x21e/0x9e0 [ 39.592371][ T455] ? _raw_spin_unlock_irq+0x4e/0x70 [ 39.597405][ T455] ? create_io_thread+0x1e0/0x1e0 [ 39.602263][ T455] __x64_sys_clone+0x23f/0x290 [ 39.606860][ T455] ? __do_sys_vfork+0x130/0x130 [ 39.611550][ T455] ? __kasan_check_read+0x11/0x20 [ 39.616408][ T455] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 39.622224][ T455] do_syscall_64+0x3d/0xb0 [ 39.626478][ T455] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.632205][ T455] RIP: 0033:0x7fee0c2830a9 [ 39.636458][ T455] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 39.656421][ T455] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 39.664752][ T455] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 455] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 455] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 454] close(3) = 0 [pid 454] close(4) = -1 EBADF (Bad file descriptor) [pid 454] close(5) = -1 EBADF (Bad file descriptor) [pid 454] close(6) = -1 EBADF (Bad file descriptor) [pid 454] close(7) = -1 EBADF (Bad file descriptor) [pid 454] close(8) = -1 EBADF (Bad file descriptor) [pid 454] close(9) = -1 EBADF (Bad file descriptor) [pid 454] close(10) = -1 EBADF (Bad file descriptor) [pid 454] close(11) = -1 EBADF (Bad file descriptor) [pid 454] close(12) = -1 EBADF (Bad file descriptor) [pid 454] close(13) = -1 EBADF (Bad file descriptor) [pid 454] close(14) = -1 EBADF (Bad file descriptor) [pid 454] close(15) = -1 EBADF (Bad file descriptor) [pid 454] close(16) = -1 EBADF (Bad file descriptor) [pid 454] close(17) = -1 EBADF (Bad file descriptor) [pid 454] close(18) = -1 EBADF (Bad file descriptor) [pid 454] close(19) = -1 EBADF (Bad file descriptor) [pid 454] close(20) = -1 EBADF (Bad file descriptor) [pid 454] close(21) = -1 EBADF (Bad file descriptor) [pid 454] close(22) = -1 EBADF (Bad file descriptor) [pid 454] close(23) = -1 EBADF (Bad file descriptor) [pid 454] close(24) = -1 EBADF (Bad file descriptor) [pid 454] close(25) = -1 EBADF (Bad file descriptor) [pid 454] close(26) = -1 EBADF (Bad file descriptor) [pid 454] close(27) = -1 EBADF (Bad file descriptor) [pid 454] close(28) = -1 EBADF (Bad file descriptor) [pid 454] close(29) = -1 EBADF (Bad file descriptor) [pid 454] exit_group(0 [pid 455] <... futex resumed>) = ? [pid 454] <... exit_group resumed>) = ? [pid 455] +++ exited with 0 +++ [pid 454] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=142, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 456 attached , child_tidptr=0x555556029690) = 144 [pid 456] set_robust_list(0x5555560296a0, 24) = 0 [pid 456] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 456] setpgid(0, 0) = 0 [pid 456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 456] write(3, "1000", 4) = 4 [pid 456] close(3) = 0 [pid 456] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 456] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 456] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 456] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 456] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 456] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 456] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 456] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 457 attached => {parent_tid=[145]}, 88) = 145 [pid 457] set_robust_list(0x7fee0c2439a0, 24 [pid 456] rt_sigprocmask(SIG_SETMASK, [], [pid 457] <... set_robust_list resumed>) = 0 [pid 456] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 457] rt_sigprocmask(SIG_SETMASK, [], [pid 456] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 456] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 457] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 457] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 457] write(3, "65", 2) = 2 [ 39.672561][ T455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 39.680381][ T455] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 39.688192][ T455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 39.695996][ T455] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 39.703858][ T455] [ 39.721912][ T457] FAULT_INJECTION: forcing a failure. [ 39.721912][ T457] name failslab, interval 1, probability 0, space 0, times 0 [ 39.734452][ T457] CPU: 0 PID: 457 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 39.744481][ T457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 39.754378][ T457] Call Trace: [ 39.757503][ T457] [ 39.760279][ T457] dump_stack_lvl+0x151/0x1b7 [ 39.764791][ T457] ? io_uring_drop_tctx_refs+0x190/0x190 [ 39.770258][ T457] ? dup_userfaultfd_complete+0x295/0x2f0 [ 39.775817][ T457] ? dup_userfaultfd+0x5d0/0x5d0 [ 39.780589][ T457] dump_stack+0x15/0x17 [ 39.784581][ T457] should_fail+0x3c6/0x510 [ 39.788834][ T457] __should_failslab+0xa4/0xe0 [ 39.793432][ T457] ? create_new_namespaces+0x34/0x670 [ 39.798643][ T457] should_failslab+0x9/0x20 [ 39.802980][ T457] slab_pre_alloc_hook+0x37/0xd0 [ 39.807757][ T457] ? create_new_namespaces+0x34/0x670 [ 39.812966][ T457] kmem_cache_alloc+0x44/0x200 [ 39.817562][ T457] ? cap_capable+0x1d2/0x270 [ 39.821987][ T457] create_new_namespaces+0x34/0x670 [ 39.827021][ T457] ? security_capable+0x87/0xb0 [ 39.831708][ T457] ? ns_capable+0x89/0xe0 [ 39.835884][ T457] copy_namespaces+0x1d1/0x220 [ 39.840499][ T457] copy_process+0x12e7/0x3260 [ 39.844989][ T457] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 39.850023][ T457] ? __kasan_check_write+0x14/0x20 [ 39.854970][ T457] kernel_clone+0x21e/0x9e0 [ 39.859310][ T457] ? _raw_spin_unlock_irq+0x4e/0x70 [ 39.864344][ T457] ? create_io_thread+0x1e0/0x1e0 [ 39.869205][ T457] __x64_sys_clone+0x23f/0x290 [ 39.873895][ T457] ? __do_sys_vfork+0x130/0x130 [ 39.878577][ T457] ? __kasan_check_read+0x11/0x20 [ 39.883436][ T457] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 39.889258][ T457] do_syscall_64+0x3d/0xb0 [ 39.893503][ T457] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 39.899231][ T457] RIP: 0033:0x7fee0c2830a9 [ 39.903485][ T457] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 457] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 456] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 457] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 457] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 457] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 456] close(3) = 0 [pid 456] close(4) = -1 EBADF (Bad file descriptor) [pid 456] close(5) = -1 EBADF (Bad file descriptor) [pid 456] close(6) = -1 EBADF (Bad file descriptor) [pid 456] close(7) = -1 EBADF (Bad file descriptor) [pid 456] close(8) = -1 EBADF (Bad file descriptor) [pid 456] close(9) = -1 EBADF (Bad file descriptor) [pid 456] close(10) = -1 EBADF (Bad file descriptor) [pid 456] close(11) = -1 EBADF (Bad file descriptor) [pid 456] close(12) = -1 EBADF (Bad file descriptor) [pid 456] close(13) = -1 EBADF (Bad file descriptor) [pid 456] close(14) = -1 EBADF (Bad file descriptor) [pid 456] close(15) = -1 EBADF (Bad file descriptor) [pid 456] close(16) = -1 EBADF (Bad file descriptor) [pid 456] close(17) = -1 EBADF (Bad file descriptor) [pid 456] close(18) = -1 EBADF (Bad file descriptor) [pid 456] close(19) = -1 EBADF (Bad file descriptor) [pid 456] close(20) = -1 EBADF (Bad file descriptor) [pid 456] close(21) = -1 EBADF (Bad file descriptor) [pid 456] close(22) = -1 EBADF (Bad file descriptor) [pid 456] close(23) = -1 EBADF (Bad file descriptor) [pid 456] close(24) = -1 EBADF (Bad file descriptor) [pid 456] close(25) = -1 EBADF (Bad file descriptor) [pid 456] close(26) = -1 EBADF (Bad file descriptor) [pid 456] close(27) = -1 EBADF (Bad file descriptor) [pid 456] close(28) = -1 EBADF (Bad file descriptor) [pid 456] close(29) = -1 EBADF (Bad file descriptor) [pid 456] exit_group(0) = ? [pid 457] <... futex resumed>) = ? [pid 457] +++ exited with 0 +++ [pid 456] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=144, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 146 ./strace-static-x86_64: Process 458 attached [pid 458] set_robust_list(0x5555560296a0, 24) = 0 [pid 458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 458] setpgid(0, 0) = 0 [pid 458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 458] write(3, "1000", 4) = 4 [pid 458] close(3) = 0 [pid 458] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 458] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 458] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 458] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 458] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 458] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 459 attached => {parent_tid=[147]}, 88) = 147 [pid 459] set_robust_list(0x7fee0c2439a0, 24 [pid 458] rt_sigprocmask(SIG_SETMASK, [], [pid 459] <... set_robust_list resumed>) = 0 [pid 459] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 459] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 458] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 458] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 459] <... futex resumed>) = 0 [pid 459] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 459] write(3, "65", 2) = 2 [ 39.922926][ T457] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 39.931172][ T457] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 39.939067][ T457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 39.946878][ T457] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 39.954694][ T457] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 39.962501][ T457] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 39.970315][ T457] [ 39.984701][ T459] FAULT_INJECTION: forcing a failure. [ 39.984701][ T459] name failslab, interval 1, probability 0, space 0, times 0 [ 39.997175][ T459] CPU: 1 PID: 459 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 40.007162][ T459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 40.017062][ T459] Call Trace: [ 40.020184][ T459] [ 40.022986][ T459] dump_stack_lvl+0x151/0x1b7 [ 40.027473][ T459] ? io_uring_drop_tctx_refs+0x190/0x190 [ 40.032950][ T459] dump_stack+0x15/0x17 [ 40.037052][ T459] should_fail+0x3c6/0x510 [ 40.041437][ T459] __should_failslab+0xa4/0xe0 [ 40.046018][ T459] ? vm_area_dup+0x26/0x230 [ 40.050355][ T459] should_failslab+0x9/0x20 [ 40.054694][ T459] slab_pre_alloc_hook+0x37/0xd0 [ 40.059555][ T459] ? vm_area_dup+0x26/0x230 [ 40.063900][ T459] kmem_cache_alloc+0x44/0x200 [ 40.068495][ T459] vm_area_dup+0x26/0x230 [ 40.072662][ T459] copy_mm+0x9a1/0x13e0 [ 40.076740][ T459] ? copy_signal+0x610/0x610 [ 40.081267][ T459] ? __init_rwsem+0xd6/0x1c0 [ 40.085719][ T459] ? copy_signal+0x4e3/0x610 [ 40.090117][ T459] copy_process+0x12bc/0x3260 [ 40.094633][ T459] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 40.099578][ T459] ? __kasan_check_write+0x14/0x20 [ 40.104529][ T459] kernel_clone+0x21e/0x9e0 [ 40.108866][ T459] ? _raw_spin_unlock_irq+0x4e/0x70 [ 40.113898][ T459] ? create_io_thread+0x1e0/0x1e0 [ 40.118764][ T459] __x64_sys_clone+0x23f/0x290 [ 40.123358][ T459] ? __do_sys_vfork+0x130/0x130 [ 40.128046][ T459] ? __kasan_check_read+0x11/0x20 [ 40.132906][ T459] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 40.138723][ T459] do_syscall_64+0x3d/0xb0 [ 40.142972][ T459] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 40.148702][ T459] RIP: 0033:0x7fee0c2830a9 [ 40.152955][ T459] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 40.172573][ T459] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 459] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 458] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 459] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 459] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] close(3) = 0 [pid 458] close(4) = -1 EBADF (Bad file descriptor) [pid 458] close(5) = -1 EBADF (Bad file descriptor) [pid 458] close(6) = -1 EBADF (Bad file descriptor) [pid 458] close(7) = -1 EBADF (Bad file descriptor) [pid 458] close(8) = -1 EBADF (Bad file descriptor) [pid 458] close(9) = -1 EBADF (Bad file descriptor) [pid 458] close(10) = -1 EBADF (Bad file descriptor) [pid 458] close(11) = -1 EBADF (Bad file descriptor) [pid 458] close(12) = -1 EBADF (Bad file descriptor) [pid 458] close(13) = -1 EBADF (Bad file descriptor) [pid 458] close(14) = -1 EBADF (Bad file descriptor) [pid 458] close(15) = -1 EBADF (Bad file descriptor) [pid 458] close(16) = -1 EBADF (Bad file descriptor) [pid 458] close(17) = -1 EBADF (Bad file descriptor) [pid 458] close(18) = -1 EBADF (Bad file descriptor) [pid 458] close(19) = -1 EBADF (Bad file descriptor) [pid 458] close(20) = -1 EBADF (Bad file descriptor) [pid 458] close(21) = -1 EBADF (Bad file descriptor) [pid 458] close(22) = -1 EBADF (Bad file descriptor) [pid 458] close(23) = -1 EBADF (Bad file descriptor) [pid 458] close(24) = -1 EBADF (Bad file descriptor) [pid 458] close(25) = -1 EBADF (Bad file descriptor) [pid 458] close(26) = -1 EBADF (Bad file descriptor) [pid 458] close(27) = -1 EBADF (Bad file descriptor) [pid 458] close(28) = -1 EBADF (Bad file descriptor) [pid 458] close(29) = -1 EBADF (Bad file descriptor) [pid 458] exit_group(0 [pid 459] <... futex resumed>) = ? [pid 458] <... exit_group resumed>) = ? [pid 459] +++ exited with 0 +++ [pid 458] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=146, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 461 attached [pid 461] set_robust_list(0x5555560296a0, 24 [pid 294] <... clone resumed>, child_tidptr=0x555556029690) = 148 [pid 461] <... set_robust_list resumed>) = 0 [pid 461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 461] setpgid(0, 0) = 0 [pid 461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 461] write(3, "1000", 4) = 4 [pid 461] close(3) = 0 [pid 461] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 461] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 461] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 461] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 461] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 461] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 461] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 461] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 462 attached [pid 462] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 462] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 462] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 461] <... clone3 resumed> => {parent_tid=[149]}, 88) = 149 [pid 461] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 461] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 462] <... futex resumed>) = 0 [pid 461] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 462] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 462] write(3, "65", 2) = 2 [ 40.180817][ T459] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 40.188629][ T459] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 40.196437][ T459] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 40.204246][ T459] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 40.212062][ T459] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 40.219880][ T459] [ 40.238325][ T462] FAULT_INJECTION: forcing a failure. [ 40.238325][ T462] name failslab, interval 1, probability 0, space 0, times 0 [ 40.250895][ T462] CPU: 1 PID: 462 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 40.261029][ T462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 40.270924][ T462] Call Trace: [ 40.274046][ T462] [ 40.276826][ T462] dump_stack_lvl+0x151/0x1b7 [ 40.281338][ T462] ? io_uring_drop_tctx_refs+0x190/0x190 [ 40.286806][ T462] ? dup_userfaultfd_complete+0x295/0x2f0 [ 40.292364][ T462] ? dup_userfaultfd+0x5d0/0x5d0 [ 40.297136][ T462] dump_stack+0x15/0x17 [ 40.301128][ T462] should_fail+0x3c6/0x510 [ 40.305378][ T462] __should_failslab+0xa4/0xe0 [ 40.309979][ T462] ? create_new_namespaces+0x34/0x670 [ 40.315358][ T462] should_failslab+0x9/0x20 [ 40.319700][ T462] slab_pre_alloc_hook+0x37/0xd0 [ 40.324475][ T462] ? create_new_namespaces+0x34/0x670 [ 40.329682][ T462] kmem_cache_alloc+0x44/0x200 [ 40.334289][ T462] ? cap_capable+0x1d2/0x270 [ 40.338730][ T462] create_new_namespaces+0x34/0x670 [ 40.343741][ T462] ? security_capable+0x87/0xb0 [ 40.348426][ T462] ? ns_capable+0x89/0xe0 [ 40.352613][ T462] copy_namespaces+0x1d1/0x220 [ 40.357203][ T462] copy_process+0x12e7/0x3260 [ 40.361713][ T462] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 40.366652][ T462] ? __kasan_check_write+0x14/0x20 [ 40.371602][ T462] kernel_clone+0x21e/0x9e0 [ 40.375941][ T462] ? _raw_spin_unlock_irq+0x4e/0x70 [ 40.380974][ T462] ? create_io_thread+0x1e0/0x1e0 [ 40.385836][ T462] __x64_sys_clone+0x23f/0x290 [ 40.390436][ T462] ? __do_sys_vfork+0x130/0x130 [ 40.395217][ T462] ? __kasan_check_read+0x11/0x20 [ 40.400103][ T462] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 40.405900][ T462] do_syscall_64+0x3d/0xb0 [ 40.410149][ T462] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 40.415874][ T462] RIP: 0033:0x7fee0c2830a9 [pid 462] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 461] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 40.420129][ T462] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 40.439569][ T462] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 40.447814][ T462] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 40.455625][ T462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 40.463437][ T462] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 40.471244][ T462] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 40.479062][ T462] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 462] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 462] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 462] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 461] close(3) = 0 [pid 461] close(4) = -1 EBADF (Bad file descriptor) [pid 461] close(5) = -1 EBADF (Bad file descriptor) [pid 461] close(6) = -1 EBADF (Bad file descriptor) [pid 461] close(7) = -1 EBADF (Bad file descriptor) [pid 461] close(8) = -1 EBADF (Bad file descriptor) [pid 461] close(9) = -1 EBADF (Bad file descriptor) [pid 461] close(10) = -1 EBADF (Bad file descriptor) [pid 461] close(11) = -1 EBADF (Bad file descriptor) [pid 461] close(12) = -1 EBADF (Bad file descriptor) [pid 461] close(13) = -1 EBADF (Bad file descriptor) [pid 461] close(14) = -1 EBADF (Bad file descriptor) [pid 461] close(15) = -1 EBADF (Bad file descriptor) [pid 461] close(16) = -1 EBADF (Bad file descriptor) [pid 461] close(17) = -1 EBADF (Bad file descriptor) [pid 461] close(18) = -1 EBADF (Bad file descriptor) [pid 461] close(19) = -1 EBADF (Bad file descriptor) [pid 461] close(20) = -1 EBADF (Bad file descriptor) [pid 461] close(21) = -1 EBADF (Bad file descriptor) [pid 461] close(22) = -1 EBADF (Bad file descriptor) [pid 461] close(23) = -1 EBADF (Bad file descriptor) [pid 461] close(24) = -1 EBADF (Bad file descriptor) [pid 461] close(25) = -1 EBADF (Bad file descriptor) [pid 461] close(26) = -1 EBADF (Bad file descriptor) [pid 461] close(27) = -1 EBADF (Bad file descriptor) [pid 461] close(28) = -1 EBADF (Bad file descriptor) [pid 461] close(29) = -1 EBADF (Bad file descriptor) [pid 461] exit_group(0 [pid 462] <... futex resumed>) = ? [pid 461] <... exit_group resumed>) = ? [pid 462] +++ exited with 0 +++ [pid 461] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=148, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 150 ./strace-static-x86_64: Process 463 attached [pid 463] set_robust_list(0x5555560296a0, 24) = 0 [pid 463] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 463] setpgid(0, 0) = 0 [pid 463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 463] write(3, "1000", 4) = 4 [pid 463] close(3) = 0 [pid 463] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 463] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 463] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 463] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 463] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 463] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 463] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 464 attached => {parent_tid=[151]}, 88) = 151 [pid 463] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 464] set_robust_list(0x7fee0c2439a0, 24 [pid 463] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 464] <... set_robust_list resumed>) = 0 [pid 464] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 464] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 464] write(3, "65", 2) = 2 [ 40.486870][ T462] [ 40.502373][ T464] FAULT_INJECTION: forcing a failure. [ 40.502373][ T464] name failslab, interval 1, probability 0, space 0, times 0 [ 40.515067][ T464] CPU: 0 PID: 464 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 40.525197][ T464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 40.535265][ T464] Call Trace: [ 40.538384][ T464] [ 40.541162][ T464] dump_stack_lvl+0x151/0x1b7 [ 40.545676][ T464] ? io_uring_drop_tctx_refs+0x190/0x190 [ 40.551142][ T464] ? dup_userfaultfd_complete+0x295/0x2f0 [ 40.556699][ T464] ? dup_userfaultfd+0x5d0/0x5d0 [ 40.561470][ T464] dump_stack+0x15/0x17 [ 40.565464][ T464] should_fail+0x3c6/0x510 [ 40.569718][ T464] __should_failslab+0xa4/0xe0 [ 40.574314][ T464] ? create_new_namespaces+0x34/0x670 [ 40.579522][ T464] should_failslab+0x9/0x20 [ 40.583861][ T464] slab_pre_alloc_hook+0x37/0xd0 [ 40.588637][ T464] ? create_new_namespaces+0x34/0x670 [ 40.593930][ T464] kmem_cache_alloc+0x44/0x200 [ 40.598532][ T464] ? cap_capable+0x1d2/0x270 [ 40.602962][ T464] create_new_namespaces+0x34/0x670 [ 40.608005][ T464] ? security_capable+0x87/0xb0 [ 40.612680][ T464] ? ns_capable+0x89/0xe0 [ 40.616842][ T464] copy_namespaces+0x1d1/0x220 [ 40.621442][ T464] copy_process+0x12e7/0x3260 [ 40.625958][ T464] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 40.630904][ T464] ? __kasan_check_write+0x14/0x20 [ 40.635860][ T464] kernel_clone+0x21e/0x9e0 [ 40.640192][ T464] ? _raw_spin_unlock_irq+0x4e/0x70 [ 40.645238][ T464] ? create_io_thread+0x1e0/0x1e0 [ 40.650099][ T464] __x64_sys_clone+0x23f/0x290 [ 40.654731][ T464] ? __do_sys_vfork+0x130/0x130 [ 40.659370][ T464] ? __kasan_check_read+0x11/0x20 [ 40.664233][ T464] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 40.670046][ T464] do_syscall_64+0x3d/0xb0 [ 40.674297][ T464] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 40.680027][ T464] RIP: 0033:0x7fee0c2830a9 [ 40.684283][ T464] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 40.703722][ T464] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 40.711974][ T464] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 40.719780][ T464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 40.727590][ T464] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [pid 464] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 463] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 464] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 464] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 463] close(3) = 0 [pid 463] close(4) = -1 EBADF (Bad file descriptor) [pid 463] close(5) = -1 EBADF (Bad file descriptor) [pid 463] close(6) = -1 EBADF (Bad file descriptor) [pid 463] close(7) = -1 EBADF (Bad file descriptor) [pid 463] close(8) = -1 EBADF (Bad file descriptor) [pid 463] close(9) = -1 EBADF (Bad file descriptor) [pid 463] close(10) = -1 EBADF (Bad file descriptor) [pid 463] close(11) = -1 EBADF (Bad file descriptor) [pid 463] close(12) = -1 EBADF (Bad file descriptor) [pid 463] close(13) = -1 EBADF (Bad file descriptor) [pid 463] close(14) = -1 EBADF (Bad file descriptor) [pid 463] close(15) = -1 EBADF (Bad file descriptor) [pid 463] close(16) = -1 EBADF (Bad file descriptor) [pid 463] close(17) = -1 EBADF (Bad file descriptor) [pid 463] close(18) = -1 EBADF (Bad file descriptor) [pid 463] close(19) = -1 EBADF (Bad file descriptor) [pid 463] close(20) = -1 EBADF (Bad file descriptor) [pid 463] close(21) = -1 EBADF (Bad file descriptor) [pid 463] close(22) = -1 EBADF (Bad file descriptor) [pid 463] close(23) = -1 EBADF (Bad file descriptor) [pid 463] close(24) = -1 EBADF (Bad file descriptor) [pid 463] close(25) = -1 EBADF (Bad file descriptor) [pid 463] close(26) = -1 EBADF (Bad file descriptor) [pid 463] close(27) = -1 EBADF (Bad file descriptor) [pid 463] close(28) = -1 EBADF (Bad file descriptor) [pid 463] close(29) = -1 EBADF (Bad file descriptor) [pid 463] exit_group(0) = ? [pid 464] <... futex resumed>) = ? [pid 464] +++ exited with 0 +++ [pid 463] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=150, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 465 attached , child_tidptr=0x555556029690) = 152 [pid 465] set_robust_list(0x5555560296a0, 24) = 0 [pid 465] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 465] setpgid(0, 0) = 0 [pid 465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 465] write(3, "1000", 4) = 4 [pid 465] close(3) = 0 [pid 465] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 465] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 465] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 465] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 465] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 465] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 465] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 465] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 466 attached [pid 466] set_robust_list(0x7fee0c2439a0, 24 [pid 465] <... clone3 resumed> => {parent_tid=[153]}, 88) = 153 [pid 465] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 465] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 465] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... set_robust_list resumed>) = 0 [pid 466] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 466] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 466] write(3, "65", 2) = 2 [ 40.735398][ T464] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 40.743210][ T464] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 40.751025][ T464] [ 40.764828][ T466] FAULT_INJECTION: forcing a failure. [ 40.764828][ T466] name failslab, interval 1, probability 0, space 0, times 0 [ 40.777259][ T466] CPU: 0 PID: 466 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 40.787303][ T466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 40.797181][ T466] Call Trace: [ 40.800313][ T466] [ 40.803082][ T466] dump_stack_lvl+0x151/0x1b7 [ 40.807606][ T466] ? io_uring_drop_tctx_refs+0x190/0x190 [ 40.813063][ T466] dump_stack+0x15/0x17 [ 40.817055][ T466] should_fail+0x3c6/0x510 [ 40.821308][ T466] __should_failslab+0xa4/0xe0 [ 40.825905][ T466] ? anon_vma_clone+0x9a/0x500 [ 40.830509][ T466] should_failslab+0x9/0x20 [ 40.835029][ T466] slab_pre_alloc_hook+0x37/0xd0 [ 40.839799][ T466] ? anon_vma_clone+0x9a/0x500 [ 40.844396][ T466] kmem_cache_alloc+0x44/0x200 [ 40.849001][ T466] anon_vma_clone+0x9a/0x500 [ 40.853508][ T466] anon_vma_fork+0x91/0x4e0 [ 40.857849][ T466] ? anon_vma_name+0x4c/0x70 [ 40.862271][ T466] ? vm_area_dup+0x17a/0x230 [ 40.866699][ T466] copy_mm+0xa3a/0x13e0 [ 40.870720][ T466] ? copy_signal+0x610/0x610 [ 40.875118][ T466] ? __init_rwsem+0xd6/0x1c0 [ 40.879543][ T466] ? copy_signal+0x4e3/0x610 [ 40.883978][ T466] copy_process+0x12bc/0x3260 [ 40.888486][ T466] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 40.893432][ T466] ? __kasan_check_write+0x14/0x20 [ 40.898383][ T466] kernel_clone+0x21e/0x9e0 [ 40.902717][ T466] ? _raw_spin_unlock_irq+0x4e/0x70 [ 40.907749][ T466] ? create_io_thread+0x1e0/0x1e0 [ 40.912612][ T466] __x64_sys_clone+0x23f/0x290 [ 40.917215][ T466] ? __do_sys_vfork+0x130/0x130 [ 40.921898][ T466] ? __kasan_check_read+0x11/0x20 [ 40.926771][ T466] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 40.932582][ T466] do_syscall_64+0x3d/0xb0 [ 40.936912][ T466] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 40.942646][ T466] RIP: 0033:0x7fee0c2830a9 [ 40.946893][ T466] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 40.966423][ T466] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 40.974687][ T466] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 40.982480][ T466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [pid 466] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 465] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 466] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 466] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 465] close(3) = 0 [pid 465] close(4) = -1 EBADF (Bad file descriptor) [pid 465] close(5) = -1 EBADF (Bad file descriptor) [pid 465] close(6) = -1 EBADF (Bad file descriptor) [pid 465] close(7) = -1 EBADF (Bad file descriptor) [pid 465] close(8) = -1 EBADF (Bad file descriptor) [pid 465] close(9) = -1 EBADF (Bad file descriptor) [pid 465] close(10) = -1 EBADF (Bad file descriptor) [pid 465] close(11) = -1 EBADF (Bad file descriptor) [pid 465] close(12) = -1 EBADF (Bad file descriptor) [pid 465] close(13) = -1 EBADF (Bad file descriptor) [pid 465] close(14) = -1 EBADF (Bad file descriptor) [pid 465] close(15) = -1 EBADF (Bad file descriptor) [pid 465] close(16) = -1 EBADF (Bad file descriptor) [pid 465] close(17) = -1 EBADF (Bad file descriptor) [pid 465] close(18) = -1 EBADF (Bad file descriptor) [pid 465] close(19) = -1 EBADF (Bad file descriptor) [pid 465] close(20) = -1 EBADF (Bad file descriptor) [pid 465] close(21) = -1 EBADF (Bad file descriptor) [pid 465] close(22) = -1 EBADF (Bad file descriptor) [pid 465] close(23) = -1 EBADF (Bad file descriptor) [pid 465] close(24) = -1 EBADF (Bad file descriptor) [pid 465] close(25) = -1 EBADF (Bad file descriptor) [pid 465] close(26) = -1 EBADF (Bad file descriptor) [pid 465] close(27) = -1 EBADF (Bad file descriptor) [pid 465] close(28) = -1 EBADF (Bad file descriptor) [pid 465] close(29) = -1 EBADF (Bad file descriptor) [pid 465] exit_group(0) = ? [pid 466] <... futex resumed>) = ? [pid 466] +++ exited with 0 +++ [pid 465] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=152, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 154 ./strace-static-x86_64: Process 467 attached [pid 467] set_robust_list(0x5555560296a0, 24) = 0 [pid 467] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 467] setpgid(0, 0) = 0 [pid 467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 467] write(3, "1000", 4) = 4 [pid 467] close(3) = 0 [pid 467] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 467] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 467] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 467] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 467] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 467] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 467] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 467] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[155]}, 88) = 155 [pid 467] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 467] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 467] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 468 attached [pid 468] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 468] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 468] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 468] write(3, "65", 2) = 2 [ 40.990289][ T466] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 40.998099][ T466] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 41.005914][ T466] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 41.013726][ T466] [ 41.027801][ T468] FAULT_INJECTION: forcing a failure. [ 41.027801][ T468] name failslab, interval 1, probability 0, space 0, times 0 [pid 468] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 467] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 41.040584][ T468] CPU: 0 PID: 468 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 41.050622][ T468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 41.060521][ T468] Call Trace: [ 41.063640][ T468] [ 41.066416][ T468] dump_stack_lvl+0x151/0x1b7 [ 41.071045][ T468] ? io_uring_drop_tctx_refs+0x190/0x190 [ 41.076510][ T468] dump_stack+0x15/0x17 [ 41.080491][ T468] should_fail+0x3c6/0x510 [ 41.084745][ T468] __should_failslab+0xa4/0xe0 [ 41.089345][ T468] ? anon_vma_clone+0x9a/0x500 [ 41.093946][ T468] should_failslab+0x9/0x20 [ 41.098291][ T468] slab_pre_alloc_hook+0x37/0xd0 [ 41.103058][ T468] ? anon_vma_clone+0x9a/0x500 [ 41.107657][ T468] kmem_cache_alloc+0x44/0x200 [ 41.112267][ T468] anon_vma_clone+0x9a/0x500 [ 41.116692][ T468] anon_vma_fork+0x91/0x4e0 [ 41.121027][ T468] ? anon_vma_name+0x4c/0x70 [ 41.125449][ T468] ? vm_area_dup+0x17a/0x230 [ 41.129874][ T468] copy_mm+0xa3a/0x13e0 [ 41.133868][ T468] ? copy_signal+0x610/0x610 [ 41.138295][ T468] ? __init_rwsem+0xd6/0x1c0 [ 41.142720][ T468] ? copy_signal+0x4e3/0x610 [ 41.147234][ T468] copy_process+0x12bc/0x3260 [ 41.151748][ T468] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 41.156692][ T468] ? __kasan_check_write+0x14/0x20 [ 41.161641][ T468] kernel_clone+0x21e/0x9e0 [ 41.165979][ T468] ? _raw_spin_unlock_irq+0x4e/0x70 [ 41.171014][ T468] ? create_io_thread+0x1e0/0x1e0 [ 41.175874][ T468] __x64_sys_clone+0x23f/0x290 [ 41.180474][ T468] ? __do_sys_vfork+0x130/0x130 [ 41.185161][ T468] ? __kasan_check_read+0x11/0x20 [ 41.190021][ T468] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 41.195837][ T468] do_syscall_64+0x3d/0xb0 [ 41.200088][ T468] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.205816][ T468] RIP: 0033:0x7fee0c2830a9 [ 41.210071][ T468] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 41.229519][ T468] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 468] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 468] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 467] close(3) = 0 [pid 467] close(4) = -1 EBADF (Bad file descriptor) [pid 467] close(5) = -1 EBADF (Bad file descriptor) [pid 467] close(6) = -1 EBADF (Bad file descriptor) [pid 467] close(7) = -1 EBADF (Bad file descriptor) [pid 467] close(8) = -1 EBADF (Bad file descriptor) [pid 467] close(9) = -1 EBADF (Bad file descriptor) [pid 467] close(10) = -1 EBADF (Bad file descriptor) [pid 467] close(11) = -1 EBADF (Bad file descriptor) [pid 467] close(12) = -1 EBADF (Bad file descriptor) [pid 467] close(13) = -1 EBADF (Bad file descriptor) [pid 467] close(14) = -1 EBADF (Bad file descriptor) [pid 467] close(15) = -1 EBADF (Bad file descriptor) [pid 468] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 467] close(16) = -1 EBADF (Bad file descriptor) [pid 467] close(17) = -1 EBADF (Bad file descriptor) [pid 467] close(18) = -1 EBADF (Bad file descriptor) [pid 467] close(19) = -1 EBADF (Bad file descriptor) [pid 467] close(20) = -1 EBADF (Bad file descriptor) [pid 467] close(21) = -1 EBADF (Bad file descriptor) [pid 467] close(22) = -1 EBADF (Bad file descriptor) [pid 467] close(23) = -1 EBADF (Bad file descriptor) [pid 467] close(24) = -1 EBADF (Bad file descriptor) [pid 467] close(25) = -1 EBADF (Bad file descriptor) [pid 467] close(26) = -1 EBADF (Bad file descriptor) [pid 467] close(27) = -1 EBADF (Bad file descriptor) [pid 467] close(28) = -1 EBADF (Bad file descriptor) [pid 467] close(29) = -1 EBADF (Bad file descriptor) [pid 467] exit_group(0) = ? [pid 468] <... futex resumed>) = ? [pid 468] +++ exited with 0 +++ [pid 467] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=154, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 156 ./strace-static-x86_64: Process 470 attached [pid 470] set_robust_list(0x5555560296a0, 24) = 0 [pid 470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 470] setpgid(0, 0) = 0 [pid 470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 470] write(3, "1000", 4) = 4 [pid 470] close(3) = 0 [pid 470] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 470] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 470] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 470] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 470] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 470] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 470] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[157]}, 88) = 157 [pid 470] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 470] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 470] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 471 attached [pid 471] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 471] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 471] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 471] write(3, "65", 2) = 2 [ 41.237765][ T468] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 41.245573][ T468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 41.253378][ T468] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 41.261192][ T468] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 41.269009][ T468] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 41.276820][ T468] [ 41.290390][ T471] FAULT_INJECTION: forcing a failure. [ 41.290390][ T471] name failslab, interval 1, probability 0, space 0, times 0 [ 41.302846][ T471] CPU: 0 PID: 471 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 41.312865][ T471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 41.322758][ T471] Call Trace: [ 41.325978][ T471] [ 41.328746][ T471] dump_stack_lvl+0x151/0x1b7 [ 41.333261][ T471] ? io_uring_drop_tctx_refs+0x190/0x190 [ 41.338725][ T471] ? dup_userfaultfd_complete+0x295/0x2f0 [ 41.344280][ T471] ? dup_userfaultfd+0x5d0/0x5d0 [ 41.349055][ T471] dump_stack+0x15/0x17 [ 41.353172][ T471] should_fail+0x3c6/0x510 [ 41.357417][ T471] __should_failslab+0xa4/0xe0 [ 41.362016][ T471] ? create_new_namespaces+0x34/0x670 [ 41.367225][ T471] should_failslab+0x9/0x20 [ 41.371563][ T471] slab_pre_alloc_hook+0x37/0xd0 [ 41.376334][ T471] ? create_new_namespaces+0x34/0x670 [ 41.381543][ T471] kmem_cache_alloc+0x44/0x200 [ 41.386142][ T471] ? cap_capable+0x1d2/0x270 [ 41.390572][ T471] create_new_namespaces+0x34/0x670 [ 41.395602][ T471] ? security_capable+0x87/0xb0 [ 41.400290][ T471] ? ns_capable+0x89/0xe0 [ 41.404456][ T471] copy_namespaces+0x1d1/0x220 [ 41.409056][ T471] copy_process+0x12e7/0x3260 [ 41.413572][ T471] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 41.418514][ T471] ? __kasan_check_write+0x14/0x20 [ 41.423463][ T471] kernel_clone+0x21e/0x9e0 [ 41.427804][ T471] ? _raw_spin_unlock_irq+0x4e/0x70 [ 41.432834][ T471] ? create_io_thread+0x1e0/0x1e0 [ 41.437784][ T471] __x64_sys_clone+0x23f/0x290 [ 41.442382][ T471] ? __do_sys_vfork+0x130/0x130 [ 41.447070][ T471] ? __kasan_check_read+0x11/0x20 [ 41.451929][ T471] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 41.457745][ T471] do_syscall_64+0x3d/0xb0 [ 41.462083][ T471] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.467814][ T471] RIP: 0033:0x7fee0c2830a9 [ 41.472068][ T471] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 471] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 470] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 471] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 471] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 471] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] close(3) = 0 [pid 470] close(4) = -1 EBADF (Bad file descriptor) [pid 470] close(5) = -1 EBADF (Bad file descriptor) [pid 470] close(6) = -1 EBADF (Bad file descriptor) [pid 470] close(7) = -1 EBADF (Bad file descriptor) [pid 470] close(8) = -1 EBADF (Bad file descriptor) [pid 470] close(9) = -1 EBADF (Bad file descriptor) [pid 470] close(10) = -1 EBADF (Bad file descriptor) [pid 470] close(11) = -1 EBADF (Bad file descriptor) [pid 470] close(12) = -1 EBADF (Bad file descriptor) [pid 470] close(13) = -1 EBADF (Bad file descriptor) [pid 470] close(14) = -1 EBADF (Bad file descriptor) [pid 470] close(15) = -1 EBADF (Bad file descriptor) [pid 470] close(16) = -1 EBADF (Bad file descriptor) [pid 470] close(17) = -1 EBADF (Bad file descriptor) [pid 470] close(18) = -1 EBADF (Bad file descriptor) [pid 470] close(19) = -1 EBADF (Bad file descriptor) [pid 470] close(20) = -1 EBADF (Bad file descriptor) [pid 470] close(21) = -1 EBADF (Bad file descriptor) [pid 470] close(22) = -1 EBADF (Bad file descriptor) [pid 470] close(23) = -1 EBADF (Bad file descriptor) [pid 470] close(24) = -1 EBADF (Bad file descriptor) [pid 470] close(25) = -1 EBADF (Bad file descriptor) [pid 470] close(26) = -1 EBADF (Bad file descriptor) [pid 470] close(27) = -1 EBADF (Bad file descriptor) [pid 470] close(28) = -1 EBADF (Bad file descriptor) [pid 470] close(29) = -1 EBADF (Bad file descriptor) [pid 470] exit_group(0) = ? [pid 471] <... futex resumed>) = ? [pid 471] +++ exited with 0 +++ [pid 470] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=156, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 158 ./strace-static-x86_64: Process 472 attached [pid 472] set_robust_list(0x5555560296a0, 24) = 0 [pid 472] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 472] setpgid(0, 0) = 0 [pid 472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 472] write(3, "1000", 4) = 4 [pid 472] close(3) = 0 [pid 472] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 472] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 472] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 472] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 472] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 472] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 472] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 472] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[159]}, 88) = 159 [pid 472] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 472] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 472] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 473 attached [pid 473] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 473] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 473] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 473] write(3, "65", 2) = 2 [ 41.491507][ T471] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 41.499751][ T471] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 41.507655][ T471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 41.515469][ T471] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 41.523285][ T471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 41.531194][ T471] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 41.539001][ T471] [ 41.551804][ T473] FAULT_INJECTION: forcing a failure. [ 41.551804][ T473] name failslab, interval 1, probability 0, space 0, times 0 [ 41.564286][ T473] CPU: 0 PID: 473 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 41.574379][ T473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 41.584376][ T473] Call Trace: [ 41.587498][ T473] [ 41.590278][ T473] dump_stack_lvl+0x151/0x1b7 [ 41.594792][ T473] ? io_uring_drop_tctx_refs+0x190/0x190 [ 41.600255][ T473] ? dup_userfaultfd_complete+0x295/0x2f0 [ 41.605813][ T473] ? dup_userfaultfd+0x5d0/0x5d0 [ 41.610584][ T473] dump_stack+0x15/0x17 [ 41.614575][ T473] should_fail+0x3c6/0x510 [ 41.618832][ T473] __should_failslab+0xa4/0xe0 [ 41.623436][ T473] ? create_new_namespaces+0x34/0x670 [ 41.628636][ T473] should_failslab+0x9/0x20 [ 41.632974][ T473] slab_pre_alloc_hook+0x37/0xd0 [ 41.637776][ T473] ? create_new_namespaces+0x34/0x670 [ 41.643048][ T473] kmem_cache_alloc+0x44/0x200 [ 41.647643][ T473] ? cap_capable+0x1d2/0x270 [ 41.652078][ T473] create_new_namespaces+0x34/0x670 [ 41.657191][ T473] ? security_capable+0x87/0xb0 [ 41.661894][ T473] ? ns_capable+0x89/0xe0 [ 41.666128][ T473] copy_namespaces+0x1d1/0x220 [ 41.670730][ T473] copy_process+0x12e7/0x3260 [ 41.675245][ T473] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 41.680191][ T473] ? __kasan_check_write+0x14/0x20 [ 41.685137][ T473] kernel_clone+0x21e/0x9e0 [ 41.689475][ T473] ? _raw_spin_unlock_irq+0x4e/0x70 [ 41.694510][ T473] ? create_io_thread+0x1e0/0x1e0 [ 41.699557][ T473] __x64_sys_clone+0x23f/0x290 [ 41.704143][ T473] ? __do_sys_vfork+0x130/0x130 [ 41.708921][ T473] ? __kasan_check_read+0x11/0x20 [ 41.713780][ T473] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 41.719614][ T473] do_syscall_64+0x3d/0xb0 [ 41.723843][ T473] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.729574][ T473] RIP: 0033:0x7fee0c2830a9 [pid 473] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 472] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 41.733919][ T473] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 41.753356][ T473] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 41.761598][ T473] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 41.769410][ T473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 41.777480][ T473] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 41.785291][ T473] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 41.793190][ T473] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 473] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 473] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 473] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 472] close(3) = 0 [pid 472] close(4) = -1 EBADF (Bad file descriptor) [pid 472] close(5) = -1 EBADF (Bad file descriptor) [pid 472] close(6) = -1 EBADF (Bad file descriptor) [pid 472] close(7) = -1 EBADF (Bad file descriptor) [pid 472] close(8) = -1 EBADF (Bad file descriptor) [pid 472] close(9) = -1 EBADF (Bad file descriptor) [pid 472] close(10) = -1 EBADF (Bad file descriptor) [pid 472] close(11) = -1 EBADF (Bad file descriptor) [pid 472] close(12) = -1 EBADF (Bad file descriptor) [pid 472] close(13) = -1 EBADF (Bad file descriptor) [pid 472] close(14) = -1 EBADF (Bad file descriptor) [pid 472] close(15) = -1 EBADF (Bad file descriptor) [pid 472] close(16) = -1 EBADF (Bad file descriptor) [pid 472] close(17) = -1 EBADF (Bad file descriptor) [pid 472] close(18) = -1 EBADF (Bad file descriptor) [pid 472] close(19) = -1 EBADF (Bad file descriptor) [pid 472] close(20) = -1 EBADF (Bad file descriptor) [pid 472] close(21) = -1 EBADF (Bad file descriptor) [pid 472] close(22) = -1 EBADF (Bad file descriptor) [pid 472] close(23) = -1 EBADF (Bad file descriptor) [pid 472] close(24) = -1 EBADF (Bad file descriptor) [pid 472] close(25) = -1 EBADF (Bad file descriptor) [pid 472] close(26) = -1 EBADF (Bad file descriptor) [pid 472] close(27) = -1 EBADF (Bad file descriptor) [pid 472] close(28) = -1 EBADF (Bad file descriptor) [pid 472] close(29) = -1 EBADF (Bad file descriptor) [pid 472] exit_group(0) = ? [pid 473] <... futex resumed>) = ? [pid 473] +++ exited with 0 +++ [pid 472] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=158, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 160 ./strace-static-x86_64: Process 474 attached [pid 474] set_robust_list(0x5555560296a0, 24) = 0 [pid 474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 474] setpgid(0, 0) = 0 [pid 474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 474] write(3, "1000", 4) = 4 [pid 474] close(3) = 0 [pid 474] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 474] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 474] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 474] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 474] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 474] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 474] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 474] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 475 attached [pid 475] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 475] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 475] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 474] <... clone3 resumed> => {parent_tid=[161]}, 88) = 161 [pid 474] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 474] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 475] <... futex resumed>) = 0 [pid 475] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 475] write(3, "65", 2) = 2 [pid 475] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [ 41.801003][ T473] [ 41.817912][ T475] FAULT_INJECTION: forcing a failure. [ 41.817912][ T475] name failslab, interval 1, probability 0, space 0, times 0 [ 41.830422][ T475] CPU: 1 PID: 475 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 41.840506][ T475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [pid 474] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [ 41.850856][ T475] Call Trace: [ 41.854006][ T475] [ 41.856755][ T475] dump_stack_lvl+0x151/0x1b7 [ 41.861355][ T475] ? io_uring_drop_tctx_refs+0x190/0x190 [ 41.866909][ T475] ? dup_userfaultfd_complete+0x295/0x2f0 [ 41.872470][ T475] ? dup_userfaultfd+0x5d0/0x5d0 [ 41.877235][ T475] dump_stack+0x15/0x17 [ 41.881230][ T475] should_fail+0x3c6/0x510 [ 41.885482][ T475] __should_failslab+0xa4/0xe0 [ 41.890080][ T475] ? create_new_namespaces+0x34/0x670 [ 41.895288][ T475] should_failslab+0x9/0x20 [ 41.899631][ T475] slab_pre_alloc_hook+0x37/0xd0 [ 41.904402][ T475] ? create_new_namespaces+0x34/0x670 [ 41.909650][ T475] kmem_cache_alloc+0x44/0x200 [ 41.914209][ T475] ? cap_capable+0x1d2/0x270 [ 41.918636][ T475] create_new_namespaces+0x34/0x670 [ 41.923667][ T475] ? security_capable+0x87/0xb0 [ 41.928416][ T475] ? ns_capable+0x89/0xe0 [ 41.932696][ T475] copy_namespaces+0x1d1/0x220 [ 41.937296][ T475] copy_process+0x12e7/0x3260 [ 41.941810][ T475] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 41.946756][ T475] ? __kasan_check_write+0x14/0x20 [ 41.951701][ T475] kernel_clone+0x21e/0x9e0 [ 41.956046][ T475] ? _raw_spin_unlock_irq+0x4e/0x70 [ 41.961085][ T475] ? create_io_thread+0x1e0/0x1e0 [ 41.966025][ T475] __x64_sys_clone+0x23f/0x290 [ 41.970624][ T475] ? __do_sys_vfork+0x130/0x130 [ 41.975311][ T475] ? __kasan_check_read+0x11/0x20 [ 41.980171][ T475] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 41.985987][ T475] do_syscall_64+0x3d/0xb0 [ 41.990325][ T475] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.996052][ T475] RIP: 0033:0x7fee0c2830a9 [ 42.000312][ T475] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 42.019749][ T475] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 42.027998][ T475] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 42.035889][ T475] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 42.043701][ T475] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [pid 475] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 475] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 475] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 474] close(3) = 0 [pid 474] close(4) = -1 EBADF (Bad file descriptor) [pid 474] close(5) = -1 EBADF (Bad file descriptor) [pid 474] close(6) = -1 EBADF (Bad file descriptor) [pid 474] close(7) = -1 EBADF (Bad file descriptor) [pid 474] close(8) = -1 EBADF (Bad file descriptor) [pid 474] close(9) = -1 EBADF (Bad file descriptor) [pid 474] close(10) = -1 EBADF (Bad file descriptor) [pid 474] close(11) = -1 EBADF (Bad file descriptor) [pid 474] close(12) = -1 EBADF (Bad file descriptor) [pid 474] close(13) = -1 EBADF (Bad file descriptor) [pid 474] close(14) = -1 EBADF (Bad file descriptor) [pid 474] close(15) = -1 EBADF (Bad file descriptor) [pid 474] close(16) = -1 EBADF (Bad file descriptor) [pid 474] close(17) = -1 EBADF (Bad file descriptor) [pid 474] close(18) = -1 EBADF (Bad file descriptor) [pid 474] close(19) = -1 EBADF (Bad file descriptor) [pid 474] close(20) = -1 EBADF (Bad file descriptor) [pid 474] close(21) = -1 EBADF (Bad file descriptor) [pid 474] close(22) = -1 EBADF (Bad file descriptor) [pid 474] close(23) = -1 EBADF (Bad file descriptor) [pid 474] close(24) = -1 EBADF (Bad file descriptor) [pid 474] close(25) = -1 EBADF (Bad file descriptor) [pid 474] close(26) = -1 EBADF (Bad file descriptor) [pid 474] close(27) = -1 EBADF (Bad file descriptor) [pid 474] close(28) = -1 EBADF (Bad file descriptor) [pid 474] close(29) = -1 EBADF (Bad file descriptor) [pid 474] exit_group(0) = ? [pid 475] <... futex resumed>) = ? [pid 475] +++ exited with 0 +++ [pid 474] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=160, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 162 ./strace-static-x86_64: Process 476 attached [pid 476] set_robust_list(0x5555560296a0, 24) = 0 [pid 476] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 476] setpgid(0, 0) = 0 [pid 476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 476] write(3, "1000", 4) = 4 [pid 476] close(3) = 0 [pid 476] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 476] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 476] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 476] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 476] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 476] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 476] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 476] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[163]}, 88) = 163 [pid 476] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 476] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 476] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 477 attached [pid 477] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 477] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 477] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 477] write(3, "65", 2) = 2 [ 42.051513][ T475] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 42.059323][ T475] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 42.067146][ T475] [ 42.084501][ T477] FAULT_INJECTION: forcing a failure. [ 42.084501][ T477] name failslab, interval 1, probability 0, space 0, times 0 [ 42.096944][ T477] CPU: 1 PID: 477 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 42.106993][ T477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 42.116874][ T477] Call Trace: [ 42.119998][ T477] [ 42.122774][ T477] dump_stack_lvl+0x151/0x1b7 [ 42.127286][ T477] ? io_uring_drop_tctx_refs+0x190/0x190 [ 42.132928][ T477] dump_stack+0x15/0x17 [ 42.136936][ T477] should_fail+0x3c6/0x510 [ 42.141173][ T477] __should_failslab+0xa4/0xe0 [ 42.145860][ T477] ? anon_vma_clone+0x9a/0x500 [ 42.150459][ T477] should_failslab+0x9/0x20 [ 42.154800][ T477] slab_pre_alloc_hook+0x37/0xd0 [ 42.159577][ T477] ? anon_vma_clone+0x9a/0x500 [ 42.164172][ T477] kmem_cache_alloc+0x44/0x200 [ 42.168772][ T477] anon_vma_clone+0x9a/0x500 [ 42.173200][ T477] anon_vma_fork+0x91/0x4e0 [ 42.177540][ T477] ? anon_vma_name+0x4c/0x70 [ 42.181971][ T477] ? vm_area_dup+0x17a/0x230 [ 42.186390][ T477] copy_mm+0xa3a/0x13e0 [ 42.190385][ T477] ? copy_signal+0x610/0x610 [ 42.194813][ T477] ? __init_rwsem+0xd6/0x1c0 [ 42.199240][ T477] ? copy_signal+0x4e3/0x610 [ 42.203663][ T477] copy_process+0x12bc/0x3260 [ 42.208177][ T477] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 42.213125][ T477] ? __kasan_check_write+0x14/0x20 [ 42.218112][ T477] kernel_clone+0x21e/0x9e0 [ 42.222411][ T477] ? _raw_spin_unlock_irq+0x4e/0x70 [ 42.227444][ T477] ? create_io_thread+0x1e0/0x1e0 [ 42.232305][ T477] __x64_sys_clone+0x23f/0x290 [ 42.236906][ T477] ? __do_sys_vfork+0x130/0x130 [ 42.241592][ T477] ? __kasan_check_read+0x11/0x20 [ 42.246449][ T477] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 42.252265][ T477] do_syscall_64+0x3d/0xb0 [ 42.256524][ T477] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.262246][ T477] RIP: 0033:0x7fee0c2830a9 [ 42.267455][ T477] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 42.286985][ T477] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 42.295229][ T477] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 477] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 476] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 477] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 476] close(3 [pid 477] <... futex resumed>) = 0 [pid 476] <... close resumed>) = 0 [pid 476] close(4) = -1 EBADF (Bad file descriptor) [pid 476] close(5) = -1 EBADF (Bad file descriptor) [pid 476] close(6) = -1 EBADF (Bad file descriptor) [pid 476] close(7) = -1 EBADF (Bad file descriptor) [pid 476] close(8) = -1 EBADF (Bad file descriptor) [pid 476] close(9) = -1 EBADF (Bad file descriptor) [pid 476] close(10) = -1 EBADF (Bad file descriptor) [pid 477] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 476] close(11) = -1 EBADF (Bad file descriptor) [pid 476] close(12) = -1 EBADF (Bad file descriptor) [pid 476] close(13) = -1 EBADF (Bad file descriptor) [pid 476] close(14) = -1 EBADF (Bad file descriptor) [pid 476] close(15) = -1 EBADF (Bad file descriptor) [pid 476] close(16) = -1 EBADF (Bad file descriptor) [pid 476] close(17) = -1 EBADF (Bad file descriptor) [pid 476] close(18) = -1 EBADF (Bad file descriptor) [pid 476] close(19) = -1 EBADF (Bad file descriptor) [pid 476] close(20) = -1 EBADF (Bad file descriptor) [pid 476] close(21) = -1 EBADF (Bad file descriptor) [pid 476] close(22) = -1 EBADF (Bad file descriptor) [pid 476] close(23) = -1 EBADF (Bad file descriptor) [pid 476] close(24) = -1 EBADF (Bad file descriptor) [pid 476] close(25) = -1 EBADF (Bad file descriptor) [pid 476] close(26) = -1 EBADF (Bad file descriptor) [pid 476] close(27) = -1 EBADF (Bad file descriptor) [pid 476] close(28) = -1 EBADF (Bad file descriptor) [pid 476] close(29) = -1 EBADF (Bad file descriptor) [pid 476] exit_group(0) = ? [pid 477] <... futex resumed>) = ? [pid 477] +++ exited with 0 +++ [pid 476] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=162, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 164 ./strace-static-x86_64: Process 479 attached [pid 479] set_robust_list(0x5555560296a0, 24) = 0 [pid 479] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 479] setpgid(0, 0) = 0 [pid 479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 479] write(3, "1000", 4) = 4 [pid 479] close(3) = 0 [pid 479] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 479] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 479] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 479] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 479] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 479] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 479] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 479] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[165]}, 88) = 165 [pid 479] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 479] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 479] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 480 attached [pid 480] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 480] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 480] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 480] write(3, "65", 2) = 2 [ 42.303037][ T477] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 42.311027][ T477] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 42.318840][ T477] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 42.326647][ T477] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 42.334463][ T477] [ 42.349507][ T480] FAULT_INJECTION: forcing a failure. [ 42.349507][ T480] name failslab, interval 1, probability 0, space 0, times 0 [ 42.362028][ T480] CPU: 1 PID: 480 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 42.371989][ T480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 42.381873][ T480] Call Trace: [ 42.385002][ T480] [ 42.387796][ T480] dump_stack_lvl+0x151/0x1b7 [ 42.392379][ T480] ? io_uring_drop_tctx_refs+0x190/0x190 [ 42.397846][ T480] dump_stack+0x15/0x17 [ 42.401838][ T480] should_fail+0x3c6/0x510 [ 42.406092][ T480] __should_failslab+0xa4/0xe0 [ 42.410775][ T480] ? anon_vma_clone+0x9a/0x500 [ 42.415374][ T480] should_failslab+0x9/0x20 [ 42.419723][ T480] slab_pre_alloc_hook+0x37/0xd0 [ 42.424493][ T480] ? anon_vma_clone+0x9a/0x500 [ 42.429087][ T480] kmem_cache_alloc+0x44/0x200 [ 42.433688][ T480] anon_vma_clone+0x9a/0x500 [ 42.438115][ T480] anon_vma_fork+0x91/0x4e0 [ 42.442460][ T480] ? anon_vma_name+0x4c/0x70 [ 42.446880][ T480] ? vm_area_dup+0x17a/0x230 [ 42.451305][ T480] copy_mm+0xa3a/0x13e0 [ 42.455299][ T480] ? copy_signal+0x610/0x610 [ 42.459722][ T480] ? __init_rwsem+0xd6/0x1c0 [ 42.464151][ T480] ? copy_signal+0x4e3/0x610 [ 42.468578][ T480] copy_process+0x12bc/0x3260 [ 42.473092][ T480] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 42.478039][ T480] ? __kasan_check_write+0x14/0x20 [ 42.482987][ T480] kernel_clone+0x21e/0x9e0 [ 42.487325][ T480] ? _raw_spin_unlock_irq+0x4e/0x70 [ 42.492358][ T480] ? create_io_thread+0x1e0/0x1e0 [ 42.497221][ T480] __x64_sys_clone+0x23f/0x290 [ 42.501821][ T480] ? __do_sys_vfork+0x130/0x130 [ 42.506519][ T480] ? __kasan_check_read+0x11/0x20 [ 42.511367][ T480] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 42.517181][ T480] do_syscall_64+0x3d/0xb0 [ 42.521434][ T480] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.527161][ T480] RIP: 0033:0x7fee0c2830a9 [ 42.531530][ T480] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 480] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 479] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 480] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 479] close(3 [pid 480] <... futex resumed>) = 0 [pid 479] <... close resumed>) = 0 [pid 480] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 479] close(4) = -1 EBADF (Bad file descriptor) [pid 479] close(5) = -1 EBADF (Bad file descriptor) [pid 479] close(6) = -1 EBADF (Bad file descriptor) [pid 479] close(7) = -1 EBADF (Bad file descriptor) [pid 479] close(8) = -1 EBADF (Bad file descriptor) [pid 479] close(9) = -1 EBADF (Bad file descriptor) [pid 479] close(10) = -1 EBADF (Bad file descriptor) [pid 479] close(11) = -1 EBADF (Bad file descriptor) [pid 479] close(12) = -1 EBADF (Bad file descriptor) [pid 479] close(13) = -1 EBADF (Bad file descriptor) [pid 479] close(14) = -1 EBADF (Bad file descriptor) [pid 479] close(15) = -1 EBADF (Bad file descriptor) [pid 479] close(16) = -1 EBADF (Bad file descriptor) [pid 479] close(17) = -1 EBADF (Bad file descriptor) [pid 479] close(18) = -1 EBADF (Bad file descriptor) [pid 479] close(19) = -1 EBADF (Bad file descriptor) [pid 479] close(20) = -1 EBADF (Bad file descriptor) [pid 479] close(21) = -1 EBADF (Bad file descriptor) [pid 479] close(22) = -1 EBADF (Bad file descriptor) [pid 479] close(23) = -1 EBADF (Bad file descriptor) [pid 479] close(24) = -1 EBADF (Bad file descriptor) [pid 479] close(25) = -1 EBADF (Bad file descriptor) [pid 479] close(26) = -1 EBADF (Bad file descriptor) [pid 479] close(27) = -1 EBADF (Bad file descriptor) [pid 479] close(28) = -1 EBADF (Bad file descriptor) [pid 479] close(29) = -1 EBADF (Bad file descriptor) [pid 479] exit_group(0) = ? [pid 480] <... futex resumed>) = ? [pid 480] +++ exited with 0 +++ [pid 479] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=164, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 166 ./strace-static-x86_64: Process 481 attached [pid 481] set_robust_list(0x5555560296a0, 24) = 0 [pid 481] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 481] setpgid(0, 0) = 0 [pid 481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 481] write(3, "1000", 4) = 4 [pid 481] close(3) = 0 [pid 481] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 481] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 481] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 481] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 481] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 481] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 481] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 481] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[167]}, 88) = 167 [pid 481] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 481] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 481] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 482 attached [pid 482] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 482] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 482] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 482] write(3, "65", 2) = 2 [ 42.550972][ T480] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 42.559249][ T480] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 42.567026][ T480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 42.574838][ T480] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 42.582650][ T480] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 42.590458][ T480] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 42.598273][ T480] [ 42.616248][ T482] FAULT_INJECTION: forcing a failure. [ 42.616248][ T482] name failslab, interval 1, probability 0, space 0, times 0 [ 42.628686][ T482] CPU: 1 PID: 482 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 42.638711][ T482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 42.648606][ T482] Call Trace: [ 42.651730][ T482] [ 42.654509][ T482] dump_stack_lvl+0x151/0x1b7 [ 42.659023][ T482] ? io_uring_drop_tctx_refs+0x190/0x190 [ 42.664489][ T482] dump_stack+0x15/0x17 [ 42.668479][ T482] should_fail+0x3c6/0x510 [ 42.672739][ T482] __should_failslab+0xa4/0xe0 [ 42.677337][ T482] ? anon_vma_clone+0x9a/0x500 [ 42.681943][ T482] should_failslab+0x9/0x20 [ 42.686275][ T482] slab_pre_alloc_hook+0x37/0xd0 [ 42.691050][ T482] ? anon_vma_clone+0x9a/0x500 [ 42.695646][ T482] kmem_cache_alloc+0x44/0x200 [ 42.700249][ T482] anon_vma_clone+0x9a/0x500 [ 42.704676][ T482] anon_vma_fork+0x91/0x4e0 [ 42.709016][ T482] ? anon_vma_name+0x4c/0x70 [ 42.713450][ T482] ? vm_area_dup+0x17a/0x230 [ 42.717866][ T482] copy_mm+0xa3a/0x13e0 [ 42.721864][ T482] ? copy_signal+0x610/0x610 [ 42.726284][ T482] ? __init_rwsem+0xd6/0x1c0 [ 42.730711][ T482] ? copy_signal+0x4e3/0x610 [ 42.735138][ T482] copy_process+0x12bc/0x3260 [ 42.739651][ T482] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 42.744627][ T482] ? __kasan_check_write+0x14/0x20 [ 42.749547][ T482] kernel_clone+0x21e/0x9e0 [ 42.753885][ T482] ? _raw_spin_unlock_irq+0x4e/0x70 [ 42.758922][ T482] ? create_io_thread+0x1e0/0x1e0 [ 42.763794][ T482] __x64_sys_clone+0x23f/0x290 [ 42.768384][ T482] ? __do_sys_vfork+0x130/0x130 [ 42.773169][ T482] ? __kasan_check_read+0x11/0x20 [ 42.778011][ T482] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 42.783829][ T482] do_syscall_64+0x3d/0xb0 [ 42.788080][ T482] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.793809][ T482] RIP: 0033:0x7fee0c2830a9 [ 42.798061][ T482] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 42.817512][ T482] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 42.825747][ T482] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 42.833564][ T482] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 42.841368][ T482] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 42.849185][ T482] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 42.857082][ T482] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 482] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 481] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 482] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 482] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 481] close(3) = 0 [pid 481] close(4) = -1 EBADF (Bad file descriptor) [pid 481] close(5) = -1 EBADF (Bad file descriptor) [pid 481] close(6) = -1 EBADF (Bad file descriptor) [pid 481] close(7) = -1 EBADF (Bad file descriptor) [pid 481] close(8) = -1 EBADF (Bad file descriptor) [pid 481] close(9) = -1 EBADF (Bad file descriptor) [pid 481] close(10) = -1 EBADF (Bad file descriptor) [pid 481] close(11) = -1 EBADF (Bad file descriptor) [pid 481] close(12) = -1 EBADF (Bad file descriptor) [pid 481] close(13) = -1 EBADF (Bad file descriptor) [pid 481] close(14) = -1 EBADF (Bad file descriptor) [pid 481] close(15) = -1 EBADF (Bad file descriptor) [pid 481] close(16) = -1 EBADF (Bad file descriptor) [pid 481] close(17) = -1 EBADF (Bad file descriptor) [pid 481] close(18) = -1 EBADF (Bad file descriptor) [pid 481] close(19) = -1 EBADF (Bad file descriptor) [pid 481] close(20) = -1 EBADF (Bad file descriptor) [pid 481] close(21) = -1 EBADF (Bad file descriptor) [pid 481] close(22) = -1 EBADF (Bad file descriptor) [pid 481] close(23) = -1 EBADF (Bad file descriptor) [pid 481] close(24) = -1 EBADF (Bad file descriptor) [pid 481] close(25) = -1 EBADF (Bad file descriptor) [pid 481] close(26) = -1 EBADF (Bad file descriptor) [pid 481] close(27) = -1 EBADF (Bad file descriptor) [pid 481] close(28) = -1 EBADF (Bad file descriptor) [pid 481] close(29) = -1 EBADF (Bad file descriptor) [pid 481] exit_group(0 [pid 482] <... futex resumed>) = ? [pid 481] <... exit_group resumed>) = ? [pid 482] +++ exited with 0 +++ [pid 481] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=166, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 168 ./strace-static-x86_64: Process 483 attached [pid 483] set_robust_list(0x5555560296a0, 24) = 0 [pid 483] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 483] setpgid(0, 0) = 0 [pid 483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 483] write(3, "1000", 4) = 4 [pid 483] close(3) = 0 [pid 483] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 483] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 483] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 483] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 483] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 483] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 483] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 483] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[169]}, 88) = 169 [pid 483] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 483] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 483] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 484 attached [pid 484] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 484] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 484] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 484] write(3, "65", 2) = 2 [ 42.864895][ T482] [ 42.877043][ T484] FAULT_INJECTION: forcing a failure. [ 42.877043][ T484] name failslab, interval 1, probability 0, space 0, times 0 [ 42.889595][ T484] CPU: 0 PID: 484 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 42.899769][ T484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 42.909662][ T484] Call Trace: [ 42.912785][ T484] [ 42.915562][ T484] dump_stack_lvl+0x151/0x1b7 [ 42.920075][ T484] ? io_uring_drop_tctx_refs+0x190/0x190 [ 42.925547][ T484] ? dup_userfaultfd_complete+0x295/0x2f0 [ 42.931100][ T484] ? dup_userfaultfd+0x5d0/0x5d0 [ 42.935957][ T484] dump_stack+0x15/0x17 [ 42.939947][ T484] should_fail+0x3c6/0x510 [ 42.944203][ T484] __should_failslab+0xa4/0xe0 [ 42.948802][ T484] ? create_new_namespaces+0x34/0x670 [ 42.954013][ T484] should_failslab+0x9/0x20 [ 42.958351][ T484] slab_pre_alloc_hook+0x37/0xd0 [ 42.963124][ T484] ? create_new_namespaces+0x34/0x670 [ 42.968473][ T484] kmem_cache_alloc+0x44/0x200 [ 42.973104][ T484] ? cap_capable+0x1d2/0x270 [ 42.977530][ T484] create_new_namespaces+0x34/0x670 [ 42.982562][ T484] ? security_capable+0x87/0xb0 [ 42.987252][ T484] ? ns_capable+0x89/0xe0 [ 42.991417][ T484] copy_namespaces+0x1d1/0x220 [ 42.996017][ T484] copy_process+0x12e7/0x3260 [ 43.000532][ T484] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 43.005475][ T484] ? __kasan_check_write+0x14/0x20 [ 43.010426][ T484] kernel_clone+0x21e/0x9e0 [ 43.014762][ T484] ? _raw_spin_unlock_irq+0x4e/0x70 [ 43.019801][ T484] ? create_io_thread+0x1e0/0x1e0 [ 43.024658][ T484] __x64_sys_clone+0x23f/0x290 [ 43.029268][ T484] ? __do_sys_vfork+0x130/0x130 [ 43.033944][ T484] ? __kasan_check_read+0x11/0x20 [ 43.038804][ T484] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 43.044621][ T484] do_syscall_64+0x3d/0xb0 [ 43.048871][ T484] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.054600][ T484] RIP: 0033:0x7fee0c2830a9 [ 43.058855][ T484] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 43.078299][ T484] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 43.086541][ T484] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 43.094349][ T484] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 43.102163][ T484] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 43.109973][ T484] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [pid 484] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 483] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 484] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 484] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 484] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 483] close(3) = 0 [pid 483] close(4) = -1 EBADF (Bad file descriptor) [pid 483] close(5) = -1 EBADF (Bad file descriptor) [pid 483] close(6) = -1 EBADF (Bad file descriptor) [pid 483] close(7) = -1 EBADF (Bad file descriptor) [pid 483] close(8) = -1 EBADF (Bad file descriptor) [pid 483] close(9) = -1 EBADF (Bad file descriptor) [pid 483] close(10) = -1 EBADF (Bad file descriptor) [pid 483] close(11) = -1 EBADF (Bad file descriptor) [pid 483] close(12) = -1 EBADF (Bad file descriptor) [pid 483] close(13) = -1 EBADF (Bad file descriptor) [pid 483] close(14) = -1 EBADF (Bad file descriptor) [pid 483] close(15) = -1 EBADF (Bad file descriptor) [pid 483] close(16) = -1 EBADF (Bad file descriptor) [pid 483] close(17) = -1 EBADF (Bad file descriptor) [pid 483] close(18) = -1 EBADF (Bad file descriptor) [pid 483] close(19) = -1 EBADF (Bad file descriptor) [pid 483] close(20) = -1 EBADF (Bad file descriptor) [pid 483] close(21) = -1 EBADF (Bad file descriptor) [pid 483] close(22) = -1 EBADF (Bad file descriptor) [pid 483] close(23) = -1 EBADF (Bad file descriptor) [pid 483] close(24) = -1 EBADF (Bad file descriptor) [pid 483] close(25) = -1 EBADF (Bad file descriptor) [pid 483] close(26) = -1 EBADF (Bad file descriptor) [pid 483] close(27) = -1 EBADF (Bad file descriptor) [pid 483] close(28) = -1 EBADF (Bad file descriptor) [pid 483] close(29) = -1 EBADF (Bad file descriptor) [pid 483] exit_group(0 [pid 484] <... futex resumed>) = ? [pid 483] <... exit_group resumed>) = ? [pid 484] +++ exited with 0 +++ [pid 483] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=168, si_uid=0, si_status=0, si_utime=0, si_stime=22} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 170 ./strace-static-x86_64: Process 485 attached [pid 485] set_robust_list(0x5555560296a0, 24) = 0 [pid 485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 485] setpgid(0, 0) = 0 [pid 485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 485] write(3, "1000", 4) = 4 [pid 485] close(3) = 0 [pid 485] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 485] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 485] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 485] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 485] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 485] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 485] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 486 attached => {parent_tid=[171]}, 88) = 171 [pid 485] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 485] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 486] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 486] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 486] write(3, "65", 2) = 2 [ 43.117786][ T484] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 43.125686][ T484] [ 43.139534][ T486] FAULT_INJECTION: forcing a failure. [ 43.139534][ T486] name failslab, interval 1, probability 0, space 0, times 0 [ 43.152107][ T486] CPU: 1 PID: 486 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [pid 486] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 485] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 43.162328][ T486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 43.172326][ T486] Call Trace: [ 43.175451][ T486] [ 43.178230][ T486] dump_stack_lvl+0x151/0x1b7 [ 43.182741][ T486] ? io_uring_drop_tctx_refs+0x190/0x190 [ 43.188213][ T486] ? dup_userfaultfd_complete+0x295/0x2f0 [ 43.193774][ T486] ? dup_userfaultfd+0x5d0/0x5d0 [ 43.198536][ T486] dump_stack+0x15/0x17 [ 43.202562][ T486] should_fail+0x3c6/0x510 [ 43.206792][ T486] __should_failslab+0xa4/0xe0 [ 43.211384][ T486] ? create_new_namespaces+0x34/0x670 [ 43.216604][ T486] should_failslab+0x9/0x20 [ 43.220930][ T486] slab_pre_alloc_hook+0x37/0xd0 [ 43.225706][ T486] ? create_new_namespaces+0x34/0x670 [ 43.230918][ T486] kmem_cache_alloc+0x44/0x200 [ 43.235517][ T486] ? cap_capable+0x1d2/0x270 [ 43.240111][ T486] create_new_namespaces+0x34/0x670 [ 43.245145][ T486] ? security_capable+0x87/0xb0 [ 43.249833][ T486] ? ns_capable+0x89/0xe0 [ 43.254003][ T486] copy_namespaces+0x1d1/0x220 [ 43.258596][ T486] copy_process+0x12e7/0x3260 [ 43.263112][ T486] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 43.268059][ T486] ? __kasan_check_write+0x14/0x20 [ 43.273004][ T486] kernel_clone+0x21e/0x9e0 [ 43.277345][ T486] ? _raw_spin_unlock_irq+0x4e/0x70 [ 43.282383][ T486] ? create_io_thread+0x1e0/0x1e0 [ 43.287243][ T486] __x64_sys_clone+0x23f/0x290 [ 43.291836][ T486] ? __do_sys_vfork+0x130/0x130 [ 43.296526][ T486] ? __kasan_check_read+0x11/0x20 [ 43.301472][ T486] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 43.307288][ T486] do_syscall_64+0x3d/0xb0 [ 43.311539][ T486] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.317279][ T486] RIP: 0033:0x7fee0c2830a9 [ 43.321522][ T486] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 43.340962][ T486] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 43.349204][ T486] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 43.357017][ T486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [pid 486] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 486] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 486] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 485] close(3) = 0 [pid 485] close(4) = -1 EBADF (Bad file descriptor) [pid 485] close(5) = -1 EBADF (Bad file descriptor) [pid 485] close(6) = -1 EBADF (Bad file descriptor) [pid 485] close(7) = -1 EBADF (Bad file descriptor) [pid 485] close(8) = -1 EBADF (Bad file descriptor) [pid 485] close(9) = -1 EBADF (Bad file descriptor) [pid 485] close(10) = -1 EBADF (Bad file descriptor) [pid 485] close(11) = -1 EBADF (Bad file descriptor) [pid 485] close(12) = -1 EBADF (Bad file descriptor) [pid 485] close(13) = -1 EBADF (Bad file descriptor) [pid 485] close(14) = -1 EBADF (Bad file descriptor) [pid 485] close(15) = -1 EBADF (Bad file descriptor) [pid 485] close(16) = -1 EBADF (Bad file descriptor) [pid 485] close(17) = -1 EBADF (Bad file descriptor) [pid 485] close(18) = -1 EBADF (Bad file descriptor) [pid 485] close(19) = -1 EBADF (Bad file descriptor) [pid 485] close(20) = -1 EBADF (Bad file descriptor) [pid 485] close(21) = -1 EBADF (Bad file descriptor) [pid 485] close(22) = -1 EBADF (Bad file descriptor) [pid 485] close(23) = -1 EBADF (Bad file descriptor) [pid 485] close(24) = -1 EBADF (Bad file descriptor) [pid 485] close(25) = -1 EBADF (Bad file descriptor) [pid 485] close(26) = -1 EBADF (Bad file descriptor) [pid 485] close(27) = -1 EBADF (Bad file descriptor) [pid 485] close(28) = -1 EBADF (Bad file descriptor) [pid 485] close(29) = -1 EBADF (Bad file descriptor) [pid 485] exit_group(0 [pid 486] <... futex resumed>) = ? [pid 485] <... exit_group resumed>) = ? [pid 486] +++ exited with 0 +++ [pid 485] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=170, si_uid=0, si_status=0, si_utime=0, si_stime=22} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 172 ./strace-static-x86_64: Process 488 attached [pid 488] set_robust_list(0x5555560296a0, 24) = 0 [pid 488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 488] setpgid(0, 0) = 0 [pid 488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 488] write(3, "1000", 4) = 4 [pid 488] close(3) = 0 [pid 488] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 488] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 488] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 488] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 488] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 488] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 488] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 488] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 489 attached [pid 489] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 489] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 489] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 488] <... clone3 resumed> => {parent_tid=[173]}, 88) = 173 [pid 488] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 488] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 489] <... futex resumed>) = 0 [pid 489] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 488] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 489] write(3, "65", 2) = 2 [ 43.365087][ T486] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 43.372900][ T486] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 43.380715][ T486] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 43.388523][ T486] [ 43.405972][ T489] FAULT_INJECTION: forcing a failure. [ 43.405972][ T489] name failslab, interval 1, probability 0, space 0, times 0 [ 43.418427][ T489] CPU: 0 PID: 489 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 43.428454][ T489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 43.438347][ T489] Call Trace: [ 43.441479][ T489] [ 43.444247][ T489] dump_stack_lvl+0x151/0x1b7 [ 43.448760][ T489] ? io_uring_drop_tctx_refs+0x190/0x190 [ 43.454230][ T489] dump_stack+0x15/0x17 [ 43.458219][ T489] should_fail+0x3c6/0x510 [ 43.462475][ T489] __should_failslab+0xa4/0xe0 [ 43.467088][ T489] ? anon_vma_clone+0x9a/0x500 [ 43.471935][ T489] should_failslab+0x9/0x20 [ 43.476272][ T489] slab_pre_alloc_hook+0x37/0xd0 [ 43.481046][ T489] ? anon_vma_clone+0x9a/0x500 [ 43.485646][ T489] kmem_cache_alloc+0x44/0x200 [ 43.490250][ T489] anon_vma_clone+0x9a/0x500 [ 43.494678][ T489] anon_vma_fork+0x91/0x4e0 [ 43.499016][ T489] ? anon_vma_name+0x4c/0x70 [ 43.503438][ T489] ? vm_area_dup+0x17a/0x230 [ 43.507871][ T489] copy_mm+0xa3a/0x13e0 [ 43.511864][ T489] ? copy_signal+0x610/0x610 [ 43.516285][ T489] ? __init_rwsem+0xd6/0x1c0 [ 43.520710][ T489] ? copy_signal+0x4e3/0x610 [ 43.525136][ T489] copy_process+0x12bc/0x3260 [ 43.529655][ T489] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 43.534626][ T489] ? __kasan_check_write+0x14/0x20 [ 43.539662][ T489] kernel_clone+0x21e/0x9e0 [ 43.543974][ T489] ? _raw_spin_unlock_irq+0x4e/0x70 [ 43.549010][ T489] ? create_io_thread+0x1e0/0x1e0 [ 43.553963][ T489] __x64_sys_clone+0x23f/0x290 [ 43.558571][ T489] ? __do_sys_vfork+0x130/0x130 [ 43.563239][ T489] ? __kasan_check_read+0x11/0x20 [ 43.568097][ T489] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 43.573910][ T489] do_syscall_64+0x3d/0xb0 [ 43.578164][ T489] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.583892][ T489] RIP: 0033:0x7fee0c2830a9 [ 43.588153][ T489] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 43.607679][ T489] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 489] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 488] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 489] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 488] close(3 [pid 489] <... futex resumed>) = 0 [pid 488] <... close resumed>) = 0 [pid 488] close(4) = -1 EBADF (Bad file descriptor) [pid 488] close(5) = -1 EBADF (Bad file descriptor) [pid 488] close(6) = -1 EBADF (Bad file descriptor) [pid 488] close(7) = -1 EBADF (Bad file descriptor) [pid 488] close(8) = -1 EBADF (Bad file descriptor) [pid 488] close(9) = -1 EBADF (Bad file descriptor) [pid 488] close(10) = -1 EBADF (Bad file descriptor) [pid 488] close(11) = -1 EBADF (Bad file descriptor) [pid 488] close(12) = -1 EBADF (Bad file descriptor) [pid 488] close(13) = -1 EBADF (Bad file descriptor) [pid 488] close(14) = -1 EBADF (Bad file descriptor) [pid 488] close(15) = -1 EBADF (Bad file descriptor) [pid 488] close(16) = -1 EBADF (Bad file descriptor) [pid 488] close(17) = -1 EBADF (Bad file descriptor) [pid 488] close(18) = -1 EBADF (Bad file descriptor) [pid 488] close(19) = -1 EBADF (Bad file descriptor) [pid 488] close(20) = -1 EBADF (Bad file descriptor) [pid 488] close(21) = -1 EBADF (Bad file descriptor) [pid 488] close(22) = -1 EBADF (Bad file descriptor) [pid 488] close(23) = -1 EBADF (Bad file descriptor) [pid 488] close(24) = -1 EBADF (Bad file descriptor) [pid 488] close(25) = -1 EBADF (Bad file descriptor) [pid 488] close(26) = -1 EBADF (Bad file descriptor) [pid 488] close(27) = -1 EBADF (Bad file descriptor) [pid 488] close(28) = -1 EBADF (Bad file descriptor) [pid 488] close(29) = -1 EBADF (Bad file descriptor) [pid 488] exit_group(0) = ? [pid 489] +++ exited with 0 +++ [pid 488] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=172, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 174 ./strace-static-x86_64: Process 490 attached [pid 490] set_robust_list(0x5555560296a0, 24) = 0 [pid 490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 490] setpgid(0, 0) = 0 [pid 490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 490] write(3, "1000", 4) = 4 [pid 490] close(3) = 0 [pid 490] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 490] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 490] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 490] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 490] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 490] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 490] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 490] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[175]}, 88) = 175 [pid 490] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 490] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 490] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 491 attached [pid 491] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 491] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 491] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 491] write(3, "65", 2) = 2 [ 43.616443][ T489] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 43.624429][ T489] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 43.632240][ T489] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 43.640162][ T489] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 43.648094][ T489] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 43.656157][ T489] [ 43.679969][ T491] FAULT_INJECTION: forcing a failure. [ 43.679969][ T491] name failslab, interval 1, probability 0, space 0, times 0 [ 43.692480][ T491] CPU: 1 PID: 491 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 43.702447][ T491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 43.712343][ T491] Call Trace: [ 43.715464][ T491] [ 43.718244][ T491] dump_stack_lvl+0x151/0x1b7 [ 43.722766][ T491] ? io_uring_drop_tctx_refs+0x190/0x190 [ 43.728311][ T491] dump_stack+0x15/0x17 [ 43.732303][ T491] should_fail+0x3c6/0x510 [ 43.736556][ T491] __should_failslab+0xa4/0xe0 [ 43.741153][ T491] ? anon_vma_clone+0x9a/0x500 [ 43.745949][ T491] should_failslab+0x9/0x20 [ 43.750270][ T491] slab_pre_alloc_hook+0x37/0xd0 [ 43.755043][ T491] ? anon_vma_clone+0x9a/0x500 [ 43.759741][ T491] kmem_cache_alloc+0x44/0x200 [ 43.764350][ T491] anon_vma_clone+0x9a/0x500 [ 43.768786][ T491] anon_vma_fork+0x91/0x4e0 [ 43.773098][ T491] ? anon_vma_name+0x4c/0x70 [ 43.777524][ T491] ? vm_area_dup+0x17a/0x230 [ 43.781953][ T491] copy_mm+0xa3a/0x13e0 [ 43.785947][ T491] ? copy_signal+0x610/0x610 [ 43.790366][ T491] ? __init_rwsem+0xd6/0x1c0 [ 43.794800][ T491] ? copy_signal+0x4e3/0x610 [ 43.799218][ T491] copy_process+0x12bc/0x3260 [ 43.803732][ T491] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 43.808680][ T491] ? __kasan_check_write+0x14/0x20 [ 43.813630][ T491] kernel_clone+0x21e/0x9e0 [ 43.817964][ T491] ? _raw_spin_unlock_irq+0x4e/0x70 [ 43.822997][ T491] ? create_io_thread+0x1e0/0x1e0 [ 43.827864][ T491] __x64_sys_clone+0x23f/0x290 [ 43.832460][ T491] ? __do_sys_vfork+0x130/0x130 [ 43.837176][ T491] ? __kasan_check_read+0x11/0x20 [ 43.842008][ T491] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 43.847830][ T491] do_syscall_64+0x3d/0xb0 [ 43.852077][ T491] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.857979][ T491] RIP: 0033:0x7fee0c2830a9 [ 43.862256][ T491] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 43.881678][ T491] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 43.889920][ T491] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 43.897725][ T491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 43.905536][ T491] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 43.913436][ T491] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 43.921251][ T491] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 491] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 490] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 491] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 491] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 491] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 490] close(3) = 0 [pid 490] close(4) = -1 EBADF (Bad file descriptor) [pid 490] close(5) = -1 EBADF (Bad file descriptor) [pid 490] close(6) = -1 EBADF (Bad file descriptor) [pid 490] close(7) = -1 EBADF (Bad file descriptor) [pid 490] close(8) = -1 EBADF (Bad file descriptor) [pid 490] close(9) = -1 EBADF (Bad file descriptor) [pid 490] close(10) = -1 EBADF (Bad file descriptor) [pid 490] close(11) = -1 EBADF (Bad file descriptor) [pid 490] close(12) = -1 EBADF (Bad file descriptor) [pid 490] close(13) = -1 EBADF (Bad file descriptor) [pid 490] close(14) = -1 EBADF (Bad file descriptor) [pid 490] close(15) = -1 EBADF (Bad file descriptor) [pid 490] close(16) = -1 EBADF (Bad file descriptor) [pid 490] close(17) = -1 EBADF (Bad file descriptor) [pid 490] close(18) = -1 EBADF (Bad file descriptor) [pid 490] close(19) = -1 EBADF (Bad file descriptor) [pid 490] close(20) = -1 EBADF (Bad file descriptor) [pid 490] close(21) = -1 EBADF (Bad file descriptor) [pid 490] close(22) = -1 EBADF (Bad file descriptor) [pid 490] close(23) = -1 EBADF (Bad file descriptor) [pid 490] close(24) = -1 EBADF (Bad file descriptor) [pid 490] close(25) = -1 EBADF (Bad file descriptor) [pid 490] close(26) = -1 EBADF (Bad file descriptor) [pid 490] close(27) = -1 EBADF (Bad file descriptor) [pid 490] close(28) = -1 EBADF (Bad file descriptor) [pid 490] close(29) = -1 EBADF (Bad file descriptor) [pid 490] exit_group(0 [pid 491] <... futex resumed>) = ? [pid 490] <... exit_group resumed>) = ? [pid 491] +++ exited with 0 +++ [pid 490] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=174, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 492 attached [pid 492] set_robust_list(0x5555560296a0, 24 [pid 294] <... clone resumed>, child_tidptr=0x555556029690) = 176 [pid 492] <... set_robust_list resumed>) = 0 [pid 492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 492] setpgid(0, 0) = 0 [pid 492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 492] write(3, "1000", 4) = 4 [pid 492] close(3) = 0 [pid 492] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 492] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 492] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 492] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 492] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 492] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 492] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 492] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 493 attached => {parent_tid=[177]}, 88) = 177 [pid 493] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 493] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 493] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 492] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 492] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 493] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 492] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 493] write(3, "65", 2) = 2 [ 43.929060][ T491] [ 43.946068][ T493] FAULT_INJECTION: forcing a failure. [ 43.946068][ T493] name failslab, interval 1, probability 0, space 0, times 0 [ 43.958700][ T493] CPU: 0 PID: 493 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 43.968753][ T493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 43.978649][ T493] Call Trace: [ 43.981774][ T493] [ 43.984548][ T493] dump_stack_lvl+0x151/0x1b7 [ 43.989148][ T493] ? io_uring_drop_tctx_refs+0x190/0x190 [ 43.994668][ T493] dump_stack+0x15/0x17 [ 43.998631][ T493] should_fail+0x3c6/0x510 [ 44.002861][ T493] __should_failslab+0xa4/0xe0 [ 44.007462][ T493] ? anon_vma_clone+0x9a/0x500 [ 44.012059][ T493] should_failslab+0x9/0x20 [ 44.016401][ T493] slab_pre_alloc_hook+0x37/0xd0 [ 44.021174][ T493] ? anon_vma_clone+0x9a/0x500 [ 44.025772][ T493] kmem_cache_alloc+0x44/0x200 [ 44.030376][ T493] anon_vma_clone+0x9a/0x500 [ 44.034892][ T493] anon_vma_fork+0x91/0x4e0 [ 44.039225][ T493] ? anon_vma_name+0x4c/0x70 [ 44.043654][ T493] ? vm_area_dup+0x17a/0x230 [ 44.048081][ T493] copy_mm+0xa3a/0x13e0 [ 44.052072][ T493] ? copy_signal+0x610/0x610 [ 44.056502][ T493] ? __init_rwsem+0xd6/0x1c0 [ 44.060926][ T493] ? copy_signal+0x4e3/0x610 [ 44.065351][ T493] copy_process+0x12bc/0x3260 [ 44.069868][ T493] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 44.074822][ T493] ? __kasan_check_write+0x14/0x20 [ 44.079762][ T493] kernel_clone+0x21e/0x9e0 [ 44.084098][ T493] ? _raw_spin_unlock_irq+0x4e/0x70 [ 44.089220][ T493] ? create_io_thread+0x1e0/0x1e0 [ 44.094167][ T493] __x64_sys_clone+0x23f/0x290 [ 44.098768][ T493] ? __do_sys_vfork+0x130/0x130 [ 44.103452][ T493] ? __kasan_check_read+0x11/0x20 [ 44.108314][ T493] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 44.114126][ T493] do_syscall_64+0x3d/0xb0 [ 44.118386][ T493] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 44.124106][ T493] RIP: 0033:0x7fee0c2830a9 [ 44.128361][ T493] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 44.147893][ T493] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 44.156223][ T493] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 44.164032][ T493] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 44.171849][ T493] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [pid 493] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 492] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 493] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 493] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 493] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 492] close(3) = 0 [pid 492] close(4) = -1 EBADF (Bad file descriptor) [pid 492] close(5) = -1 EBADF (Bad file descriptor) [pid 492] close(6) = -1 EBADF (Bad file descriptor) [pid 492] close(7) = -1 EBADF (Bad file descriptor) [pid 492] close(8) = -1 EBADF (Bad file descriptor) [pid 492] close(9) = -1 EBADF (Bad file descriptor) [pid 492] close(10) = -1 EBADF (Bad file descriptor) [pid 492] close(11) = -1 EBADF (Bad file descriptor) [pid 492] close(12) = -1 EBADF (Bad file descriptor) [pid 492] close(13) = -1 EBADF (Bad file descriptor) [pid 492] close(14) = -1 EBADF (Bad file descriptor) [pid 492] close(15) = -1 EBADF (Bad file descriptor) [pid 492] close(16) = -1 EBADF (Bad file descriptor) [pid 492] close(17) = -1 EBADF (Bad file descriptor) [pid 492] close(18) = -1 EBADF (Bad file descriptor) [pid 492] close(19) = -1 EBADF (Bad file descriptor) [pid 492] close(20) = -1 EBADF (Bad file descriptor) [pid 492] close(21) = -1 EBADF (Bad file descriptor) [pid 492] close(22) = -1 EBADF (Bad file descriptor) [pid 492] close(23) = -1 EBADF (Bad file descriptor) [pid 492] close(24) = -1 EBADF (Bad file descriptor) [pid 492] close(25) = -1 EBADF (Bad file descriptor) [pid 492] close(26) = -1 EBADF (Bad file descriptor) [pid 492] close(27) = -1 EBADF (Bad file descriptor) [pid 492] close(28) = -1 EBADF (Bad file descriptor) [pid 492] close(29) = -1 EBADF (Bad file descriptor) [pid 492] exit_group(0) = ? [pid 493] <... futex resumed>) = ? [pid 493] +++ exited with 0 +++ [pid 492] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=176, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 178 ./strace-static-x86_64: Process 494 attached [pid 494] set_robust_list(0x5555560296a0, 24) = 0 [pid 494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 494] setpgid(0, 0) = 0 [pid 494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 494] write(3, "1000", 4) = 4 [pid 494] close(3) = 0 [pid 494] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 494] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 494] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 494] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 494] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 494] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 494] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 494] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[179]}, 88) = 179 ./strace-static-x86_64: Process 495 attached [pid 495] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 495] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 495] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 494] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 494] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 495] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 494] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 495] write(3, "65", 2) = 2 [ 44.179661][ T493] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 44.187470][ T493] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 44.195559][ T493] [ 44.212853][ T495] FAULT_INJECTION: forcing a failure. [ 44.212853][ T495] name failslab, interval 1, probability 0, space 0, times 0 [ 44.225303][ T495] CPU: 1 PID: 495 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 44.235317][ T495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 44.245213][ T495] Call Trace: [ 44.248334][ T495] [ 44.251110][ T495] dump_stack_lvl+0x151/0x1b7 [ 44.255624][ T495] ? io_uring_drop_tctx_refs+0x190/0x190 [ 44.261098][ T495] dump_stack+0x15/0x17 [ 44.265084][ T495] should_fail+0x3c6/0x510 [ 44.269338][ T495] __should_failslab+0xa4/0xe0 [ 44.273940][ T495] ? anon_vma_clone+0x9a/0x500 [ 44.278537][ T495] should_failslab+0x9/0x20 [ 44.282877][ T495] slab_pre_alloc_hook+0x37/0xd0 [ 44.287651][ T495] ? anon_vma_clone+0x9a/0x500 [ 44.292248][ T495] kmem_cache_alloc+0x44/0x200 [ 44.296853][ T495] anon_vma_clone+0x9a/0x500 [ 44.301276][ T495] anon_vma_fork+0x91/0x4e0 [ 44.305627][ T495] ? anon_vma_name+0x4c/0x70 [ 44.310047][ T495] ? vm_area_dup+0x17a/0x230 [ 44.314466][ T495] copy_mm+0xa3a/0x13e0 [ 44.318461][ T495] ? copy_signal+0x610/0x610 [ 44.322885][ T495] ? __init_rwsem+0xd6/0x1c0 [ 44.327311][ T495] ? copy_signal+0x4e3/0x610 [ 44.331741][ T495] copy_process+0x12bc/0x3260 [ 44.336276][ T495] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 44.341212][ T495] ? __kasan_check_write+0x14/0x20 [ 44.346170][ T495] kernel_clone+0x21e/0x9e0 [ 44.350494][ T495] ? _raw_spin_unlock_irq+0x4e/0x70 [ 44.355519][ T495] ? create_io_thread+0x1e0/0x1e0 [ 44.360381][ T495] __x64_sys_clone+0x23f/0x290 [ 44.364979][ T495] ? __do_sys_vfork+0x130/0x130 [ 44.369667][ T495] ? __kasan_check_read+0x11/0x20 [ 44.374538][ T495] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 44.380359][ T495] do_syscall_64+0x3d/0xb0 [ 44.384603][ T495] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 44.390332][ T495] RIP: 0033:0x7fee0c2830a9 [ 44.394665][ T495] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 44.414108][ T495] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 44.422350][ T495] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 495] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 494] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 495] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 495] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 495] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 494] close(3) = 0 [pid 494] close(4) = -1 EBADF (Bad file descriptor) [pid 494] close(5) = -1 EBADF (Bad file descriptor) [pid 494] close(6) = -1 EBADF (Bad file descriptor) [pid 494] close(7) = -1 EBADF (Bad file descriptor) [pid 494] close(8) = -1 EBADF (Bad file descriptor) [pid 494] close(9) = -1 EBADF (Bad file descriptor) [pid 494] close(10) = -1 EBADF (Bad file descriptor) [pid 494] close(11) = -1 EBADF (Bad file descriptor) [pid 494] close(12) = -1 EBADF (Bad file descriptor) [pid 494] close(13) = -1 EBADF (Bad file descriptor) [pid 494] close(14) = -1 EBADF (Bad file descriptor) [pid 494] close(15) = -1 EBADF (Bad file descriptor) [pid 494] close(16) = -1 EBADF (Bad file descriptor) [pid 494] close(17) = -1 EBADF (Bad file descriptor) [pid 494] close(18) = -1 EBADF (Bad file descriptor) [pid 494] close(19) = -1 EBADF (Bad file descriptor) [pid 494] close(20) = -1 EBADF (Bad file descriptor) [pid 494] close(21) = -1 EBADF (Bad file descriptor) [pid 494] close(22) = -1 EBADF (Bad file descriptor) [pid 494] close(23) = -1 EBADF (Bad file descriptor) [pid 494] close(24) = -1 EBADF (Bad file descriptor) [pid 494] close(25) = -1 EBADF (Bad file descriptor) [pid 494] close(26) = -1 EBADF (Bad file descriptor) [pid 494] close(27) = -1 EBADF (Bad file descriptor) [pid 494] close(28) = -1 EBADF (Bad file descriptor) [pid 494] close(29) = -1 EBADF (Bad file descriptor) [pid 494] exit_group(0) = ? [pid 495] <... futex resumed>) = ? [pid 495] +++ exited with 0 +++ [pid 494] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=178, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 180 ./strace-static-x86_64: Process 497 attached [pid 497] set_robust_list(0x5555560296a0, 24) = 0 [pid 497] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 497] setpgid(0, 0) = 0 [pid 497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 497] write(3, "1000", 4) = 4 [pid 497] close(3) = 0 [pid 497] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 497] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 497] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 497] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 497] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 497] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 497] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 497] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 498 attached => {parent_tid=[181]}, 88) = 181 [pid 498] set_robust_list(0x7fee0c2439a0, 24 [pid 497] rt_sigprocmask(SIG_SETMASK, [], [pid 498] <... set_robust_list resumed>) = 0 [pid 497] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 497] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 497] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 498] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 498] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 498] write(3, "65", 2) = 2 [ 44.430159][ T495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 44.437976][ T495] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 44.445784][ T495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 44.453604][ T495] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 44.461590][ T495] [ 44.477556][ T498] FAULT_INJECTION: forcing a failure. [ 44.477556][ T498] name failslab, interval 1, probability 0, space 0, times 0 [ 44.490120][ T498] CPU: 0 PID: 498 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 44.500757][ T498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 44.510939][ T498] Call Trace: [ 44.514064][ T498] [ 44.516841][ T498] dump_stack_lvl+0x151/0x1b7 [ 44.521355][ T498] ? io_uring_drop_tctx_refs+0x190/0x190 [ 44.526820][ T498] ? dup_userfaultfd_complete+0x295/0x2f0 [ 44.532388][ T498] ? dup_userfaultfd+0x5d0/0x5d0 [ 44.537147][ T498] dump_stack+0x15/0x17 [ 44.541147][ T498] should_fail+0x3c6/0x510 [ 44.545395][ T498] __should_failslab+0xa4/0xe0 [ 44.549994][ T498] ? create_new_namespaces+0x34/0x670 [ 44.555204][ T498] should_failslab+0x9/0x20 [ 44.559539][ T498] slab_pre_alloc_hook+0x37/0xd0 [ 44.564314][ T498] ? create_new_namespaces+0x34/0x670 [ 44.569521][ T498] kmem_cache_alloc+0x44/0x200 [ 44.574122][ T498] ? cap_capable+0x1d2/0x270 [ 44.578634][ T498] create_new_namespaces+0x34/0x670 [ 44.583674][ T498] ? security_capable+0x87/0xb0 [ 44.588361][ T498] ? ns_capable+0x89/0xe0 [ 44.592521][ T498] copy_namespaces+0x1d1/0x220 [ 44.597124][ T498] copy_process+0x12e7/0x3260 [ 44.601638][ T498] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 44.606593][ T498] ? __kasan_check_write+0x14/0x20 [ 44.611528][ T498] kernel_clone+0x21e/0x9e0 [ 44.615869][ T498] ? _raw_spin_unlock_irq+0x4e/0x70 [ 44.620903][ T498] ? create_io_thread+0x1e0/0x1e0 [ 44.625769][ T498] __x64_sys_clone+0x23f/0x290 [ 44.630370][ T498] ? __do_sys_vfork+0x130/0x130 [ 44.635052][ T498] ? __kasan_check_read+0x11/0x20 [ 44.639910][ T498] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 44.645812][ T498] do_syscall_64+0x3d/0xb0 [ 44.650074][ T498] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 44.655965][ T498] RIP: 0033:0x7fee0c2830a9 [ 44.660312][ T498] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 498] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 497] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 498] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 497] close(3 [pid 498] <... futex resumed>) = 0 [pid 497] <... close resumed>) = 0 [pid 498] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 497] close(4) = -1 EBADF (Bad file descriptor) [pid 497] close(5) = -1 EBADF (Bad file descriptor) [pid 497] close(6) = -1 EBADF (Bad file descriptor) [pid 497] close(7) = -1 EBADF (Bad file descriptor) [pid 497] close(8) = -1 EBADF (Bad file descriptor) [pid 497] close(9) = -1 EBADF (Bad file descriptor) [pid 497] close(10) = -1 EBADF (Bad file descriptor) [pid 497] close(11) = -1 EBADF (Bad file descriptor) [pid 497] close(12) = -1 EBADF (Bad file descriptor) [pid 497] close(13) = -1 EBADF (Bad file descriptor) [pid 497] close(14) = -1 EBADF (Bad file descriptor) [pid 497] close(15) = -1 EBADF (Bad file descriptor) [pid 497] close(16) = -1 EBADF (Bad file descriptor) [pid 497] close(17) = -1 EBADF (Bad file descriptor) [pid 497] close(18) = -1 EBADF (Bad file descriptor) [pid 497] close(19) = -1 EBADF (Bad file descriptor) [pid 497] close(20) = -1 EBADF (Bad file descriptor) [pid 497] close(21) = -1 EBADF (Bad file descriptor) [pid 497] close(22) = -1 EBADF (Bad file descriptor) [pid 497] close(23) = -1 EBADF (Bad file descriptor) [pid 497] close(24) = -1 EBADF (Bad file descriptor) [pid 497] close(25) = -1 EBADF (Bad file descriptor) [pid 497] close(26) = -1 EBADF (Bad file descriptor) [pid 497] close(27) = -1 EBADF (Bad file descriptor) [pid 497] close(28) = -1 EBADF (Bad file descriptor) [pid 497] close(29) = -1 EBADF (Bad file descriptor) [pid 497] exit_group(0) = ? [pid 498] <... futex resumed>) = ? [pid 498] +++ exited with 0 +++ [pid 497] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=180, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 182 ./strace-static-x86_64: Process 499 attached [pid 499] set_robust_list(0x5555560296a0, 24) = 0 [pid 499] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 499] setpgid(0, 0) = 0 [pid 499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 499] write(3, "1000", 4) = 4 [pid 499] close(3) = 0 [pid 499] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 499] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 499] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 499] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 499] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 499] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 499] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 499] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 500 attached => {parent_tid=[183]}, 88) = 183 [pid 500] set_robust_list(0x7fee0c2439a0, 24 [pid 499] rt_sigprocmask(SIG_SETMASK, [], [pid 500] <... set_robust_list resumed>) = 0 [pid 500] rt_sigprocmask(SIG_SETMASK, [], [pid 499] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 500] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 499] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 500] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 499] <... futex resumed>) = 0 [pid 500] <... openat resumed>) = 3 [pid 499] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 500] write(3, "65", 2) = 2 [ 44.679839][ T498] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 44.688081][ T498] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 44.695890][ T498] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 44.703699][ T498] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 44.711517][ T498] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 44.719324][ T498] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 44.727136][ T498] [ 44.742174][ T500] FAULT_INJECTION: forcing a failure. [ 44.742174][ T500] name failslab, interval 1, probability 0, space 0, times 0 [ 44.754658][ T500] CPU: 0 PID: 500 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 44.764654][ T500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 44.774653][ T500] Call Trace: [ 44.777769][ T500] [ 44.780546][ T500] dump_stack_lvl+0x151/0x1b7 [ 44.785059][ T500] ? io_uring_drop_tctx_refs+0x190/0x190 [ 44.790530][ T500] dump_stack+0x15/0x17 [ 44.794519][ T500] should_fail+0x3c6/0x510 [ 44.798966][ T500] __should_failslab+0xa4/0xe0 [ 44.803661][ T500] ? anon_vma_clone+0x9a/0x500 [ 44.808254][ T500] should_failslab+0x9/0x20 [ 44.812605][ T500] slab_pre_alloc_hook+0x37/0xd0 [ 44.817366][ T500] ? anon_vma_clone+0x9a/0x500 [ 44.821968][ T500] kmem_cache_alloc+0x44/0x200 [ 44.826567][ T500] anon_vma_clone+0x9a/0x500 [ 44.830996][ T500] anon_vma_fork+0x91/0x4e0 [ 44.835331][ T500] ? anon_vma_name+0x4c/0x70 [ 44.839758][ T500] ? vm_area_dup+0x17a/0x230 [ 44.844186][ T500] copy_mm+0xa3a/0x13e0 [ 44.848180][ T500] ? copy_signal+0x610/0x610 [ 44.852614][ T500] ? __init_rwsem+0xd6/0x1c0 [ 44.857214][ T500] ? copy_signal+0x4e3/0x610 [ 44.861639][ T500] copy_process+0x12bc/0x3260 [ 44.866151][ T500] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 44.871106][ T500] ? __kasan_check_write+0x14/0x20 [ 44.876052][ T500] kernel_clone+0x21e/0x9e0 [ 44.880386][ T500] ? _raw_spin_unlock_irq+0x4e/0x70 [ 44.885418][ T500] ? create_io_thread+0x1e0/0x1e0 [ 44.890279][ T500] __x64_sys_clone+0x23f/0x290 [ 44.894887][ T500] ? __do_sys_vfork+0x130/0x130 [ 44.899651][ T500] ? __kasan_check_read+0x11/0x20 [ 44.904512][ T500] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 44.910329][ T500] do_syscall_64+0x3d/0xb0 [ 44.914610][ T500] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 44.920307][ T500] RIP: 0033:0x7fee0c2830a9 [ 44.924569][ T500] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 44.944375][ T500] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 44.953133][ T500] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 44.960945][ T500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 44.968758][ T500] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 44.976569][ T500] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 44.984380][ T500] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 500] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 499] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 500] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 500] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 500] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 499] close(3) = 0 [pid 499] close(4) = -1 EBADF (Bad file descriptor) [pid 499] close(5) = -1 EBADF (Bad file descriptor) [pid 499] close(6) = -1 EBADF (Bad file descriptor) [pid 499] close(7) = -1 EBADF (Bad file descriptor) [pid 499] close(8) = -1 EBADF (Bad file descriptor) [pid 499] close(9) = -1 EBADF (Bad file descriptor) [pid 499] close(10) = -1 EBADF (Bad file descriptor) [pid 499] close(11) = -1 EBADF (Bad file descriptor) [pid 499] close(12) = -1 EBADF (Bad file descriptor) [pid 499] close(13) = -1 EBADF (Bad file descriptor) [pid 499] close(14) = -1 EBADF (Bad file descriptor) [pid 499] close(15) = -1 EBADF (Bad file descriptor) [pid 499] close(16) = -1 EBADF (Bad file descriptor) [pid 499] close(17) = -1 EBADF (Bad file descriptor) [pid 499] close(18) = -1 EBADF (Bad file descriptor) [pid 499] close(19) = -1 EBADF (Bad file descriptor) [pid 499] close(20) = -1 EBADF (Bad file descriptor) [pid 499] close(21) = -1 EBADF (Bad file descriptor) [pid 499] close(22) = -1 EBADF (Bad file descriptor) [pid 499] close(23) = -1 EBADF (Bad file descriptor) [pid 499] close(24) = -1 EBADF (Bad file descriptor) [pid 499] close(25) = -1 EBADF (Bad file descriptor) [pid 499] close(26) = -1 EBADF (Bad file descriptor) [pid 499] close(27) = -1 EBADF (Bad file descriptor) [pid 499] close(28) = -1 EBADF (Bad file descriptor) [pid 499] close(29) = -1 EBADF (Bad file descriptor) [pid 499] exit_group(0 [pid 500] <... futex resumed>) = ? [pid 499] <... exit_group resumed>) = ? [pid 500] +++ exited with 0 +++ [pid 499] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=182, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 501 attached , child_tidptr=0x555556029690) = 184 [pid 501] set_robust_list(0x5555560296a0, 24) = 0 [pid 501] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 501] setpgid(0, 0) = 0 [pid 501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 501] write(3, "1000", 4) = 4 [pid 501] close(3) = 0 [pid 501] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 501] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 501] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 501] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 501] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 501] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 501] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 502 attached => {parent_tid=[185]}, 88) = 185 [pid 501] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 501] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 502] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 502] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 502] write(3, "65", 2) = 2 [ 44.992197][ T500] [ 45.006388][ T502] FAULT_INJECTION: forcing a failure. [ 45.006388][ T502] name failslab, interval 1, probability 0, space 0, times 0 [ 45.018966][ T502] CPU: 0 PID: 502 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 45.029349][ T502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 45.039333][ T502] Call Trace: [ 45.042464][ T502] [ 45.045231][ T502] dump_stack_lvl+0x151/0x1b7 [ 45.049744][ T502] ? io_uring_drop_tctx_refs+0x190/0x190 [ 45.055215][ T502] dump_stack+0x15/0x17 [ 45.059204][ T502] should_fail+0x3c6/0x510 [ 45.063456][ T502] __should_failslab+0xa4/0xe0 [ 45.068056][ T502] ? vm_area_dup+0x26/0x230 [ 45.072404][ T502] should_failslab+0x9/0x20 [ 45.076737][ T502] slab_pre_alloc_hook+0x37/0xd0 [ 45.081522][ T502] ? vm_area_dup+0x26/0x230 [ 45.085854][ T502] kmem_cache_alloc+0x44/0x200 [ 45.090473][ T502] vm_area_dup+0x26/0x230 [ 45.094616][ T502] copy_mm+0x9a1/0x13e0 [ 45.098610][ T502] ? copy_signal+0x610/0x610 [ 45.103031][ T502] ? __init_rwsem+0xd6/0x1c0 [ 45.107460][ T502] ? copy_signal+0x4e3/0x610 [ 45.111892][ T502] copy_process+0x12bc/0x3260 [ 45.116401][ T502] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 45.121344][ T502] ? __kasan_check_write+0x14/0x20 [ 45.126308][ T502] kernel_clone+0x21e/0x9e0 [ 45.130636][ T502] ? _raw_spin_unlock_irq+0x4e/0x70 [ 45.135667][ T502] ? create_io_thread+0x1e0/0x1e0 [ 45.140529][ T502] __x64_sys_clone+0x23f/0x290 [ 45.145302][ T502] ? __do_sys_vfork+0x130/0x130 [ 45.150083][ T502] ? __kasan_check_read+0x11/0x20 [ 45.154939][ T502] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 45.160777][ T502] do_syscall_64+0x3d/0xb0 [ 45.165003][ T502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 45.170729][ T502] RIP: 0033:0x7fee0c2830a9 [ 45.174983][ T502] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 45.194513][ T502] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 45.202762][ T502] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 45.210637][ T502] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 45.218379][ T502] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 45.226279][ T502] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 45.234087][ T502] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 502] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 501] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 502] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 502] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 502] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] close(3) = 0 [pid 501] close(4) = -1 EBADF (Bad file descriptor) [pid 501] close(5) = -1 EBADF (Bad file descriptor) [pid 501] close(6) = -1 EBADF (Bad file descriptor) [pid 501] close(7) = -1 EBADF (Bad file descriptor) [pid 501] close(8) = -1 EBADF (Bad file descriptor) [pid 501] close(9) = -1 EBADF (Bad file descriptor) [pid 501] close(10) = -1 EBADF (Bad file descriptor) [pid 501] close(11) = -1 EBADF (Bad file descriptor) [pid 501] close(12) = -1 EBADF (Bad file descriptor) [pid 501] close(13) = -1 EBADF (Bad file descriptor) [pid 501] close(14) = -1 EBADF (Bad file descriptor) [pid 501] close(15) = -1 EBADF (Bad file descriptor) [pid 501] close(16) = -1 EBADF (Bad file descriptor) [pid 501] close(17) = -1 EBADF (Bad file descriptor) [pid 501] close(18) = -1 EBADF (Bad file descriptor) [pid 501] close(19) = -1 EBADF (Bad file descriptor) [pid 501] close(20) = -1 EBADF (Bad file descriptor) [pid 501] close(21) = -1 EBADF (Bad file descriptor) [pid 501] close(22) = -1 EBADF (Bad file descriptor) [pid 501] close(23) = -1 EBADF (Bad file descriptor) [pid 501] close(24) = -1 EBADF (Bad file descriptor) [pid 501] close(25) = -1 EBADF (Bad file descriptor) [pid 501] close(26) = -1 EBADF (Bad file descriptor) [pid 501] close(27) = -1 EBADF (Bad file descriptor) [pid 501] close(28) = -1 EBADF (Bad file descriptor) [pid 501] close(29) = -1 EBADF (Bad file descriptor) [pid 501] exit_group(0) = ? [pid 502] <... futex resumed>) = ? [pid 502] +++ exited with 0 +++ [pid 501] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=184, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 186 ./strace-static-x86_64: Process 503 attached [pid 503] set_robust_list(0x5555560296a0, 24) = 0 [pid 503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 503] setpgid(0, 0) = 0 [pid 503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 503] write(3, "1000", 4) = 4 [pid 503] close(3) = 0 [pid 503] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 503] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 503] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 503] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 503] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 503] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 503] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 503] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[187]}, 88) = 187 [pid 503] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 503] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 503] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 504 attached [pid 504] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 504] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 504] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 504] write(3, "65", 2) = 2 [ 45.241901][ T502] [ 45.254212][ T504] FAULT_INJECTION: forcing a failure. [ 45.254212][ T504] name failslab, interval 1, probability 0, space 0, times 0 [ 45.266738][ T504] CPU: 1 PID: 504 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 45.276695][ T504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 45.286582][ T504] Call Trace: [ 45.289706][ T504] [ 45.292484][ T504] dump_stack_lvl+0x151/0x1b7 [ 45.296997][ T504] ? io_uring_drop_tctx_refs+0x190/0x190 [ 45.302466][ T504] dump_stack+0x15/0x17 [ 45.306455][ T504] should_fail+0x3c6/0x510 [ 45.310711][ T504] __should_failslab+0xa4/0xe0 [ 45.315310][ T504] ? anon_vma_clone+0x9a/0x500 [ 45.319907][ T504] should_failslab+0x9/0x20 [ 45.324251][ T504] slab_pre_alloc_hook+0x37/0xd0 [ 45.329029][ T504] ? anon_vma_clone+0x9a/0x500 [ 45.333631][ T504] kmem_cache_alloc+0x44/0x200 [ 45.338319][ T504] anon_vma_clone+0x9a/0x500 [ 45.342740][ T504] anon_vma_fork+0x91/0x4e0 [ 45.347168][ T504] ? anon_vma_name+0x4c/0x70 [ 45.351594][ T504] ? vm_area_dup+0x17a/0x230 [ 45.356103][ T504] copy_mm+0xa3a/0x13e0 [ 45.360106][ T504] ? copy_signal+0x610/0x610 [ 45.364528][ T504] ? __init_rwsem+0xd6/0x1c0 [ 45.368951][ T504] ? copy_signal+0x4e3/0x610 [ 45.373374][ T504] copy_process+0x12bc/0x3260 [ 45.377895][ T504] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 45.382839][ T504] ? __kasan_check_write+0x14/0x20 [ 45.387781][ T504] kernel_clone+0x21e/0x9e0 [ 45.392141][ T504] ? _raw_spin_unlock_irq+0x4e/0x70 [ 45.397166][ T504] ? create_io_thread+0x1e0/0x1e0 [ 45.402016][ T504] __x64_sys_clone+0x23f/0x290 [ 45.406615][ T504] ? __do_sys_vfork+0x130/0x130 [ 45.411301][ T504] ? __kasan_check_read+0x11/0x20 [ 45.416161][ T504] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 45.421980][ T504] do_syscall_64+0x3d/0xb0 [ 45.426229][ T504] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 45.431964][ T504] RIP: 0033:0x7fee0c2830a9 [ 45.436208][ T504] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 45.455737][ T504] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 45.463983][ T504] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 45.471793][ T504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 45.479691][ T504] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 45.487511][ T504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [pid 504] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 503] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 504] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 503] close(3 [pid 504] <... futex resumed>) = 0 [pid 503] <... close resumed>) = 0 [pid 503] close(4) = -1 EBADF (Bad file descriptor) [pid 503] close(5) = -1 EBADF (Bad file descriptor) [pid 503] close(6) = -1 EBADF (Bad file descriptor) [pid 503] close(7) = -1 EBADF (Bad file descriptor) [pid 503] close(8) = -1 EBADF (Bad file descriptor) [pid 503] close(9) = -1 EBADF (Bad file descriptor) [pid 503] close(10 [pid 504] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 503] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 503] close(11) = -1 EBADF (Bad file descriptor) [pid 503] close(12) = -1 EBADF (Bad file descriptor) [pid 503] close(13) = -1 EBADF (Bad file descriptor) [pid 503] close(14) = -1 EBADF (Bad file descriptor) [pid 503] close(15) = -1 EBADF (Bad file descriptor) [pid 503] close(16) = -1 EBADF (Bad file descriptor) [pid 503] close(17) = -1 EBADF (Bad file descriptor) [pid 503] close(18) = -1 EBADF (Bad file descriptor) [pid 503] close(19) = -1 EBADF (Bad file descriptor) [pid 503] close(20) = -1 EBADF (Bad file descriptor) [pid 503] close(21) = -1 EBADF (Bad file descriptor) [pid 503] close(22) = -1 EBADF (Bad file descriptor) [pid 503] close(23) = -1 EBADF (Bad file descriptor) [pid 503] close(24) = -1 EBADF (Bad file descriptor) [pid 503] close(25) = -1 EBADF (Bad file descriptor) [pid 503] close(26) = -1 EBADF (Bad file descriptor) [pid 503] close(27) = -1 EBADF (Bad file descriptor) [pid 503] close(28) = -1 EBADF (Bad file descriptor) [pid 503] close(29) = -1 EBADF (Bad file descriptor) [pid 503] exit_group(0) = ? [pid 504] <... futex resumed>) = 230 [pid 504] +++ exited with 0 +++ [pid 503] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=186, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 188 ./strace-static-x86_64: Process 506 attached [pid 506] set_robust_list(0x5555560296a0, 24) = 0 [pid 506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 506] setpgid(0, 0) = 0 [pid 506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 506] write(3, "1000", 4) = 4 [pid 506] close(3) = 0 [pid 506] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 506] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 506] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 506] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 506] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 506] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 506] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 506] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 507 attached => {parent_tid=[189]}, 88) = 189 [pid 507] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 507] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 507] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 506] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 506] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 506] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 507] <... futex resumed>) = 0 [pid 507] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 507] write(3, "65", 2) = 2 [ 45.495330][ T504] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 45.503127][ T504] [ 45.520829][ T507] FAULT_INJECTION: forcing a failure. [ 45.520829][ T507] name failslab, interval 1, probability 0, space 0, times 0 [ 45.533626][ T507] CPU: 0 PID: 507 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 45.543660][ T507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 45.553554][ T507] Call Trace: [ 45.556677][ T507] [ 45.559455][ T507] dump_stack_lvl+0x151/0x1b7 [ 45.563968][ T507] ? io_uring_drop_tctx_refs+0x190/0x190 [ 45.569437][ T507] ? dup_userfaultfd_complete+0x295/0x2f0 [ 45.574996][ T507] ? dup_userfaultfd+0x5d0/0x5d0 [ 45.579765][ T507] dump_stack+0x15/0x17 [ 45.583759][ T507] should_fail+0x3c6/0x510 [ 45.588012][ T507] __should_failslab+0xa4/0xe0 [ 45.592625][ T507] ? create_new_namespaces+0x34/0x670 [ 45.597818][ T507] should_failslab+0x9/0x20 [ 45.602157][ T507] slab_pre_alloc_hook+0x37/0xd0 [ 45.606931][ T507] ? create_new_namespaces+0x34/0x670 [ 45.612137][ T507] kmem_cache_alloc+0x44/0x200 [ 45.616740][ T507] ? cap_capable+0x1d2/0x270 [ 45.621171][ T507] create_new_namespaces+0x34/0x670 [ 45.626208][ T507] ? security_capable+0x87/0xb0 [ 45.630887][ T507] ? ns_capable+0x89/0xe0 [ 45.635052][ T507] copy_namespaces+0x1d1/0x220 [ 45.639653][ T507] copy_process+0x12e7/0x3260 [ 45.644169][ T507] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 45.649112][ T507] ? __kasan_check_write+0x14/0x20 [ 45.654057][ T507] kernel_clone+0x21e/0x9e0 [ 45.658396][ T507] ? _raw_spin_unlock_irq+0x4e/0x70 [ 45.663448][ T507] ? create_io_thread+0x1e0/0x1e0 [ 45.668294][ T507] __x64_sys_clone+0x23f/0x290 [ 45.672893][ T507] ? __do_sys_vfork+0x130/0x130 [ 45.678099][ T507] ? __kasan_check_read+0x11/0x20 [ 45.682960][ T507] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 45.688776][ T507] do_syscall_64+0x3d/0xb0 [ 45.693027][ T507] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 45.698764][ T507] RIP: 0033:0x7fee0c2830a9 [ 45.703012][ T507] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 45.722538][ T507] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 45.730784][ T507] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 45.738680][ T507] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [pid 507] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 506] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 507] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 507] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 507] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 506] close(3) = 0 [pid 506] close(4) = -1 EBADF (Bad file descriptor) [pid 506] close(5) = -1 EBADF (Bad file descriptor) [pid 506] close(6) = -1 EBADF (Bad file descriptor) [pid 506] close(7) = -1 EBADF (Bad file descriptor) [pid 506] close(8) = -1 EBADF (Bad file descriptor) [pid 506] close(9) = -1 EBADF (Bad file descriptor) [pid 506] close(10) = -1 EBADF (Bad file descriptor) [pid 506] close(11) = -1 EBADF (Bad file descriptor) [pid 506] close(12) = -1 EBADF (Bad file descriptor) [pid 506] close(13) = -1 EBADF (Bad file descriptor) [pid 506] close(14) = -1 EBADF (Bad file descriptor) [pid 506] close(15) = -1 EBADF (Bad file descriptor) [pid 506] close(16) = -1 EBADF (Bad file descriptor) [pid 506] close(17) = -1 EBADF (Bad file descriptor) [pid 506] close(18) = -1 EBADF (Bad file descriptor) [pid 506] close(19) = -1 EBADF (Bad file descriptor) [pid 506] close(20) = -1 EBADF (Bad file descriptor) [pid 506] close(21) = -1 EBADF (Bad file descriptor) [pid 506] close(22) = -1 EBADF (Bad file descriptor) [pid 506] close(23) = -1 EBADF (Bad file descriptor) [pid 506] close(24) = -1 EBADF (Bad file descriptor) [pid 506] close(25) = -1 EBADF (Bad file descriptor) [pid 506] close(26) = -1 EBADF (Bad file descriptor) [pid 506] close(27) = -1 EBADF (Bad file descriptor) [pid 506] close(28) = -1 EBADF (Bad file descriptor) [pid 506] close(29) = -1 EBADF (Bad file descriptor) [pid 506] exit_group(0 [pid 507] <... futex resumed>) = ? [pid 506] <... exit_group resumed>) = ? [pid 507] +++ exited with 0 +++ [pid 506] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=188, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 190 ./strace-static-x86_64: Process 508 attached [pid 508] set_robust_list(0x5555560296a0, 24) = 0 [pid 508] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 508] setpgid(0, 0) = 0 [pid 508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 508] write(3, "1000", 4) = 4 [pid 508] close(3) = 0 [pid 508] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 508] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 508] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 508] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 508] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 508] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 508] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 508] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 509 attached => {parent_tid=[191]}, 88) = 191 [pid 508] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 508] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 509] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 508] <... futex resumed>) = 0 [pid 509] rt_sigprocmask(SIG_SETMASK, [], [pid 508] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 509] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 509] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 509] write(3, "65", 2) = 2 [ 45.746492][ T507] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 45.754301][ T507] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 45.762115][ T507] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 45.769934][ T507] [ 45.787640][ T509] FAULT_INJECTION: forcing a failure. [ 45.787640][ T509] name failslab, interval 1, probability 0, space 0, times 0 [ 45.800079][ T509] CPU: 1 PID: 509 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 45.811331][ T509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 45.821226][ T509] Call Trace: [ 45.824348][ T509] [ 45.827129][ T509] dump_stack_lvl+0x151/0x1b7 [ 45.831640][ T509] ? io_uring_drop_tctx_refs+0x190/0x190 [ 45.837120][ T509] dump_stack+0x15/0x17 [ 45.841102][ T509] should_fail+0x3c6/0x510 [ 45.845355][ T509] __should_failslab+0xa4/0xe0 [ 45.849951][ T509] ? vm_area_dup+0x26/0x230 [ 45.854470][ T509] should_failslab+0x9/0x20 [ 45.858807][ T509] slab_pre_alloc_hook+0x37/0xd0 [ 45.863577][ T509] ? vm_area_dup+0x26/0x230 [ 45.867917][ T509] kmem_cache_alloc+0x44/0x200 [ 45.872516][ T509] vm_area_dup+0x26/0x230 [ 45.876682][ T509] copy_mm+0x9a1/0x13e0 [ 45.880676][ T509] ? copy_signal+0x610/0x610 [ 45.885101][ T509] ? __init_rwsem+0xd6/0x1c0 [ 45.889527][ T509] ? copy_signal+0x4e3/0x610 [ 45.893958][ T509] copy_process+0x12bc/0x3260 [ 45.898475][ T509] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 45.903422][ T509] ? __kasan_check_write+0x14/0x20 [ 45.908379][ T509] kernel_clone+0x21e/0x9e0 [ 45.912705][ T509] ? _raw_spin_unlock_irq+0x4e/0x70 [ 45.917737][ T509] ? create_io_thread+0x1e0/0x1e0 [ 45.922597][ T509] __x64_sys_clone+0x23f/0x290 [ 45.927196][ T509] ? __do_sys_vfork+0x130/0x130 [ 45.931883][ T509] ? __kasan_check_read+0x11/0x20 [ 45.936742][ T509] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 45.942569][ T509] do_syscall_64+0x3d/0xb0 [ 45.946811][ T509] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 45.952537][ T509] RIP: 0033:0x7fee0c2830a9 [ 45.956798][ T509] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 45.976232][ T509] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 45.984476][ T509] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 509] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 508] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 509] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 509] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 508] close(3) = 0 [pid 508] close(4) = -1 EBADF (Bad file descriptor) [pid 508] close(5) = -1 EBADF (Bad file descriptor) [pid 508] close(6) = -1 EBADF (Bad file descriptor) [pid 508] close(7) = -1 EBADF (Bad file descriptor) [pid 508] close(8) = -1 EBADF (Bad file descriptor) [pid 508] close(9) = -1 EBADF (Bad file descriptor) [pid 508] close(10) = -1 EBADF (Bad file descriptor) [pid 508] close(11) = -1 EBADF (Bad file descriptor) [pid 508] close(12) = -1 EBADF (Bad file descriptor) [pid 508] close(13) = -1 EBADF (Bad file descriptor) [pid 508] close(14) = -1 EBADF (Bad file descriptor) [pid 508] close(15) = -1 EBADF (Bad file descriptor) [pid 508] close(16) = -1 EBADF (Bad file descriptor) [pid 508] close(17) = -1 EBADF (Bad file descriptor) [pid 508] close(18) = -1 EBADF (Bad file descriptor) [pid 508] close(19) = -1 EBADF (Bad file descriptor) [pid 508] close(20) = -1 EBADF (Bad file descriptor) [pid 508] close(21) = -1 EBADF (Bad file descriptor) [pid 508] close(22) = -1 EBADF (Bad file descriptor) [pid 508] close(23) = -1 EBADF (Bad file descriptor) [pid 508] close(24) = -1 EBADF (Bad file descriptor) [pid 508] close(25) = -1 EBADF (Bad file descriptor) [pid 508] close(26) = -1 EBADF (Bad file descriptor) [pid 508] close(27) = -1 EBADF (Bad file descriptor) [pid 508] close(28) = -1 EBADF (Bad file descriptor) [pid 508] close(29) = -1 EBADF (Bad file descriptor) [pid 508] exit_group(0 [pid 509] <... futex resumed>) = ? [pid 508] <... exit_group resumed>) = ? [pid 509] +++ exited with 0 +++ [pid 508] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=190, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 192 ./strace-static-x86_64: Process 510 attached [pid 510] set_robust_list(0x5555560296a0, 24) = 0 [pid 510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 510] setpgid(0, 0) = 0 [pid 510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 510] write(3, "1000", 4) = 4 [pid 510] close(3) = 0 [pid 510] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 510] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 510] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 510] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 510] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 510] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 510] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 510] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[193]}, 88) = 193 [pid 510] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 510] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 510] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 511 attached [pid 511] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 511] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 511] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 511] write(3, "65", 2) = 2 [ 45.992291][ T509] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 46.000100][ T509] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 46.007927][ T509] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 46.015720][ T509] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 46.023548][ T509] [ 46.041666][ T511] FAULT_INJECTION: forcing a failure. [ 46.041666][ T511] name failslab, interval 1, probability 0, space 0, times 0 [ 46.054110][ T511] CPU: 1 PID: 511 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 46.064133][ T511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 46.074028][ T511] Call Trace: [ 46.077148][ T511] [ 46.079927][ T511] dump_stack_lvl+0x151/0x1b7 [ 46.084442][ T511] ? io_uring_drop_tctx_refs+0x190/0x190 [ 46.089908][ T511] ? dup_userfaultfd_complete+0x295/0x2f0 [ 46.095464][ T511] ? dup_userfaultfd+0x5d0/0x5d0 [ 46.100237][ T511] dump_stack+0x15/0x17 [ 46.104227][ T511] should_fail+0x3c6/0x510 [ 46.108481][ T511] __should_failslab+0xa4/0xe0 [ 46.113081][ T511] ? create_new_namespaces+0x34/0x670 [ 46.118287][ T511] should_failslab+0x9/0x20 [ 46.122627][ T511] slab_pre_alloc_hook+0x37/0xd0 [ 46.127399][ T511] ? create_new_namespaces+0x34/0x670 [ 46.132610][ T511] kmem_cache_alloc+0x44/0x200 [ 46.137310][ T511] ? cap_capable+0x1d2/0x270 [ 46.141808][ T511] create_new_namespaces+0x34/0x670 [ 46.146843][ T511] ? security_capable+0x87/0xb0 [ 46.151527][ T511] ? ns_capable+0x89/0xe0 [ 46.155715][ T511] copy_namespaces+0x1d1/0x220 [ 46.160296][ T511] copy_process+0x12e7/0x3260 [ 46.164810][ T511] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 46.169752][ T511] ? __kasan_check_write+0x14/0x20 [ 46.174699][ T511] kernel_clone+0x21e/0x9e0 [ 46.179038][ T511] ? _raw_spin_unlock_irq+0x4e/0x70 [ 46.184072][ T511] ? create_io_thread+0x1e0/0x1e0 [ 46.188933][ T511] __x64_sys_clone+0x23f/0x290 [ 46.193534][ T511] ? __do_sys_vfork+0x130/0x130 [ 46.198225][ T511] ? __kasan_check_read+0x11/0x20 [ 46.203080][ T511] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 46.208895][ T511] do_syscall_64+0x3d/0xb0 [ 46.213157][ T511] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.218877][ T511] RIP: 0033:0x7fee0c2830a9 [ 46.223133][ T511] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 511] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 510] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 511] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 511] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 511] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 510] close(3) = 0 [pid 510] close(4) = -1 EBADF (Bad file descriptor) [pid 510] close(5) = -1 EBADF (Bad file descriptor) [pid 510] close(6) = -1 EBADF (Bad file descriptor) [pid 510] close(7) = -1 EBADF (Bad file descriptor) [pid 510] close(8) = -1 EBADF (Bad file descriptor) [pid 510] close(9) = -1 EBADF (Bad file descriptor) [pid 510] close(10) = -1 EBADF (Bad file descriptor) [pid 510] close(11) = -1 EBADF (Bad file descriptor) [pid 510] close(12) = -1 EBADF (Bad file descriptor) [pid 510] close(13) = -1 EBADF (Bad file descriptor) [pid 510] close(14) = -1 EBADF (Bad file descriptor) [pid 510] close(15) = -1 EBADF (Bad file descriptor) [pid 510] close(16) = -1 EBADF (Bad file descriptor) [pid 510] close(17) = -1 EBADF (Bad file descriptor) [pid 510] close(18) = -1 EBADF (Bad file descriptor) [pid 510] close(19) = -1 EBADF (Bad file descriptor) [pid 510] close(20) = -1 EBADF (Bad file descriptor) [pid 510] close(21) = -1 EBADF (Bad file descriptor) [pid 510] close(22) = -1 EBADF (Bad file descriptor) [pid 510] close(23) = -1 EBADF (Bad file descriptor) [pid 510] close(24) = -1 EBADF (Bad file descriptor) [pid 510] close(25) = -1 EBADF (Bad file descriptor) [pid 510] close(26) = -1 EBADF (Bad file descriptor) [pid 510] close(27) = -1 EBADF (Bad file descriptor) [pid 510] close(28) = -1 EBADF (Bad file descriptor) [pid 510] close(29) = -1 EBADF (Bad file descriptor) [pid 510] exit_group(0 [pid 511] <... futex resumed>) = ? [pid 510] <... exit_group resumed>) = ? [pid 511] +++ exited with 0 +++ [pid 510] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=192, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 194 ./strace-static-x86_64: Process 512 attached [pid 512] set_robust_list(0x5555560296a0, 24) = 0 [pid 512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 512] setpgid(0, 0) = 0 [pid 512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 512] write(3, "1000", 4) = 4 [pid 512] close(3) = 0 [pid 512] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 512] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 512] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 512] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 512] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 512] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 512] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 512] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 513 attached => {parent_tid=[195]}, 88) = 195 [pid 513] set_robust_list(0x7fee0c2439a0, 24 [pid 512] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 512] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 512] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 513] <... set_robust_list resumed>) = 0 [pid 513] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 513] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 513] write(3, "65", 2) = 2 [ 46.242571][ T511] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 46.250815][ T511] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 46.258626][ T511] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 46.266712][ T511] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 46.274515][ T511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 46.282329][ T511] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 46.290136][ T511] [pid 513] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 512] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 46.307678][ T513] FAULT_INJECTION: forcing a failure. [ 46.307678][ T513] name failslab, interval 1, probability 0, space 0, times 0 [ 46.320203][ T513] CPU: 0 PID: 513 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 46.330242][ T513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 46.341953][ T513] Call Trace: [ 46.345073][ T513] [ 46.347848][ T513] dump_stack_lvl+0x151/0x1b7 [ 46.352365][ T513] ? io_uring_drop_tctx_refs+0x190/0x190 [ 46.357830][ T513] dump_stack+0x15/0x17 [ 46.361822][ T513] should_fail+0x3c6/0x510 [ 46.366165][ T513] __should_failslab+0xa4/0xe0 [ 46.370845][ T513] ? vm_area_dup+0x26/0x230 [ 46.375188][ T513] should_failslab+0x9/0x20 [ 46.379524][ T513] slab_pre_alloc_hook+0x37/0xd0 [ 46.384299][ T513] ? vm_area_dup+0x26/0x230 [ 46.388637][ T513] kmem_cache_alloc+0x44/0x200 [ 46.393239][ T513] vm_area_dup+0x26/0x230 [ 46.397403][ T513] copy_mm+0x9a1/0x13e0 [ 46.401404][ T513] ? copy_signal+0x610/0x610 [ 46.405820][ T513] ? __init_rwsem+0xd6/0x1c0 [ 46.410250][ T513] ? copy_signal+0x4e3/0x610 [ 46.414673][ T513] copy_process+0x12bc/0x3260 [ 46.419189][ T513] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 46.424134][ T513] ? __kasan_check_write+0x14/0x20 [ 46.429188][ T513] kernel_clone+0x21e/0x9e0 [ 46.433520][ T513] ? _raw_spin_unlock_irq+0x4e/0x70 [ 46.438565][ T513] ? create_io_thread+0x1e0/0x1e0 [ 46.443412][ T513] __x64_sys_clone+0x23f/0x290 [ 46.448002][ T513] ? __do_sys_vfork+0x130/0x130 [ 46.452689][ T513] ? __kasan_check_read+0x11/0x20 [ 46.457549][ T513] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 46.463366][ T513] do_syscall_64+0x3d/0xb0 [ 46.467620][ T513] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.473354][ T513] RIP: 0033:0x7fee0c2830a9 [ 46.477605][ T513] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 46.497474][ T513] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [pid 513] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 513] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 513] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 512] close(3) = 0 [pid 512] close(4) = -1 EBADF (Bad file descriptor) [pid 512] close(5) = -1 EBADF (Bad file descriptor) [pid 512] close(6) = -1 EBADF (Bad file descriptor) [pid 512] close(7) = -1 EBADF (Bad file descriptor) [pid 512] close(8) = -1 EBADF (Bad file descriptor) [pid 512] close(9) = -1 EBADF (Bad file descriptor) [pid 512] close(10) = -1 EBADF (Bad file descriptor) [pid 512] close(11) = -1 EBADF (Bad file descriptor) [pid 512] close(12) = -1 EBADF (Bad file descriptor) [pid 512] close(13) = -1 EBADF (Bad file descriptor) [pid 512] close(14) = -1 EBADF (Bad file descriptor) [pid 512] close(15) = -1 EBADF (Bad file descriptor) [pid 512] close(16) = -1 EBADF (Bad file descriptor) [pid 512] close(17) = -1 EBADF (Bad file descriptor) [pid 512] close(18) = -1 EBADF (Bad file descriptor) [pid 512] close(19) = -1 EBADF (Bad file descriptor) [pid 512] close(20) = -1 EBADF (Bad file descriptor) [pid 512] close(21) = -1 EBADF (Bad file descriptor) [pid 512] close(22) = -1 EBADF (Bad file descriptor) [pid 512] close(23) = -1 EBADF (Bad file descriptor) [pid 512] close(24) = -1 EBADF (Bad file descriptor) [pid 512] close(25) = -1 EBADF (Bad file descriptor) [pid 512] close(26) = -1 EBADF (Bad file descriptor) [pid 512] close(27) = -1 EBADF (Bad file descriptor) [pid 512] close(28) = -1 EBADF (Bad file descriptor) [pid 512] close(29) = -1 EBADF (Bad file descriptor) [pid 512] exit_group(0 [pid 513] <... futex resumed>) = ? [pid 512] <... exit_group resumed>) = ? [pid 513] +++ exited with 0 +++ [pid 512] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=194, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 196 ./strace-static-x86_64: Process 515 attached [pid 515] set_robust_list(0x5555560296a0, 24) = 0 [pid 515] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 515] setpgid(0, 0) = 0 [pid 515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 515] write(3, "1000", 4) = 4 [pid 515] close(3) = 0 [pid 515] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 515] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 515] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 515] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 515] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 515] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 515] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 515] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[197]}, 88) = 197 [pid 515] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 515] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 515] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 516 attached [pid 516] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 516] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 516] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 516] write(3, "65", 2) = 2 [ 46.505719][ T513] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 46.513535][ T513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 46.521345][ T513] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 46.529153][ T513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 46.537136][ T513] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 46.544956][ T513] [pid 516] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 515] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 46.558447][ T516] FAULT_INJECTION: forcing a failure. [ 46.558447][ T516] name failslab, interval 1, probability 0, space 0, times 0 [ 46.570987][ T516] CPU: 1 PID: 516 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 46.581079][ T516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 46.590922][ T516] Call Trace: [ 46.594037][ T516] [ 46.596813][ T516] dump_stack_lvl+0x151/0x1b7 [ 46.601351][ T516] ? io_uring_drop_tctx_refs+0x190/0x190 [ 46.606793][ T516] dump_stack+0x15/0x17 [ 46.610788][ T516] should_fail+0x3c6/0x510 [ 46.615048][ T516] __should_failslab+0xa4/0xe0 [ 46.619641][ T516] ? anon_vma_clone+0x9a/0x500 [ 46.624352][ T516] should_failslab+0x9/0x20 [ 46.628667][ T516] slab_pre_alloc_hook+0x37/0xd0 [ 46.633437][ T516] ? anon_vma_clone+0x9a/0x500 [ 46.638038][ T516] kmem_cache_alloc+0x44/0x200 [ 46.642652][ T516] anon_vma_clone+0x9a/0x500 [ 46.647065][ T516] anon_vma_fork+0x91/0x4e0 [ 46.651405][ T516] ? anon_vma_name+0x4c/0x70 [ 46.655841][ T516] ? vm_area_dup+0x17a/0x230 [ 46.660256][ T516] copy_mm+0xa3a/0x13e0 [ 46.664250][ T516] ? copy_signal+0x610/0x610 [ 46.668676][ T516] ? __init_rwsem+0xd6/0x1c0 [ 46.673190][ T516] ? copy_signal+0x4e3/0x610 [ 46.677615][ T516] copy_process+0x12bc/0x3260 [ 46.682133][ T516] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 46.687162][ T516] ? __kasan_check_write+0x14/0x20 [ 46.692110][ T516] kernel_clone+0x21e/0x9e0 [ 46.696452][ T516] ? _raw_spin_unlock_irq+0x4e/0x70 [ 46.701480][ T516] ? create_io_thread+0x1e0/0x1e0 [ 46.706346][ T516] __x64_sys_clone+0x23f/0x290 [ 46.711204][ T516] ? __do_sys_vfork+0x130/0x130 [ 46.715887][ T516] ? __kasan_check_read+0x11/0x20 [ 46.720756][ T516] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 46.726568][ T516] do_syscall_64+0x3d/0xb0 [ 46.730818][ T516] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.736574][ T516] RIP: 0033:0x7fee0c2830a9 [ 46.740798][ T516] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 46.760241][ T516] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 46.768484][ T516] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 46.776406][ T516] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 46.784212][ T516] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 46.792025][ T516] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 46.799834][ T516] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 516] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 516] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 515] close(3 [pid 516] <... futex resumed>) = 0 [pid 515] <... close resumed>) = 0 [pid 516] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 515] close(4) = -1 EBADF (Bad file descriptor) [pid 515] close(5) = -1 EBADF (Bad file descriptor) [pid 515] close(6) = -1 EBADF (Bad file descriptor) [pid 515] close(7) = -1 EBADF (Bad file descriptor) [pid 515] close(8) = -1 EBADF (Bad file descriptor) [pid 515] close(9) = -1 EBADF (Bad file descriptor) [pid 515] close(10) = -1 EBADF (Bad file descriptor) [pid 515] close(11) = -1 EBADF (Bad file descriptor) [pid 515] close(12) = -1 EBADF (Bad file descriptor) [pid 515] close(13) = -1 EBADF (Bad file descriptor) [pid 515] close(14) = -1 EBADF (Bad file descriptor) [pid 515] close(15) = -1 EBADF (Bad file descriptor) [pid 515] close(16) = -1 EBADF (Bad file descriptor) [pid 515] close(17) = -1 EBADF (Bad file descriptor) [pid 515] close(18) = -1 EBADF (Bad file descriptor) [pid 515] close(19) = -1 EBADF (Bad file descriptor) [pid 515] close(20) = -1 EBADF (Bad file descriptor) [pid 515] close(21) = -1 EBADF (Bad file descriptor) [pid 515] close(22) = -1 EBADF (Bad file descriptor) [pid 515] close(23) = -1 EBADF (Bad file descriptor) [pid 515] close(24) = -1 EBADF (Bad file descriptor) [pid 515] close(25) = -1 EBADF (Bad file descriptor) [pid 515] close(26) = -1 EBADF (Bad file descriptor) [pid 515] close(27) = -1 EBADF (Bad file descriptor) [pid 515] close(28) = -1 EBADF (Bad file descriptor) [pid 515] close(29) = -1 EBADF (Bad file descriptor) [pid 515] exit_group(0) = ? [pid 516] <... futex resumed>) = ? [pid 516] +++ exited with 0 +++ [pid 515] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=196, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 198 ./strace-static-x86_64: Process 517 attached [pid 517] set_robust_list(0x5555560296a0, 24) = 0 [pid 517] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 517] setpgid(0, 0) = 0 [pid 517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 517] write(3, "1000", 4) = 4 [pid 517] close(3) = 0 [pid 517] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 517] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 517] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 517] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 517] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 517] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 517] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 517] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 518 attached [pid 518] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 518] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 518] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 517] <... clone3 resumed> => {parent_tid=[199]}, 88) = 199 [pid 517] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 517] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 518] <... futex resumed>) = 0 [pid 518] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 518] write(3, "65", 2) = 2 [pid 518] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [ 46.807649][ T516] [ 46.824916][ T518] FAULT_INJECTION: forcing a failure. [ 46.824916][ T518] name failslab, interval 1, probability 0, space 0, times 0 [ 46.837442][ T518] CPU: 1 PID: 518 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 46.847477][ T518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 46.857392][ T518] Call Trace: [pid 517] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [ 46.860494][ T518] [ 46.863274][ T518] dump_stack_lvl+0x151/0x1b7 [ 46.867794][ T518] ? io_uring_drop_tctx_refs+0x190/0x190 [ 46.873428][ T518] dump_stack+0x15/0x17 [ 46.877432][ T518] should_fail+0x3c6/0x510 [ 46.881676][ T518] __should_failslab+0xa4/0xe0 [ 46.886271][ T518] ? vm_area_dup+0x26/0x230 [ 46.890610][ T518] should_failslab+0x9/0x20 [ 46.894950][ T518] slab_pre_alloc_hook+0x37/0xd0 [ 46.899754][ T518] ? vm_area_dup+0x26/0x230 [ 46.904239][ T518] kmem_cache_alloc+0x44/0x200 [ 46.908840][ T518] vm_area_dup+0x26/0x230 [ 46.913005][ T518] copy_mm+0x9a1/0x13e0 [ 46.916995][ T518] ? copy_signal+0x610/0x610 [ 46.921421][ T518] ? __init_rwsem+0xd6/0x1c0 [ 46.925855][ T518] ? copy_signal+0x4e3/0x610 [ 46.930283][ T518] copy_process+0x12bc/0x3260 [ 46.934788][ T518] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 46.939751][ T518] ? __kasan_check_write+0x14/0x20 [ 46.944681][ T518] kernel_clone+0x21e/0x9e0 [ 46.949023][ T518] ? _raw_spin_unlock_irq+0x4e/0x70 [ 46.954055][ T518] ? create_io_thread+0x1e0/0x1e0 [ 46.958916][ T518] __x64_sys_clone+0x23f/0x290 [ 46.963519][ T518] ? __do_sys_vfork+0x130/0x130 [ 46.968202][ T518] ? __kasan_check_read+0x11/0x20 [ 46.973063][ T518] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 46.978878][ T518] do_syscall_64+0x3d/0xb0 [ 46.983131][ T518] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.988857][ T518] RIP: 0033:0x7fee0c2830a9 [ 46.993114][ T518] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 47.012673][ T518] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 47.020886][ T518] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 47.028698][ T518] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 47.036506][ T518] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 47.044320][ T518] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 47.052216][ T518] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 518] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 518] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 517] close(3) = 0 [pid 517] close(4 [pid 518] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 517] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 517] close(5) = -1 EBADF (Bad file descriptor) [pid 517] close(6) = -1 EBADF (Bad file descriptor) [pid 517] close(7) = -1 EBADF (Bad file descriptor) [pid 517] close(8) = -1 EBADF (Bad file descriptor) [pid 517] close(9) = -1 EBADF (Bad file descriptor) [pid 517] close(10) = -1 EBADF (Bad file descriptor) [pid 517] close(11) = -1 EBADF (Bad file descriptor) [pid 517] close(12) = -1 EBADF (Bad file descriptor) [pid 517] close(13) = -1 EBADF (Bad file descriptor) [pid 517] close(14) = -1 EBADF (Bad file descriptor) [pid 517] close(15) = -1 EBADF (Bad file descriptor) [pid 517] close(16) = -1 EBADF (Bad file descriptor) [pid 517] close(17) = -1 EBADF (Bad file descriptor) [pid 517] close(18) = -1 EBADF (Bad file descriptor) [pid 517] close(19) = -1 EBADF (Bad file descriptor) [pid 517] close(20) = -1 EBADF (Bad file descriptor) [pid 517] close(21) = -1 EBADF (Bad file descriptor) [pid 517] close(22) = -1 EBADF (Bad file descriptor) [pid 517] close(23) = -1 EBADF (Bad file descriptor) [pid 517] close(24) = -1 EBADF (Bad file descriptor) [pid 517] close(25) = -1 EBADF (Bad file descriptor) [pid 517] close(26) = -1 EBADF (Bad file descriptor) [pid 517] close(27) = -1 EBADF (Bad file descriptor) [pid 517] close(28) = -1 EBADF (Bad file descriptor) [pid 517] close(29) = -1 EBADF (Bad file descriptor) [pid 517] exit_group(0 [pid 518] <... futex resumed>) = ? [pid 517] <... exit_group resumed>) = ? [pid 518] +++ exited with 0 +++ [pid 517] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=198, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 200 ./strace-static-x86_64: Process 519 attached [pid 519] set_robust_list(0x5555560296a0, 24) = 0 [pid 519] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 519] setpgid(0, 0) = 0 [pid 519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 519] write(3, "1000", 4) = 4 [pid 519] close(3) = 0 [pid 519] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 519] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 519] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 519] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 519] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 519] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 519] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 519] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 520 attached [pid 520] set_robust_list(0x7fee0c2439a0, 24 [pid 519] <... clone3 resumed> => {parent_tid=[201]}, 88) = 201 [pid 519] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 519] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 519] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 520] <... set_robust_list resumed>) = 0 [pid 520] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 520] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 520] write(3, "65", 2) = 2 [ 47.060040][ T518] [ 47.078339][ T520] FAULT_INJECTION: forcing a failure. [ 47.078339][ T520] name failslab, interval 1, probability 0, space 0, times 0 [ 47.090919][ T520] CPU: 1 PID: 520 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 47.100891][ T520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [pid 520] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 519] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 47.110872][ T520] Call Trace: [ 47.114011][ T520] [ 47.116861][ T520] dump_stack_lvl+0x151/0x1b7 [ 47.121377][ T520] ? io_uring_drop_tctx_refs+0x190/0x190 [ 47.126840][ T520] dump_stack+0x15/0x17 [ 47.130838][ T520] should_fail+0x3c6/0x510 [ 47.135093][ T520] __should_failslab+0xa4/0xe0 [ 47.139684][ T520] ? anon_vma_clone+0x9a/0x500 [ 47.144284][ T520] should_failslab+0x9/0x20 [ 47.148626][ T520] slab_pre_alloc_hook+0x37/0xd0 [ 47.153396][ T520] ? anon_vma_clone+0x9a/0x500 [ 47.157996][ T520] kmem_cache_alloc+0x44/0x200 [ 47.162599][ T520] anon_vma_clone+0x9a/0x500 [ 47.167025][ T520] anon_vma_fork+0x91/0x4e0 [ 47.171461][ T520] ? anon_vma_name+0x4c/0x70 [ 47.175880][ T520] ? vm_area_dup+0x17a/0x230 [ 47.180315][ T520] copy_mm+0xa3a/0x13e0 [ 47.184301][ T520] ? copy_signal+0x610/0x610 [ 47.188722][ T520] ? __init_rwsem+0xd6/0x1c0 [ 47.193153][ T520] ? copy_signal+0x4e3/0x610 [ 47.197660][ T520] copy_process+0x12bc/0x3260 [ 47.202204][ T520] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 47.207129][ T520] ? __kasan_check_write+0x14/0x20 [ 47.212075][ T520] kernel_clone+0x21e/0x9e0 [ 47.216411][ T520] ? _raw_spin_unlock_irq+0x4e/0x70 [ 47.221442][ T520] ? create_io_thread+0x1e0/0x1e0 [ 47.226309][ T520] __x64_sys_clone+0x23f/0x290 [ 47.230906][ T520] ? __do_sys_vfork+0x130/0x130 [ 47.235603][ T520] ? __kasan_check_read+0x11/0x20 [ 47.240447][ T520] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 47.246262][ T520] do_syscall_64+0x3d/0xb0 [ 47.250515][ T520] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.256246][ T520] RIP: 0033:0x7fee0c2830a9 [ 47.260498][ T520] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 47.279942][ T520] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 47.288185][ T520] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 47.296014][ T520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 47.303807][ T520] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [pid 520] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 520] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 520] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 519] close(3) = 0 [pid 519] close(4) = -1 EBADF (Bad file descriptor) [pid 519] close(5) = -1 EBADF (Bad file descriptor) [pid 519] close(6) = -1 EBADF (Bad file descriptor) [pid 519] close(7) = -1 EBADF (Bad file descriptor) [pid 519] close(8) = -1 EBADF (Bad file descriptor) [pid 519] close(9) = -1 EBADF (Bad file descriptor) [pid 519] close(10) = -1 EBADF (Bad file descriptor) [pid 519] close(11) = -1 EBADF (Bad file descriptor) [pid 519] close(12) = -1 EBADF (Bad file descriptor) [pid 519] close(13) = -1 EBADF (Bad file descriptor) [pid 519] close(14) = -1 EBADF (Bad file descriptor) [pid 519] close(15) = -1 EBADF (Bad file descriptor) [pid 519] close(16) = -1 EBADF (Bad file descriptor) [pid 519] close(17) = -1 EBADF (Bad file descriptor) [pid 519] close(18) = -1 EBADF (Bad file descriptor) [pid 519] close(19) = -1 EBADF (Bad file descriptor) [pid 519] close(20) = -1 EBADF (Bad file descriptor) [pid 519] close(21) = -1 EBADF (Bad file descriptor) [pid 519] close(22) = -1 EBADF (Bad file descriptor) [pid 519] close(23) = -1 EBADF (Bad file descriptor) [pid 519] close(24) = -1 EBADF (Bad file descriptor) [pid 519] close(25) = -1 EBADF (Bad file descriptor) [pid 519] close(26) = -1 EBADF (Bad file descriptor) [pid 519] close(27) = -1 EBADF (Bad file descriptor) [pid 519] close(28) = -1 EBADF (Bad file descriptor) [pid 519] close(29) = -1 EBADF (Bad file descriptor) [pid 519] exit_group(0) = ? [pid 520] <... futex resumed>) = ? [pid 520] +++ exited with 0 +++ [pid 519] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=200, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 202 ./strace-static-x86_64: Process 521 attached [pid 521] set_robust_list(0x5555560296a0, 24) = 0 [pid 521] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 521] setpgid(0, 0) = 0 [pid 521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 521] write(3, "1000", 4) = 4 [pid 521] close(3) = 0 [pid 521] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 521] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 521] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 521] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 521] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 521] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 521] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 522 attached => {parent_tid=[203]}, 88) = 203 [pid 521] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 521] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 522] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 522] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 522] write(3, "65", 2) = 2 [ 47.311647][ T520] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 47.319427][ T520] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 47.327248][ T520] [ 47.344153][ T522] FAULT_INJECTION: forcing a failure. [ 47.344153][ T522] name failslab, interval 1, probability 0, space 0, times 0 [ 47.356697][ T522] CPU: 1 PID: 522 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 47.366703][ T522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 47.376611][ T522] Call Trace: [ 47.379720][ T522] [ 47.382498][ T522] dump_stack_lvl+0x151/0x1b7 [ 47.387217][ T522] ? io_uring_drop_tctx_refs+0x190/0x190 [ 47.392766][ T522] ? dup_userfaultfd_complete+0x295/0x2f0 [ 47.398320][ T522] ? dup_userfaultfd+0x5d0/0x5d0 [ 47.403092][ T522] dump_stack+0x15/0x17 [ 47.407169][ T522] should_fail+0x3c6/0x510 [ 47.411448][ T522] __should_failslab+0xa4/0xe0 [ 47.416025][ T522] ? create_new_namespaces+0x34/0x670 [ 47.421230][ T522] should_failslab+0x9/0x20 [ 47.425572][ T522] slab_pre_alloc_hook+0x37/0xd0 [ 47.430346][ T522] ? create_new_namespaces+0x34/0x670 [ 47.435553][ T522] kmem_cache_alloc+0x44/0x200 [ 47.440154][ T522] ? cap_capable+0x1d2/0x270 [ 47.444686][ T522] create_new_namespaces+0x34/0x670 [ 47.449697][ T522] ? security_capable+0x87/0xb0 [ 47.454397][ T522] ? ns_capable+0x89/0xe0 [ 47.458550][ T522] copy_namespaces+0x1d1/0x220 [ 47.463153][ T522] copy_process+0x12e7/0x3260 [ 47.467666][ T522] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 47.472612][ T522] ? __kasan_check_write+0x14/0x20 [ 47.477558][ T522] kernel_clone+0x21e/0x9e0 [ 47.482076][ T522] ? _raw_spin_unlock_irq+0x4e/0x70 [ 47.487116][ T522] ? create_io_thread+0x1e0/0x1e0 [ 47.491971][ T522] __x64_sys_clone+0x23f/0x290 [ 47.496566][ T522] ? __do_sys_vfork+0x130/0x130 [ 47.501258][ T522] ? __kasan_check_read+0x11/0x20 [ 47.506112][ T522] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 47.511927][ T522] do_syscall_64+0x3d/0xb0 [ 47.516180][ T522] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.521910][ T522] RIP: 0033:0x7fee0c2830a9 [ 47.526162][ T522] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 47.545605][ T522] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 47.553854][ T522] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [pid 522] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 521] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 522] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 522] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 522] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] close(3) = 0 [pid 521] close(4) = -1 EBADF (Bad file descriptor) [pid 521] close(5) = -1 EBADF (Bad file descriptor) [pid 521] close(6) = -1 EBADF (Bad file descriptor) [pid 521] close(7) = -1 EBADF (Bad file descriptor) [pid 521] close(8) = -1 EBADF (Bad file descriptor) [pid 521] close(9) = -1 EBADF (Bad file descriptor) [pid 521] close(10) = -1 EBADF (Bad file descriptor) [pid 521] close(11) = -1 EBADF (Bad file descriptor) [pid 521] close(12) = -1 EBADF (Bad file descriptor) [pid 521] close(13) = -1 EBADF (Bad file descriptor) [pid 521] close(14) = -1 EBADF (Bad file descriptor) [pid 521] close(15) = -1 EBADF (Bad file descriptor) [pid 521] close(16) = -1 EBADF (Bad file descriptor) [pid 521] close(17) = -1 EBADF (Bad file descriptor) [pid 521] close(18) = -1 EBADF (Bad file descriptor) [pid 521] close(19) = -1 EBADF (Bad file descriptor) [pid 521] close(20) = -1 EBADF (Bad file descriptor) [pid 521] close(21) = -1 EBADF (Bad file descriptor) [pid 521] close(22) = -1 EBADF (Bad file descriptor) [pid 521] close(23) = -1 EBADF (Bad file descriptor) [pid 521] close(24) = -1 EBADF (Bad file descriptor) [pid 521] close(25) = -1 EBADF (Bad file descriptor) [pid 521] close(26) = -1 EBADF (Bad file descriptor) [pid 521] close(27) = -1 EBADF (Bad file descriptor) [pid 521] close(28) = -1 EBADF (Bad file descriptor) [pid 521] close(29) = -1 EBADF (Bad file descriptor) [pid 521] exit_group(0 [pid 522] <... futex resumed>) = ? [pid 521] <... exit_group resumed>) = ? [pid 522] +++ exited with 0 +++ [pid 521] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=202, si_uid=0, si_status=0, si_utime=0, si_stime=22} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 204 ./strace-static-x86_64: Process 524 attached [pid 524] set_robust_list(0x5555560296a0, 24) = 0 [pid 524] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 524] setpgid(0, 0) = 0 [pid 524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 524] write(3, "1000", 4) = 4 [pid 524] close(3) = 0 [pid 524] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 524] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 524] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 524] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 524] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 524] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 524] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[205]}, 88) = 205 [pid 524] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 524] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 524] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 525 attached [pid 525] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 525] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 525] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 525] write(3, "65", 2) = 2 [ 47.561657][ T522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 47.569486][ T522] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 47.577280][ T522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 47.585099][ T522] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 47.592915][ T522] [ 47.608079][ T525] FAULT_INJECTION: forcing a failure. [ 47.608079][ T525] name failslab, interval 1, probability 0, space 0, times 0 [ 47.620497][ T525] CPU: 0 PID: 525 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 47.630539][ T525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 47.640524][ T525] Call Trace: [ 47.643647][ T525] [ 47.646432][ T525] dump_stack_lvl+0x151/0x1b7 [ 47.650939][ T525] ? io_uring_drop_tctx_refs+0x190/0x190 [ 47.656406][ T525] ? dup_userfaultfd_complete+0x295/0x2f0 [ 47.661960][ T525] ? dup_userfaultfd+0x5d0/0x5d0 [ 47.666730][ T525] dump_stack+0x15/0x17 [ 47.670898][ T525] should_fail+0x3c6/0x510 [ 47.675151][ T525] __should_failslab+0xa4/0xe0 [ 47.679834][ T525] ? create_new_namespaces+0x34/0x670 [ 47.685128][ T525] should_failslab+0x9/0x20 [ 47.689473][ T525] slab_pre_alloc_hook+0x37/0xd0 [ 47.694336][ T525] ? create_new_namespaces+0x34/0x670 [ 47.699545][ T525] kmem_cache_alloc+0x44/0x200 [ 47.704147][ T525] ? cap_capable+0x1d2/0x270 [ 47.708569][ T525] create_new_namespaces+0x34/0x670 [ 47.713692][ T525] ? security_capable+0x87/0xb0 [ 47.718378][ T525] ? ns_capable+0x89/0xe0 [ 47.722553][ T525] copy_namespaces+0x1d1/0x220 [ 47.727146][ T525] copy_process+0x12e7/0x3260 [ 47.731661][ T525] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 47.736603][ T525] ? __kasan_check_write+0x14/0x20 [ 47.741559][ T525] kernel_clone+0x21e/0x9e0 [ 47.745927][ T525] ? _raw_spin_unlock_irq+0x4e/0x70 [ 47.750924][ T525] ? create_io_thread+0x1e0/0x1e0 [ 47.755788][ T525] __x64_sys_clone+0x23f/0x290 [ 47.760387][ T525] ? __do_sys_vfork+0x130/0x130 [ 47.765079][ T525] ? __kasan_check_read+0x11/0x20 [ 47.769933][ T525] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 47.775840][ T525] do_syscall_64+0x3d/0xb0 [ 47.780118][ T525] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.785814][ T525] RIP: 0033:0x7fee0c2830a9 [ 47.790069][ T525] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 525] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 524] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 525] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 525] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 525] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 524] close(3) = 0 [pid 524] close(4) = -1 EBADF (Bad file descriptor) [pid 524] close(5) = -1 EBADF (Bad file descriptor) [pid 524] close(6) = -1 EBADF (Bad file descriptor) [pid 524] close(7) = -1 EBADF (Bad file descriptor) [pid 524] close(8) = -1 EBADF (Bad file descriptor) [pid 524] close(9) = -1 EBADF (Bad file descriptor) [pid 524] close(10) = -1 EBADF (Bad file descriptor) [pid 524] close(11) = -1 EBADF (Bad file descriptor) [pid 524] close(12) = -1 EBADF (Bad file descriptor) [pid 524] close(13) = -1 EBADF (Bad file descriptor) [pid 524] close(14) = -1 EBADF (Bad file descriptor) [pid 524] close(15) = -1 EBADF (Bad file descriptor) [pid 524] close(16) = -1 EBADF (Bad file descriptor) [pid 524] close(17) = -1 EBADF (Bad file descriptor) [pid 524] close(18) = -1 EBADF (Bad file descriptor) [pid 524] close(19) = -1 EBADF (Bad file descriptor) [pid 524] close(20) = -1 EBADF (Bad file descriptor) [pid 524] close(21) = -1 EBADF (Bad file descriptor) [pid 524] close(22) = -1 EBADF (Bad file descriptor) [pid 524] close(23) = -1 EBADF (Bad file descriptor) [pid 524] close(24) = -1 EBADF (Bad file descriptor) [pid 524] close(25) = -1 EBADF (Bad file descriptor) [pid 524] close(26) = -1 EBADF (Bad file descriptor) [pid 524] close(27) = -1 EBADF (Bad file descriptor) [pid 524] close(28) = -1 EBADF (Bad file descriptor) [pid 524] close(29) = -1 EBADF (Bad file descriptor) [pid 524] exit_group(0) = ? [pid 525] <... futex resumed>) = ? [pid 525] +++ exited with 0 +++ [pid 524] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=204, si_uid=0, si_status=0, si_utime=0, si_stime=22} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 526 attached , child_tidptr=0x555556029690) = 206 [pid 526] set_robust_list(0x5555560296a0, 24) = 0 [pid 526] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 526] setpgid(0, 0) = 0 [pid 526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 526] write(3, "1000", 4) = 4 [pid 526] close(3) = 0 [pid 526] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 526] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 526] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 526] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 526] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 526] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 526] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 526] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[207]}, 88) = 207 ./strace-static-x86_64: Process 527 attached [pid 526] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 526] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 526] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 527] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 527] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 527] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 527] write(3, "65", 2) = 2 [ 47.809508][ T525] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 47.817848][ T525] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 47.825744][ T525] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 47.833563][ T525] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 47.841361][ T525] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 47.849171][ T525] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 47.856998][ T525] [ 47.871159][ T527] FAULT_INJECTION: forcing a failure. [ 47.871159][ T527] name failslab, interval 1, probability 0, space 0, times 0 [ 47.884473][ T527] CPU: 0 PID: 527 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 47.894532][ T527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 47.904512][ T527] Call Trace: [ 47.907639][ T527] [ 47.910501][ T527] dump_stack_lvl+0x151/0x1b7 [ 47.915014][ T527] ? io_uring_drop_tctx_refs+0x190/0x190 [ 47.920482][ T527] ? dup_userfaultfd_complete+0x295/0x2f0 [ 47.926044][ T527] ? dup_userfaultfd+0x5d0/0x5d0 [ 47.930838][ T527] dump_stack+0x15/0x17 [ 47.934803][ T527] should_fail+0x3c6/0x510 [ 47.939058][ T527] __should_failslab+0xa4/0xe0 [ 47.943654][ T527] ? create_new_namespaces+0x34/0x670 [ 47.948954][ T527] should_failslab+0x9/0x20 [ 47.953288][ T527] slab_pre_alloc_hook+0x37/0xd0 [ 47.958062][ T527] ? create_new_namespaces+0x34/0x670 [ 47.963269][ T527] kmem_cache_alloc+0x44/0x200 [ 47.967959][ T527] ? cap_capable+0x1d2/0x270 [ 47.972388][ T527] create_new_namespaces+0x34/0x670 [ 47.977684][ T527] ? security_capable+0x87/0xb0 [ 47.982450][ T527] ? ns_capable+0x89/0xe0 [ 47.986616][ T527] copy_namespaces+0x1d1/0x220 [ 47.991213][ T527] copy_process+0x12e7/0x3260 [ 47.995816][ T527] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 48.000761][ T527] ? __kasan_check_write+0x14/0x20 [ 48.005711][ T527] kernel_clone+0x21e/0x9e0 [ 48.010055][ T527] ? _raw_spin_unlock_irq+0x4e/0x70 [ 48.015085][ T527] ? create_io_thread+0x1e0/0x1e0 [ 48.019945][ T527] __x64_sys_clone+0x23f/0x290 [ 48.024543][ T527] ? __do_sys_vfork+0x130/0x130 [ 48.029231][ T527] ? __kasan_check_read+0x11/0x20 [ 48.034094][ T527] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 48.039904][ T527] do_syscall_64+0x3d/0xb0 [ 48.044158][ T527] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.049886][ T527] RIP: 0033:0x7fee0c2830a9 [ 48.054144][ T527] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 48.074014][ T527] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 48.082266][ T527] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 48.090156][ T527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 48.098061][ T527] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 48.105867][ T527] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 48.113678][ T527] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 527] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 526] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 527] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 527] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 526] close(3) = 0 [pid 526] close(4) = -1 EBADF (Bad file descriptor) [pid 526] close(5) = -1 EBADF (Bad file descriptor) [pid 526] close(6) = -1 EBADF (Bad file descriptor) [pid 526] close(7) = -1 EBADF (Bad file descriptor) [pid 526] close(8) = -1 EBADF (Bad file descriptor) [pid 526] close(9) = -1 EBADF (Bad file descriptor) [pid 526] close(10) = -1 EBADF (Bad file descriptor) [pid 526] close(11) = -1 EBADF (Bad file descriptor) [pid 526] close(12) = -1 EBADF (Bad file descriptor) [pid 526] close(13) = -1 EBADF (Bad file descriptor) [pid 526] close(14) = -1 EBADF (Bad file descriptor) [pid 526] close(15) = -1 EBADF (Bad file descriptor) [pid 526] close(16) = -1 EBADF (Bad file descriptor) [pid 526] close(17) = -1 EBADF (Bad file descriptor) [pid 526] close(18) = -1 EBADF (Bad file descriptor) [pid 526] close(19) = -1 EBADF (Bad file descriptor) [pid 526] close(20) = -1 EBADF (Bad file descriptor) [pid 526] close(21) = -1 EBADF (Bad file descriptor) [pid 526] close(22) = -1 EBADF (Bad file descriptor) [pid 526] close(23) = -1 EBADF (Bad file descriptor) [pid 526] close(24) = -1 EBADF (Bad file descriptor) [pid 526] close(25) = -1 EBADF (Bad file descriptor) [pid 526] close(26) = -1 EBADF (Bad file descriptor) [pid 526] close(27) = -1 EBADF (Bad file descriptor) [pid 526] close(28) = -1 EBADF (Bad file descriptor) [pid 526] close(29) = -1 EBADF (Bad file descriptor) [pid 526] exit_group(0) = ? [pid 527] <... futex resumed>) = ? [pid 527] +++ exited with 0 +++ [pid 526] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=206, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 208 ./strace-static-x86_64: Process 528 attached [pid 528] set_robust_list(0x5555560296a0, 24) = 0 [pid 528] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 528] setpgid(0, 0) = 0 [pid 528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 528] write(3, "1000", 4) = 4 [pid 528] close(3) = 0 [pid 528] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 528] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 528] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 528] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 528] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 528] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 528] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0}./strace-static-x86_64: Process 529 attached [pid 529] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 529] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 529] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] <... clone3 resumed> => {parent_tid=[209]}, 88) = 209 [pid 528] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 528] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 528] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] <... futex resumed>) = 0 [pid 529] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 529] write(3, "65", 2) = 2 [ 48.121493][ T527] [ 48.138894][ T529] FAULT_INJECTION: forcing a failure. [ 48.138894][ T529] name failslab, interval 1, probability 0, space 0, times 0 [ 48.151373][ T529] CPU: 1 PID: 529 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 48.161458][ T529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [pid 529] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 528] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 48.171336][ T529] Call Trace: [ 48.174892][ T529] [ 48.177678][ T529] dump_stack_lvl+0x151/0x1b7 [ 48.182185][ T529] ? io_uring_drop_tctx_refs+0x190/0x190 [ 48.187655][ T529] dump_stack+0x15/0x17 [ 48.191641][ T529] should_fail+0x3c6/0x510 [ 48.195895][ T529] __should_failslab+0xa4/0xe0 [ 48.200497][ T529] ? vm_area_dup+0x26/0x230 [ 48.204859][ T529] should_failslab+0x9/0x20 [ 48.209184][ T529] slab_pre_alloc_hook+0x37/0xd0 [ 48.213948][ T529] ? vm_area_dup+0x26/0x230 [ 48.218286][ T529] kmem_cache_alloc+0x44/0x200 [ 48.222889][ T529] vm_area_dup+0x26/0x230 [ 48.227051][ T529] copy_mm+0x9a1/0x13e0 [ 48.231047][ T529] ? copy_signal+0x610/0x610 [ 48.235469][ T529] ? __init_rwsem+0xd6/0x1c0 [ 48.239897][ T529] ? copy_signal+0x4e3/0x610 [ 48.244325][ T529] copy_process+0x12bc/0x3260 [ 48.248839][ T529] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 48.253787][ T529] ? __kasan_check_write+0x14/0x20 [ 48.258735][ T529] kernel_clone+0x21e/0x9e0 [ 48.263072][ T529] ? _raw_spin_unlock_irq+0x4e/0x70 [ 48.268135][ T529] ? create_io_thread+0x1e0/0x1e0 [ 48.272967][ T529] __x64_sys_clone+0x23f/0x290 [ 48.277566][ T529] ? __do_sys_vfork+0x130/0x130 [ 48.282253][ T529] ? __kasan_check_read+0x11/0x20 [ 48.287110][ T529] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 48.292926][ T529] do_syscall_64+0x3d/0xb0 [ 48.297183][ T529] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.302914][ T529] RIP: 0033:0x7fee0c2830a9 [ 48.307163][ T529] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 48.326622][ T529] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 48.334851][ T529] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 48.343352][ T529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 48.351174][ T529] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 48.358977][ T529] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [pid 529] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 529] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 529] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] close(3) = 0 [pid 528] close(4) = -1 EBADF (Bad file descriptor) [pid 528] close(5) = -1 EBADF (Bad file descriptor) [pid 528] close(6) = -1 EBADF (Bad file descriptor) [pid 528] close(7) = -1 EBADF (Bad file descriptor) [pid 528] close(8) = -1 EBADF (Bad file descriptor) [pid 528] close(9) = -1 EBADF (Bad file descriptor) [pid 528] close(10) = -1 EBADF (Bad file descriptor) [pid 528] close(11) = -1 EBADF (Bad file descriptor) [pid 528] close(12) = -1 EBADF (Bad file descriptor) [pid 528] close(13) = -1 EBADF (Bad file descriptor) [pid 528] close(14) = -1 EBADF (Bad file descriptor) [pid 528] close(15) = -1 EBADF (Bad file descriptor) [pid 528] close(16) = -1 EBADF (Bad file descriptor) [pid 528] close(17) = -1 EBADF (Bad file descriptor) [pid 528] close(18) = -1 EBADF (Bad file descriptor) [pid 528] close(19) = -1 EBADF (Bad file descriptor) [pid 528] close(20) = -1 EBADF (Bad file descriptor) [pid 528] close(21) = -1 EBADF (Bad file descriptor) [pid 528] close(22) = -1 EBADF (Bad file descriptor) [pid 528] close(23) = -1 EBADF (Bad file descriptor) [pid 528] close(24) = -1 EBADF (Bad file descriptor) [pid 528] close(25) = -1 EBADF (Bad file descriptor) [pid 528] close(26) = -1 EBADF (Bad file descriptor) [pid 528] close(27) = -1 EBADF (Bad file descriptor) [pid 528] close(28) = -1 EBADF (Bad file descriptor) [pid 528] close(29) = -1 EBADF (Bad file descriptor) [pid 528] exit_group(0 [pid 529] <... futex resumed>) = ? [pid 528] <... exit_group resumed>) = ? [pid 529] +++ exited with 0 +++ [pid 528] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=208, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 530 attached , child_tidptr=0x555556029690) = 210 [pid 530] set_robust_list(0x5555560296a0, 24) = 0 [pid 530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 530] setpgid(0, 0) = 0 [pid 530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 530] write(3, "1000", 4) = 4 [pid 530] close(3) = 0 [pid 530] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 530] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 530] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 530] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 530] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 530] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 530] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[211]}, 88) = 211 [pid 530] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 530] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 531 attached [pid 531] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 531] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 531] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 531] write(3, "65", 2) = 2 [ 48.366786][ T529] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 48.374600][ T529] [ 48.388939][ T531] FAULT_INJECTION: forcing a failure. [ 48.388939][ T531] name failslab, interval 1, probability 0, space 0, times 0 [ 48.401521][ T531] CPU: 1 PID: 531 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 48.411553][ T531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 48.421449][ T531] Call Trace: [ 48.424575][ T531] [ 48.427352][ T531] dump_stack_lvl+0x151/0x1b7 [ 48.431863][ T531] ? io_uring_drop_tctx_refs+0x190/0x190 [ 48.437331][ T531] dump_stack+0x15/0x17 [ 48.441323][ T531] should_fail+0x3c6/0x510 [ 48.445574][ T531] __should_failslab+0xa4/0xe0 [ 48.450175][ T531] ? anon_vma_clone+0x9a/0x500 [ 48.454773][ T531] should_failslab+0x9/0x20 [ 48.459115][ T531] slab_pre_alloc_hook+0x37/0xd0 [ 48.463888][ T531] ? anon_vma_clone+0x9a/0x500 [ 48.468489][ T531] kmem_cache_alloc+0x44/0x200 [ 48.473087][ T531] anon_vma_clone+0x9a/0x500 [ 48.477515][ T531] anon_vma_fork+0x91/0x4e0 [ 48.481871][ T531] ? anon_vma_name+0x4c/0x70 [ 48.486291][ T531] ? vm_area_dup+0x17a/0x230 [ 48.490707][ T531] copy_mm+0xa3a/0x13e0 [ 48.494701][ T531] ? copy_signal+0x610/0x610 [ 48.499136][ T531] ? __init_rwsem+0xd6/0x1c0 [ 48.503553][ T531] ? copy_signal+0x4e3/0x610 [ 48.507981][ T531] copy_process+0x12bc/0x3260 [ 48.512492][ T531] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 48.517439][ T531] ? __kasan_check_write+0x14/0x20 [ 48.522388][ T531] kernel_clone+0x21e/0x9e0 [ 48.526723][ T531] ? _raw_spin_unlock_irq+0x4e/0x70 [ 48.531759][ T531] ? create_io_thread+0x1e0/0x1e0 [ 48.536620][ T531] __x64_sys_clone+0x23f/0x290 [ 48.541243][ T531] ? __do_sys_vfork+0x130/0x130 [ 48.546013][ T531] ? __kasan_check_read+0x11/0x20 [ 48.550857][ T531] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 48.556668][ T531] do_syscall_64+0x3d/0xb0 [ 48.560921][ T531] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.566647][ T531] RIP: 0033:0x7fee0c2830a9 [ 48.570905][ T531] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 48.590690][ T531] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 48.598938][ T531] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 48.606750][ T531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 48.614647][ T531] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [pid 531] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 530] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 531] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 531] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 531] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 530] close(3) = 0 [pid 530] close(4) = -1 EBADF (Bad file descriptor) [pid 530] close(5) = -1 EBADF (Bad file descriptor) [pid 530] close(6) = -1 EBADF (Bad file descriptor) [pid 530] close(7) = -1 EBADF (Bad file descriptor) [pid 530] close(8) = -1 EBADF (Bad file descriptor) [pid 530] close(9) = -1 EBADF (Bad file descriptor) [pid 530] close(10) = -1 EBADF (Bad file descriptor) [pid 530] close(11) = -1 EBADF (Bad file descriptor) [pid 530] close(12) = -1 EBADF (Bad file descriptor) [pid 530] close(13) = -1 EBADF (Bad file descriptor) [pid 530] close(14) = -1 EBADF (Bad file descriptor) [pid 530] close(15) = -1 EBADF (Bad file descriptor) [pid 530] close(16) = -1 EBADF (Bad file descriptor) [pid 530] close(17) = -1 EBADF (Bad file descriptor) [pid 530] close(18) = -1 EBADF (Bad file descriptor) [pid 530] close(19) = -1 EBADF (Bad file descriptor) [pid 530] close(20) = -1 EBADF (Bad file descriptor) [pid 530] close(21) = -1 EBADF (Bad file descriptor) [pid 530] close(22) = -1 EBADF (Bad file descriptor) [pid 530] close(23) = -1 EBADF (Bad file descriptor) [pid 530] close(24) = -1 EBADF (Bad file descriptor) [pid 530] close(25) = -1 EBADF (Bad file descriptor) [pid 530] close(26) = -1 EBADF (Bad file descriptor) [pid 530] close(27) = -1 EBADF (Bad file descriptor) [pid 530] close(28) = -1 EBADF (Bad file descriptor) [pid 530] close(29) = -1 EBADF (Bad file descriptor) [pid 530] exit_group(0) = ? [pid 531] <... futex resumed>) = ? [pid 531] +++ exited with 0 +++ [pid 530] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=210, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 533 attached [pid 533] set_robust_list(0x5555560296a0, 24 [pid 294] <... clone resumed>, child_tidptr=0x555556029690) = 212 [pid 533] <... set_robust_list resumed>) = 0 [pid 533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 533] setpgid(0, 0) = 0 [pid 533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 533] write(3, "1000", 4) = 4 [pid 533] close(3) = 0 [pid 533] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 533] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 533] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 533] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 533] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 533] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 533] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 533] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[213]}, 88) = 213 [pid 533] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 533] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 533] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 534 attached [pid 534] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 534] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 534] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 534] write(3, "65", 2) = 2 [ 48.622455][ T531] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 48.630302][ T531] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 48.638093][ T531] [pid 534] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 533] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 48.674675][ T534] FAULT_INJECTION: forcing a failure. [ 48.674675][ T534] name failslab, interval 1, probability 0, space 0, times 0 [ 48.687283][ T534] CPU: 0 PID: 534 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 48.697421][ T534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 48.707316][ T534] Call Trace: [ 48.710449][ T534] [ 48.713303][ T534] dump_stack_lvl+0x151/0x1b7 [ 48.717817][ T534] ? io_uring_drop_tctx_refs+0x190/0x190 [ 48.723382][ T534] dump_stack+0x15/0x17 [ 48.727368][ T534] should_fail+0x3c6/0x510 [ 48.731625][ T534] __should_failslab+0xa4/0xe0 [ 48.736221][ T534] ? anon_vma_clone+0x9a/0x500 [ 48.740817][ T534] should_failslab+0x9/0x20 [ 48.745157][ T534] slab_pre_alloc_hook+0x37/0xd0 [ 48.749928][ T534] ? anon_vma_clone+0x9a/0x500 [ 48.754528][ T534] kmem_cache_alloc+0x44/0x200 [ 48.759127][ T534] anon_vma_clone+0x9a/0x500 [ 48.763566][ T534] anon_vma_fork+0x91/0x4e0 [ 48.767894][ T534] ? anon_vma_name+0x4c/0x70 [ 48.772319][ T534] ? vm_area_dup+0x17a/0x230 [ 48.776747][ T534] copy_mm+0xa3a/0x13e0 [ 48.780741][ T534] ? copy_signal+0x610/0x610 [ 48.785166][ T534] ? __init_rwsem+0xd6/0x1c0 [ 48.789590][ T534] ? copy_signal+0x4e3/0x610 [ 48.794025][ T534] copy_process+0x12bc/0x3260 [ 48.798539][ T534] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 48.803477][ T534] ? __kasan_check_write+0x14/0x20 [ 48.808424][ T534] kernel_clone+0x21e/0x9e0 [ 48.812767][ T534] ? _raw_spin_unlock_irq+0x4e/0x70 [ 48.817798][ T534] ? create_io_thread+0x1e0/0x1e0 [ 48.822664][ T534] __x64_sys_clone+0x23f/0x290 [ 48.827265][ T534] ? __do_sys_vfork+0x130/0x130 [ 48.831945][ T534] ? __kasan_check_read+0x11/0x20 [ 48.836825][ T534] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 48.842621][ T534] do_syscall_64+0x3d/0xb0 [ 48.846875][ T534] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.852602][ T534] RIP: 0033:0x7fee0c2830a9 [ 48.856868][ T534] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 48.876318][ T534] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 48.884544][ T534] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 48.892351][ T534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 48.900163][ T534] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 48.907972][ T534] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 48.915787][ T534] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [pid 534] <... clone resumed>, child_tidptr=NULL) = -1 EINVAL (Invalid argument) [pid 534] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] close(3) = 0 [pid 533] close(4) = -1 EBADF (Bad file descriptor) [pid 533] close(5) = -1 EBADF (Bad file descriptor) [pid 533] close(6) = -1 EBADF (Bad file descriptor) [pid 533] close(7) = -1 EBADF (Bad file descriptor) [pid 533] close(8) = -1 EBADF (Bad file descriptor) [pid 533] close(9) = -1 EBADF (Bad file descriptor) [pid 533] close(10) = -1 EBADF (Bad file descriptor) [pid 533] close(11) = -1 EBADF (Bad file descriptor) [pid 533] close(12) = -1 EBADF (Bad file descriptor) [pid 533] close(13) = -1 EBADF (Bad file descriptor) [pid 533] close(14) = -1 EBADF (Bad file descriptor) [pid 533] close(15) = -1 EBADF (Bad file descriptor) [pid 533] close(16) = -1 EBADF (Bad file descriptor) [pid 533] close(17) = -1 EBADF (Bad file descriptor) [pid 533] close(18) = -1 EBADF (Bad file descriptor) [pid 533] close(19) = -1 EBADF (Bad file descriptor) [pid 533] close(20) = -1 EBADF (Bad file descriptor) [pid 533] close(21) = -1 EBADF (Bad file descriptor) [pid 533] close(22) = -1 EBADF (Bad file descriptor) [pid 533] close(23) = -1 EBADF (Bad file descriptor) [pid 533] close(24) = -1 EBADF (Bad file descriptor) [pid 533] close(25) = -1 EBADF (Bad file descriptor) [pid 533] close(26) = -1 EBADF (Bad file descriptor) [pid 533] close(27) = -1 EBADF (Bad file descriptor) [pid 533] close(28) = -1 EBADF (Bad file descriptor) [pid 533] close(29) = -1 EBADF (Bad file descriptor) [pid 533] exit_group(0) = ? [pid 534] <... futex resumed>) = ? [pid 534] +++ exited with 0 +++ [pid 533] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=212, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556029690) = 214 ./strace-static-x86_64: Process 535 attached [pid 535] set_robust_list(0x5555560296a0, 24) = 0 [pid 535] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 535] setpgid(0, 0) = 0 [pid 535] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 535] write(3, "1000", 4) = 4 [pid 535] close(3) = 0 [pid 535] read(200, 0x7ffd661f1160, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 535] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 535] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c2aacb0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c29c330}, NULL, 8) = 0 [pid 535] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 535] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c223000 [pid 535] mprotect(0x7fee0c224000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 535] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 535] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c243990, parent_tid=0x7fee0c243990, exit_signal=0, stack=0x7fee0c223000, stack_size=0x20300, tls=0x7fee0c2436c0} => {parent_tid=[215]}, 88) = 215 [pid 535] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 535] futex(0x7fee0c30d3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 535] futex(0x7fee0c30d3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 536 attached [pid 536] set_robust_list(0x7fee0c2439a0, 24) = 0 [pid 536] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 536] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 536] write(3, "65", 2) = 2 [ 48.923598][ T534] [ 48.936883][ T536] FAULT_INJECTION: forcing a failure. [ 48.936883][ T536] name failslab, interval 1, probability 0, space 0, times 0 [ 48.949463][ T536] CPU: 0 PID: 536 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 48.959445][ T536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 48.969341][ T536] Call Trace: [ 48.972464][ T536] [pid 536] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_PARENT|CLONE_NEWNS|CLONE_CHILD_CLEARTID|CLONE_NEWUTS|CLONE_NEWIPC [pid 535] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 48.975243][ T536] dump_stack_lvl+0x151/0x1b7 [ 48.979760][ T536] ? io_uring_drop_tctx_refs+0x190/0x190 [ 48.985226][ T536] dump_stack+0x15/0x17 [ 48.989216][ T536] should_fail+0x3c6/0x510 [ 48.993467][ T536] __should_failslab+0xa4/0xe0 [ 48.998067][ T536] ? anon_vma_fork+0x1df/0x4e0 [ 49.002670][ T536] should_failslab+0x9/0x20 [ 49.007008][ T536] slab_pre_alloc_hook+0x37/0xd0 [ 49.011780][ T536] ? anon_vma_fork+0x1df/0x4e0 [ 49.016388][ T536] kmem_cache_alloc+0x44/0x200 [ 49.020982][ T536] anon_vma_fork+0x1df/0x4e0 [ 49.025409][ T536] copy_mm+0xa3a/0x13e0 [ 49.029400][ T536] ? copy_signal+0x610/0x610 [ 49.033827][ T536] ? __init_rwsem+0xd6/0x1c0 [ 49.038250][ T536] ? copy_signal+0x4e3/0x610 [ 49.042678][ T536] copy_process+0x12bc/0x3260 [ 49.047318][ T536] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 49.052257][ T536] ? __kasan_check_write+0x14/0x20 [ 49.057814][ T536] kernel_clone+0x21e/0x9e0 [ 49.062149][ T536] ? _raw_spin_unlock_irq+0x4e/0x70 [ 49.067186][ T536] ? create_io_thread+0x1e0/0x1e0 [ 49.072045][ T536] __x64_sys_clone+0x23f/0x290 [ 49.076647][ T536] ? __do_sys_vfork+0x130/0x130 [ 49.081329][ T536] ? __kasan_check_read+0x11/0x20 [ 49.086189][ T536] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 49.092010][ T536] do_syscall_64+0x3d/0xb0 [ 49.096257][ T536] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 49.101985][ T536] RIP: 0033:0x7fee0c2830a9 [ 49.106240][ T536] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 49.125682][ T536] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 49.133930][ T536] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 49.141823][ T536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 49.149721][ T536] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 49.157618][ T536] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 49.165435][ T536] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 49.173248][ T536] [ 49.176520][ T536] ================================================================== [ 49.184386][ T536] BUG: KASAN: double-free or invalid-free in kfree+0xc8/0x220 [ 49.191673][ T536] [ 49.193843][ T536] CPU: 0 PID: 536 Comm: syz-executor879 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 49.203909][ T536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 49.213820][ T536] Call Trace: [ 49.216929][ T536] [ 49.219705][ T536] dump_stack_lvl+0x151/0x1b7 [ 49.224221][ T536] ? io_uring_drop_tctx_refs+0x190/0x190 [ 49.229696][ T536] ? __wake_up_klogd+0xd5/0x110 [ 49.234382][ T536] ? panic+0x751/0x751 [ 49.238281][ T536] ? kfree+0xc8/0x220 [ 49.242102][ T536] print_address_description+0x87/0x3b0 [ 49.247483][ T536] ? kfree+0xc8/0x220 [ 49.251302][ T536] ? kfree+0xc8/0x220 [ 49.255212][ T536] kasan_report_invalid_free+0x6b/0xa0 [ 49.260499][ T536] ____kasan_slab_free+0x13e/0x160 [ 49.265567][ T536] __kasan_slab_free+0x11/0x20 [ 49.270133][ T536] slab_free_freelist_hook+0xbd/0x190 [ 49.275428][ T536] ? anon_vma_name_free+0x15/0x20 [ 49.280290][ T536] kfree+0xc8/0x220 [ 49.283939][ T536] anon_vma_name_free+0x15/0x20 [ 49.288626][ T536] vm_area_free_no_check+0xa6/0x130 [ 49.293652][ T536] copy_mm+0xefb/0x13e0 [ 49.297646][ T536] ? copy_signal+0x610/0x610 [ 49.302249][ T536] ? __init_rwsem+0xd6/0x1c0 [ 49.306670][ T536] ? copy_signal+0x4e3/0x610 [ 49.311098][ T536] copy_process+0x12bc/0x3260 [ 49.315623][ T536] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 49.320558][ T536] ? __kasan_check_write+0x14/0x20 [ 49.325513][ T536] kernel_clone+0x21e/0x9e0 [ 49.329846][ T536] ? _raw_spin_unlock_irq+0x4e/0x70 [ 49.334878][ T536] ? create_io_thread+0x1e0/0x1e0 [ 49.339740][ T536] __x64_sys_clone+0x23f/0x290 [ 49.344336][ T536] ? __do_sys_vfork+0x130/0x130 [ 49.349025][ T536] ? __kasan_check_read+0x11/0x20 [ 49.353883][ T536] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 49.359698][ T536] do_syscall_64+0x3d/0xb0 [ 49.364127][ T536] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 49.369854][ T536] RIP: 0033:0x7fee0c2830a9 [ 49.374109][ T536] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 49.393549][ T536] RSP: 002b:00007fee0c243208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 49.401802][ T536] RAX: ffffffffffffffda RBX: 00007fee0c30d3c8 RCX: 00007fee0c2830a9 [ 49.409604][ T536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c22a000 [ 49.417416][ T536] RBP: 00007fee0c30d3c0 R08: 0000000000000000 R09: 0000000000003536 [ 49.425232][ T536] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c30d3cc [ 49.433036][ T536] R13: 00007fee0c243210 R14: 0000000000000002 R15: 00007fee0c2da01d [ 49.440860][ T536] [ 49.443714][ T536] [ 49.445882][ T536] Allocated by task 293: [ 49.449963][ T536] __kasan_slab_alloc+0xb1/0xe0 [ 49.454647][ T536] slab_post_alloc_hook+0x53/0x2c0 [ 49.459598][ T536] kmem_cache_alloc+0xf5/0x200 [ 49.464195][ T536] vm_area_dup+0x26/0x230 [ 49.468536][ T536] copy_mm+0x9a1/0x13e0 [ 49.472535][ T536] copy_process+0x12bc/0x3260 [ 49.477039][ T536] kernel_clone+0x21e/0x9e0 [ 49.481385][ T536] __x64_sys_clone+0x23f/0x290 [ 49.485983][ T536] do_syscall_64+0x3d/0xb0 [ 49.490232][ T536] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 49.495970][ T536] [ 49.498131][ T536] The buggy address belongs to the object at ffff88811e39bcb8 [ 49.498131][ T536] which belongs to the cache vm_area_struct of size 232 [ 49.512279][ T536] The buggy address is located 88 bytes inside of [ 49.512279][ T536] 232-byte region [ffff88811e39bcb8, ffff88811e39bda0) [ 49.525304][ T536] The buggy address belongs to the page: [ 49.530778][ T536] page:ffffea000478e6c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e39b [ 49.540921][ T536] flags: 0x4000000000000200(slab|zone=1) [ 49.546395][ T536] raw: 4000000000000200 0000000000000000 dead000000000122 ffff8881001bcc00 [ 49.554815][ T536] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000 [ 49.563237][ T536] page dumped because: kasan: bad access detected [ 49.569579][ T536] page_owner tracks the page as allocated [ 49.575123][ T536] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 293, ts 20039928153, free_ts 20039781217 [ 49.590915][ T536] post_alloc_hook+0x1a3/0x1b0 [ 49.595600][ T536] prep_new_page+0x1b/0x110 [ 49.599938][ T536] get_page_from_freelist+0x3550/0x35d0 [ 49.605318][ T536] __alloc_pages+0x206/0x5e0 [ 49.609744][ T536] new_slab+0x9a/0x4e0 [ 49.613655][ T536] ___slab_alloc+0x39e/0x830 [ 49.618079][ T536] __slab_alloc+0x4a/0x90 [ 49.622242][ T536] kmem_cache_alloc+0x134/0x200 [ 49.626937][ T536] vm_area_alloc+0x24/0x130 [ 49.631270][ T536] __install_special_mapping+0x36/0x380 [ 49.636651][ T536] _install_special_mapping+0x3c/0x50 [ 49.641961][ T536] map_vdso+0x175/0x310 [ 49.646033][ T536] arch_setup_additional_pages+0x118/0x130 [ 49.651673][ T536] load_elf_binary+0x1e12/0x2750 [ 49.656458][ T536] bprm_execve+0x7ae/0x14a0 [ 49.660800][ T536] do_execveat_common+0x565/0x710 [ 49.665652][ T536] page last free stack trace: [ 49.670166][ T536] free_unref_page_prepare+0x7c8/0x7d0 [ 49.675539][ T536] free_unref_page_list+0x14b/0xa60 [ 49.680578][ T536] release_pages+0x1310/0x1370 [ 49.685175][ T536] free_pages_and_swap_cache+0x8a/0xa0 [ 49.690470][ T536] tlb_finish_mmu+0x177/0x320 [ 49.695018][ T536] exit_mmap+0x3ef/0x6f0 [ 49.699061][ T536] __mmput+0x95/0x310 [ 49.702883][ T536] mmput+0x5b/0x170 [ 49.706523][ T536] exec_mmap+0x46b/0x510 [ 49.710604][ T536] begin_new_exec+0xbbc/0x1ed0 [ 49.715203][ T536] load_elf_binary+0x945/0x2750 [ 49.719888][ T536] bprm_execve+0x7ae/0x14a0 [ 49.724229][ T536] do_execveat_common+0x565/0x710 [ 49.729097][ T536] __x64_sys_execve+0x92/0xb0 [ 49.733694][ T536] do_syscall_64+0x3d/0xb0 [ 49.737956][ T536] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 49.743673][ T536] [ 49.745841][ T536] Memory state around the buggy address: [ 49.751314][ T536] ffff88811e39bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 49.759210][ T536] ffff88811e39bc80: fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 [ 49.767107][ T536] >ffff88811e39bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.775005][ T536] ^ [pid 536] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 536] futex(0x7fee0c30d3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 536] futex(0x7fee0c30d3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 535] close(3) = 0 [pid 535] close(4) = -1 EBADF (Bad file descriptor) [pid 535] close(5) = -1 EBADF (Bad file descriptor) [pid 535] close(6) = -1 EBADF (Bad file descriptor) [pid 535] close(7) = -1 EBADF (Bad file descriptor) [pid 535] close(8) = -1 EBADF (Bad file descriptor) [pid 535] close(9) = -1 EBADF (Bad file descriptor) [pid 535] close(10) = -1 EBADF (Bad file descriptor) [pid 535] close(11) = -1 EBADF (Bad file descriptor) [pid 535] close(12) = -1 EBADF (Bad file descriptor) [pid 535] close(13) = -1 EBADF (Bad file descriptor) [pid 535] close(14) = -1 EBADF (Bad file descriptor) [pid 535] close(15) = -1 EBADF (Bad file descriptor) [pid 535] close(16) = -1 EBADF (Bad file descriptor) [pid 535] close(17) = -1 EBADF (Bad file descriptor) [pid 535] close(18) = -1 EBADF (Bad file descriptor) [pid 535] close(19) = -1 EBADF (Bad file descriptor) [pid 535] close(20) = -1 EBADF (Bad file descriptor) [pid 535] close(21) = -1 EBADF (Bad file descriptor) [pid 535] close(22) = -1 EBADF (Bad file descriptor) [pid 535] close(23) = -1 EBADF (Bad file descriptor) [pid 535] close(24) = -1 EBADF (Bad file descriptor) [pid 535] close(25) = -1 EBADF (Bad file descriptor) [pid 535] close(26) = -1 EBADF (Bad file descriptor) [pid 535] close(27) = -1 EBADF (Bad file descriptor) [pid 535] close(28) = -1 EBADF (Bad file descriptor) [pid 535] close(29) = -1 EBADF (Bad file descriptor) [pid 535] exit_group(0) = ? [pid 536] <... futex resumed>) = ? [pid 536] +++ exited with 0 +++ [pid 535] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=214, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 49.779434][ T536] ffff88811e39bd80: 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 00 [ 49.787329][ T536] ffff88811e39be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.795223][ T536] ================================================================== [ 49.803124][ T536] Disabling lock debugging due to kernel taint [ 49.816148][ T294] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN [ 49.827686][ T294] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 49.835931][ T294] CPU: 1 PID: 294 Comm: syz-executor879 Tainted: G B 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 49.847474][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 49.857453][ T294] RIP: 0010:__rb_insert_augmented+0x91/0x610 [ 49.863265][ T294] Code: 00 74 08 4c 89 ef e8 7e b8 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 50 b8 2b ff 48 89 d8 48 8b 1b 4c [ 49.882717][ T294] RSP: 0018:ffffc900009c78f8 EFLAGS: 00010202 [ 49.888608][ T294] RAX: 0000000000000000 RBX: 0000000000000008 RCX: dffffc0000000000 [ 49.896418][ T294] RDX: ffffffff81a4c130 RSI: ffff8881091a8920 RDI: ffff88810cd0b180 [ 49.904243][ T294] RBP: ffffc900009c7960 R08: dffffc0000000000 R09: ffff88810cd0b188 [ 49.912159][ T294] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 49.920206][ T294] R13: ffff88811e39bd10 R14: 0000000000000001 R15: ffff88810cd0b180 [ 49.928030][ T294] FS: 00005555560293c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 49.936785][ T294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.943200][ T294] CR2: 00007fee0c2d9808 CR3: 000000011e3ac000 CR4: 00000000003506a0 [ 49.951024][ T294] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.958929][ T294] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.968033][ T294] Call Trace: [ 49.971155][ T294] [ 49.974023][ T294] ? __die_body+0x62/0xb0 [ 49.978187][ T294] ? die_addr+0x9f/0xd0 [ 49.982267][ T294] ? exc_general_protection+0x311/0x4b0 [ 49.987670][ T294] ? asm_exc_general_protection+0x27/0x30 [ 49.993292][ T294] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 49.999539][ T294] ? __rb_insert_augmented+0x91/0x610 [ 50.004743][ T294] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 50.011017][ T294] vma_interval_tree_insert_after+0x2be/0x2d0 [ 50.016898][ T294] copy_mm+0xba2/0x13e0 [ 50.020890][ T294] ? copy_signal+0x610/0x610 [ 50.025312][ T294] ? __init_rwsem+0xd6/0x1c0 [ 50.029741][ T294] ? copy_signal+0x4e3/0x610 [ 50.034165][ T294] copy_process+0x12bc/0x3260 [ 50.038682][ T294] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 50.043714][ T294] ? __kasan_check_write+0x14/0x20 [ 50.048680][ T294] kernel_clone+0x21e/0x9e0 [ 50.053002][ T294] ? _raw_spin_unlock_irq+0x4e/0x70 [ 50.058043][ T294] ? create_io_thread+0x1e0/0x1e0 [ 50.062894][ T294] __x64_sys_clone+0x23f/0x290 [ 50.067495][ T294] ? __do_sys_vfork+0x130/0x130 [ 50.072190][ T294] ? __kasan_check_read+0x11/0x20 [ 50.077041][ T294] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 50.082856][ T294] do_syscall_64+0x3d/0xb0 [ 50.087109][ T294] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 50.092837][ T294] RIP: 0033:0x7fee0c280f03 [ 50.097094][ T294] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 50.116619][ T294] RSP: 002b:00007ffd661f1458 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 50.124862][ T294] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fee0c280f03 [ 50.132675][ T294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 50.140485][ T294] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffd661f60b0 [ 50.148295][ T294] R10: 0000555556029690 R11: 0000000000000246 R12: 0000000000000001 [ 50.156280][ T294] R13: 00007ffd661f157c R14: 00007ffd661f15d0 R15: 00007ffd661f15c0 [ 50.164096][ T294] [ 50.166954][ T294] Modules linked in: [ 50.170865][ T294] ---[ end trace dab28ecb60283802 ]--- [ 50.176121][ T294] RIP: 0010:__rb_insert_augmented+0x91/0x610 [ 50.181974][ T294] Code: 00 74 08 4c 89 ef e8 7e b8 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 50 b8 2b ff 48 89 d8 48 8b 1b 4c [ 50.201411][ T294] RSP: 0018:ffffc900009c78f8 EFLAGS: 00010202 [ 50.207300][ T294] RAX: 0000000000000000 RBX: 0000000000000008 RCX: dffffc0000000000 [ 50.215088][ T294] RDX: ffffffff81a4c130 RSI: ffff8881091a8920 RDI: ffff88810cd0b180 [ 50.222947][ T294] RBP: ffffc900009c7960 R08: dffffc0000000000 R09: ffff88810cd0b188 [ 50.230733][ T294] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 50.238542][ T294] R13: ffff88811e39bd10 R14: 0000000000000001 R15: ffff88810cd0b180 [ 50.246333][ T294] FS: 00005555560293c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 50.255152][ T294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.261542][ T294] CR2: 00007fee0c2d9808 CR3: 000000011e3ac000 CR4: 00000000003506a0 [ 50.269362][ T294] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 50.277381][ T294] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 50.285136][ T294] Kernel panic - not syncing: Fatal exception [ 50.291273][ T294] Kernel Offset: disabled [ 50.295399][ T294] Rebooting in 86400 seconds..