./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3634177012
<...>
DUID 00:04:dc:6c:a8:75:19:b8:f7:30:df:f1:e8:1e:24:9d:66:1e
forked to background, child pid 4646
[ 38.460223][ T4647] 8021q: adding VLAN 0 to HW filter on device bond0
[ 38.475777][ T4647] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.85' (ECDSA) to the list of known hosts.
execve("./syz-executor3634177012", ["./syz-executor3634177012"], 0x7ffcffc74cd0 /* 10 vars */) = 0
brk(NULL) = 0x555556026000
brk(0x555556026d00) = 0x555556026d00
arch_prctl(ARCH_SET_FS, 0x5555560263c0) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3634177012", 4096) = 28
brk(0x555556047d00) = 0x555556047d00
brk(0x555556048000) = 0x555556048000
mprotect(0x7ffbd35ac000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7ffbd3501180, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7ffbd35018c0}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7ffbd3501180, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7ffbd35018c0}, NULL, 8) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5078
./strace-static-x86_64: Process 5078 attached
[pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5078] setpgid(0, 0) = 0
[pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5078] write(3, "1000", 4) = 4
[pid 5078] close(3) = 0
[pid 5078] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5078] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5078] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5078] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5078] write(4, "21", 2) = 2
syzkaller login: [ 68.322114][ T5078] FAULT_INJECTION: forcing a failure.
[ 68.322114][ T5078] name failslab, interval 1, probability 0, space 0, times 1
[ 68.336178][ T5078] CPU: 0 PID: 5078 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 68.345145][ T5078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 68.355398][ T5078] Call Trace:
[ 68.358680][ T5078]
[ 68.361709][ T5078] dump_stack_lvl+0xd1/0x138
[ 68.366358][ T5078] should_fail_ex.cold+0x5/0xa
[ 68.371141][ T5078] ? copy_process+0x2655/0x7520
[ 68.375994][ T5078] should_failslab+0x9/0x20
[ 68.380505][ T5078] kmem_cache_alloc+0x5a/0x430
[ 68.385361][ T5078] ? _raw_spin_unlock+0x28/0x40
[ 68.390240][ T5078] copy_process+0x2655/0x7520
[ 68.394983][ T5078] ? __cleanup_sighand+0xb0/0xb0
[ 68.399986][ T5078] kernel_clone+0xeb/0x990
[ 68.404437][ T5078] ? create_io_thread+0xf0/0xf0
[ 68.409344][ T5078] ? rwlock_bug.part.0+0x90/0x90
[ 68.414323][ T5078] ? _raw_spin_lock_irq+0x45/0x50
[ 68.419680][ T5078] ? find_held_lock+0x2d/0x110
[ 68.424662][ T5078] __do_sys_clone+0xba/0x100
[ 68.429300][ T5078] ? kernel_clone+0x990/0x990
[ 68.434046][ T5078] ? _raw_spin_unlock_irq+0x2e/0x50
[ 68.439430][ T5078] ? ptrace_notify+0xfe/0x140
[ 68.444344][ T5078] do_syscall_64+0x39/0xb0
[ 68.448800][ T5078] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 68.454862][ T5078] RIP: 0033:0x7ffbd353f5e9
[ 68.459322][ T5078] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 68.479708][ T5078] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 68.488153][ T5078] RAX: ffffffffffffffda RBX: 00007ffe1ea44218 RCX: 00007ffbd353f5e9
[ 68.496241][ T5078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 68.504260][ T5078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 68.512247][ T5078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid 5078] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5078] exit_group(0) = ?
[pid 5078] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5079
./strace-static-x86_64: Process 5079 attached
[pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5079] setpgid(0, 0) = 0
[pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5079] write(3, "1000", 4) = 4
[pid 5079] close(3) = 0
[pid 5079] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5079] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5079] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5079] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5079] write(4, "21", 2) = 2
[ 68.520403][ T5078] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 68.528406][ T5078]
[ 68.549855][ T5079] FAULT_INJECTION: forcing a failure.
[ 68.549855][ T5079] name failslab, interval 1, probability 0, space 0, times 0
[ 68.563105][ T5079] CPU: 1 PID: 5079 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 68.571831][ T5079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 68.582172][ T5079] Call Trace:
[ 68.585466][ T5079]
[ 68.588393][ T5079] dump_stack_lvl+0xd1/0x138
[ 68.592995][ T5079] should_fail_ex.cold+0x5/0xa
[ 68.597814][ T5079] ? copy_process+0x2655/0x7520
[ 68.602736][ T5079] should_failslab+0x9/0x20
[ 68.607266][ T5079] kmem_cache_alloc+0x5a/0x430
[ 68.612222][ T5079] ? _raw_spin_unlock+0x28/0x40
[ 68.617183][ T5079] copy_process+0x2655/0x7520
[ 68.622107][ T5079] ? __cleanup_sighand+0xb0/0xb0
[ 68.627273][ T5079] kernel_clone+0xeb/0x990
[ 68.631745][ T5079] ? create_io_thread+0xf0/0xf0
[ 68.636672][ T5079] ? rwlock_bug.part.0+0x90/0x90
[ 68.641821][ T5079] ? _raw_spin_lock_irq+0x45/0x50
[ 68.646896][ T5079] ? find_held_lock+0x2d/0x110
[ 68.651684][ T5079] __do_sys_clone+0xba/0x100
[ 68.656313][ T5079] ? kernel_clone+0x990/0x990
[ 68.661136][ T5079] ? _raw_spin_unlock_irq+0x2e/0x50
[ 68.666354][ T5079] ? ptrace_notify+0xfe/0x140
[ 68.671061][ T5079] do_syscall_64+0x39/0xb0
[ 68.675508][ T5079] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 68.681427][ T5079] RIP: 0033:0x7ffbd353f5e9
[ 68.685951][ T5079] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 68.705570][ T5079] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 68.714079][ T5079] RAX: ffffffffffffffda RBX: 0000000000010aae RCX: 00007ffbd353f5e9
[pid 5079] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5079] exit_group(0) = ?
[pid 5079] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5080
./strace-static-x86_64: Process 5080 attached
[pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5080] setpgid(0, 0) = 0
[pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5080] write(3, "1000", 4) = 4
[pid 5080] close(3) = 0
[pid 5080] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5080] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5080] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5080] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5080] write(4, "21", 2) = 2
[pid 5080] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5080] exit_group(0) = ?
[pid 5080] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5082
./strace-static-x86_64: Process 5082 attached
[pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5082] setpgid(0, 0) = 0
[pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5082] write(3, "1000", 4) = 4
[pid 5082] close(3) = 0
[pid 5082] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5082] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5082] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5082] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5082] write(4, "21", 2) = 2
[pid 5082] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5082] exit_group(0) = ?
[pid 5082] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached
, child_tidptr=0x555556026690) = 5084
[pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5084] setpgid(0, 0) = 0
[pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5084] write(3, "1000", 4) = 4
[pid 5084] close(3) = 0
[ 68.722348][ T5079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 68.730501][ T5079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 68.738502][ T5079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 68.746514][ T5079] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 68.754575][ T5079]
[pid 5084] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5084] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5084] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5084] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5084] write(4, "21", 2) = 2
[ 68.809925][ T5084] FAULT_INJECTION: forcing a failure.
[ 68.809925][ T5084] name failslab, interval 1, probability 0, space 0, times 0
[ 68.823314][ T5084] CPU: 1 PID: 5084 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 68.832168][ T5084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 68.842341][ T5084] Call Trace:
[ 68.845652][ T5084]
[ 68.848711][ T5084] dump_stack_lvl+0xd1/0x138
[ 68.853338][ T5084] should_fail_ex.cold+0x5/0xa
[ 68.858144][ T5084] ? copy_process+0x27d6/0x7520
[ 68.863029][ T5084] should_failslab+0x9/0x20
[ 68.867641][ T5084] kmem_cache_alloc+0x5a/0x430
[ 68.872410][ T5084] ? _raw_spin_unlock_irq+0x23/0x50
[ 68.877705][ T5084] copy_process+0x27d6/0x7520
[ 68.882772][ T5084] ? __cleanup_sighand+0xb0/0xb0
[ 68.887751][ T5084] kernel_clone+0xeb/0x990
[ 68.892188][ T5084] ? create_io_thread+0xf0/0xf0
[ 68.897069][ T5084] ? rwlock_bug.part.0+0x90/0x90
[ 68.902063][ T5084] ? _raw_spin_lock_irq+0x45/0x50
[ 68.907141][ T5084] ? find_held_lock+0x2d/0x110
[ 68.912121][ T5084] __do_sys_clone+0xba/0x100
[ 68.916761][ T5084] ? kernel_clone+0x990/0x990
[ 68.921478][ T5084] ? _raw_spin_unlock_irq+0x2e/0x50
[ 68.926696][ T5084] ? ptrace_notify+0xfe/0x140
[ 68.931403][ T5084] do_syscall_64+0x39/0xb0
[ 68.935949][ T5084] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 68.942006][ T5084] RIP: 0033:0x7ffbd353f5e9
[ 68.947234][ T5084] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 68.967386][ T5084] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 68.975880][ T5084] RAX: ffffffffffffffda RBX: 0000000000010c85 RCX: 00007ffbd353f5e9
[ 68.983899][ T5084] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 68.991892][ T5084] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 68.999875][ T5084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid 5084] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5084] exit_group(0) = ?
[pid 5084] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached
, child_tidptr=0x555556026690) = 5085
[pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5085] setpgid(0, 0) = 0
[pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5085] write(3, "1000", 4) = 4
[pid 5085] close(3) = 0
[pid 5085] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5085] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5085] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5085] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5085] write(4, "21", 2) = 2
[pid 5085] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5085] exit_group(0) = ?
[pid 5085] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5087 attached
, child_tidptr=0x555556026690) = 5087
[pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5087] setpgid(0, 0) = 0
[pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5087] write(3, "1000", 4) = 4
[pid 5087] close(3) = 0
[pid 5087] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5087] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5087] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5087] write(4, "21", 2) = 2
[ 69.007956][ T5084] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 69.015961][ T5084]
[ 69.053119][ T5087] FAULT_INJECTION: forcing a failure.
[ 69.053119][ T5087] name failslab, interval 1, probability 0, space 0, times 0
[ 69.066014][ T5087] CPU: 0 PID: 5087 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 69.075056][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 69.085322][ T5087] Call Trace:
[ 69.088727][ T5087]
[ 69.091658][ T5087] dump_stack_lvl+0xd1/0x138
[ 69.096262][ T5087] should_fail_ex.cold+0x5/0xa
[ 69.101065][ T5087] ? vm_area_dup+0x7d/0x380
[ 69.105851][ T5087] should_failslab+0x9/0x20
[ 69.110388][ T5087] kmem_cache_alloc+0x5a/0x430
[ 69.115217][ T5087] vm_area_dup+0x7d/0x380
[ 69.121125][ T5087] ? copy_page_range+0x1dfe/0x3b40
[ 69.126320][ T5087] ? mas_next_nentry+0x610/0xab0
[ 69.131382][ T5087] ? vm_area_alloc+0x100/0x100
[ 69.136958][ T5087] ? percpu_counter_add_batch+0xc1/0x180
[ 69.142710][ T5087] ? __vm_enough_memory+0x188/0x390
[ 69.148735][ T5087] ? security_vm_enough_memory_mm+0x89/0xb0
[ 69.154643][ T5087] dup_mmap+0x655/0x10b0
[ 69.158923][ T5087] ? replace_mm_exe_file+0x4b0/0x4b0
[ 69.164287][ T5087] ? lock_downgrade+0x6e0/0x6e0
[ 69.169182][ T5087] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 69.175065][ T5087] ? mm_init+0x8e0/0xc10
[ 69.179342][ T5087] copy_process+0x440f/0x7520
[ 69.184051][ T5087] ? __cleanup_sighand+0xb0/0xb0
[ 69.189045][ T5087] kernel_clone+0xeb/0x990
[ 69.193524][ T5087] ? create_io_thread+0xf0/0xf0
[ 69.198470][ T5087] ? rwlock_bug.part.0+0x90/0x90
[ 69.203542][ T5087] ? _raw_spin_lock_irq+0x45/0x50
[ 69.208615][ T5087] ? find_held_lock+0x2d/0x110
[ 69.213404][ T5087] __do_sys_clone+0xba/0x100
[ 69.218008][ T5087] ? kernel_clone+0x990/0x990
[ 69.222749][ T5087] ? _raw_spin_unlock_irq+0x2e/0x50
[ 69.228037][ T5087] ? ptrace_notify+0xfe/0x140
[ 69.232794][ T5087] do_syscall_64+0x39/0xb0
[ 69.238311][ T5087] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 69.244491][ T5087] RIP: 0033:0x7ffbd353f5e9
[ 69.249020][ T5087] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 69.268748][ T5087] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 69.277389][ T5087] RAX: ffffffffffffffda RBX: 0000000000010d79 RCX: 00007ffbd353f5e9
[ 69.285483][ T5087] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 69.293566][ T5087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[pid 5087] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5087] exit_group(0) = ?
[pid 5087] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5088 attached
, child_tidptr=0x555556026690) = 5088
[pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5088] setpgid(0, 0) = 0
[pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5088] write(3, "1000", 4) = 4
[pid 5088] close(3) = 0
[pid 5088] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5088] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5088] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5088] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5088] write(4, "21", 2) = 2
[ 69.301540][ T5087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 69.309571][ T5087] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 69.318200][ T5087]
[ 69.339144][ T5088] FAULT_INJECTION: forcing a failure.
[ 69.339144][ T5088] name failslab, interval 1, probability 0, space 0, times 0
[ 69.352198][ T5088] CPU: 1 PID: 5088 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 69.360920][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 69.371171][ T5088] Call Trace:
[ 69.374487][ T5088]
[ 69.377438][ T5088] dump_stack_lvl+0xd1/0x138
[ 69.382043][ T5088] should_fail_ex.cold+0x5/0xa
[ 69.386832][ T5088] ? copy_process+0x2655/0x7520
[ 69.391712][ T5088] should_failslab+0x9/0x20
[ 69.396246][ T5088] kmem_cache_alloc+0x5a/0x430
[ 69.401235][ T5088] ? _raw_spin_unlock+0x28/0x40
[ 69.406359][ T5088] copy_process+0x2655/0x7520
[ 69.411357][ T5088] ? __cleanup_sighand+0xb0/0xb0
[ 69.416357][ T5088] kernel_clone+0xeb/0x990
[ 69.420789][ T5088] ? create_io_thread+0xf0/0xf0
[ 69.425661][ T5088] ? rwlock_bug.part.0+0x90/0x90
[ 69.430638][ T5088] ? _raw_spin_lock_irq+0x45/0x50
[ 69.435771][ T5088] ? find_held_lock+0x2d/0x110
[ 69.440556][ T5088] __do_sys_clone+0xba/0x100
[ 69.445170][ T5088] ? kernel_clone+0x990/0x990
[ 69.449871][ T5088] ? _raw_spin_unlock_irq+0x2e/0x50
[ 69.455097][ T5088] ? ptrace_notify+0xfe/0x140
[ 69.459801][ T5088] do_syscall_64+0x39/0xb0
[ 69.464233][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 69.470136][ T5088] RIP: 0033:0x7ffbd353f5e9
[ 69.474563][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 69.494257][ T5088] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid 5088] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5088] exit_group(0) = ?
[pid 5088] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5089 attached
, child_tidptr=0x555556026690) = 5089
[pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5089] setpgid(0, 0) = 0
[pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5089] write(3, "1000", 4) = 4
[pid 5089] close(3) = 0
[pid 5089] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5089] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5089] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5089] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5089] write(4, "21", 2) = 2
[pid 5089] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5089] exit_group(0) = ?
[pid 5089] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5091
./strace-static-x86_64: Process 5091 attached
[pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5091] setpgid(0, 0) = 0
[pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5091] write(3, "1000", 4) = 4
[pid 5091] close(3) = 0
[pid 5091] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5091] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5091] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5091] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5091] write(4, "21", 2) = 2
[pid 5091] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5091] exit_group(0) = ?
[ 69.502801][ T5088] RAX: ffffffffffffffda RBX: 0000000000010d89 RCX: 00007ffbd353f5e9
[ 69.511776][ T5088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 69.519789][ T5088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 69.527826][ T5088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 69.535803][ T5088] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 69.543819][ T5088]
[pid 5091] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5093 attached
, child_tidptr=0x555556026690) = 5093
[pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5093] setpgid(0, 0) = 0
[pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5093] write(3, "1000", 4) = 4
[pid 5093] close(3) = 0
[pid 5093] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5093] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5093] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5093] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5093] write(4, "21", 2) = 2
[ 69.601284][ T5093] FAULT_INJECTION: forcing a failure.
[ 69.601284][ T5093] name failslab, interval 1, probability 0, space 0, times 0
[ 69.614187][ T5093] CPU: 1 PID: 5093 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 69.622991][ T5093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 69.633079][ T5093] Call Trace:
[ 69.636375][ T5093]
[ 69.639331][ T5093] dump_stack_lvl+0xd1/0x138
[ 69.643978][ T5093] should_fail_ex.cold+0x5/0xa
[ 69.649023][ T5093] ? copy_process+0x2655/0x7520
[ 69.653897][ T5093] should_failslab+0x9/0x20
[ 69.658425][ T5093] kmem_cache_alloc+0x5a/0x430
[ 69.663203][ T5093] ? _raw_spin_unlock+0x28/0x40
[ 69.668075][ T5093] copy_process+0x2655/0x7520
[ 69.672829][ T5093] ? __cleanup_sighand+0xb0/0xb0
[ 69.677824][ T5093] kernel_clone+0xeb/0x990
[ 69.682268][ T5093] ? create_io_thread+0xf0/0xf0
[ 69.687251][ T5093] ? rwlock_bug.part.0+0x90/0x90
[ 69.692224][ T5093] ? _raw_spin_lock_irq+0x45/0x50
[ 69.697289][ T5093] ? find_held_lock+0x2d/0x110
[ 69.702094][ T5093] __do_sys_clone+0xba/0x100
[ 69.706712][ T5093] ? kernel_clone+0x990/0x990
[ 69.711425][ T5093] ? _raw_spin_unlock_irq+0x2e/0x50
[ 69.716667][ T5093] ? ptrace_notify+0xfe/0x140
[ 69.721406][ T5093] do_syscall_64+0x39/0xb0
[ 69.725867][ T5093] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 69.731787][ T5093] RIP: 0033:0x7ffbd353f5e9
[ 69.736266][ T5093] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 69.755918][ T5093] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 69.764355][ T5093] RAX: ffffffffffffffda RBX: 0000000000010f99 RCX: 00007ffbd353f5e9
[ 69.772342][ T5093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 69.780330][ T5093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 69.788337][ T5093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid 5093] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5093] exit_group(0) = ?
[pid 5093] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5094
./strace-static-x86_64: Process 5094 attached
[pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5094] setpgid(0, 0) = 0
[pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5094] write(3, "1000", 4) = 4
[pid 5094] close(3) = 0
[pid 5094] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5094] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5094] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5094] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5094] write(4, "21", 2) = 2
[ 69.796371][ T5093] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 69.804378][ T5093]
[ 69.833023][ T5094] FAULT_INJECTION: forcing a failure.
[ 69.833023][ T5094] name failslab, interval 1, probability 0, space 0, times 0
[ 69.846304][ T5094] CPU: 1 PID: 5094 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 69.855124][ T5094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 69.865216][ T5094] Call Trace:
[ 69.868512][ T5094]
[ 69.871536][ T5094] dump_stack_lvl+0xd1/0x138
[ 69.876239][ T5094] should_fail_ex.cold+0x5/0xa
[ 69.881578][ T5094] ? copy_process+0x2655/0x7520
[ 69.886484][ T5094] should_failslab+0x9/0x20
[ 69.891017][ T5094] kmem_cache_alloc+0x5a/0x430
[ 69.895808][ T5094] ? _raw_spin_unlock+0x28/0x40
[ 69.900695][ T5094] copy_process+0x2655/0x7520
[ 69.905505][ T5094] ? __cleanup_sighand+0xb0/0xb0
[ 69.910537][ T5094] kernel_clone+0xeb/0x990
[ 69.915087][ T5094] ? create_io_thread+0xf0/0xf0
[ 69.919962][ T5094] ? rwlock_bug.part.0+0x90/0x90
[ 69.925016][ T5094] ? _raw_spin_lock_irq+0x45/0x50
[ 69.930167][ T5094] ? find_held_lock+0x2d/0x110
[ 69.934970][ T5094] __do_sys_clone+0xba/0x100
[ 69.939574][ T5094] ? kernel_clone+0x990/0x990
[ 69.944266][ T5094] ? _raw_spin_unlock_irq+0x2e/0x50
[ 69.949471][ T5094] ? ptrace_notify+0xfe/0x140
[ 69.954189][ T5094] do_syscall_64+0x39/0xb0
[ 69.958671][ T5094] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 69.964741][ T5094] RIP: 0033:0x7ffbd353f5e9
[ 69.969623][ T5094] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 69.989238][ T5094] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 69.997671][ T5094] RAX: ffffffffffffffda RBX: 0000000000010fad RCX: 00007ffbd353f5e9
[ 70.005723][ T5094] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 70.013818][ T5094] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 70.021902][ T5094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid 5094] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5094] exit_group(0) = ?
[pid 5094] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5095 attached
, child_tidptr=0x555556026690) = 5095
[pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5095] setpgid(0, 0) = 0
[pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5095] write(3, "1000", 4) = 4
[pid 5095] close(3) = 0
[pid 5095] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5095] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5095] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5095] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5095] write(4, "21", 2) = 2
[ 70.029900][ T5094] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 70.038188][ T5094]
[ 70.070159][ T5095] FAULT_INJECTION: forcing a failure.
[ 70.070159][ T5095] name failslab, interval 1, probability 0, space 0, times 0
[ 70.082849][ T5095] CPU: 1 PID: 5095 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 70.091526][ T5095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 70.101603][ T5095] Call Trace:
[ 70.104895][ T5095]
[ 70.107826][ T5095] dump_stack_lvl+0xd1/0x138
[ 70.112431][ T5095] should_fail_ex.cold+0x5/0xa
[ 70.117222][ T5095] ? copy_process+0x2655/0x7520
[ 70.122115][ T5095] should_failslab+0x9/0x20
[ 70.126655][ T5095] kmem_cache_alloc+0x5a/0x430
[ 70.131461][ T5095] ? _raw_spin_unlock+0x28/0x40
[ 70.136336][ T5095] copy_process+0x2655/0x7520
[ 70.141034][ T5095] ? __cleanup_sighand+0xb0/0xb0
[ 70.146027][ T5095] kernel_clone+0xeb/0x990
[ 70.150472][ T5095] ? create_io_thread+0xf0/0xf0
[ 70.155339][ T5095] ? rwlock_bug.part.0+0x90/0x90
[ 70.160334][ T5095] ? _raw_spin_lock_irq+0x45/0x50
[ 70.165466][ T5095] ? find_held_lock+0x2d/0x110
[ 70.170319][ T5095] __do_sys_clone+0xba/0x100
[ 70.174951][ T5095] ? kernel_clone+0x990/0x990
[ 70.179661][ T5095] ? _raw_spin_unlock_irq+0x2e/0x50
[ 70.184880][ T5095] ? ptrace_notify+0xfe/0x140
[ 70.189582][ T5095] do_syscall_64+0x39/0xb0
[ 70.194140][ T5095] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 70.200064][ T5095] RIP: 0033:0x7ffbd353f5e9
[ 70.204581][ T5095] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 70.225269][ T5095] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid 5095] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5095] exit_group(0) = ?
[pid 5095] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5096
./strace-static-x86_64: Process 5096 attached
[pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5096] setpgid(0, 0) = 0
[pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5096] write(3, "1000", 4) = 4
[pid 5096] close(3) = 0
[pid 5096] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5096] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5096] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5096] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5096] write(4, "21", 2) = 2
[pid 5096] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5096] exit_group(0) = ?
[pid 5096] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5098
./strace-static-x86_64: Process 5098 attached
[pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5098] setpgid(0, 0) = 0
[pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5098] write(3, "1000", 4) = 4
[pid 5098] close(3) = 0
[pid 5098] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5098] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5098] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5098] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5098] write(4, "21", 2) = 2
[ 70.233732][ T5095] RAX: ffffffffffffffda RBX: 000000000001108f RCX: 00007ffbd353f5e9
[ 70.241804][ T5095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 70.250192][ T5095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 70.258186][ T5095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 70.266254][ T5095] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 70.274483][ T5095]
[ 70.313297][ T5098] FAULT_INJECTION: forcing a failure.
[ 70.313297][ T5098] name failslab, interval 1, probability 0, space 0, times 0
[ 70.326934][ T5098] CPU: 1 PID: 5098 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 70.335900][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 70.346129][ T5098] Call Trace:
[ 70.349402][ T5098]
[ 70.352502][ T5098] dump_stack_lvl+0xd1/0x138
[ 70.357095][ T5098] should_fail_ex.cold+0x5/0xa
[ 70.361859][ T5098] ? copy_process+0x2655/0x7520
[ 70.366708][ T5098] should_failslab+0x9/0x20
[ 70.371209][ T5098] kmem_cache_alloc+0x5a/0x430
[ 70.376004][ T5098] ? _raw_spin_unlock+0x28/0x40
[ 70.380851][ T5098] copy_process+0x2655/0x7520
[ 70.385552][ T5098] ? __cleanup_sighand+0xb0/0xb0
[ 70.390525][ T5098] kernel_clone+0xeb/0x990
[ 70.394965][ T5098] ? create_io_thread+0xf0/0xf0
[ 70.399925][ T5098] ? rwlock_bug.part.0+0x90/0x90
[ 70.404887][ T5098] ? _raw_spin_lock_irq+0x45/0x50
[ 70.410049][ T5098] ? find_held_lock+0x2d/0x110
[ 70.414842][ T5098] __do_sys_clone+0xba/0x100
[ 70.419539][ T5098] ? kernel_clone+0x990/0x990
[ 70.424246][ T5098] ? _raw_spin_unlock_irq+0x2e/0x50
[ 70.429551][ T5098] ? ptrace_notify+0xfe/0x140
[ 70.434252][ T5098] do_syscall_64+0x39/0xb0
[ 70.438696][ T5098] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 70.444605][ T5098] RIP: 0033:0x7ffbd353f5e9
[ 70.449035][ T5098] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 70.469017][ T5098] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 70.477449][ T5098] RAX: ffffffffffffffda RBX: 0000000000011266 RCX: 00007ffbd353f5e9
[ 70.485435][ T5098] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 70.493502][ T5098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 70.501492][ T5098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid 5098] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5098] exit_group(0) = ?
[pid 5098] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5099
./strace-static-x86_64: Process 5099 attached
[pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5099] setpgid(0, 0) = 0
[pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5099] write(3, "1000", 4) = 4
[pid 5099] close(3) = 0
[pid 5099] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5099] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5099] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5099] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5099] write(4, "21", 2) = 2
[ 70.509472][ T5098] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 70.517472][ T5098]
[ 70.537888][ T5099] FAULT_INJECTION: forcing a failure.
[ 70.537888][ T5099] name failslab, interval 1, probability 0, space 0, times 0
[ 70.550949][ T5099] CPU: 1 PID: 5099 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 70.559668][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 70.569734][ T5099] Call Trace:
[ 70.573040][ T5099]
[ 70.576082][ T5099] dump_stack_lvl+0xd1/0x138
[ 70.580707][ T5099] should_fail_ex.cold+0x5/0xa
[ 70.585479][ T5099] ? copy_process+0x2655/0x7520
[ 70.590349][ T5099] should_failslab+0x9/0x20
[ 70.594892][ T5099] kmem_cache_alloc+0x5a/0x430
[ 70.599654][ T5099] ? _raw_spin_unlock+0x28/0x40
[ 70.604542][ T5099] copy_process+0x2655/0x7520
[ 70.609262][ T5099] ? __cleanup_sighand+0xb0/0xb0
[ 70.614236][ T5099] kernel_clone+0xeb/0x990
[ 70.618691][ T5099] ? create_io_thread+0xf0/0xf0
[ 70.623543][ T5099] ? rwlock_bug.part.0+0x90/0x90
[ 70.628480][ T5099] ? _raw_spin_lock_irq+0x45/0x50
[ 70.633718][ T5099] ? find_held_lock+0x2d/0x110
[ 70.638539][ T5099] __do_sys_clone+0xba/0x100
[ 70.643161][ T5099] ? kernel_clone+0x990/0x990
[ 70.648057][ T5099] ? _raw_spin_unlock_irq+0x2e/0x50
[ 70.653409][ T5099] ? ptrace_notify+0xfe/0x140
[ 70.658129][ T5099] do_syscall_64+0x39/0xb0
[ 70.662583][ T5099] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 70.668527][ T5099] RIP: 0033:0x7ffbd353f5e9
[ 70.673001][ T5099] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 70.693371][ T5099] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 70.701831][ T5099] RAX: ffffffffffffffda RBX: 0000000000011273 RCX: 00007ffbd353f5e9
[pid 5099] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5099] exit_group(0) = ?
[pid 5099] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5100 attached
, child_tidptr=0x555556026690) = 5100
[pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5100] setpgid(0, 0) = 0
[pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5100] write(3, "1000", 4) = 4
[pid 5100] close(3) = 0
[pid 5100] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5100] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5100] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5100] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5100] write(4, "21", 2) = 2
[pid 5100] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5100] exit_group(0) = ?
[pid 5100] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5102
./strace-static-x86_64: Process 5102 attached
[pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5102] setpgid(0, 0) = 0
[pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5102] write(3, "1000", 4) = 4
[pid 5102] close(3) = 0
[pid 5102] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5102] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5102] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5102] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5102] write(4, "21", 2) = 2
[ 70.709846][ T5099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 70.717845][ T5099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 70.725820][ T5099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 70.733811][ T5099] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 70.741839][ T5099]
[ 70.782226][ T5102] FAULT_INJECTION: forcing a failure.
[ 70.782226][ T5102] name failslab, interval 1, probability 0, space 0, times 0
[ 70.795020][ T5102] CPU: 1 PID: 5102 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 70.803736][ T5102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 70.813852][ T5102] Call Trace:
[ 70.817188][ T5102]
[ 70.820134][ T5102] dump_stack_lvl+0xd1/0x138
[ 70.824742][ T5102] should_fail_ex.cold+0x5/0xa
[ 70.829801][ T5102] ? copy_fs_struct+0x49/0x340
[ 70.834595][ T5102] should_failslab+0x9/0x20
[ 70.839105][ T5102] kmem_cache_alloc+0x5a/0x430
[ 70.843905][ T5102] copy_fs_struct+0x49/0x340
[ 70.848529][ T5102] copy_process+0x37c9/0x7520
[ 70.853223][ T5102] ? __cleanup_sighand+0xb0/0xb0
[ 70.858182][ T5102] kernel_clone+0xeb/0x990
[ 70.862605][ T5102] ? create_io_thread+0xf0/0xf0
[ 70.867470][ T5102] ? rwlock_bug.part.0+0x90/0x90
[ 70.872435][ T5102] ? _raw_spin_lock_irq+0x45/0x50
[ 70.877490][ T5102] ? find_held_lock+0x2d/0x110
[ 70.882293][ T5102] __do_sys_clone+0xba/0x100
[ 70.887088][ T5102] ? kernel_clone+0x990/0x990
[ 70.891806][ T5102] ? _raw_spin_unlock_irq+0x2e/0x50
[ 70.897017][ T5102] ? ptrace_notify+0xfe/0x140
[ 70.902179][ T5102] do_syscall_64+0x39/0xb0
[ 70.906635][ T5102] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 70.912540][ T5102] RIP: 0033:0x7ffbd353f5e9
[ 70.916953][ T5102] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 70.936660][ T5102] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 70.945083][ T5102] RAX: ffffffffffffffda RBX: 0000000000011436 RCX: 00007ffbd353f5e9
[ 70.953219][ T5102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 70.961214][ T5102] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 70.970641][ T5102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid 5102] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5102] exit_group(0) = ?
[pid 5102] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5103
./strace-static-x86_64: Process 5103 attached
[pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5103] setpgid(0, 0) = 0
[pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5103] write(3, "1000", 4) = 4
[pid 5103] close(3) = 0
[pid 5103] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5103] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5103] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5103] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5103] write(4, "21", 2) = 2
[pid 5103] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5103] exit_group(0) = ?
[pid 5103] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5105
./strace-static-x86_64: Process 5105 attached
[pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5105] setpgid(0, 0) = 0
[pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5105] write(3, "1000", 4) = 4
[pid 5105] close(3) = 0
[pid 5105] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5105] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5105] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5105] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5105] write(4, "21", 2) = 2
[ 70.978613][ T5102] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 70.986614][ T5102]
[ 71.044932][ T5105] FAULT_INJECTION: forcing a failure.
[ 71.044932][ T5105] name failslab, interval 1, probability 0, space 0, times 0
[ 71.057762][ T5105] CPU: 0 PID: 5105 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 71.066486][ T5105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 71.076569][ T5105] Call Trace:
[ 71.079868][ T5105]
[ 71.082808][ T5105] dump_stack_lvl+0xd1/0x138
[ 71.087414][ T5105] should_fail_ex.cold+0x5/0xa
[ 71.092212][ T5105] ? vm_area_dup+0x7d/0x380
[ 71.096741][ T5105] should_failslab+0x9/0x20
[ 71.101264][ T5105] kmem_cache_alloc+0x5a/0x430
[ 71.106252][ T5105] vm_area_dup+0x7d/0x380
[ 71.110608][ T5105] ? copy_page_range+0x1dfe/0x3b40
[ 71.115809][ T5105] ? mas_next_nentry+0x610/0xab0
[ 71.120835][ T5105] ? vm_area_alloc+0x100/0x100
[ 71.125653][ T5105] ? percpu_counter_add_batch+0xc1/0x180
[ 71.131336][ T5105] ? __vm_enough_memory+0x188/0x390
[ 71.136617][ T5105] ? security_vm_enough_memory_mm+0x89/0xb0
[ 71.142660][ T5105] dup_mmap+0x655/0x10b0
[ 71.147055][ T5105] ? replace_mm_exe_file+0x4b0/0x4b0
[ 71.152382][ T5105] ? lock_downgrade+0x6e0/0x6e0
[ 71.157359][ T5105] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 71.163208][ T5105] ? mm_init+0x8e0/0xc10
[ 71.167500][ T5105] copy_process+0x440f/0x7520
[ 71.172230][ T5105] ? __cleanup_sighand+0xb0/0xb0
[ 71.177212][ T5105] kernel_clone+0xeb/0x990
[ 71.181654][ T5105] ? create_io_thread+0xf0/0xf0
[ 71.186521][ T5105] ? rwlock_bug.part.0+0x90/0x90
[ 71.191475][ T5105] ? _raw_spin_lock_irq+0x45/0x50
[ 71.196544][ T5105] ? find_held_lock+0x2d/0x110
[ 71.201338][ T5105] __do_sys_clone+0xba/0x100
[ 71.205946][ T5105] ? kernel_clone+0x990/0x990
[ 71.210664][ T5105] ? _raw_spin_unlock_irq+0x2e/0x50
[ 71.215911][ T5105] ? ptrace_notify+0xfe/0x140
[ 71.220625][ T5105] do_syscall_64+0x39/0xb0
[ 71.225074][ T5105] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 71.230995][ T5105] RIP: 0033:0x7ffbd353f5e9
[ 71.236174][ T5105] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 71.256340][ T5105] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 71.264814][ T5105] RAX: ffffffffffffffda RBX: 000000000001152a RCX: 00007ffbd353f5e9
[ 71.272906][ T5105] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 71.281457][ T5105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[pid 5105] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5105] exit_group(0) = ?
[pid 5105] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5106 attached
, child_tidptr=0x555556026690) = 5106
[pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5106] setpgid(0, 0) = 0
[pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5106] write(3, "1000", 4) = 4
[pid 5106] close(3) = 0
[pid 5106] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5106] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5106] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5106] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5106] write(4, "21", 2) = 2
[pid 5106] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5106] exit_group(0) = ?
[pid 5106] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5108 attached
, child_tidptr=0x555556026690) = 5108
[pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5108] setpgid(0, 0) = 0
[pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5108] write(3, "1000", 4) = 4
[pid 5108] close(3) = 0
[pid 5108] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5108] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5108] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5108] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5108] write(4, "21", 2) = 2
[ 71.289536][ T5105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 71.297523][ T5105] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 71.305527][ T5105]
[ 71.344966][ T5108] FAULT_INJECTION: forcing a failure.
[ 71.344966][ T5108] name failslab, interval 1, probability 0, space 0, times 0
[ 71.358248][ T5108] CPU: 0 PID: 5108 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 71.367061][ T5108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 71.377374][ T5108] Call Trace:
[ 71.380645][ T5108]
[ 71.383570][ T5108] dump_stack_lvl+0xd1/0x138
[ 71.388166][ T5108] should_fail_ex.cold+0x5/0xa
[ 71.392938][ T5108] ? vm_area_dup+0x7d/0x380
[ 71.397467][ T5108] should_failslab+0x9/0x20
[ 71.402000][ T5108] kmem_cache_alloc+0x5a/0x430
[ 71.407129][ T5108] vm_area_dup+0x7d/0x380
[ 71.411547][ T5108] ? copy_page_range+0x1dfe/0x3b40
[ 71.417683][ T5108] ? mas_next_nentry+0x610/0xab0
[ 71.423445][ T5108] ? vm_area_alloc+0x100/0x100
[ 71.428940][ T5108] ? percpu_counter_add_batch+0xc1/0x180
[ 71.434727][ T5108] ? __vm_enough_memory+0x188/0x390
[ 71.439962][ T5108] ? security_vm_enough_memory_mm+0x89/0xb0
[ 71.445887][ T5108] dup_mmap+0x655/0x10b0
[ 71.450335][ T5108] ? replace_mm_exe_file+0x4b0/0x4b0
[ 71.455639][ T5108] ? lock_downgrade+0x6e0/0x6e0
[ 71.460528][ T5108] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 71.466404][ T5108] ? mm_init+0x8e0/0xc10
[ 71.470673][ T5108] copy_process+0x440f/0x7520
[ 71.475433][ T5108] ? __cleanup_sighand+0xb0/0xb0
[ 71.480584][ T5108] kernel_clone+0xeb/0x990
[ 71.485027][ T5108] ? create_io_thread+0xf0/0xf0
[ 71.489903][ T5108] ? rwlock_bug.part.0+0x90/0x90
[ 71.494858][ T5108] ? _raw_spin_lock_irq+0x45/0x50
[ 71.500004][ T5108] ? find_held_lock+0x2d/0x110
[ 71.504827][ T5108] __do_sys_clone+0xba/0x100
[ 71.509464][ T5108] ? kernel_clone+0x990/0x990
[ 71.514191][ T5108] ? _raw_spin_unlock_irq+0x2e/0x50
[ 71.519439][ T5108] ? ptrace_notify+0xfe/0x140
[ 71.524159][ T5108] do_syscall_64+0x39/0xb0
[ 71.528619][ T5108] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 71.534549][ T5108] RIP: 0033:0x7ffbd353f5e9
[ 71.538982][ T5108] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 71.558640][ T5108] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 71.567169][ T5108] RAX: ffffffffffffffda RBX: 0000000000011669 RCX: 00007ffbd353f5e9
[ 71.575243][ T5108] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 71.583227][ T5108] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[pid 5108] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5108] exit_group(0) = ?
[pid 5108] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5109 attached
, child_tidptr=0x555556026690) = 5109
[pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5109] setpgid(0, 0) = 0
[pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5109] write(3, "1000", 4) = 4
[pid 5109] close(3) = 0
[pid 5109] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5109] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5109] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5109] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5109] write(4, "21", 2) = 2
[pid 5109] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid 5109] exit_group(0) = ?
[pid 5109] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5111 attached
, child_tidptr=0x555556026690) = 5111
[pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5111] setpgid(0, 0) = 0
[pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5111] write(3, "1000", 4) = 4
[pid 5111] close(3) = 0
[pid 5111] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5111] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5111] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5111] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5111] write(4, "21", 2) = 2
[ 71.591216][ T5108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 71.599200][ T5108] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 71.607291][ T5108]
[ 71.645660][ T5111] FAULT_INJECTION: forcing a failure.
[ 71.645660][ T5111] name failslab, interval 1, probability 0, space 0, times 0
[ 71.658749][ T5111] CPU: 0 PID: 5111 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 71.667438][ T5111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 71.677491][ T5111] Call Trace:
[ 71.680765][ T5111]
[ 71.683692][ T5111] dump_stack_lvl+0xd1/0x138
[ 71.688288][ T5111] should_fail_ex.cold+0x5/0xa
[ 71.693064][ T5111] ? vm_area_dup+0x7d/0x380
[ 71.697570][ T5111] should_failslab+0x9/0x20
[ 71.702168][ T5111] kmem_cache_alloc+0x5a/0x430
[ 71.706958][ T5111] vm_area_dup+0x7d/0x380
[ 71.711289][ T5111] ? copy_page_range+0x1dfe/0x3b40
[ 71.716447][ T5111] ? mas_next_nentry+0x610/0xab0
[ 71.721446][ T5111] ? vm_area_alloc+0x100/0x100
[ 71.726260][ T5111] ? percpu_counter_add_batch+0xc1/0x180
[ 71.731936][ T5111] ? __vm_enough_memory+0x188/0x390
[ 71.737251][ T5111] ? security_vm_enough_memory_mm+0x89/0xb0
[ 71.743195][ T5111] dup_mmap+0x655/0x10b0
[ 71.747504][ T5111] ? replace_mm_exe_file+0x4b0/0x4b0
[ 71.752840][ T5111] ? lock_downgrade+0x6e0/0x6e0
[ 71.757737][ T5111] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 71.763608][ T5111] ? mm_init+0x8e0/0xc10
[ 71.767876][ T5111] copy_process+0x440f/0x7520
[ 71.772621][ T5111] ? __cleanup_sighand+0xb0/0xb0
[ 71.777614][ T5111] kernel_clone+0xeb/0x990
[ 71.782059][ T5111] ? create_io_thread+0xf0/0xf0
[ 71.786935][ T5111] ? rwlock_bug.part.0+0x90/0x90
[ 71.791918][ T5111] ? _raw_spin_lock_irq+0x45/0x50
[ 71.796991][ T5111] ? find_held_lock+0x2d/0x110
[ 71.801796][ T5111] __do_sys_clone+0xba/0x100
[ 71.806416][ T5111] ? kernel_clone+0x990/0x990
[ 71.811235][ T5111] ? _raw_spin_unlock_irq+0x2e/0x50
[ 71.816483][ T5111] ? ptrace_notify+0xfe/0x140
[ 71.821286][ T5111] do_syscall_64+0x39/0xb0
[ 71.825839][ T5111] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 71.831760][ T5111] RIP: 0033:0x7ffbd353f5e9
[ 71.836192][ T5111] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 71.855906][ T5111] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 71.864341][ T5111] RAX: ffffffffffffffda RBX: 0000000000011799 RCX: 00007ffbd353f5e9
[ 71.872328][ T5111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 71.880310][ T5111] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 71.888299][ T5111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid 5111] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5111] exit_group(0) = ?
[pid 5111] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5112 attached
, child_tidptr=0x555556026690) = 5112
[pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5112] setpgid(0, 0) = 0
[pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5112] write(3, "1000", 4) = 4
[pid 5112] close(3) = 0
[pid 5112] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5112] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5112] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5112] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5112] write(4, "21", 2) = 2
[ 71.896380][ T5111] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 71.904388][ T5111]
[ 71.925492][ T5112] FAULT_INJECTION: forcing a failure.
[ 71.925492][ T5112] name failslab, interval 1, probability 0, space 0, times 0
[ 71.938327][ T5112] CPU: 0 PID: 5112 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 71.947065][ T5112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 71.957150][ T5112] Call Trace:
[ 71.960434][ T5112]
[ 71.963367][ T5112] dump_stack_lvl+0xd1/0x138
[ 71.967985][ T5112] should_fail_ex.cold+0x5/0xa
[ 71.972811][ T5112] ? copy_process+0x2655/0x7520
[ 71.977671][ T5112] should_failslab+0x9/0x20
[ 71.982190][ T5112] kmem_cache_alloc+0x5a/0x430
[ 71.986981][ T5112] ? _raw_spin_unlock+0x28/0x40
[ 71.991863][ T5112] copy_process+0x2655/0x7520
[ 71.996590][ T5112] ? __cleanup_sighand+0xb0/0xb0
[ 72.001552][ T5112] kernel_clone+0xeb/0x990
[ 72.006027][ T5112] ? create_io_thread+0xf0/0xf0
[ 72.010907][ T5112] ? rwlock_bug.part.0+0x90/0x90
[ 72.015889][ T5112] ? _raw_spin_lock_irq+0x45/0x50
[ 72.020953][ T5112] ? find_held_lock+0x2d/0x110
[ 72.025775][ T5112] __do_sys_clone+0xba/0x100
[ 72.030374][ T5112] ? kernel_clone+0x990/0x990
[ 72.035095][ T5112] ? _raw_spin_unlock_irq+0x2e/0x50
[ 72.040303][ T5112] ? ptrace_notify+0xfe/0x140
[ 72.045005][ T5112] do_syscall_64+0x39/0xb0
[ 72.049473][ T5112] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 72.055653][ T5112] RIP: 0033:0x7ffbd353f5e9
[ 72.060068][ T5112] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 72.079703][ T5112] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 72.088158][ T5112] RAX: ffffffffffffffda RBX: 00000000000117a9 RCX: 00007ffbd353f5e9
[pid 5112] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid 5112] exit_group(0) = ?
[pid 5112] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556026690) = 5113
./strace-static-x86_64: Process 5113 attached
[pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5113] setpgid(0, 0) = 0
[pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5113] write(3, "1000", 4) = 4
[pid 5113] close(3) = 0
[pid 5113] io_uring_setup(7763, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=8192, cq_entries=16384, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=262464}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5113] mmap(0x20000000, 295232, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20000000
[pid 5113] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5113] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5113] write(4, "21", 2) = 2
[ 72.096175][ T5112] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 72.104148][ T5112] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 72.112129][ T5112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 72.120122][ T5112] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 72.128108][ T5112]
[ 72.150210][ T5113] FAULT_INJECTION: forcing a failure.
[ 72.150210][ T5113] name failslab, interval 1, probability 0, space 0, times 0
[ 72.163004][ T5113] CPU: 1 PID: 5113 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 72.171722][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 72.181839][ T5113] Call Trace:
[ 72.185135][ T5113]
[ 72.188066][ T5113] dump_stack_lvl+0xd1/0x138
[ 72.192669][ T5113] should_fail_ex.cold+0x5/0xa
[ 72.197447][ T5113] ? ptlock_alloc+0x21/0x70
[ 72.201974][ T5113] should_failslab+0x9/0x20
[ 72.206521][ T5113] kmem_cache_alloc+0x5a/0x430
[ 72.211317][ T5113] ptlock_alloc+0x21/0x70
[ 72.215686][ T5113] pte_alloc_one+0x6c/0x230
[ 72.220200][ T5113] __pte_alloc+0x6d/0x260
[ 72.224543][ T5113] ? pmd_install+0x160/0x160
[ 72.229154][ T5113] ? _raw_spin_unlock+0x28/0x40
[ 72.234025][ T5113] ? __pmd_alloc+0x30c/0x5d0
[ 72.238636][ T5113] copy_page_range+0x17a8/0x3b40
[ 72.243632][ T5113] ? mas_store+0x206/0x2e0
[ 72.248049][ T5113] ? handle_mm_fault+0x850/0x850
[ 72.253005][ T5113] ? up_write+0x1b0/0x520
[ 72.257349][ T5113] dup_mmap+0xc10/0x10b0
[ 72.261608][ T5113] ? replace_mm_exe_file+0x4b0/0x4b0
[ 72.266912][ T5113] ? lock_downgrade+0x6e0/0x6e0
[ 72.271784][ T5113] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 72.277639][ T5113] ? mm_init+0x8e0/0xc10
[ 72.281908][ T5113] copy_process+0x440f/0x7520
[ 72.286631][ T5113] ? __cleanup_sighand+0xb0/0xb0
[ 72.291610][ T5113] kernel_clone+0xeb/0x990
[ 72.296139][ T5113] ? create_io_thread+0xf0/0xf0
[ 72.301012][ T5113] ? rwlock_bug.part.0+0x90/0x90
[ 72.305984][ T5113] ? _raw_spin_lock_irq+0x45/0x50
[ 72.311063][ T5113] ? find_held_lock+0x2d/0x110
[ 72.315889][ T5113] __do_sys_clone+0xba/0x100
[ 72.320543][ T5113] ? kernel_clone+0x990/0x990
[ 72.325273][ T5113] ? _raw_spin_unlock_irq+0x2e/0x50
[ 72.330499][ T5113] ? ptrace_notify+0xfe/0x140
[ 72.335203][ T5113] do_syscall_64+0x39/0xb0
[ 72.339681][ T5113] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 72.345695][ T5113] RIP: 0033:0x7ffbd353f5e9
[ 72.350142][ T5113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 72.369783][ T5113] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 72.378247][ T5113] RAX: ffffffffffffffda RBX: 00000000000118c1 RCX: 00007ffbd353f5e9
[ 72.386248][ T5113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 72.394258][ T5113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 72.402258][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 72.410241][ T5113] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 72.418253][ T5113]
[ 72.421832][ T5113] ------------[ cut here ]------------
[ 72.427611][ T5113] WARNING: CPU: 1 PID: 5113 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0x24b/0x290
[ 72.437479][ T5113] Modules linked in:
[ 72.441402][ T5113] CPU: 1 PID: 5113 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 72.450636][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 72.460851][ T5113] RIP: 0010:untrack_pfn+0x24b/0x290
[ 72.466201][ T5113] Code: 85 6c ff ff ff e8 b5 fb 46 00 4c 89 ee 4c 89 e7 e8 1a e2 ff ff e8 a5 fb 46 00 48 85 db 0f 85 58 ff ff ff eb 82 e8 95 fb 46 00 <0f> 0b e9 76 ff ff ff 48 89 df e8 36 03 95 00 e9 98 fe ff ff e8 dc
[ 72.485932][ T5113] RSP: 0018:ffffc90003e7f740 EFLAGS: 00010293
[ 72.492053][ T5113] RAX: 0000000000000000 RBX: ffff88801f644b60 RCX: 0000000000000000
[ 72.500057][ T5113] RDX: ffff88807a24d7c0 RSI: ffffffff813a56ab RDI: 0000000000000005
[ 72.508125][ T5113] RBP: 1ffff920007cfee8 R08: 0000000000000005 R09: 0000000000000000
[ 72.516185][ T5113] R10: 00000000ffffffea R11: 0000000000000000 R12: 00000000ffffffea
[ 72.524250][ T5113] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88801f644b80
[ 72.532295][ T5113] FS: 00005555560263c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 72.541245][ T5113] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 72.547950][ T5113] CR2: 00007ffbd3597124 CR3: 000000007c071000 CR4: 00000000003506e0
[ 72.556017][ T5113] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 72.564083][ T5113] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 72.572121][ T5113] Call Trace:
[ 72.575426][ T5113]
[ 72.578398][ T5113] ? track_pfn_insert+0x150/0x150
[ 72.583531][ T5113] ? mas_walk+0x4bd/0x6c0
[ 72.587906][ T5113] ? mas_find+0x211/0xd10
[ 72.592309][ T5113] ? uprobe_munmap+0x20/0x550
[ 72.597030][ T5113] unmap_single_vma+0x1b4/0x2a0
[ 72.601996][ T5113] unmap_vmas+0x226/0x370
[ 72.606467][ T5113] ? unmap_single_vma+0x2a0/0x2a0
[ 72.611527][ T5113] ? find_held_lock+0x2d/0x110
[ 72.616420][ T5113] ? lock_downgrade+0x6e0/0x6e0
[ 72.621338][ T5113] exit_mmap+0x18d/0x7b0
[ 72.625768][ T5113] ? __ia32_sys_remap_file_pages+0x150/0x150
[ 72.631943][ T5113] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 72.637817][ T5113] __mmput+0x128/0x4c0
[ 72.642007][ T5113] mmput+0x60/0x70
[ 72.645857][ T5113] copy_process+0x4623/0x7520
[ 72.650623][ T5113] ? __cleanup_sighand+0xb0/0xb0
[ 72.655705][ T5113] kernel_clone+0xeb/0x990
[ 72.660166][ T5113] ? create_io_thread+0xf0/0xf0
[ 72.665121][ T5113] ? rwlock_bug.part.0+0x90/0x90
[ 72.670090][ T5113] ? _raw_spin_lock_irq+0x45/0x50
[ 72.675389][ T5113] ? find_held_lock+0x2d/0x110
[ 72.680214][ T5113] __do_sys_clone+0xba/0x100
[ 72.685003][ T5113] ? kernel_clone+0x990/0x990
[ 72.689722][ T5113] ? _raw_spin_unlock_irq+0x2e/0x50
[ 72.695014][ T5113] ? ptrace_notify+0xfe/0x140
[ 72.699865][ T5113] do_syscall_64+0x39/0xb0
[ 72.704441][ T5113] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 72.710375][ T5113] RIP: 0033:0x7ffbd353f5e9
[ 72.714909][ T5113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 72.734611][ T5113] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 72.743079][ T5113] RAX: ffffffffffffffda RBX: 00000000000118c1 RCX: 00007ffbd353f5e9
[ 72.751089][ T5113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 72.759181][ T5113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 72.767228][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 72.775287][ T5113] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 72.783339][ T5113]
[ 72.786396][ T5113] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 72.793729][ T5113] CPU: 1 PID: 5113 Comm: syz-executor363 Not tainted 6.2.0-rc1-syzkaller #0
[ 72.802460][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 72.812554][ T5113] Call Trace:
[ 72.815851][ T5113]
[ 72.818780][ T5113] dump_stack_lvl+0xd1/0x138
[ 72.823472][ T5113] panic+0x2cc/0x626
[ 72.827375][ T5113] ? panic_print_sys_info.part.0+0x110/0x110
[ 72.833371][ T5113] ? untrack_pfn+0x24b/0x290
[ 72.837962][ T5113] check_panic_on_warn.cold+0x19/0x35
[ 72.843351][ T5113] __warn+0xf2/0x1a0
[ 72.847276][ T5113] ? untrack_pfn+0x24b/0x290
[ 72.851885][ T5113] report_bug+0x1c0/0x210
[ 72.856237][ T5113] handle_bug+0x3c/0x70
[ 72.860419][ T5113] exc_invalid_op+0x18/0x50
[ 72.864949][ T5113] asm_exc_invalid_op+0x1a/0x20
[ 72.869823][ T5113] RIP: 0010:untrack_pfn+0x24b/0x290
[ 72.875042][ T5113] Code: 85 6c ff ff ff e8 b5 fb 46 00 4c 89 ee 4c 89 e7 e8 1a e2 ff ff e8 a5 fb 46 00 48 85 db 0f 85 58 ff ff ff eb 82 e8 95 fb 46 00 <0f> 0b e9 76 ff ff ff 48 89 df e8 36 03 95 00 e9 98 fe ff ff e8 dc
[ 72.894674][ T5113] RSP: 0018:ffffc90003e7f740 EFLAGS: 00010293
[ 72.900759][ T5113] RAX: 0000000000000000 RBX: ffff88801f644b60 RCX: 0000000000000000
[ 72.908742][ T5113] RDX: ffff88807a24d7c0 RSI: ffffffff813a56ab RDI: 0000000000000005
[ 72.916730][ T5113] RBP: 1ffff920007cfee8 R08: 0000000000000005 R09: 0000000000000000
[ 72.924717][ T5113] R10: 00000000ffffffea R11: 0000000000000000 R12: 00000000ffffffea
[ 72.932715][ T5113] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88801f644b80
[ 72.940714][ T5113] ? untrack_pfn+0x24b/0x290
[ 72.945330][ T5113] ? track_pfn_insert+0x150/0x150
[ 72.950370][ T5113] ? mas_walk+0x4bd/0x6c0
[ 72.954735][ T5113] ? mas_find+0x211/0xd10
[ 72.959076][ T5113] ? uprobe_munmap+0x20/0x550
[ 72.963785][ T5113] unmap_single_vma+0x1b4/0x2a0
[ 72.968666][ T5113] unmap_vmas+0x226/0x370
[ 72.973027][ T5113] ? unmap_single_vma+0x2a0/0x2a0
[ 72.978077][ T5113] ? find_held_lock+0x2d/0x110
[ 72.982877][ T5113] ? lock_downgrade+0x6e0/0x6e0
[ 72.987759][ T5113] exit_mmap+0x18d/0x7b0
[ 72.992052][ T5113] ? __ia32_sys_remap_file_pages+0x150/0x150
[ 72.998071][ T5113] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 73.003912][ T5113] __mmput+0x128/0x4c0
[ 73.008003][ T5113] mmput+0x60/0x70
[ 73.011740][ T5113] copy_process+0x4623/0x7520
[ 73.016455][ T5113] ? __cleanup_sighand+0xb0/0xb0
[ 73.021435][ T5113] kernel_clone+0xeb/0x990
[ 73.025873][ T5113] ? create_io_thread+0xf0/0xf0
[ 73.030756][ T5113] ? rwlock_bug.part.0+0x90/0x90
[ 73.035714][ T5113] ? _raw_spin_lock_irq+0x45/0x50
[ 73.040770][ T5113] ? find_held_lock+0x2d/0x110
[ 73.045567][ T5113] __do_sys_clone+0xba/0x100
[ 73.050183][ T5113] ? kernel_clone+0x990/0x990
[ 73.054890][ T5113] ? _raw_spin_unlock_irq+0x2e/0x50
[ 73.060107][ T5113] ? ptrace_notify+0xfe/0x140
[ 73.064805][ T5113] do_syscall_64+0x39/0xb0
[ 73.069247][ T5113] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 73.075158][ T5113] RIP: 0033:0x7ffbd353f5e9
[ 73.079589][ T5113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 73.099208][ T5113] RSP: 002b:00007ffe1ea441b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 73.107667][ T5113] RAX: ffffffffffffffda RBX: 00000000000118c1 RCX: 00007ffbd353f5e9
[ 73.115683][ T5113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 73.123675][ T5113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000003132
[ 73.131660][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 73.139646][ T5113] R13: 431bde82d7b634db R14: 00007ffe1ea44210 R15: 0000000000000000
[ 73.147653][ T5113]
[ 73.150902][ T5113] Kernel Offset: disabled
[ 73.155317][ T5113] Rebooting in 86400 seconds..