./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor960040734 <...> forked to background, child pid 192 no interfaces have a carrier Starting sshd: OK syzkaller syzkaller login: [ 14.249782][ T22] kauditd_printk_skb: 60 callbacks suppressed [ 14.249790][ T22] audit: type=1400 audit(1663342191.550:71): avc: denied { transition } for pid=265 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.257465][ T22] audit: type=1400 audit(1663342191.550:72): avc: denied { write } for pid=265 comm="sh" path="pipe:[10529]" dev="pipefs" ino=10529 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 Warning: Permanently added '10.128.10.18' (ECDSA) to the list of known hosts. execve("./syz-executor960040734", ["./syz-executor960040734"], 0x7ffd7ef51bc0 /* 10 vars */) = 0 brk(NULL) = 0x5555572b8000 brk(0x5555572b8c40) = 0x5555572b8c40 arch_prctl(ARCH_SET_FS, 0x5555572b8300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor960040734", 4096) = 27 brk(0x5555572d9c40) = 0x5555572d9c40 brk(0x5555572da000) = 0x5555572da000 mprotect(0x7f1f5685d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 305 attached , child_tidptr=0x5555572b85d0) = 305 [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 305] setpgid(0, 0) = 0 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 305] write(3, "1000", 4) = 4 [pid 305] close(3) = 0 [pid 305] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 305] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 305] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 305] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 305] write(4, "3", 1) = 1 [ 21.037342][ T22] audit: type=1400 audit(1663342198.330:73): avc: denied { execmem } for pid=304 comm="syz-executor960" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 21.067070][ T305] FAULT_INJECTION: forcing a failure. [ 21.067070][ T305] name failslab, interval 1, probability 0, space 0, times 1 [ 21.079842][ T305] CPU: 0 PID: 305 Comm: syz-executor960 Not tainted 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 21.089969][ T305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 21.100019][ T305] Call Trace: [ 21.103296][ T305] dump_stack+0x18e/0x1d5 [ 21.107653][ T305] should_fail+0x604/0x770 [ 21.112043][ T305] ? io_get_req+0x10c/0x590 [ 21.116516][ T305] should_failslab+0x5/0x20 [ 21.120994][ T305] kmem_cache_alloc+0x24/0x210 [ 21.125817][ T305] io_get_req+0x10c/0x590 [ 21.130120][ T305] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 21.135638][ T305] do_syscall_64+0xcb/0x1c0 [ 21.140113][ T305] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.145976][ T305] RIP: 0033:0x7f1f567f02f9 [ 21.150380][ T305] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 21.169957][ T305] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 21.178340][ T305] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [pid 305] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 305] exit_group(0) = ? [ 21.186285][ T305] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 21.194232][ T305] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 21.202182][ T305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 21.210153][ T305] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 305] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 306 attached , child_tidptr=0x5555572b85d0) = 306 [pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 306] setpgid(0, 0) = 0 [pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 306] write(3, "1000", 4) = 4 [pid 306] close(3) = 0 [pid 306] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 306] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 306] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 306] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 306] write(4, "3", 1) = 1 [ 21.327146][ T306] FAULT_INJECTION: forcing a failure. [ 21.327146][ T306] name failslab, interval 1, probability 0, space 0, times 0 [ 21.339957][ T306] CPU: 0 PID: 306 Comm: syz-executor960 Not tainted 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 21.350085][ T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 21.360156][ T306] Call Trace: [ 21.363452][ T306] dump_stack+0x18e/0x1d5 [ 21.367768][ T306] should_fail+0x604/0x770 [ 21.372175][ T306] ? io_req_defer+0x18c/0x5c0 [ 21.376826][ T306] should_failslab+0x5/0x20 [ 21.381308][ T306] kmem_cache_alloc_trace+0x28/0x240 [ 21.386570][ T306] io_req_defer+0x18c/0x5c0 [ 21.391055][ T306] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 21.396837][ T306] io_queue_link_head+0x61/0x680 [ 21.401745][ T306] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 21.407264][ T306] do_syscall_64+0xcb/0x1c0 [ 21.411739][ T306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.417604][ T306] RIP: 0033:0x7f1f567f02f9 [ 21.421988][ T306] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 21.441572][ T306] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 21.449951][ T306] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 21.457897][ T306] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 21.465838][ T306] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 21.473797][ T306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 21.481753][ T306] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 21.489870][ T306] ================================================================== [ 21.498549][ T306] BUG: KASAN: use-after-free in io_queue_link_head+0x56f/0x680 [ 21.506218][ T306] Read of size 8 at addr ffff8881e0a087d0 by task syz-executor960/306 [ 21.514340][ T306] [ 21.516649][ T306] CPU: 0 PID: 306 Comm: syz-executor960 Not tainted 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 21.527020][ T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 21.537044][ T306] Call Trace: [ 21.540312][ T306] dump_stack+0x18e/0x1d5 [ 21.544617][ T306] ? io_queue_link_head+0x56f/0x680 [ 21.549786][ T306] print_address_description+0x8c/0x630 [ 21.555303][ T306] ? printk+0x76/0x96 [ 21.559257][ T306] ? io_queue_link_head+0x56f/0x680 [ 21.564428][ T306] ? vprintk_emit+0x3aa/0x3f0 [ 21.569079][ T306] ? io_queue_link_head+0x56f/0x680 [ 21.574257][ T306] __kasan_report+0xf6/0x130 [ 21.578817][ T306] ? io_queue_link_head+0x56f/0x680 [ 21.583999][ T306] kasan_report+0x30/0x60 [ 21.588311][ T306] io_queue_link_head+0x56f/0x680 [ 21.593323][ T306] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 21.598851][ T306] do_syscall_64+0xcb/0x1c0 [ 21.603348][ T306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.609393][ T306] RIP: 0033:0x7f1f567f02f9 [ 21.613789][ T306] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 21.633373][ T306] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 21.641756][ T306] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 21.649699][ T306] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 21.657643][ T306] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 21.665591][ T306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 21.673555][ T306] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 21.681507][ T306] [ 21.683813][ T306] Allocated by task 306: [ 21.688034][ T306] __kasan_kmalloc+0x131/0x1e0 [ 21.692771][ T306] kmem_cache_alloc_bulk+0x16f/0x270 [ 21.698030][ T306] io_get_req+0x17a/0x590 [ 21.702333][ T306] io_submit_sqe+0x83/0xe80 [ 21.706806][ T306] __se_sys_io_uring_enter+0x7cf/0x1cb0 [ 21.712345][ T306] do_syscall_64+0xcb/0x1c0 [ 21.716823][ T306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.722775][ T306] [ 21.725075][ T306] Freed by task 306: [ 21.728960][ T306] __kasan_slab_free+0x178/0x240 [ 21.733882][ T306] slab_free_freelist_hook+0x80/0x150 [ 21.739222][ T306] kmem_cache_free+0xa9/0x1d0 [ 21.743885][ T306] io_queue_link_head+0x2b7/0x680 [ 21.748965][ T306] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 21.754494][ T306] do_syscall_64+0xcb/0x1c0 [ 21.758967][ T306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.764821][ T306] [ 21.767121][ T306] The buggy address belongs to the object at ffff8881e0a08780 [ 21.767121][ T306] which belongs to the cache io_kiocb of size 264 [ 21.780883][ T306] The buggy address is located 80 bytes inside of [ 21.780883][ T306] 264-byte region [ffff8881e0a08780, ffff8881e0a08888) [ 21.794033][ T306] The buggy address belongs to the page: [ 21.799738][ T306] page:ffffea0007828200 refcount:1 mapcount:0 mapping:ffff8881f5e5aa00 index:0x0 compound_mapcount: 0 [ 21.810663][ T306] flags: 0x8000000000010200(slab|head) [ 21.816099][ T306] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f5e5aa00 [ 21.824915][ T306] raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000 [ 21.833468][ T306] page dumped because: kasan: bad access detected [ 21.839860][ T306] page_owner tracks the page as allocated [ 21.845547][ T306] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC) [ 21.860536][ T306] prep_new_page+0x194/0x380 [ 21.865120][ T306] get_page_from_freelist+0x524/0x560 [ 21.870469][ T306] __alloc_pages_nodemask+0x2ab/0x6f0 [ 21.875809][ T306] alloc_slab_page+0x39/0x3e0 [ 21.880452][ T306] new_slab+0x97/0x450 [ 21.884494][ T306] ___slab_alloc+0x320/0x4b0 [ 21.889070][ T306] kmem_cache_alloc_bulk+0xc6/0x270 [ 21.894250][ T306] io_get_req+0x17a/0x590 [ 21.898551][ T306] io_submit_sqe+0x83/0xe80 [ 21.903028][ T306] __se_sys_io_uring_enter+0x7cf/0x1cb0 [ 21.908551][ T306] do_syscall_64+0xcb/0x1c0 [ 21.913032][ T306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.918895][ T306] page last free stack trace: [ 21.923545][ T306] __free_pages_ok+0x7ee/0x920 [ 21.928277][ T306] page_to_skb+0x62e/0x910 [ 21.932684][ T306] receive_mergeable+0x73e/0x2300 [ 21.937675][ T306] receive_buf+0x104/0x1940 [ 21.942145][ T306] virtnet_poll+0x554/0x10b0 [ 21.946705][ T306] napi_poll+0x195/0x670 [ 21.950915][ T306] net_rx_action+0x2dd/0x890 [ 21.955474][ T306] __do_softirq+0x23e/0x643 [ 21.959949][ T306] irq_exit+0x195/0x1c0 [ 21.964075][ T306] do_IRQ+0xc4/0x1b0 [ 21.967941][ T306] ret_from_intr+0x0/0x14 [ 21.972245][ T306] default_idle+0x1f/0x30 [ 21.976544][ T306] do_idle+0x1d2/0x590 [ 21.980583][ T306] cpu_startup_entry+0x15/0x20 [ 21.985336][ T306] start_secondary+0x312/0x390 [ 21.990069][ T306] secondary_startup_64+0xa4/0xb0 [ 21.995060][ T306] [ 21.997360][ T306] Memory state around the buggy address: [ 22.002966][ T306] ffff8881e0a08680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.011000][ T306] ffff8881e0a08700: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.019031][ T306] >ffff8881e0a08780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [pid 306] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 306] exit_group(0) = ? [pid 306] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 307 attached , child_tidptr=0x5555572b85d0) = 307 [pid 307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 307] setpgid(0, 0) = 0 [pid 307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 307] write(3, "1000", 4) = 4 [pid 307] close(3) = 0 [pid 307] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 307] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 307] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 307] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 307] write(4, "3", 1) = 1 [ 22.027061][ T306] ^ [ 22.033709][ T306] ffff8881e0a08800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.041747][ T306] ffff8881e0a08880: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.049774][ T306] ================================================================== [ 22.057818][ T306] Disabling lock debugging due to kernel taint [ 22.107896][ T307] FAULT_INJECTION: forcing a failure. [ 22.107896][ T307] name failslab, interval 1, probability 0, space 0, times 0 [ 22.120684][ T307] CPU: 0 PID: 307 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 22.132214][ T307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 22.142241][ T307] Call Trace: [ 22.145522][ T307] dump_stack+0x18e/0x1d5 [ 22.149832][ T307] should_fail+0x604/0x770 [ 22.154227][ T307] ? io_get_req+0x10c/0x590 [ 22.158703][ T307] should_failslab+0x5/0x20 [ 22.163179][ T307] kmem_cache_alloc+0x24/0x210 [ 22.167918][ T307] io_get_req+0x10c/0x590 [ 22.172221][ T307] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 22.177740][ T307] do_syscall_64+0xcb/0x1c0 [ 22.182215][ T307] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 22.188079][ T307] RIP: 0033:0x7f1f567f02f9 [ 22.192468][ T307] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 22.212051][ T307] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 22.220447][ T307] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 22.228395][ T307] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 22.236341][ T307] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 22.244287][ T307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 307] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 307] exit_group(0) = ? [ 22.252245][ T307] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 307] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 308 ./strace-static-x86_64: Process 308 attached [pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 308] setpgid(0, 0) = 0 [pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 308] write(3, "1000", 4) = 4 [pid 308] close(3) = 0 [pid 308] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 308] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 308] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 308] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 308] write(4, "3", 1) = 1 [ 22.367311][ T308] FAULT_INJECTION: forcing a failure. [ 22.367311][ T308] name failslab, interval 1, probability 0, space 0, times 0 [ 22.380045][ T308] CPU: 0 PID: 308 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 22.391797][ T308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 22.401856][ T308] Call Trace: [ 22.405157][ T308] dump_stack+0x18e/0x1d5 [ 22.409475][ T308] should_fail+0x604/0x770 [ 22.413864][ T308] ? io_req_defer+0x18c/0x5c0 [ 22.418508][ T308] should_failslab+0x5/0x20 [ 22.422992][ T308] kmem_cache_alloc_trace+0x28/0x240 [ 22.428278][ T308] io_req_defer+0x18c/0x5c0 [ 22.432758][ T308] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 22.438540][ T308] io_queue_link_head+0x61/0x680 [ 22.443454][ T308] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 22.448983][ T308] do_syscall_64+0xcb/0x1c0 [ 22.453462][ T308] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 22.459327][ T308] RIP: 0033:0x7f1f567f02f9 [ 22.463720][ T308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 22.483311][ T308] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 22.491704][ T308] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 22.499655][ T308] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 22.507601][ T308] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 308] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 308] exit_group(0) = ? [ 22.515593][ T308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 22.523569][ T308] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 308] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 309 ./strace-static-x86_64: Process 309 attached [pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 309] setpgid(0, 0) = 0 [pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 309] write(3, "1000", 4) = 4 [pid 309] close(3) = 0 [pid 309] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 309] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 309] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 309] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 309] write(4, "3", 1) = 1 [ 22.583622][ T309] FAULT_INJECTION: forcing a failure. [ 22.583622][ T309] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 22.597094][ T309] CPU: 0 PID: 309 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 22.608612][ T309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 22.618645][ T309] Call Trace: [ 22.621931][ T309] dump_stack+0x18e/0x1d5 [ 22.626251][ T309] should_fail+0x604/0x770 [ 22.630657][ T309] __alloc_pages_nodemask+0x12a/0x6f0 [ 22.635997][ T309] alloc_slab_page+0x39/0x3e0 [ 22.640640][ T309] new_slab+0x97/0x450 [ 22.644680][ T309] ___slab_alloc+0x320/0x4b0 [ 22.649239][ T309] ? __fget+0x3a6/0x420 [ 22.653368][ T309] ? check_preemption_disabled+0xde/0x2c0 [ 22.659055][ T309] ? io_get_req+0x10c/0x590 [ 22.663526][ T309] ? io_get_req+0x10c/0x590 [ 22.667996][ T309] __slab_alloc+0x5a/0x90 [ 22.672309][ T309] ? io_get_req+0x10c/0x590 [ 22.676786][ T309] kmem_cache_alloc+0x100/0x210 [ 22.681801][ T309] io_get_req+0x10c/0x590 [ 22.686111][ T309] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 22.691634][ T309] do_syscall_64+0xcb/0x1c0 [ 22.696115][ T309] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 22.702013][ T309] RIP: 0033:0x7f1f567f02f9 [ 22.706402][ T309] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 22.725994][ T309] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [pid 309] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 309] exit_group(0) = ? [pid 309] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=309, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 310 attached , child_tidptr=0x5555572b85d0) = 310 [pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 310] setpgid(0, 0) = 0 [pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 310] write(3, "1000", 4) = 4 [pid 310] close(3) = 0 [pid 310] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 310] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 310] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 310] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 310] write(4, "3", 1) = 1 [ 22.734374][ T309] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 22.742316][ T309] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 22.750260][ T309] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 22.758205][ T309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 22.766146][ T309] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 22.784285][ T310] FAULT_INJECTION: forcing a failure. [ 22.784285][ T310] name failslab, interval 1, probability 0, space 0, times 0 [ 22.797050][ T310] CPU: 0 PID: 310 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 22.808562][ T310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 22.818674][ T310] Call Trace: [ 22.821934][ T310] dump_stack+0x18e/0x1d5 [ 22.826233][ T310] should_fail+0x604/0x770 [ 22.830630][ T310] ? io_req_defer+0x18c/0x5c0 [ 22.835273][ T310] should_failslab+0x5/0x20 [ 22.839744][ T310] kmem_cache_alloc_trace+0x28/0x240 [ 22.845006][ T310] io_req_defer+0x18c/0x5c0 [ 22.849498][ T310] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 22.855274][ T310] io_queue_link_head+0x61/0x680 [ 22.860183][ T310] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 22.865704][ T310] do_syscall_64+0xcb/0x1c0 [ 22.870188][ T310] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 22.876054][ T310] RIP: 0033:0x7f1f567f02f9 [ 22.880489][ T310] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 22.900087][ T310] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 22.908493][ T310] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 22.916443][ T310] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 22.924387][ T310] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 310] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 310] exit_group(0) = ? [ 22.932329][ T310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 22.940274][ T310] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 310] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=310, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 311 ./strace-static-x86_64: Process 311 attached [pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 311] setpgid(0, 0) = 0 [pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 311] write(3, "1000", 4) = 4 [pid 311] close(3) = 0 [pid 311] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 311] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 311] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 311] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 311] write(4, "3", 1) = 1 [ 23.044890][ T311] FAULT_INJECTION: forcing a failure. [ 23.044890][ T311] name failslab, interval 1, probability 0, space 0, times 0 [ 23.057688][ T311] CPU: 1 PID: 311 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 23.069231][ T311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 23.079271][ T311] Call Trace: [ 23.082542][ T311] dump_stack+0x18e/0x1d5 [ 23.086846][ T311] should_fail+0x604/0x770 [ 23.091244][ T311] ? io_get_req+0x10c/0x590 [ 23.095898][ T311] should_failslab+0x5/0x20 [ 23.100376][ T311] kmem_cache_alloc+0x24/0x210 [ 23.105124][ T311] io_get_req+0x10c/0x590 [ 23.109433][ T311] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 23.114958][ T311] do_syscall_64+0xcb/0x1c0 [ 23.119438][ T311] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 23.125298][ T311] RIP: 0033:0x7f1f567f02f9 [ 23.129684][ T311] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.149271][ T311] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 23.157660][ T311] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 23.165609][ T311] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 23.173551][ T311] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 23.181584][ T311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 311] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 311] exit_group(0) = ? [pid 311] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=311, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 312 attached , child_tidptr=0x5555572b85d0) = 312 [pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 312] setpgid(0, 0) = 0 [pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 312] write(3, "1000", 4) = 4 [pid 312] close(3) = 0 [pid 312] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 312] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 312] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [ 23.189530][ T311] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 312] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 312] write(4, "3", 1) = 1 [ 23.237440][ T312] FAULT_INJECTION: forcing a failure. [ 23.237440][ T312] name failslab, interval 1, probability 0, space 0, times 0 [ 23.250106][ T312] CPU: 0 PID: 312 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 23.261616][ T312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 23.271644][ T312] Call Trace: [ 23.274913][ T312] dump_stack+0x18e/0x1d5 [ 23.279217][ T312] should_fail+0x604/0x770 [ 23.283609][ T312] ? io_get_req+0x10c/0x590 [ 23.288100][ T312] should_failslab+0x5/0x20 [ 23.292618][ T312] kmem_cache_alloc+0x24/0x210 [ 23.297365][ T312] io_get_req+0x10c/0x590 [ 23.301679][ T312] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 23.307206][ T312] do_syscall_64+0xcb/0x1c0 [ 23.311698][ T312] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 23.317567][ T312] RIP: 0033:0x7f1f567f02f9 [ 23.321961][ T312] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.341542][ T312] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 23.349932][ T312] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 23.357877][ T312] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 23.365825][ T312] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 23.373769][ T312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 312] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 312] exit_group(0) = ? [ 23.381711][ T312] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 312] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=312, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 313 attached , child_tidptr=0x5555572b85d0) = 313 [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 313] setpgid(0, 0) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 313] close(3) = 0 [pid 313] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 313] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 313] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 313] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 313] write(4, "3", 1) = 1 [ 23.468655][ T313] FAULT_INJECTION: forcing a failure. [ 23.468655][ T313] name failslab, interval 1, probability 0, space 0, times 0 [ 23.481444][ T313] CPU: 0 PID: 313 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 23.493085][ T313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 23.503114][ T313] Call Trace: [ 23.506398][ T313] dump_stack+0x18e/0x1d5 [ 23.510701][ T313] should_fail+0x604/0x770 [ 23.515091][ T313] ? io_req_defer+0x18c/0x5c0 [ 23.519737][ T313] should_failslab+0x5/0x20 [ 23.524210][ T313] kmem_cache_alloc_trace+0x28/0x240 [ 23.529469][ T313] io_req_defer+0x18c/0x5c0 [ 23.533952][ T313] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 23.539745][ T313] io_queue_link_head+0x61/0x680 [ 23.544657][ T313] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 23.550179][ T313] do_syscall_64+0xcb/0x1c0 [ 23.554653][ T313] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 23.560521][ T313] RIP: 0033:0x7f1f567f02f9 [ 23.564920][ T313] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.584508][ T313] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 23.592894][ T313] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 23.600840][ T313] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 23.608913][ T313] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 313] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 313] exit_group(0) = ? [ 23.616875][ T313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 23.624827][ T313] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 313] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=313, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 314 ./strace-static-x86_64: Process 314 attached [pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 314] setpgid(0, 0) = 0 [pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 314] write(3, "1000", 4) = 4 [pid 314] close(3) = 0 [pid 314] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 314] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 314] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 314] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 314] write(4, "3", 1) = 1 [ 23.727534][ T314] FAULT_INJECTION: forcing a failure. [ 23.727534][ T314] name failslab, interval 1, probability 0, space 0, times 0 [ 23.740259][ T314] CPU: 0 PID: 314 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 23.751772][ T314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 23.761808][ T314] Call Trace: [ 23.765078][ T314] dump_stack+0x18e/0x1d5 [ 23.769378][ T314] should_fail+0x604/0x770 [ 23.773766][ T314] ? io_get_req+0x10c/0x590 [ 23.778240][ T314] should_failslab+0x5/0x20 [ 23.782716][ T314] kmem_cache_alloc+0x24/0x210 [ 23.787451][ T314] io_get_req+0x10c/0x590 [ 23.791771][ T314] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 23.797287][ T314] do_syscall_64+0xcb/0x1c0 [ 23.801761][ T314] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 23.807620][ T314] RIP: 0033:0x7f1f567f02f9 [ 23.812005][ T314] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.831583][ T314] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 23.839975][ T314] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 23.847917][ T314] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 23.855859][ T314] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 23.863802][ T314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 314] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 314] exit_group(0) = ? [ 23.871748][ T314] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 314] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=314, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 315 ./strace-static-x86_64: Process 315 attached [pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 315] setpgid(0, 0) = 0 [pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 315] write(3, "1000", 4) = 4 [pid 315] close(3) = 0 [pid 315] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 315] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 315] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 315] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 315] write(4, "3", 1) = 1 [ 23.936748][ T315] FAULT_INJECTION: forcing a failure. [ 23.936748][ T315] name failslab, interval 1, probability 0, space 0, times 0 [ 23.949463][ T315] CPU: 1 PID: 315 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 23.960976][ T315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 23.971026][ T315] Call Trace: [ 23.974315][ T315] dump_stack+0x18e/0x1d5 [ 23.978624][ T315] should_fail+0x604/0x770 [ 23.983016][ T315] ? io_req_defer+0x18c/0x5c0 [ 23.987663][ T315] should_failslab+0x5/0x20 [ 23.992139][ T315] kmem_cache_alloc_trace+0x28/0x240 [ 23.997397][ T315] io_req_defer+0x18c/0x5c0 [ 24.001872][ T315] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 24.007653][ T315] io_queue_link_head+0x61/0x680 [ 24.012563][ T315] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 24.018086][ T315] do_syscall_64+0xcb/0x1c0 [ 24.022562][ T315] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 24.028432][ T315] RIP: 0033:0x7f1f567f02f9 [ 24.032822][ T315] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 24.052417][ T315] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 24.060802][ T315] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 24.068752][ T315] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 24.076698][ T315] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 315] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 315] exit_group(0) = ? [ 24.084732][ T315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 24.092686][ T315] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 315] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=315, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 316 attached , child_tidptr=0x5555572b85d0) = 316 [pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 316] setpgid(0, 0) = 0 [pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 316] write(3, "1000", 4) = 4 [pid 316] close(3) = 0 [pid 316] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 316] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 316] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 316] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 316] write(4, "3", 1) = 1 [ 24.155846][ T316] FAULT_INJECTION: forcing a failure. [ 24.155846][ T316] name failslab, interval 1, probability 0, space 0, times 0 [ 24.168666][ T316] CPU: 0 PID: 316 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 24.180175][ T316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 24.190224][ T316] Call Trace: [ 24.193492][ T316] dump_stack+0x18e/0x1d5 [ 24.197801][ T316] should_fail+0x604/0x770 [ 24.202207][ T316] ? io_req_defer+0x18c/0x5c0 [ 24.206855][ T316] should_failslab+0x5/0x20 [ 24.211352][ T316] kmem_cache_alloc_trace+0x28/0x240 [ 24.216630][ T316] io_req_defer+0x18c/0x5c0 [ 24.221103][ T316] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 24.226877][ T316] io_queue_link_head+0x61/0x680 [ 24.231787][ T316] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 24.237307][ T316] do_syscall_64+0xcb/0x1c0 [ 24.241789][ T316] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 24.247651][ T316] RIP: 0033:0x7f1f567f02f9 [ 24.252039][ T316] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 24.271630][ T316] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 24.280022][ T316] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 24.287966][ T316] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 24.295919][ T316] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 316] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 316] exit_group(0) = ? [ 24.303877][ T316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 24.311825][ T316] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 316] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 317 attached , child_tidptr=0x5555572b85d0) = 317 [pid 317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 317] setpgid(0, 0) = 0 [pid 317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 317] write(3, "1000", 4) = 4 [pid 317] close(3) = 0 [pid 317] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 317] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 317] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 317] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 317] write(4, "3", 1) = 1 [ 24.417427][ T317] FAULT_INJECTION: forcing a failure. [ 24.417427][ T317] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 24.430792][ T317] CPU: 0 PID: 317 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 24.442332][ T317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 24.452361][ T317] Call Trace: [ 24.455631][ T317] dump_stack+0x18e/0x1d5 [ 24.459948][ T317] should_fail+0x604/0x770 [ 24.464351][ T317] __alloc_pages_nodemask+0x12a/0x6f0 [ 24.469705][ T317] alloc_slab_page+0x39/0x3e0 [ 24.474365][ T317] new_slab+0x97/0x450 [ 24.478424][ T317] ___slab_alloc+0x320/0x4b0 [ 24.483010][ T317] ? __fget+0x3a6/0x420 [ 24.487149][ T317] ? check_preemption_disabled+0xde/0x2c0 [ 24.493016][ T317] ? io_get_req+0x10c/0x590 [ 24.497561][ T317] ? io_get_req+0x10c/0x590 [ 24.502088][ T317] __slab_alloc+0x5a/0x90 [ 24.506418][ T317] ? io_get_req+0x10c/0x590 [ 24.510893][ T317] kmem_cache_alloc+0x100/0x210 [ 24.515711][ T317] io_get_req+0x10c/0x590 [ 24.520010][ T317] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 24.525546][ T317] do_syscall_64+0xcb/0x1c0 [ 24.530036][ T317] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 24.535927][ T317] RIP: 0033:0x7f1f567f02f9 [ 24.540316][ T317] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [pid 317] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 317] exit_group(0) = ? [pid 317] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=317, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 318 attached [pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 304] <... clone resumed>, child_tidptr=0x5555572b85d0) = 318 [pid 318] <... prctl resumed>) = 0 [pid 318] setpgid(0, 0) = 0 [pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 318] write(3, "1000", 4) = 4 [pid 318] close(3) = 0 [pid 318] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 318] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 318] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 318] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 318] write(4, "3", 1) = 1 [ 24.560066][ T317] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 24.568550][ T317] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 24.576689][ T317] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 24.584653][ T317] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 24.592635][ T317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 24.600587][ T317] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 24.616051][ T318] FAULT_INJECTION: forcing a failure. [ 24.616051][ T318] name failslab, interval 1, probability 0, space 0, times 0 [ 24.628768][ T318] CPU: 1 PID: 318 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 24.640279][ T318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 24.650323][ T318] Call Trace: [ 24.653598][ T318] dump_stack+0x18e/0x1d5 [ 24.657904][ T318] should_fail+0x604/0x770 [ 24.662293][ T318] ? io_get_req+0x10c/0x590 [ 24.666766][ T318] should_failslab+0x5/0x20 [ 24.671245][ T318] kmem_cache_alloc+0x24/0x210 [ 24.676100][ T318] io_get_req+0x10c/0x590 [ 24.680420][ T318] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 24.685955][ T318] do_syscall_64+0xcb/0x1c0 [ 24.690439][ T318] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 24.696305][ T318] RIP: 0033:0x7f1f567f02f9 [pid 318] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 318] exit_group(0) = ? [ 24.700694][ T318] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 24.720299][ T318] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 24.728722][ T318] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 24.736681][ T318] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 24.744630][ T318] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 24.752582][ T318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 24.760546][ T318] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 318] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=318, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 319 ./strace-static-x86_64: Process 319 attached [pid 319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 319] setpgid(0, 0) = 0 [pid 319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 319] write(3, "1000", 4) = 4 [pid 319] close(3) = 0 [pid 319] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 319] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 319] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 319] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 319] write(4, "3", 1) = 1 [ 24.846406][ T319] FAULT_INJECTION: forcing a failure. [ 24.846406][ T319] name failslab, interval 1, probability 0, space 0, times 0 [ 24.859121][ T319] CPU: 0 PID: 319 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 24.870736][ T319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 24.880778][ T319] Call Trace: [ 24.884048][ T319] dump_stack+0x18e/0x1d5 [ 24.888363][ T319] should_fail+0x604/0x770 [ 24.892770][ T319] ? io_req_defer+0x18c/0x5c0 [ 24.897428][ T319] should_failslab+0x5/0x20 [ 24.901930][ T319] kmem_cache_alloc_trace+0x28/0x240 [ 24.907242][ T319] io_req_defer+0x18c/0x5c0 [ 24.911720][ T319] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 24.917499][ T319] io_queue_link_head+0x61/0x680 [ 24.922410][ T319] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 24.928238][ T319] do_syscall_64+0xcb/0x1c0 [ 24.932979][ T319] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 24.939371][ T319] RIP: 0033:0x7f1f567f02f9 [ 24.943770][ T319] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 24.963613][ T319] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 24.971996][ T319] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 24.979941][ T319] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 24.987886][ T319] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 319] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 319] exit_group(0) = ? [pid 319] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=319, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 320 ./strace-static-x86_64: Process 320 attached [pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 320] setpgid(0, 0) = 0 [pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 320] write(3, "1000", 4) = 4 [pid 320] close(3) = 0 [pid 320] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 320] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 320] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 320] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 320] write(4, "3", 1) = 1 [ 24.995833][ T319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 25.003781][ T319] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 25.043975][ T320] FAULT_INJECTION: forcing a failure. [ 25.043975][ T320] name failslab, interval 1, probability 0, space 0, times 0 [ 25.056717][ T320] CPU: 0 PID: 320 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 25.068228][ T320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 25.078359][ T320] Call Trace: [ 25.081628][ T320] dump_stack+0x18e/0x1d5 [ 25.085934][ T320] should_fail+0x604/0x770 [ 25.090321][ T320] ? io_get_req+0x10c/0x590 [ 25.094819][ T320] should_failslab+0x5/0x20 [ 25.099301][ T320] kmem_cache_alloc+0x24/0x210 [ 25.104038][ T320] io_get_req+0x10c/0x590 [ 25.108340][ T320] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 25.113857][ T320] do_syscall_64+0xcb/0x1c0 [ 25.118332][ T320] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.124193][ T320] RIP: 0033:0x7f1f567f02f9 [ 25.128576][ T320] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.148152][ T320] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 25.156531][ T320] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 25.164472][ T320] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 25.172412][ T320] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 25.180352][ T320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 320] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 320] exit_group(0) = ? [pid 320] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 321 attached , child_tidptr=0x5555572b85d0) = 321 [pid 321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 321] setpgid(0, 0) = 0 [pid 321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 321] write(3, "1000", 4) = 4 [pid 321] close(3) = 0 [pid 321] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [ 25.188296][ T320] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 321] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 321] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 321] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 321] write(4, "3", 1) = 1 [ 25.237386][ T321] FAULT_INJECTION: forcing a failure. [ 25.237386][ T321] name failslab, interval 1, probability 0, space 0, times 0 [ 25.250096][ T321] CPU: 1 PID: 321 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 25.261619][ T321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 25.271643][ T321] Call Trace: [ 25.274940][ T321] dump_stack+0x18e/0x1d5 [ 25.279269][ T321] should_fail+0x604/0x770 [ 25.283676][ T321] ? io_req_defer+0x18c/0x5c0 [ 25.288436][ T321] should_failslab+0x5/0x20 [ 25.292921][ T321] kmem_cache_alloc_trace+0x28/0x240 [ 25.298186][ T321] io_req_defer+0x18c/0x5c0 [ 25.302680][ T321] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 25.308479][ T321] io_queue_link_head+0x61/0x680 [ 25.313402][ T321] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 25.318926][ T321] do_syscall_64+0xcb/0x1c0 [ 25.323503][ T321] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.329367][ T321] RIP: 0033:0x7f1f567f02f9 [ 25.333907][ T321] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.353619][ T321] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 25.362006][ T321] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 25.369980][ T321] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 25.377929][ T321] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 321] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 321] exit_group(0) = ? [ 25.385882][ T321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 25.393827][ T321] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 321] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=321, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 322 ./strace-static-x86_64: Process 322 attached [pid 322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 322] setpgid(0, 0) = 0 [pid 322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 322] write(3, "1000", 4) = 4 [pid 322] close(3) = 0 [pid 322] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 322] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 322] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 322] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 322] write(4, "3", 1) = 1 [ 25.457430][ T322] FAULT_INJECTION: forcing a failure. [ 25.457430][ T322] name failslab, interval 1, probability 0, space 0, times 0 [ 25.470178][ T322] CPU: 0 PID: 322 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 25.481697][ T322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 25.491743][ T322] Call Trace: [ 25.495014][ T322] dump_stack+0x18e/0x1d5 [ 25.499319][ T322] should_fail+0x604/0x770 [ 25.503708][ T322] ? io_req_defer+0x18c/0x5c0 [ 25.508353][ T322] should_failslab+0x5/0x20 [ 25.512824][ T322] kmem_cache_alloc_trace+0x28/0x240 [ 25.518081][ T322] io_req_defer+0x18c/0x5c0 [ 25.522576][ T322] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 25.528358][ T322] io_queue_link_head+0x61/0x680 [ 25.533271][ T322] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 25.538795][ T322] do_syscall_64+0xcb/0x1c0 [ 25.543276][ T322] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.549142][ T322] RIP: 0033:0x7f1f567f02f9 [ 25.553532][ T322] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.573135][ T322] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 25.581517][ T322] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 25.589462][ T322] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 25.597494][ T322] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 322] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 322] exit_group(0) = ? [ 25.605437][ T322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 25.613381][ T322] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 322] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 323 attached , child_tidptr=0x5555572b85d0) = 323 [pid 323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 323] setpgid(0, 0) = 0 [pid 323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 323] write(3, "1000", 4) = 4 [pid 323] close(3) = 0 [pid 323] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 323] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 323] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 323] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 323] write(4, "3", 1) = 1 [ 25.726306][ T323] FAULT_INJECTION: forcing a failure. [ 25.726306][ T323] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 25.739650][ T323] CPU: 1 PID: 323 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 25.751167][ T323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 25.761192][ T323] Call Trace: [ 25.764464][ T323] dump_stack+0x18e/0x1d5 [ 25.768768][ T323] should_fail+0x604/0x770 [ 25.773166][ T323] __alloc_pages_nodemask+0x12a/0x6f0 [ 25.778508][ T323] alloc_slab_page+0x39/0x3e0 [ 25.783159][ T323] new_slab+0x97/0x450 [ 25.787209][ T323] ___slab_alloc+0x320/0x4b0 [ 25.791768][ T323] ? __fget+0x3a6/0x420 [ 25.795903][ T323] ? check_preemption_disabled+0xde/0x2c0 [ 25.801605][ T323] ? io_get_req+0x10c/0x590 [ 25.806094][ T323] ? io_get_req+0x10c/0x590 [ 25.810585][ T323] __slab_alloc+0x5a/0x90 [ 25.814889][ T323] ? io_get_req+0x10c/0x590 [ 25.819365][ T323] kmem_cache_alloc+0x100/0x210 [ 25.824187][ T323] io_get_req+0x10c/0x590 [ 25.828490][ T323] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 25.834007][ T323] do_syscall_64+0xcb/0x1c0 [ 25.838485][ T323] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.844347][ T323] RIP: 0033:0x7f1f567f02f9 [ 25.848736][ T323] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.868326][ T323] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [pid 323] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 323] exit_group(0) = ? [pid 323] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=323, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 324 attached , child_tidptr=0x5555572b85d0) = 324 [pid 324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 324] setpgid(0, 0) = 0 [pid 324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 324] write(3, "1000", 4) = 4 [pid 324] close(3) = 0 [pid 324] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 324] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 324] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 324] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 324] write(4, "3", 1) = 1 [ 25.876720][ T323] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 25.884669][ T323] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 25.892615][ T323] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 25.900559][ T323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 25.908504][ T323] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 25.926745][ T324] FAULT_INJECTION: forcing a failure. [ 25.926745][ T324] name failslab, interval 1, probability 0, space 0, times 0 [ 25.939480][ T324] CPU: 1 PID: 324 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 25.950994][ T324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 25.961020][ T324] Call Trace: [ 25.964292][ T324] dump_stack+0x18e/0x1d5 [ 25.968604][ T324] should_fail+0x604/0x770 [ 25.973002][ T324] ? io_req_defer+0x18c/0x5c0 [ 25.977659][ T324] should_failslab+0x5/0x20 [ 25.982138][ T324] kmem_cache_alloc_trace+0x28/0x240 [ 25.987410][ T324] io_req_defer+0x18c/0x5c0 [ 25.991884][ T324] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 25.997662][ T324] io_queue_link_head+0x61/0x680 [ 26.002574][ T324] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 26.008093][ T324] do_syscall_64+0xcb/0x1c0 [ 26.012578][ T324] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.018453][ T324] RIP: 0033:0x7f1f567f02f9 [ 26.022851][ T324] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.042429][ T324] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 26.050808][ T324] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 26.058749][ T324] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 26.066699][ T324] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 324] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 324] exit_group(0) = ? [pid 324] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=324, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 325 ./strace-static-x86_64: Process 325 attached [pid 325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 325] setpgid(0, 0) = 0 [pid 325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 325] write(3, "1000", 4) = 4 [pid 325] close(3) = 0 [pid 325] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 325] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 325] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 325] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 325] write(4, "3", 1) = 1 [ 26.074646][ T324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 26.082677][ T324] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 26.124786][ T325] FAULT_INJECTION: forcing a failure. [ 26.124786][ T325] name failslab, interval 1, probability 0, space 0, times 0 [ 26.137504][ T325] CPU: 0 PID: 325 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 26.149044][ T325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 26.159088][ T325] Call Trace: [ 26.162352][ T325] dump_stack+0x18e/0x1d5 [ 26.166654][ T325] should_fail+0x604/0x770 [ 26.171096][ T325] ? io_get_req+0x10c/0x590 [ 26.175571][ T325] should_failslab+0x5/0x20 [ 26.180045][ T325] kmem_cache_alloc+0x24/0x210 [ 26.184776][ T325] io_get_req+0x10c/0x590 [ 26.189080][ T325] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 26.194599][ T325] do_syscall_64+0xcb/0x1c0 [ 26.199076][ T325] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.204954][ T325] RIP: 0033:0x7f1f567f02f9 [ 26.209343][ T325] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.228935][ T325] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 26.237326][ T325] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 26.245273][ T325] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 26.253217][ T325] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 26.261163][ T325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 325] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 325] exit_group(0) = ? [ 26.269107][ T325] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 325] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=325, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 326 ./strace-static-x86_64: Process 326 attached [pid 326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 326] setpgid(0, 0) = 0 [pid 326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 326] write(3, "1000", 4) = 4 [pid 326] close(3) = 0 [pid 326] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 326] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 326] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 326] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 326] write(4, "3", 1) = 1 [ 26.364138][ T326] FAULT_INJECTION: forcing a failure. [ 26.364138][ T326] name failslab, interval 1, probability 0, space 0, times 0 [ 26.376790][ T326] CPU: 0 PID: 326 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 26.388300][ T326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 26.398336][ T326] Call Trace: [ 26.401614][ T326] dump_stack+0x18e/0x1d5 [ 26.405922][ T326] should_fail+0x604/0x770 [ 26.410310][ T326] ? io_req_defer+0x18c/0x5c0 [ 26.414955][ T326] should_failslab+0x5/0x20 [ 26.419433][ T326] kmem_cache_alloc_trace+0x28/0x240 [ 26.424686][ T326] io_req_defer+0x18c/0x5c0 [ 26.429158][ T326] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 26.434934][ T326] io_queue_link_head+0x61/0x680 [ 26.439843][ T326] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 26.445360][ T326] do_syscall_64+0xcb/0x1c0 [ 26.449834][ T326] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.455697][ T326] RIP: 0033:0x7f1f567f02f9 [ 26.460083][ T326] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.479663][ T326] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 26.488055][ T326] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 26.496003][ T326] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 26.503954][ T326] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 326] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 326] exit_group(0) = ? [ 26.511900][ T326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 26.519847][ T326] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 326] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=326, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 327 ./strace-static-x86_64: Process 327 attached [pid 327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 327] setpgid(0, 0) = 0 [pid 327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 327] write(3, "1000", 4) = 4 [pid 327] close(3) = 0 [pid 327] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 327] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 327] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 327] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 327] write(4, "3", 1) = 1 [ 26.644227][ T327] FAULT_INJECTION: forcing a failure. [ 26.644227][ T327] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 26.657476][ T327] CPU: 0 PID: 327 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 26.668993][ T327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 26.679149][ T327] Call Trace: [ 26.682428][ T327] dump_stack+0x18e/0x1d5 [ 26.686740][ T327] should_fail+0x604/0x770 [ 26.691132][ T327] __alloc_pages_nodemask+0x12a/0x6f0 [ 26.696483][ T327] alloc_slab_page+0x39/0x3e0 [ 26.701137][ T327] new_slab+0x97/0x450 [ 26.705187][ T327] ___slab_alloc+0x320/0x4b0 [ 26.709776][ T327] ? __fget+0x3a6/0x420 [ 26.713905][ T327] ? check_preemption_disabled+0xde/0x2c0 [ 26.719598][ T327] ? io_get_req+0x10c/0x590 [ 26.724074][ T327] ? io_get_req+0x10c/0x590 [ 26.728546][ T327] __slab_alloc+0x5a/0x90 [ 26.732847][ T327] ? io_get_req+0x10c/0x590 [ 26.737321][ T327] kmem_cache_alloc+0x100/0x210 [ 26.742143][ T327] io_get_req+0x10c/0x590 [ 26.746444][ T327] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 26.751964][ T327] do_syscall_64+0xcb/0x1c0 [ 26.756438][ T327] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.762305][ T327] RIP: 0033:0x7f1f567f02f9 [ 26.766695][ T327] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.786276][ T327] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [pid 327] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 327] exit_group(0) = ? [pid 327] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=327, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 328 ./strace-static-x86_64: Process 328 attached [pid 328] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 328] setpgid(0, 0) = 0 [pid 328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 328] write(3, "1000", 4) = 4 [pid 328] close(3) = 0 [pid 328] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 328] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 328] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 328] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 328] write(4, "3", 1) = 1 [ 26.794679][ T327] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 26.802625][ T327] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 26.810568][ T327] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 26.818513][ T327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 26.826456][ T327] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 26.843615][ T328] FAULT_INJECTION: forcing a failure. [ 26.843615][ T328] name failslab, interval 1, probability 0, space 0, times 0 [ 26.856367][ T328] CPU: 1 PID: 328 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 26.867877][ T328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 26.877907][ T328] Call Trace: [ 26.881196][ T328] dump_stack+0x18e/0x1d5 [ 26.885517][ T328] should_fail+0x604/0x770 [ 26.889909][ T328] ? io_get_req+0x10c/0x590 [ 26.894387][ T328] should_failslab+0x5/0x20 [ 26.898880][ T328] kmem_cache_alloc+0x24/0x210 [ 26.903661][ T328] io_get_req+0x10c/0x590 [ 26.907966][ T328] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 26.913492][ T328] do_syscall_64+0xcb/0x1c0 [ 26.917971][ T328] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.923850][ T328] RIP: 0033:0x7f1f567f02f9 [ 26.928264][ T328] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.947925][ T328] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 26.956305][ T328] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 26.964247][ T328] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 26.972211][ T328] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 26.980157][ T328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 328] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 328] exit_group(0) = ? [pid 328] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=328, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 329 ./strace-static-x86_64: Process 329 attached [pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 329] setpgid(0, 0) = 0 [pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 329] write(3, "1000", 4) = 4 [pid 329] close(3) = 0 [pid 329] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 329] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 329] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 329] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 329] write(4, "3", 1) = 1 [ 26.988105][ T328] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 27.035654][ T329] FAULT_INJECTION: forcing a failure. [ 27.035654][ T329] name failslab, interval 1, probability 0, space 0, times 0 [ 27.048335][ T329] CPU: 0 PID: 329 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 27.059848][ T329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 27.069881][ T329] Call Trace: [ 27.073330][ T329] dump_stack+0x18e/0x1d5 [ 27.077668][ T329] should_fail+0x604/0x770 [ 27.082579][ T329] ? io_req_defer+0x18c/0x5c0 [ 27.087275][ T329] should_failslab+0x5/0x20 [ 27.091933][ T329] kmem_cache_alloc_trace+0x28/0x240 [ 27.097190][ T329] io_req_defer+0x18c/0x5c0 [ 27.101664][ T329] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 27.107437][ T329] io_queue_link_head+0x61/0x680 [ 27.112342][ T329] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 27.117858][ T329] do_syscall_64+0xcb/0x1c0 [ 27.122333][ T329] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.128192][ T329] RIP: 0033:0x7f1f567f02f9 [ 27.132575][ T329] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 27.152168][ T329] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 27.160545][ T329] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 27.168490][ T329] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 27.176429][ T329] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 329] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 329] exit_group(0) = ? [ 27.184369][ T329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 27.192313][ T329] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 329] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 330 ./strace-static-x86_64: Process 330 attached [pid 330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 330] setpgid(0, 0) = 0 [pid 330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 330] write(3, "1000", 4) = 4 [pid 330] close(3) = 0 [pid 330] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 330] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 330] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 330] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 330] write(4, "3", 1) = 1 [ 27.256235][ T330] FAULT_INJECTION: forcing a failure. [ 27.256235][ T330] name failslab, interval 1, probability 0, space 0, times 0 [ 27.268936][ T330] CPU: 1 PID: 330 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 27.280456][ T330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 27.290480][ T330] Call Trace: [ 27.293752][ T330] dump_stack+0x18e/0x1d5 [ 27.298052][ T330] should_fail+0x604/0x770 [ 27.302441][ T330] ? io_req_defer+0x18c/0x5c0 [ 27.307089][ T330] should_failslab+0x5/0x20 [ 27.311563][ T330] kmem_cache_alloc_trace+0x28/0x240 [ 27.316822][ T330] io_req_defer+0x18c/0x5c0 [ 27.321312][ T330] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 27.327086][ T330] io_queue_link_head+0x61/0x680 [ 27.331996][ T330] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 27.337518][ T330] do_syscall_64+0xcb/0x1c0 [ 27.341991][ T330] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.347854][ T330] RIP: 0033:0x7f1f567f02f9 [ 27.352239][ T330] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 27.371810][ T330] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 27.380186][ T330] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 27.388128][ T330] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 27.396156][ T330] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 330] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 330] exit_group(0) = ? [pid 330] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=330, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 331 ./strace-static-x86_64: Process 331 attached [pid 331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 331] setpgid(0, 0) = 0 [pid 331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 331] write(3, "1000", 4) = 4 [pid 331] close(3) = 0 [pid 331] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 331] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 331] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 331] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 331] write(4, "3", 1) = 1 [ 27.404098][ T330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 27.412041][ T330] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 27.466066][ T331] FAULT_INJECTION: forcing a failure. [ 27.466066][ T331] name failslab, interval 1, probability 0, space 0, times 0 [ 27.478745][ T331] CPU: 1 PID: 331 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 27.490269][ T331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 27.500297][ T331] Call Trace: [ 27.503626][ T331] dump_stack+0x18e/0x1d5 [ 27.507939][ T331] should_fail+0x604/0x770 [ 27.512339][ T331] ? io_get_req+0x10c/0x590 [ 27.516840][ T331] should_failslab+0x5/0x20 [ 27.521319][ T331] kmem_cache_alloc+0x24/0x210 [ 27.526080][ T331] io_get_req+0x10c/0x590 [ 27.530390][ T331] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 27.535935][ T331] do_syscall_64+0xcb/0x1c0 [ 27.540431][ T331] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.546291][ T331] RIP: 0033:0x7f1f567f02f9 [ 27.550679][ T331] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 27.570350][ T331] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 27.578907][ T331] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 27.586850][ T331] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 27.594792][ T331] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 27.603082][ T331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 331] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 331] exit_group(0) = ? [ 27.611024][ T331] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 331] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=331, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 332 ./strace-static-x86_64: Process 332 attached [pid 332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 332] setpgid(0, 0) = 0 [pid 332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 332] write(3, "1000", 4) = 4 [pid 332] close(3) = 0 [pid 332] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 332] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 332] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 332] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 332] write(4, "3", 1) = 1 [ 27.664267][ T332] FAULT_INJECTION: forcing a failure. [ 27.664267][ T332] name failslab, interval 1, probability 0, space 0, times 0 [ 27.676873][ T332] CPU: 0 PID: 332 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 27.688379][ T332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 27.698411][ T332] Call Trace: [ 27.701679][ T332] dump_stack+0x18e/0x1d5 [ 27.705983][ T332] should_fail+0x604/0x770 [ 27.710373][ T332] ? io_get_req+0x10c/0x590 [ 27.714853][ T332] should_failslab+0x5/0x20 [ 27.719353][ T332] kmem_cache_alloc+0x24/0x210 [ 27.724085][ T332] io_get_req+0x10c/0x590 [ 27.728440][ T332] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 27.733959][ T332] do_syscall_64+0xcb/0x1c0 [ 27.738432][ T332] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.744294][ T332] RIP: 0033:0x7f1f567f02f9 [ 27.748684][ T332] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 27.768263][ T332] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 27.776643][ T332] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 27.784593][ T332] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 27.792546][ T332] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 27.800501][ T332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 332] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 332] exit_group(0) = ? [ 27.809091][ T332] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 332] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=332, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 333 attached , child_tidptr=0x5555572b85d0) = 333 [pid 333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 333] setpgid(0, 0) = 0 [pid 333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 333] write(3, "1000", 4) = 4 [pid 333] close(3) = 0 [pid 333] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 333] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 333] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 333] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 333] write(4, "3", 1) = 1 [ 27.885280][ T333] FAULT_INJECTION: forcing a failure. [ 27.885280][ T333] name failslab, interval 1, probability 0, space 0, times 0 [ 27.898019][ T333] CPU: 1 PID: 333 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 27.909547][ T333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 27.919581][ T333] Call Trace: [ 27.922852][ T333] dump_stack+0x18e/0x1d5 [ 27.927162][ T333] should_fail+0x604/0x770 [ 27.931616][ T333] ? io_req_defer+0x18c/0x5c0 [ 27.936263][ T333] should_failslab+0x5/0x20 [ 27.940825][ T333] kmem_cache_alloc_trace+0x28/0x240 [ 27.946081][ T333] io_req_defer+0x18c/0x5c0 [ 27.950554][ T333] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 27.956331][ T333] io_queue_link_head+0x61/0x680 [ 27.961242][ T333] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 27.966763][ T333] do_syscall_64+0xcb/0x1c0 [ 27.971241][ T333] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.977199][ T333] RIP: 0033:0x7f1f567f02f9 [ 27.981583][ T333] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 28.001157][ T333] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 28.009541][ T333] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 28.017488][ T333] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 28.025431][ T333] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 333] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 333] exit_group(0) = ? [ 28.033380][ T333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 28.041323][ T333] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 333] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=333, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 334 attached , child_tidptr=0x5555572b85d0) = 334 [pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 334] setpgid(0, 0) = 0 [pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 334] write(3, "1000", 4) = 4 [pid 334] close(3) = 0 [pid 334] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 334] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 334] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 334] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 334] write(4, "3", 1) = 1 [ 28.168013][ T334] FAULT_INJECTION: forcing a failure. [ 28.168013][ T334] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 28.181391][ T334] CPU: 1 PID: 334 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 28.192899][ T334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 28.202925][ T334] Call Trace: [ 28.206193][ T334] dump_stack+0x18e/0x1d5 [ 28.210501][ T334] should_fail+0x604/0x770 [ 28.214888][ T334] __alloc_pages_nodemask+0x12a/0x6f0 [ 28.220247][ T334] alloc_slab_page+0x39/0x3e0 [ 28.224894][ T334] new_slab+0x97/0x450 [ 28.228932][ T334] ___slab_alloc+0x320/0x4b0 [ 28.233491][ T334] ? __fget+0x3a6/0x420 [ 28.237618][ T334] ? check_preemption_disabled+0xde/0x2c0 [ 28.243306][ T334] ? io_get_req+0x10c/0x590 [ 28.247778][ T334] ? io_get_req+0x10c/0x590 [ 28.252249][ T334] __slab_alloc+0x5a/0x90 [ 28.256568][ T334] ? io_get_req+0x10c/0x590 [ 28.261060][ T334] kmem_cache_alloc+0x100/0x210 [ 28.265880][ T334] io_get_req+0x10c/0x590 [ 28.270177][ T334] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 28.275695][ T334] do_syscall_64+0xcb/0x1c0 [ 28.280173][ T334] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 28.286031][ T334] RIP: 0033:0x7f1f567f02f9 [ 28.290508][ T334] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 28.310080][ T334] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [pid 334] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 334] exit_group(0) = ? [pid 334] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 335 ./strace-static-x86_64: Process 335 attached [pid 335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 335] setpgid(0, 0) = 0 [pid 335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 335] write(3, "1000", 4) = 4 [pid 335] close(3) = 0 [pid 335] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 335] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 335] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 335] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 335] write(4, "3", 1) = 1 [ 28.318473][ T334] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 28.326414][ T334] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 28.334354][ T334] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 28.342301][ T334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 28.350254][ T334] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 28.369317][ T335] FAULT_INJECTION: forcing a failure. [ 28.369317][ T335] name failslab, interval 1, probability 0, space 0, times 0 [ 28.382252][ T335] CPU: 1 PID: 335 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 28.393775][ T335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 28.403805][ T335] Call Trace: [ 28.407076][ T335] dump_stack+0x18e/0x1d5 [ 28.411380][ T335] should_fail+0x604/0x770 [ 28.415777][ T335] ? io_req_defer+0x18c/0x5c0 [ 28.420435][ T335] should_failslab+0x5/0x20 [ 28.424919][ T335] kmem_cache_alloc_trace+0x28/0x240 [ 28.430185][ T335] io_req_defer+0x18c/0x5c0 [ 28.434679][ T335] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 28.440458][ T335] io_queue_link_head+0x61/0x680 [ 28.445385][ T335] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 28.450925][ T335] do_syscall_64+0xcb/0x1c0 [ 28.455402][ T335] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 28.461270][ T335] RIP: 0033:0x7f1f567f02f9 [ 28.465659][ T335] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 28.485238][ T335] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 28.493678][ T335] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 28.501629][ T335] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 28.509573][ T335] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 335] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 335] exit_group(0) = ? [pid 335] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=335, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 336 ./strace-static-x86_64: Process 336 attached [pid 336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 336] setpgid(0, 0) = 0 [pid 336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 336] write(3, "1000", 4) = 4 [pid 336] close(3) = 0 [pid 336] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 336] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 336] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 336] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 336] write(4, "3", 1) = 1 [ 28.517519][ T335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 28.525470][ T335] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 28.575049][ T336] FAULT_INJECTION: forcing a failure. [ 28.575049][ T336] name failslab, interval 1, probability 0, space 0, times 0 [ 28.587839][ T336] CPU: 1 PID: 336 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 28.599361][ T336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 28.609394][ T336] Call Trace: [ 28.612668][ T336] dump_stack+0x18e/0x1d5 [ 28.616979][ T336] should_fail+0x604/0x770 [ 28.621369][ T336] ? io_get_req+0x10c/0x590 [ 28.625841][ T336] should_failslab+0x5/0x20 [ 28.630318][ T336] kmem_cache_alloc+0x24/0x210 [ 28.635052][ T336] io_get_req+0x10c/0x590 [ 28.639360][ T336] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 28.644907][ T336] do_syscall_64+0xcb/0x1c0 [ 28.649381][ T336] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 28.655244][ T336] RIP: 0033:0x7f1f567f02f9 [ 28.659633][ T336] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 28.680424][ T336] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 28.689175][ T336] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 28.697116][ T336] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 28.705320][ T336] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 28.713702][ T336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 336] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 336] exit_group(0) = ? [ 28.721911][ T336] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 336] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=336, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 337 ./strace-static-x86_64: Process 337 attached [pid 337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 337] setpgid(0, 0) = 0 [pid 337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 337] write(3, "1000", 4) = 4 [pid 337] close(3) = 0 [pid 337] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 337] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 337] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 337] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 337] write(4, "3", 1) = 1 [ 28.784532][ T337] FAULT_INJECTION: forcing a failure. [ 28.784532][ T337] name failslab, interval 1, probability 0, space 0, times 0 [ 28.797368][ T337] CPU: 1 PID: 337 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 28.808885][ T337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 28.818922][ T337] Call Trace: [ 28.822188][ T337] dump_stack+0x18e/0x1d5 [ 28.826491][ T337] should_fail+0x604/0x770 [ 28.830882][ T337] ? io_req_defer+0x18c/0x5c0 [ 28.835528][ T337] should_failslab+0x5/0x20 [ 28.840022][ T337] kmem_cache_alloc_trace+0x28/0x240 [ 28.845282][ T337] io_req_defer+0x18c/0x5c0 [ 28.849846][ T337] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 28.855621][ T337] io_queue_link_head+0x61/0x680 [ 28.860533][ T337] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 28.866066][ T337] do_syscall_64+0xcb/0x1c0 [ 28.870552][ T337] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 28.876474][ T337] RIP: 0033:0x7f1f567f02f9 [ 28.880866][ T337] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 28.900443][ T337] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 28.908914][ T337] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 28.916855][ T337] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 28.924796][ T337] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 337] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 337] exit_group(0) = ? [ 28.932747][ T337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 28.940704][ T337] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 337] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=337, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 338 ./strace-static-x86_64: Process 338 attached [pid 338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 338] setpgid(0, 0) = 0 [pid 338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 338] write(3, "1000", 4) = 4 [pid 338] close(3) = 0 [pid 338] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 338] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 338] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 338] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 338] write(4, "3", 1) = 1 [ 29.044822][ T338] FAULT_INJECTION: forcing a failure. [ 29.044822][ T338] name failslab, interval 1, probability 0, space 0, times 0 [ 29.057662][ T338] CPU: 1 PID: 338 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 29.069185][ T338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 29.079226][ T338] Call Trace: [ 29.082518][ T338] dump_stack+0x18e/0x1d5 [ 29.087520][ T338] should_fail+0x604/0x770 [ 29.091938][ T338] ? io_get_req+0x10c/0x590 [ 29.096414][ T338] should_failslab+0x5/0x20 [ 29.101001][ T338] kmem_cache_alloc+0x24/0x210 [ 29.105742][ T338] io_get_req+0x10c/0x590 [ 29.110044][ T338] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 29.115576][ T338] do_syscall_64+0xcb/0x1c0 [ 29.120062][ T338] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.125946][ T338] RIP: 0033:0x7f1f567f02f9 [ 29.130339][ T338] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 29.149921][ T338] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 29.158306][ T338] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 29.166364][ T338] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 29.174307][ T338] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 29.182252][ T338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 338] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 338] exit_group(0) = ? [ 29.190201][ T338] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 338] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=338, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 339 ./strace-static-x86_64: Process 339 attached [pid 339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 339] setpgid(0, 0) = 0 [pid 339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 339] write(3, "1000", 4) = 4 [pid 339] close(3) = 0 [pid 339] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 339] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 339] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 339] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 339] write(4, "3", 1) = 1 [ 29.253865][ T339] FAULT_INJECTION: forcing a failure. [ 29.253865][ T339] name failslab, interval 1, probability 0, space 0, times 0 [ 29.266534][ T339] CPU: 0 PID: 339 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 29.278058][ T339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 29.288092][ T339] Call Trace: [ 29.291364][ T339] dump_stack+0x18e/0x1d5 [ 29.295672][ T339] should_fail+0x604/0x770 [ 29.300069][ T339] ? io_req_defer+0x18c/0x5c0 [ 29.304724][ T339] should_failslab+0x5/0x20 [ 29.309214][ T339] kmem_cache_alloc_trace+0x28/0x240 [ 29.314480][ T339] io_req_defer+0x18c/0x5c0 [ 29.318960][ T339] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 29.324754][ T339] io_queue_link_head+0x61/0x680 [ 29.329666][ T339] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 29.335198][ T339] do_syscall_64+0xcb/0x1c0 [ 29.339674][ T339] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.345536][ T339] RIP: 0033:0x7f1f567f02f9 [ 29.350013][ T339] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 29.369586][ T339] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 29.377968][ T339] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 29.385909][ T339] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 29.393858][ T339] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 339] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 339] exit_group(0) = ? [ 29.401802][ T339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 29.409743][ T339] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 339] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=339, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 340 ./strace-static-x86_64: Process 340 attached [pid 340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 340] setpgid(0, 0) = 0 [pid 340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 340] write(3, "1000", 4) = 4 [pid 340] close(3) = 0 [pid 340] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 340] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 340] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 340] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 340] write(4, "3", 1) = 1 [ 29.524995][ T340] FAULT_INJECTION: forcing a failure. [ 29.524995][ T340] name failslab, interval 1, probability 0, space 0, times 0 [ 29.537763][ T340] CPU: 1 PID: 340 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 29.549282][ T340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 29.559322][ T340] Call Trace: [ 29.562588][ T340] dump_stack+0x18e/0x1d5 [ 29.566889][ T340] should_fail+0x604/0x770 [ 29.571299][ T340] ? io_req_defer+0x18c/0x5c0 [ 29.576036][ T340] should_failslab+0x5/0x20 [ 29.580510][ T340] kmem_cache_alloc_trace+0x28/0x240 [ 29.585765][ T340] io_req_defer+0x18c/0x5c0 [ 29.590240][ T340] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 29.596017][ T340] io_queue_link_head+0x61/0x680 [ 29.600925][ T340] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 29.606444][ T340] do_syscall_64+0xcb/0x1c0 [ 29.610917][ T340] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.616806][ T340] RIP: 0033:0x7f1f567f02f9 [ 29.621196][ T340] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 29.640773][ T340] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 29.649161][ T340] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 29.657107][ T340] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 29.665052][ T340] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 340] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 340] exit_group(0) = ? [ 29.673086][ T340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 29.681031][ T340] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 340] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=340, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 341 ./strace-static-x86_64: Process 341 attached [pid 341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 341] setpgid(0, 0) = 0 [pid 341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 341] write(3, "1000", 4) = 4 [pid 341] close(3) = 0 [pid 341] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 341] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 341] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 341] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 341] write(4, "3", 1) = 1 [ 29.845706][ T341] FAULT_INJECTION: forcing a failure. [ 29.845706][ T341] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 29.858983][ T341] CPU: 1 PID: 341 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 29.870497][ T341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 29.880525][ T341] Call Trace: [ 29.883815][ T341] dump_stack+0x18e/0x1d5 [ 29.888122][ T341] should_fail+0x604/0x770 [ 29.892529][ T341] __alloc_pages_nodemask+0x12a/0x6f0 [ 29.897880][ T341] alloc_slab_page+0x39/0x3e0 [ 29.902525][ T341] new_slab+0x97/0x450 [ 29.906567][ T341] ___slab_alloc+0x320/0x4b0 [ 29.911133][ T341] ? __fget+0x3a6/0x420 [ 29.915257][ T341] ? check_preemption_disabled+0xde/0x2c0 [ 29.920943][ T341] ? io_get_req+0x10c/0x590 [ 29.925415][ T341] ? io_get_req+0x10c/0x590 [ 29.929892][ T341] __slab_alloc+0x5a/0x90 [ 29.934192][ T341] ? io_get_req+0x10c/0x590 [ 29.938669][ T341] kmem_cache_alloc+0x100/0x210 [ 29.943507][ T341] io_get_req+0x10c/0x590 [ 29.947822][ T341] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 29.953348][ T341] do_syscall_64+0xcb/0x1c0 [ 29.957822][ T341] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.963702][ T341] RIP: 0033:0x7f1f567f02f9 [ 29.968090][ T341] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [pid 341] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 341] exit_group(0) = ? [pid 341] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=341, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 342 ./strace-static-x86_64: Process 342 attached [pid 342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 342] setpgid(0, 0) = 0 [pid 342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 342] write(3, "1000", 4) = 4 [pid 342] close(3) = 0 [pid 342] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 342] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 342] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 342] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 342] write(4, "3", 1) = 1 [ 29.988181][ T341] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 29.996559][ T341] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 30.004500][ T341] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 30.012439][ T341] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 30.020390][ T341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 30.028352][ T341] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 30.046601][ T342] FAULT_INJECTION: forcing a failure. [ 30.046601][ T342] name failslab, interval 1, probability 0, space 0, times 0 [ 30.059303][ T342] CPU: 0 PID: 342 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 30.070828][ T342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 30.080854][ T342] Call Trace: [ 30.084124][ T342] dump_stack+0x18e/0x1d5 [ 30.088426][ T342] should_fail+0x604/0x770 [ 30.092816][ T342] ? io_req_defer+0x18c/0x5c0 [ 30.097460][ T342] should_failslab+0x5/0x20 [ 30.101934][ T342] kmem_cache_alloc_trace+0x28/0x240 [ 30.107190][ T342] io_req_defer+0x18c/0x5c0 [ 30.111669][ T342] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 30.117991][ T342] io_queue_link_head+0x61/0x680 [ 30.122905][ T342] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 30.128432][ T342] do_syscall_64+0xcb/0x1c0 [ 30.132913][ T342] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 30.138779][ T342] RIP: 0033:0x7f1f567f02f9 [ 30.143168][ T342] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 30.162747][ T342] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 30.171137][ T342] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 30.179096][ T342] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 30.187045][ T342] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 342] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 342] exit_group(0) = ? [ 30.194990][ T342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 30.202934][ T342] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 342] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=342, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 343 ./strace-static-x86_64: Process 343 attached [pid 343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 343] setpgid(0, 0) = 0 [pid 343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 343] write(3, "1000", 4) = 4 [pid 343] close(3) = 0 [pid 343] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 343] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 343] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 343] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 343] write(4, "3", 1) = 1 [ 30.286629][ T343] FAULT_INJECTION: forcing a failure. [ 30.286629][ T343] name failslab, interval 1, probability 0, space 0, times 0 [ 30.299490][ T343] CPU: 1 PID: 343 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 30.311009][ T343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 30.321038][ T343] Call Trace: [ 30.324304][ T343] dump_stack+0x18e/0x1d5 [ 30.328609][ T343] should_fail+0x604/0x770 [ 30.333020][ T343] ? io_get_req+0x10c/0x590 [ 30.337494][ T343] should_failslab+0x5/0x20 [ 30.341971][ T343] kmem_cache_alloc+0x24/0x210 [ 30.346705][ T343] io_get_req+0x10c/0x590 [ 30.351004][ T343] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 30.356521][ T343] do_syscall_64+0xcb/0x1c0 [ 30.360996][ T343] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 30.366855][ T343] RIP: 0033:0x7f1f567f02f9 [ 30.371248][ T343] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 30.390828][ T343] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 30.399211][ T343] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 30.407154][ T343] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 30.415108][ T343] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 30.423066][ T343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 343] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 343] exit_group(0) = ? [ 30.431110][ T343] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 343] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=343, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 344 attached , child_tidptr=0x5555572b85d0) = 344 [pid 344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 344] setpgid(0, 0) = 0 [pid 344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 344] write(3, "1000", 4) = 4 [pid 344] close(3) = 0 [pid 344] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 344] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 344] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 344] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 344] write(4, "3", 1) = 1 [ 30.525777][ T344] FAULT_INJECTION: forcing a failure. [ 30.525777][ T344] name failslab, interval 1, probability 0, space 0, times 0 [ 30.538380][ T344] CPU: 1 PID: 344 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 30.550001][ T344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 30.560042][ T344] Call Trace: [ 30.563310][ T344] dump_stack+0x18e/0x1d5 [ 30.567620][ T344] should_fail+0x604/0x770 [ 30.572105][ T344] ? io_req_defer+0x18c/0x5c0 [ 30.576766][ T344] should_failslab+0x5/0x20 [ 30.582678][ T344] kmem_cache_alloc_trace+0x28/0x240 [ 30.587948][ T344] io_req_defer+0x18c/0x5c0 [ 30.592441][ T344] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 30.598219][ T344] io_queue_link_head+0x61/0x680 [ 30.603155][ T344] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 30.608684][ T344] do_syscall_64+0xcb/0x1c0 [ 30.613167][ T344] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 30.619033][ T344] RIP: 0033:0x7f1f567f02f9 [ 30.623427][ T344] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 30.643018][ T344] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 30.651416][ T344] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 30.659367][ T344] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 30.667325][ T344] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 344] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [ 30.675270][ T344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 30.683301][ T344] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 30.692447][ T22] audit: type=1400 audit(1663342208.000:74): avc: denied { remove_name } for pid=137 comm="syslogd" name="messages" dev="tmpfs" ino=1016 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [pid 344] exit_group(0) = ? [ 30.715441][ T22] audit: type=1400 audit(1663342208.000:75): avc: denied { rename } for pid=137 comm="syslogd" name="messages" dev="tmpfs" ino=1016 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [pid 344] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=344, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 345 ./strace-static-x86_64: Process 345 attached [pid 345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 345] setpgid(0, 0) = 0 [pid 345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 345] write(3, "1000", 4) = 4 [pid 345] close(3) = 0 [pid 345] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 345] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 345] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 345] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 345] write(4, "3", 1) = 1 [ 30.804309][ T345] FAULT_INJECTION: forcing a failure. [ 30.804309][ T345] name failslab, interval 1, probability 0, space 0, times 0 [ 30.816962][ T345] CPU: 0 PID: 345 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 30.828472][ T345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 30.838496][ T345] Call Trace: [ 30.841763][ T345] dump_stack+0x18e/0x1d5 [ 30.846071][ T345] should_fail+0x604/0x770 [ 30.850459][ T345] ? io_get_req+0x10c/0x590 [ 30.854932][ T345] should_failslab+0x5/0x20 [ 30.859424][ T345] kmem_cache_alloc+0x24/0x210 [ 30.864160][ T345] io_get_req+0x10c/0x590 [ 30.868458][ T345] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 30.873977][ T345] do_syscall_64+0xcb/0x1c0 [ 30.878475][ T345] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 30.884340][ T345] RIP: 0033:0x7f1f567f02f9 [ 30.888742][ T345] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 30.908580][ T345] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 30.916965][ T345] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 30.924930][ T345] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 30.932877][ T345] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 30.940827][ T345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [pid 345] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 345] exit_group(0) = ? [pid 345] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=345, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 346 ./strace-static-x86_64: Process 346 attached [pid 346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 346] setpgid(0, 0) = 0 [pid 346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 346] write(3, "1000", 4) = 4 [pid 346] close(3) = 0 [pid 346] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 346] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 346] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [ 30.948858][ T345] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [pid 346] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 346] write(4, "3", 1) = 1 [ 30.996462][ T346] FAULT_INJECTION: forcing a failure. [ 30.996462][ T346] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 31.009834][ T346] CPU: 1 PID: 346 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 31.021341][ T346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 31.031371][ T346] Call Trace: [ 31.034635][ T346] dump_stack+0x18e/0x1d5 [ 31.038935][ T346] should_fail+0x604/0x770 [ 31.043344][ T346] __alloc_pages_nodemask+0x12a/0x6f0 [ 31.048684][ T346] alloc_slab_page+0x39/0x3e0 [ 31.053339][ T346] new_slab+0x97/0x450 [ 31.057440][ T346] ___slab_alloc+0x320/0x4b0 [ 31.062018][ T346] ? __fget+0x3a6/0x420 [ 31.066157][ T346] ? check_preemption_disabled+0xde/0x2c0 [ 31.071882][ T346] ? io_get_req+0x10c/0x590 [ 31.076376][ T346] ? io_get_req+0x10c/0x590 [ 31.080854][ T346] __slab_alloc+0x5a/0x90 [ 31.085172][ T346] ? io_get_req+0x10c/0x590 [ 31.089652][ T346] kmem_cache_alloc+0x100/0x210 [ 31.094505][ T346] io_get_req+0x10c/0x590 [ 31.098811][ T346] __se_sys_io_uring_enter+0x6e6/0x1cb0 [ 31.104332][ T346] do_syscall_64+0xcb/0x1c0 [ 31.108819][ T346] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.114703][ T346] RIP: 0033:0x7f1f567f02f9 [ 31.119103][ T346] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 31.138777][ T346] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [pid 346] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 346] exit_group(0) = ? [pid 346] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=346, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 347 ./strace-static-x86_64: Process 347 attached [pid 347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 347] setpgid(0, 0) = 0 [pid 347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 347] write(3, "1000", 4) = 4 [pid 347] close(3) = 0 [pid 347] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 347] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 347] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 347] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 347] write(4, "3", 1) = 1 [ 31.147161][ T346] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 31.155193][ T346] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 31.163142][ T346] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [ 31.171092][ T346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 31.179398][ T346] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 31.196084][ T347] FAULT_INJECTION: forcing a failure. [ 31.196084][ T347] name failslab, interval 1, probability 0, space 0, times 0 [ 31.209379][ T347] CPU: 1 PID: 347 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 31.220990][ T347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 31.231026][ T347] Call Trace: [ 31.234301][ T347] dump_stack+0x18e/0x1d5 [ 31.238606][ T347] should_fail+0x604/0x770 [ 31.243000][ T347] ? io_req_defer+0x18c/0x5c0 [ 31.247648][ T347] should_failslab+0x5/0x20 [ 31.252122][ T347] kmem_cache_alloc_trace+0x28/0x240 [ 31.257466][ T347] io_req_defer+0x18c/0x5c0 [ 31.261939][ T347] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 31.267712][ T347] io_queue_link_head+0x61/0x680 [ 31.272617][ T347] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 31.278134][ T347] do_syscall_64+0xcb/0x1c0 [ 31.282609][ T347] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.288471][ T347] RIP: 0033:0x7f1f567f02f9 [ 31.292855][ T347] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 31.312434][ T347] RSP: 002b:00007ffe67ed6518 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 31.320907][ T347] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1f567f02f9 [ 31.328852][ T347] RDX: 0000000000000000 RSI: 00000000000022ff RDI: 0000000000000003 [ 31.336818][ T347] RBP: 00007ffe67ed6540 R08: 0000000000000000 R09: 0000000000000000 [pid 347] io_uring_enter(3, 8959, 0, 0, NULL, 0) = 2 [pid 347] exit_group(0) = ? [pid 347] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=347, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572b85d0) = 348 ./strace-static-x86_64: Process 348 attached [pid 348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 348] setpgid(0, 0) = 0 [pid 348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 348] write(3, "1000", 4) = 4 [pid 348] close(3) = 0 [pid 348] io_uring_setup(18540, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=32768, cq_entries=65536, features=IORING_FEAT_SINGLE_MMAP, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=1048896}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=280, cqes=320, flags=0}}) = 3 [pid 348] mmap(0x20002000, 1179968, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 348] mmap(0x20ffb000, 2097152, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffb000 [pid 348] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 348] write(4, "3", 1) = 1 [ 31.344760][ T347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 31.352700][ T347] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 31.403571][ T348] FAULT_INJECTION: forcing a failure. [ 31.403571][ T348] name failslab, interval 1, probability 0, space 0, times 0 [ 31.416210][ T348] CPU: 0 PID: 348 Comm: syz-executor960 Tainted: G B 5.4.197-syzkaller-00010-gccdf6bdf62a8 #0 [ 31.427717][ T348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 31.437762][ T348] Call Trace: [ 31.441030][ T348] dump_stack+0x18e/0x1d5 [ 31.445354][ T348] should_fail+0x604/0x770 [ 31.449742][ T348] ? io_req_defer+0x18c/0x5c0 [ 31.454388][ T348] should_failslab+0x5/0x20 [ 31.458867][ T348] kmem_cache_alloc_trace+0x28/0x240 [ 31.464123][ T348] io_req_defer+0x18c/0x5c0 [ 31.468618][ T348] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 31.474394][ T348] io_queue_link_head+0x61/0x680 [ 31.479320][ T348] __se_sys_io_uring_enter+0xb09/0x1cb0 [ 31.484861][ T348] do_syscall_64+0xcb/0x1c0 [ 31.489351][ T348] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.495325][ T348] RIP: 0033:0x7f1f567f02f9