./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3517248761

<...>
[    2.884621][   T31] audit: type=1400 audit(1665648429.350:10): avc:  denied  { getattr } for  pid=164 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[    2.898528][  T166] acpid (166) used greatest stack depth: 24200 bytes left
[    3.106725][  T181] udevd[181]: starting version 3.2.10
[    3.129329][  T182] udevd[182]: starting eudev-3.2.10
[    3.131336][  T181] udevd (181) used greatest stack depth: 22976 bytes left
[   11.711164][   T31] kauditd_printk_skb: 49 callbacks suppressed
[   11.711173][   T31] audit: type=1400 audit(1665648438.190:60): avc:  denied  { transition } for  pid=318 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   11.717002][   T31] audit: type=1400 audit(1665648438.200:61): avc:  denied  { write } for  pid=318 comm="sh" path="pipe:[210]" dev="pipefs" ino=210 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
[   12.745174][  T319] sshd (319) used greatest stack depth: 22720 bytes left
[   13.429347][  T326] sshd (326) used greatest stack depth: 22400 bytes left
Warning: Permanently added '10.128.0.71' (ECDSA) to the list of known hosts.
execve("./syz-executor3517248761", ["./syz-executor3517248761"], 0x7ffd5f11ec20 /* 10 vars */) = 0
brk(NULL)                               = 0x5555572d4000
brk(0x5555572d4c40)                     = 0x5555572d4c40
arch_prctl(ARCH_SET_FS, 0x5555572d4300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x5555572d45d0)         = 407
set_robust_list(0x5555572d45e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f23b5b32c40, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f23b5b33310}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f23b5b32ce0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f23b5b33310}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3517248761", 4096) = 28
brk(0x5555572f5c40)                     = 0x5555572f5c40
brk(0x5555572f6000)                     = 0x5555572f6000
mprotect(0x7f23b5bf4000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 408
./strace-static-x86_64: Process 408 attached
[pid   408] set_robust_list(0x5555572d45e0, 24) = 0
[pid   408] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid   408] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   408] setsid()                    = 1
[pid   408] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid   408] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid   408] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid   408] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid   408] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid   408] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid   408] unshare(CLONE_NEWNS)        = 0
[pid   408] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid   408] unshare(CLONE_NEWIPC)       = -1 EINVAL (Invalid argument)
[pid   408] unshare(CLONE_NEWCGROUP)    = 0
[pid   408] unshare(CLONE_NEWUTS)       = 0
[pid   408] unshare(CLONE_SYSVSEM)      = 0
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] getpid()                    = 1
[pid   408] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   408] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   408] unshare(CLONE_NEWNET)       = 0
[pid   408] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid   408] write(3, "0 65535", 7)      = 7
[pid   408] close(3)                    = 0
[pid   408] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid   408] dup2(3, 200)                = 200
[pid   408] close(3)                    = 0
[pid   408] ioctl(200, TUNSETIFF, 0x7fffb1acd290) = 0
[   19.342848][   T31] audit: type=1400 audit(1665648445.820:62): avc:  denied  { execmem } for  pid=407 comm="syz-executor351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   19.362241][   T31] audit: type=1400 audit(1665648445.820:63): avc:  denied  { integrity } for  pid=407 comm="syz-executor351" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[pid   408] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid   408] write(3, "0", 1)            = 1
[pid   408] close(3)                    = 0
[pid   408] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid   408] write(3, "0", 1)            = 1
[pid   408] close(3)                    = 0
[pid   408] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid   408] access("/proc/net", R_OK)   = 0
[pid   408] access("/proc/net/unix", R_OK) = 0
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   408] close(4)                    = 0
[pid   408] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid   408] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   408] close(4)                    = 0
[pid   408] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid   408] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   408] close(4)                    = 0
[pid   408] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid   408] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   408] close(4)                    = 0
[pid   408] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid   408] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   408] close(4)                    = 0
[pid   408] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid   408] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] close(3)                    = 0
[pid   408] mkdir("/dev/binderfs", 0777) = 0
[pid   408] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid   408] symlink("/dev/binderfs", "./binderfs") = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 2
./strace-static-x86_64: Process 409 attached
[pid   409] set_robust_list(0x5555572d45e0, 24) = 0
[pid   409] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   409] setpgid(0, 0)               = 0
[pid   409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   409] write(3, "1000", 4)         = 4
[pid   409] close(3)                    = 0
[pid   409] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   409] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   409] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   409] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   409] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 3
[pid   409] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   409] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 410 attached
 <unfinished ...>
[pid   410] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   410] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   410] write(3, "63", 2)           = 2
[   19.384613][   T31] audit: type=1400 audit(1665648445.850:64): avc:  denied  { mounton } for  pid=408 comm="syz-executor351" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   19.408369][   T31] audit: type=1400 audit(1665648445.850:65): avc:  denied  { mount } for  pid=408 comm="syz-executor351" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   19.426561][  T410] FAULT_INJECTION: forcing a failure.
[   19.426561][  T410] name failslab, interval 1, probability 0, space 0, times 1
[   19.430555][   T31] audit: type=1400 audit(1665648445.850:66): avc:  denied  { mounton } for  pid=408 comm="syz-executor351" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   19.443377][  T410] CPU: 0 PID: 410 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   19.464171][   T31] audit: type=1400 audit(1665648445.870:67): avc:  denied  { create } for  pid=404 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   19.474526][  T410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   19.474536][  T410] Call Trace:
[   19.474540][  T410]  <TASK>
[   19.474546][  T410]  dump_stack_lvl+0x151/0x1b7
[   19.494947][   T31] audit: type=1400 audit(1665648445.870:68): avc:  denied  { write } for  pid=404 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   19.504818][  T410]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   19.504840][  T410]  dump_stack+0x15/0x17
[   19.507955][   T31] audit: type=1400 audit(1665648445.870:69): avc:  denied  { nlmsg_read } for  pid=404 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   19.510719][  T410]  should_fail+0x3c0/0x510
[   19.515253][   T31] audit: type=1400 audit(1665648445.870:70): avc:  denied  { module_request } for  pid=404 comm="strace-static-x" kmod="net-pf-16-proto-4-type-16" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   19.535543][  T410]  __should_failslab+0x9f/0xe0
[   19.535561][  T410]  should_failslab+0x9/0x20
[   19.535574][  T410]  kmem_cache_alloc+0x4f/0x2f0
[   19.535588][  T410]  ? anon_vma_clone+0xa1/0x4f0
[   19.541240][   T31] audit: type=1400 audit(1665648445.870:71): avc:  denied  { read } for  pid=404 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   19.544829][  T410]  anon_vma_clone+0xa1/0x4f0
[   19.544848][  T410]  anon_vma_fork+0x91/0x4f0
[   19.544863][  T410]  ? anon_vma_name+0x43/0x70
[   19.644295][  T410]  dup_mmap+0x750/0xea0
[   19.648285][  T410]  ? __delayed_free_task+0x20/0x20
[   19.653231][  T410]  ? mm_init+0x807/0x960
[   19.657311][  T410]  dup_mm+0x91/0x330
[   19.661043][  T410]  copy_mm+0x108/0x1b0
[   19.664951][  T410]  copy_process+0x1295/0x3250
[   19.669464][  T410]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   19.674410][  T410]  ? __kasan_check_write+0x14/0x20
[   19.679355][  T410]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   19.684304][  T410]  kernel_clone+0x22d/0x990
[   19.688643][  T410]  ? cgroup_update_frozen+0x155/0x320
[   19.693850][  T410]  ? _raw_spin_unlock_irq+0x4e/0x70
[   19.698884][  T410]  ? create_io_thread+0x1e0/0x1e0
[   19.703744][  T410]  ? ptrace_stop+0x6eb/0xa30
[   19.708172][  T410]  __x64_sys_clone+0x289/0x310
[   19.712773][  T410]  ? _raw_spin_unlock_irq+0x4e/0x70
[   19.717807][  T410]  ? __do_sys_vfork+0x130/0x130
[   19.722489][  T410]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   19.727966][  T410]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   19.733775][  T410]  do_syscall_64+0x44/0xd0
[   19.738028][  T410]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   19.743755][  T410] RIP: 0033:0x7f23b5b71829
[   19.748010][  T410] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   19.767452][  T410] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   19.775693][  T410] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   19.783507][  T410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[pid   410] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[pid   409] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   410] <... clone resumed>, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid   410] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   410] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   409] close(3)                    = 0
[pid   409] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   409] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   409] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   409] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   409] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   409] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   409] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   409] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   409] exit_group(0)               = ?
[pid   410] <... futex resumed>)        = ?
[pid   410] +++ exited with 0 +++
[pid   409] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 5
./strace-static-x86_64: Process 412 attached
[pid   412] set_robust_list(0x5555572d45e0, 24) = 0
[pid   412] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   412] setpgid(0, 0)               = 0
[pid   412] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   412] write(3, "1000", 4)         = 4
[pid   412] close(3)                    = 0
[pid   412] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   412] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   412] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   412] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   412] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   412] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   412] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 413 attached
 <unfinished ...>
[pid   413] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   413] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   412] <... clone resumed>, parent_tid=[6], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 6
[pid   412] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   413] <... futex resumed>)        = 0
[pid   413] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   413] write(3, "63", 2)           = 2
[pid   413] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[   19.791318][  T410] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   19.799129][  T410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   19.806939][  T410] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   19.814753][  T410]  </TASK>
[   19.831940][  T413] FAULT_INJECTION: forcing a failure.
[   19.831940][  T413] name failslab, interval 1, probability 0, space 0, times 0
[   19.844516][  T413] CPU: 0 PID: 413 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   19.854416][  T413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   19.864308][  T413] Call Trace:
[   19.867440][  T413]  <TASK>
[   19.870211][  T413]  dump_stack_lvl+0x151/0x1b7
[   19.874729][  T413]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   19.880018][  T413]  dump_stack+0x15/0x17
[   19.884010][  T413]  should_fail+0x3c0/0x510
[   19.888273][  T413]  __should_failslab+0x9f/0xe0
[   19.892870][  T413]  should_failslab+0x9/0x20
[   19.897202][  T413]  kmem_cache_alloc+0x4f/0x2f0
[   19.901802][  T413]  ? anon_vma_clone+0xa1/0x4f0
[   19.906401][  T413]  anon_vma_clone+0xa1/0x4f0
[   19.910832][  T413]  anon_vma_fork+0x91/0x4f0
[   19.915167][  T413]  ? anon_vma_name+0x43/0x70
[   19.919594][  T413]  dup_mmap+0x750/0xea0
[   19.923588][  T413]  ? __delayed_free_task+0x20/0x20
[   19.928534][  T413]  ? mm_init+0x807/0x960
[   19.932612][  T413]  dup_mm+0x91/0x330
[   19.936347][  T413]  copy_mm+0x108/0x1b0
[   19.940251][  T413]  copy_process+0x1295/0x3250
[   19.944765][  T413]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   19.949712][  T413]  ? __kasan_check_write+0x14/0x20
[   19.954659][  T413]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   19.959608][  T413]  kernel_clone+0x22d/0x990
[   19.963945][  T413]  ? cgroup_update_frozen+0x155/0x320
[   19.969155][  T413]  ? _raw_spin_unlock_irq+0x4e/0x70
[   19.974185][  T413]  ? create_io_thread+0x1e0/0x1e0
[   19.979046][  T413]  ? ptrace_stop+0x6eb/0xa30
[   19.983474][  T413]  __x64_sys_clone+0x289/0x310
[   19.988070][  T413]  ? _raw_spin_unlock_irq+0x4e/0x70
[   19.993109][  T413]  ? __do_sys_vfork+0x130/0x130
[   19.997794][  T413]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   20.003263][  T413]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   20.009076][  T413]  do_syscall_64+0x44/0xd0
[   20.013330][  T413]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   20.019058][  T413] RIP: 0033:0x7f23b5b71829
[   20.023310][  T413] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[pid   412] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   413] <... clone resumed>, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid   412] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   413] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   412] close(3 <unfinished ...>
[pid   413] <... futex resumed>)        = 0
[pid   412] <... close resumed>)        = 0
[pid   413] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   412] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   412] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   412] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   412] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   412] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   412] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   412] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   412] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   412] exit_group(0 <unfinished ...>
[pid   413] <... futex resumed>)        = ?
[pid   412] <... exit_group resumed>)   = ?
[pid   413] +++ exited with 0 +++
[pid   412] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 8
./strace-static-x86_64: Process 415 attached
[pid   415] set_robust_list(0x5555572d45e0, 24) = 0
[pid   415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   415] setpgid(0, 0)               = 0
[pid   415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   415] write(3, "1000", 4)         = 4
[pid   415] close(3)                    = 0
[pid   415] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   415] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   415] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   415] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   415] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   415] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 416 attached
 <unfinished ...>
[pid   416] set_robust_list(0x7f23b5b229e0, 24 <unfinished ...>
[pid   415] <... clone resumed>, parent_tid=[9], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 9
[pid   415] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   416] <... set_robust_list resumed>) = 0
[pid   415] <... futex resumed>)        = 0
[pid   415] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   416] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   416] write(3, "63", 2)           = 2
[   20.042751][  T413] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   20.050994][  T413] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   20.058808][  T413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   20.066618][  T413] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   20.074429][  T413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   20.082241][  T413] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   20.090053][  T413]  </TASK>
[   20.109676][  T416] FAULT_INJECTION: forcing a failure.
[   20.109676][  T416] name failslab, interval 1, probability 0, space 0, times 0
[   20.122130][  T416] CPU: 0 PID: 416 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   20.132159][  T416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   20.142052][  T416] Call Trace:
[   20.145178][  T416]  <TASK>
[   20.147954][  T416]  dump_stack_lvl+0x151/0x1b7
[   20.152466][  T416]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   20.157764][  T416]  ? vma_interval_tree_augment_rotate+0x210/0x210
[   20.164009][  T416]  dump_stack+0x15/0x17
[   20.167999][  T416]  should_fail+0x3c0/0x510
[   20.172254][  T416]  __should_failslab+0x9f/0xe0
[   20.176853][  T416]  should_failslab+0x9/0x20
[   20.181190][  T416]  kmem_cache_alloc+0x4f/0x2f0
[   20.185799][  T416]  ? anon_vma_fork+0xf7/0x4f0
[   20.190306][  T416]  anon_vma_fork+0xf7/0x4f0
[   20.194646][  T416]  ? anon_vma_name+0x43/0x70
[   20.199073][  T416]  dup_mmap+0x750/0xea0
[   20.203068][  T416]  ? __delayed_free_task+0x20/0x20
[   20.208009][  T416]  ? mm_init+0x807/0x960
[   20.212090][  T416]  dup_mm+0x91/0x330
[   20.215822][  T416]  copy_mm+0x108/0x1b0
[   20.219728][  T416]  copy_process+0x1295/0x3250
[   20.224242][  T416]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   20.229187][  T416]  ? __kasan_check_write+0x14/0x20
[   20.234135][  T416]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   20.239085][  T416]  kernel_clone+0x22d/0x990
[   20.243423][  T416]  ? cgroup_update_frozen+0x155/0x320
[   20.248631][  T416]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.253752][  T416]  ? create_io_thread+0x1e0/0x1e0
[   20.258610][  T416]  ? ptrace_stop+0x6eb/0xa30
[   20.263037][  T416]  __x64_sys_clone+0x289/0x310
[   20.267643][  T416]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.272674][  T416]  ? __do_sys_vfork+0x130/0x130
[   20.277355][  T416]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   20.282825][  T416]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   20.288640][  T416]  do_syscall_64+0x44/0xd0
[   20.292897][  T416]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   20.298620][  T416] RIP: 0033:0x7f23b5b71829
[   20.302876][  T416] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   20.322315][  T416] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   20.330560][  T416] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   20.338376][  T416] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   20.346181][  T416] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[pid   416] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   415] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   416] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   415] close(3 <unfinished ...>
[pid   416] <... futex resumed>)        = 0
[pid   415] <... close resumed>)        = 0
[pid   416] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   415] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   415] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   415] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   415] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   415] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   415] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   415] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   415] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   415] exit_group(0 <unfinished ...>
[pid   416] <... futex resumed>)        = ?
[pid   415] <... exit_group resumed>)   = ?
[pid   416] +++ exited with 0 +++
[pid   415] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 10
./strace-static-x86_64: Process 418 attached
[pid   418] set_robust_list(0x5555572d45e0, 24) = 0
[pid   418] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   418] setpgid(0, 0)               = 0
[pid   418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   418] write(3, "1000", 4)         = 4
[pid   418] close(3)                    = 0
[pid   418] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   418] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   418] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   418] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   418] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 419 attached
, parent_tid=[11], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 11
[pid   419] set_robust_list(0x7f23b5b229e0, 24 <unfinished ...>
[pid   418] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   419] <... set_robust_list resumed>) = 0
[pid   418] <... futex resumed>)        = 0
[pid   419] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   418] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   419] <... openat resumed>)       = 3
[pid   419] write(3, "63", 2)           = 2
[   20.353993][  T416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   20.361806][  T416] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   20.369618][  T416]  </TASK>
[   20.385251][  T419] FAULT_INJECTION: forcing a failure.
[   20.385251][  T419] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   20.398295][  T419] CPU: 0 PID: 419 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   20.408225][  T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   20.418121][  T419] Call Trace:
[   20.421244][  T419]  <TASK>
[   20.424029][  T419]  dump_stack_lvl+0x151/0x1b7
[   20.428536][  T419]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   20.433828][  T419]  ? stack_trace_save+0x1f0/0x1f0
[   20.438691][  T419]  ? __kernel_text_address+0x9a/0x110
[   20.443898][  T419]  dump_stack+0x15/0x17
[   20.447893][  T419]  should_fail+0x3c0/0x510
[   20.452142][  T419]  should_fail_alloc_page+0x58/0x70
[   20.457179][  T419]  __alloc_pages+0x1de/0x7c0
[   20.461602][  T419]  ? stack_trace_save+0x12d/0x1f0
[   20.466465][  T419]  ? stack_trace_snprint+0x100/0x100
[   20.471585][  T419]  ? __count_vm_events+0x30/0x30
[   20.476360][  T419]  ? __kasan_slab_alloc+0xc4/0xe0
[   20.481222][  T419]  ? __kasan_slab_alloc+0xb2/0xe0
[   20.486078][  T419]  ? kmem_cache_alloc+0x189/0x2f0
[   20.490938][  T419]  ? anon_vma_fork+0x1b9/0x4f0
[   20.495541][  T419]  get_zeroed_page+0x19/0x40
[   20.499970][  T419]  __pud_alloc+0x8b/0x260
[   20.504132][  T419]  ? do_handle_mm_fault+0x2370/0x2370
[   20.509341][  T419]  copy_page_range+0xd9e/0x1090
[   20.514027][  T419]  ? pfn_valid+0x1e0/0x1e0
[   20.518279][  T419]  dup_mmap+0x99f/0xea0
[   20.522272][  T419]  ? __delayed_free_task+0x20/0x20
[   20.527218][  T419]  ? mm_init+0x807/0x960
[   20.531301][  T419]  dup_mm+0x91/0x330
[   20.535033][  T419]  copy_mm+0x108/0x1b0
[   20.538936][  T419]  copy_process+0x1295/0x3250
[   20.543450][  T419]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   20.548401][  T419]  ? __kasan_check_write+0x14/0x20
[   20.553517][  T419]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   20.558463][  T419]  kernel_clone+0x22d/0x990
[   20.562809][  T419]  ? cgroup_update_frozen+0x155/0x320
[   20.568009][  T419]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.573046][  T419]  ? create_io_thread+0x1e0/0x1e0
[   20.577907][  T419]  ? ptrace_stop+0x6eb/0xa30
[   20.582331][  T419]  __x64_sys_clone+0x289/0x310
[   20.586932][  T419]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.591970][  T419]  ? __do_sys_vfork+0x130/0x130
[   20.596666][  T419]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   20.602121][  T419]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   20.607934][  T419]  do_syscall_64+0x44/0xd0
[   20.612187][  T419]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   20.617915][  T419] RIP: 0033:0x7f23b5b71829
[   20.622168][  T419] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   20.641609][  T419] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   20.649853][  T419] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[pid   419] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   418] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   419] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   419] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   418] close(3)                    = 0
[pid   418] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   418] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   418] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   418] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   418] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   418] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   418] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   418] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   418] exit_group(0 <unfinished ...>
[pid   419] <... futex resumed>)        = ?
[pid   418] <... exit_group resumed>)   = ?
[pid   419] +++ exited with 0 +++
[pid   418] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 12
./strace-static-x86_64: Process 420 attached
[pid   420] set_robust_list(0x5555572d45e0, 24) = 0
[pid   420] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   420] setpgid(0, 0)               = 0
[pid   420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   420] write(3, "1000", 4)         = 4
[pid   420] close(3)                    = 0
[pid   420] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   420] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   420] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   420] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   420] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 421 attached
 <unfinished ...>
[pid   421] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   421] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   420] <... clone resumed>, parent_tid=[13], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 13
[pid   420] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   421] <... futex resumed>)        = 0
[pid   421] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   420] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   421] write(3, "63", 2)           = 2
[   20.657664][  T419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   20.665477][  T419] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   20.673288][  T419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   20.681098][  T419] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   20.688913][  T419]  </TASK>
[pid   421] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[pid   420] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   20.710766][  T421] FAULT_INJECTION: forcing a failure.
[   20.710766][  T421] name failslab, interval 1, probability 0, space 0, times 0
[   20.723213][  T421] CPU: 1 PID: 421 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   20.733140][  T421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   20.743031][  T421] Call Trace:
[   20.746158][  T421]  <TASK>
[   20.748936][  T421]  dump_stack_lvl+0x151/0x1b7
[   20.753445][  T421]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   20.758743][  T421]  dump_stack+0x15/0x17
[   20.762743][  T421]  should_fail+0x3c0/0x510
[   20.766986][  T421]  __should_failslab+0x9f/0xe0
[   20.771591][  T421]  should_failslab+0x9/0x20
[   20.775926][  T421]  kmem_cache_alloc+0x4f/0x2f0
[   20.780526][  T421]  ? anon_vma_fork+0x1b9/0x4f0
[   20.785126][  T421]  anon_vma_fork+0x1b9/0x4f0
[   20.789552][  T421]  dup_mmap+0x750/0xea0
[   20.793545][  T421]  ? __delayed_free_task+0x20/0x20
[   20.798508][  T421]  ? mm_init+0x807/0x960
[   20.802570][  T421]  dup_mm+0x91/0x330
[   20.806303][  T421]  copy_mm+0x108/0x1b0
[   20.810207][  T421]  copy_process+0x1295/0x3250
[   20.814721][  T421]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   20.819670][  T421]  ? __kasan_check_write+0x14/0x20
[   20.824613][  T421]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   20.829561][  T421]  kernel_clone+0x22d/0x990
[   20.833909][  T421]  ? cgroup_update_frozen+0x155/0x320
[   20.839110][  T421]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.844144][  T421]  ? create_io_thread+0x1e0/0x1e0
[   20.849004][  T421]  ? ptrace_stop+0x6eb/0xa30
[   20.853429][  T421]  __x64_sys_clone+0x289/0x310
[   20.858030][  T421]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.863066][  T421]  ? __do_sys_vfork+0x130/0x130
[   20.867750][  T421]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   20.873222][  T421]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   20.879036][  T421]  do_syscall_64+0x44/0xd0
[   20.883285][  T421]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   20.889012][  T421] RIP: 0033:0x7f23b5b71829
[   20.893267][  T421] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[pid   421] <... clone resumed>, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   421] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   420] close(3)                    = 0
[pid   420] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   420] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   420] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   420] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   420] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   420] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   420] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   420] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   420] exit_group(0)               = ?
[pid   421] +++ exited with 0 +++
[pid   420] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 14
./strace-static-x86_64: Process 422 attached
[pid   422] set_robust_list(0x5555572d45e0, 24) = 0
[pid   422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   422] setpgid(0, 0)               = 0
[pid   422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   422] write(3, "1000", 4)         = 4
[pid   422] close(3)                    = 0
[pid   422] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   422] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   422] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   422] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   422] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 423 attached
, parent_tid=[15], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 15
[pid   423] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   423] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   422] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   423] <... futex resumed>)        = 0
[pid   423] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   422] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   423] <... openat resumed>)       = 3
[pid   423] write(3, "63", 2)           = 2
[   20.912706][  T421] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   20.920952][  T421] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   20.928764][  T421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   20.936574][  T421] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   20.944385][  T421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   20.952197][  T421] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   20.960013][  T421]  </TASK>
[   20.975560][  T423] FAULT_INJECTION: forcing a failure.
[   20.975560][  T423] name failslab, interval 1, probability 0, space 0, times 0
[   20.987994][  T423] CPU: 0 PID: 423 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   20.997936][  T423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   21.007831][  T423] Call Trace:
[   21.010954][  T423]  <TASK>
[   21.013732][  T423]  dump_stack_lvl+0x151/0x1b7
[   21.018246][  T423]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   21.023542][  T423]  dump_stack+0x15/0x17
[   21.027529][  T423]  should_fail+0x3c0/0x510
[   21.031786][  T423]  __should_failslab+0x9f/0xe0
[   21.036385][  T423]  should_failslab+0x9/0x20
[   21.040767][  T423]  kmem_cache_alloc+0x4f/0x2f0
[   21.045414][  T423]  ? anon_vma_fork+0x1b9/0x4f0
[   21.050010][  T423]  anon_vma_fork+0x1b9/0x4f0
[   21.054440][  T423]  dup_mmap+0x750/0xea0
[   21.058433][  T423]  ? __delayed_free_task+0x20/0x20
[   21.063376][  T423]  ? mm_init+0x807/0x960
[   21.067455][  T423]  dup_mm+0x91/0x330
[   21.071186][  T423]  copy_mm+0x108/0x1b0
[   21.075092][  T423]  copy_process+0x1295/0x3250
[   21.079605][  T423]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.084551][  T423]  ? __kasan_check_write+0x14/0x20
[   21.089638][  T423]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   21.094584][  T423]  kernel_clone+0x22d/0x990
[   21.098930][  T423]  ? cgroup_update_frozen+0x155/0x320
[   21.104129][  T423]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.109162][  T423]  ? create_io_thread+0x1e0/0x1e0
[   21.114024][  T423]  ? ptrace_stop+0x6eb/0xa30
[   21.118461][  T423]  __x64_sys_clone+0x289/0x310
[   21.123049][  T423]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.128090][  T423]  ? __do_sys_vfork+0x130/0x130
[   21.132771][  T423]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   21.138242][  T423]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   21.144057][  T423]  do_syscall_64+0x44/0xd0
[   21.148308][  T423]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.154034][  T423] RIP: 0033:0x7f23b5b71829
[   21.158290][  T423] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   21.177733][  T423] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   21.185978][  T423] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   21.193788][  T423] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   21.201597][  T423] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   21.209413][  T423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   21.217219][  T423] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[pid   423] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   422] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   423] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   423] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   422] close(3)                    = 0
[pid   422] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   422] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   422] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   422] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   422] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   422] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   422] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   422] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   422] exit_group(0 <unfinished ...>
[pid   423] <... futex resumed>)        = ?
[pid   422] <... exit_group resumed>)   = ?
[pid   423] +++ exited with 0 +++
[pid   422] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 16
./strace-static-x86_64: Process 424 attached
[pid   424] set_robust_list(0x5555572d45e0, 24) = 0
[pid   424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   424] setpgid(0, 0)               = 0
[pid   424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   424] write(3, "1000", 4)         = 4
[pid   424] close(3)                    = 0
[pid   424] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   424] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   424] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   424] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 425 attached
 <unfinished ...>
[pid   425] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   425] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   424] <... clone resumed>, parent_tid=[17], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 17
[pid   424] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   425] <... futex resumed>)        = 0
[pid   425] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   424] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   425] write(3, "63", 2)           = 2
[   21.225033][  T423]  </TASK>
[   21.244959][  T425] FAULT_INJECTION: forcing a failure.
[   21.244959][  T425] name failslab, interval 1, probability 0, space 0, times 0
[   21.257479][  T425] CPU: 1 PID: 425 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[pid   425] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[pid   424] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   21.267329][  T425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   21.277222][  T425] Call Trace:
[   21.280345][  T425]  <TASK>
[   21.283125][  T425]  dump_stack_lvl+0x151/0x1b7
[   21.287640][  T425]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   21.292930][  T425]  ? vma_interval_tree_augment_rotate+0x210/0x210
[   21.299185][  T425]  dump_stack+0x15/0x17
[   21.303170][  T425]  should_fail+0x3c0/0x510
[   21.307426][  T425]  __should_failslab+0x9f/0xe0
[   21.312025][  T425]  should_failslab+0x9/0x20
[   21.316365][  T425]  kmem_cache_alloc+0x4f/0x2f0
[   21.320965][  T425]  ? anon_vma_fork+0xf7/0x4f0
[   21.325477][  T425]  anon_vma_fork+0xf7/0x4f0
[   21.329817][  T425]  ? anon_vma_name+0x43/0x70
[   21.334244][  T425]  dup_mmap+0x750/0xea0
[   21.338236][  T425]  ? __delayed_free_task+0x20/0x20
[   21.343183][  T425]  ? mm_init+0x807/0x960
[   21.347264][  T425]  dup_mm+0x91/0x330
[   21.350993][  T425]  copy_mm+0x108/0x1b0
[   21.354900][  T425]  copy_process+0x1295/0x3250
[   21.359412][  T425]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.364362][  T425]  ? __kasan_check_write+0x14/0x20
[   21.369306][  T425]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   21.374258][  T425]  kernel_clone+0x22d/0x990
[   21.378592][  T425]  ? cgroup_update_frozen+0x155/0x320
[   21.383801][  T425]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.388834][  T425]  ? create_io_thread+0x1e0/0x1e0
[   21.393712][  T425]  ? ptrace_stop+0x6eb/0xa30
[   21.398123][  T425]  __x64_sys_clone+0x289/0x310
[   21.402721][  T425]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.407755][  T425]  ? __do_sys_vfork+0x130/0x130
[   21.412441][  T425]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   21.417913][  T425]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   21.423730][  T425]  do_syscall_64+0x44/0xd0
[   21.427978][  T425]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.433732][  T425] RIP: 0033:0x7f23b5b71829
[   21.437963][  T425] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   21.457398][  T425] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   21.465647][  T425] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[pid   425] <... clone resumed>, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   425] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] close(3)                    = 0
[pid   424] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(24 <unfinished ...>
[pid   425] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   424] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   424] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   424] exit_group(0)               = ?
[pid   425] <... futex resumed>)        = ?
[pid   425] +++ exited with 0 +++
[pid   424] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 427 attached
, child_tidptr=0x5555572d45d0) = 18
[pid   427] set_robust_list(0x5555572d45e0, 24) = 0
[pid   427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   427] setpgid(0, 0)               = 0
[pid   427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   427] write(3, "1000", 4)         = 4
[pid   427] close(3)                    = 0
[pid   427] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   427] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   427] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   427] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[19], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 19
[pid   427] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   427] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 428 attached
 <unfinished ...>
[pid   428] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   428] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   428] write(3, "63", 2)           = 2
[   21.473458][  T425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   21.481269][  T425] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   21.489081][  T425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   21.496889][  T425] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   21.504710][  T425]  </TASK>
[   21.519278][  T428] FAULT_INJECTION: forcing a failure.
[   21.519278][  T428] name failslab, interval 1, probability 0, space 0, times 0
[   21.531800][  T428] CPU: 0 PID: 428 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   21.541761][  T428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   21.551666][  T428] Call Trace:
[   21.554790][  T428]  <TASK>
[   21.557557][  T428]  dump_stack_lvl+0x151/0x1b7
[   21.562074][  T428]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   21.567368][  T428]  dump_stack+0x15/0x17
[   21.571366][  T428]  should_fail+0x3c0/0x510
[   21.575611][  T428]  __should_failslab+0x9f/0xe0
[   21.580212][  T428]  should_failslab+0x9/0x20
[   21.584551][  T428]  kmem_cache_alloc+0x4f/0x2f0
[   21.589152][  T428]  ? anon_vma_fork+0x1b9/0x4f0
[   21.593751][  T428]  anon_vma_fork+0x1b9/0x4f0
[   21.598176][  T428]  dup_mmap+0x750/0xea0
[   21.602169][  T428]  ? __delayed_free_task+0x20/0x20
[   21.607119][  T428]  ? mm_init+0x807/0x960
[   21.611195][  T428]  dup_mm+0x91/0x330
[   21.614929][  T428]  copy_mm+0x108/0x1b0
[   21.618832][  T428]  copy_process+0x1295/0x3250
[   21.623347][  T428]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.628294][  T428]  ? __kasan_check_write+0x14/0x20
[   21.633244][  T428]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   21.638187][  T428]  kernel_clone+0x22d/0x990
[   21.642527][  T428]  ? cgroup_update_frozen+0x155/0x320
[   21.647767][  T428]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.652767][  T428]  ? create_io_thread+0x1e0/0x1e0
[   21.657629][  T428]  ? ptrace_stop+0x6eb/0xa30
[   21.662055][  T428]  __x64_sys_clone+0x289/0x310
[   21.666655][  T428]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.671689][  T428]  ? __do_sys_vfork+0x130/0x130
[   21.676381][  T428]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   21.681844][  T428]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   21.687658][  T428]  do_syscall_64+0x44/0xd0
[   21.691910][  T428]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.697639][  T428] RIP: 0033:0x7f23b5b71829
[   21.701895][  T428] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[pid   428] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[pid   427] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   428] <... clone resumed>, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   428] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   428] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   427] close(3)                    = 0
[pid   427] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   427] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   427] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   427] exit_group(0)               = ?
[pid   428] <... futex resumed>)        = ?
[pid   428] +++ exited with 0 +++
[pid   427] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 429 attached
 <unfinished ...>
[pid   429] set_robust_list(0x5555572d45e0, 24 <unfinished ...>
[pid   408] <... clone resumed>, child_tidptr=0x5555572d45d0) = 20
[pid   429] <... set_robust_list resumed>) = 0
[pid   429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   429] setpgid(0, 0)               = 0
[pid   429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   429] write(3, "1000", 4)         = 4
[pid   429] close(3)                    = 0
[pid   429] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   429] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   429] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   429] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   429] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[21], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 21
[pid   429] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   429] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 430 attached
 <unfinished ...>
[pid   430] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   430] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   430] write(3, "63", 2)           = 2
[   21.721332][  T428] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   21.729577][  T428] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   21.737387][  T428] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   21.745199][  T428] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   21.753009][  T428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   21.760826][  T428] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   21.768639][  T428]  </TASK>
[   21.782081][  T430] FAULT_INJECTION: forcing a failure.
[   21.782081][  T430] name failslab, interval 1, probability 0, space 0, times 0
[   21.794549][  T430] CPU: 0 PID: 430 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   21.804447][  T430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   21.814343][  T430] Call Trace:
[   21.817464][  T430]  <TASK>
[   21.820249][  T430]  dump_stack_lvl+0x151/0x1b7
[   21.824756][  T430]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   21.830054][  T430]  ? vma_interval_tree_augment_rotate+0x210/0x210
[   21.836390][  T430]  dump_stack+0x15/0x17
[   21.840384][  T430]  should_fail+0x3c0/0x510
[   21.844631][  T430]  __should_failslab+0x9f/0xe0
[   21.849231][  T430]  should_failslab+0x9/0x20
[   21.853572][  T430]  kmem_cache_alloc+0x4f/0x2f0
[   21.858169][  T430]  ? anon_vma_fork+0xf7/0x4f0
[   21.862686][  T430]  anon_vma_fork+0xf7/0x4f0
[   21.867022][  T430]  ? anon_vma_name+0x4c/0x70
[   21.871450][  T430]  dup_mmap+0x750/0xea0
[   21.875443][  T430]  ? __delayed_free_task+0x20/0x20
[   21.880397][  T430]  ? mm_init+0x807/0x960
[   21.884468][  T430]  dup_mm+0x91/0x330
[   21.888201][  T430]  copy_mm+0x108/0x1b0
[   21.892104][  T430]  copy_process+0x1295/0x3250
[   21.896619][  T430]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   21.901564][  T430]  ? __kasan_check_write+0x14/0x20
[   21.906511][  T430]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   21.911574][  T430]  kernel_clone+0x22d/0x990
[   21.915893][  T430]  ? cgroup_update_frozen+0x155/0x320
[   21.921107][  T430]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.926135][  T430]  ? create_io_thread+0x1e0/0x1e0
[   21.930994][  T430]  ? ptrace_stop+0x6eb/0xa30
[   21.935423][  T430]  __x64_sys_clone+0x289/0x310
[   21.940021][  T430]  ? _raw_spin_unlock_irq+0x4e/0x70
[   21.945054][  T430]  ? __do_sys_vfork+0x130/0x130
[   21.949742][  T430]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   21.955224][  T430]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   21.961024][  T430]  do_syscall_64+0x44/0xd0
[   21.965276][  T430]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   21.971006][  T430] RIP: 0033:0x7f23b5b71829
[   21.975258][  T430] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   21.994705][  T430] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   22.002948][  T430] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   22.010767][  T430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   22.018570][  T430] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[pid   430] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[pid   429] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   430] <... clone resumed>, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   430] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   430] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   429] close(3)                    = 0
[pid   429] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   429] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   429] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   429] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   429] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   429] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   429] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   429] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   429] exit_group(0 <unfinished ...>
[pid   430] <... futex resumed>)        = ?
[pid   429] <... exit_group resumed>)   = ?
[pid   430] +++ exited with 0 +++
[pid   429] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 431 attached
, child_tidptr=0x5555572d45d0) = 22
[pid   431] set_robust_list(0x5555572d45e0, 24) = 0
[pid   431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   431] setpgid(0, 0)               = 0
[pid   431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   431] write(3, "1000", 4)         = 4
[pid   431] close(3)                    = 0
[pid   431] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   431] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   431] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   431] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 432 attached
, parent_tid=[23], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 23
[pid   432] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   432] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   431] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   432] <... futex resumed>)        = 0
[pid   432] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   432] write(3, "63", 2)           = 2
[   22.026383][  T430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   22.034192][  T430] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   22.042011][  T430]  </TASK>
[   22.061180][  T432] FAULT_INJECTION: forcing a failure.
[   22.061180][  T432] name failslab, interval 1, probability 0, space 0, times 0
[   22.073680][  T432] CPU: 1 PID: 432 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   22.083570][  T432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   22.093473][  T432] Call Trace:
[   22.096685][  T432]  <TASK>
[   22.099453][  T432]  dump_stack_lvl+0x151/0x1b7
[   22.103965][  T432]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   22.109346][  T432]  dump_stack+0x15/0x17
[   22.113337][  T432]  should_fail+0x3c0/0x510
[   22.117595][  T432]  __should_failslab+0x9f/0xe0
[   22.122193][  T432]  should_failslab+0x9/0x20
[   22.126537][  T432]  kmem_cache_alloc+0x4f/0x2f0
[   22.131130][  T432]  ? anon_vma_clone+0xa1/0x4f0
[   22.135731][  T432]  anon_vma_clone+0xa1/0x4f0
[   22.140158][  T432]  anon_vma_fork+0x91/0x4f0
[   22.144496][  T432]  ? anon_vma_name+0x43/0x70
[   22.148925][  T432]  dup_mmap+0x750/0xea0
[   22.152919][  T432]  ? __delayed_free_task+0x20/0x20
[   22.157865][  T432]  ? mm_init+0x807/0x960
[   22.161941][  T432]  dup_mm+0x91/0x330
[   22.165676][  T432]  copy_mm+0x108/0x1b0
[   22.169667][  T432]  copy_process+0x1295/0x3250
[   22.174185][  T432]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   22.179126][  T432]  ? __kasan_check_write+0x14/0x20
[   22.184078][  T432]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   22.189029][  T432]  kernel_clone+0x22d/0x990
[   22.193363][  T432]  ? cgroup_update_frozen+0x155/0x320
[   22.198565][  T432]  ? _raw_spin_unlock_irq+0x4e/0x70
[   22.203603][  T432]  ? create_io_thread+0x1e0/0x1e0
[   22.208461][  T432]  ? ptrace_stop+0x6eb/0xa30
[   22.212890][  T432]  __x64_sys_clone+0x289/0x310
[   22.217493][  T432]  ? _raw_spin_unlock_irq+0x4e/0x70
[   22.222521][  T432]  ? __do_sys_vfork+0x130/0x130
[   22.227207][  T432]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   22.232679][  T432]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   22.238586][  T432]  do_syscall_64+0x44/0xd0
[   22.242832][  T432]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   22.248558][  T432] RIP: 0033:0x7f23b5b71829
[   22.252811][  T432] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   22.272254][  T432] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   432] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 EFAULT (Bad address)
[pid   431] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   432] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   431] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   431] close(3)                    = 0
[pid   431] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   431] exit_group(0 <unfinished ...>
[pid   432] <... futex resumed>)        = ?
[pid   431] <... exit_group resumed>)   = ?
[pid   432] +++ exited with 0 +++
[pid   431] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 25
./strace-static-x86_64: Process 434 attached
[pid   434] set_robust_list(0x5555572d45e0, 24) = 0
[pid   434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   434] setpgid(0, 0)               = 0
[pid   434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   434] write(3, "1000", 4)         = 4
[pid   434] close(3)                    = 0
[pid   434] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   434] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   434] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   434] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   434] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 435 attached
, parent_tid=[26], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 26
[pid   435] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   435] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   434] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   435] <... futex resumed>)        = 0
[pid   435] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   435] write(3, "63", 2 <unfinished ...>
[pid   434] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   435] <... write resumed>)        = 2
[   22.280497][  T432] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   22.288310][  T432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   22.296121][  T432] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   22.303938][  T432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   22.311746][  T432] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   22.319562][  T432]  </TASK>
[pid   435] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[pid   434] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   22.340267][  T435] FAULT_INJECTION: forcing a failure.
[   22.340267][  T435] name failslab, interval 1, probability 0, space 0, times 0
[   22.352831][  T435] CPU: 1 PID: 435 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   22.362773][  T435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   22.372675][  T435] Call Trace:
[   22.375807][  T435]  <TASK>
[   22.378573][  T435]  dump_stack_lvl+0x151/0x1b7
[   22.383085][  T435]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   22.388380][  T435]  dump_stack+0x15/0x17
[   22.392370][  T435]  should_fail+0x3c0/0x510
[   22.396622][  T435]  __should_failslab+0x9f/0xe0
[   22.401222][  T435]  should_failslab+0x9/0x20
[   22.405561][  T435]  kmem_cache_alloc+0x4f/0x2f0
[   22.410160][  T435]  ? anon_vma_fork+0x1b9/0x4f0
[   22.414761][  T435]  anon_vma_fork+0x1b9/0x4f0
[   22.419195][  T435]  dup_mmap+0x750/0xea0
[   22.423183][  T435]  ? __delayed_free_task+0x20/0x20
[   22.428134][  T435]  ? mm_init+0x807/0x960
[   22.432209][  T435]  dup_mm+0x91/0x330
[   22.435942][  T435]  copy_mm+0x108/0x1b0
[   22.439865][  T435]  copy_process+0x1295/0x3250
[   22.444367][  T435]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   22.449305][  T435]  ? __kasan_check_write+0x14/0x20
[   22.454276][  T435]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   22.459206][  T435]  kernel_clone+0x22d/0x990
[   22.463542][  T435]  ? cgroup_update_frozen+0x155/0x320
[   22.468842][  T435]  ? _raw_spin_unlock_irq+0x4e/0x70
[   22.473870][  T435]  ? create_io_thread+0x1e0/0x1e0
[   22.478725][  T435]  ? ptrace_stop+0x6eb/0xa30
[   22.483155][  T435]  __x64_sys_clone+0x289/0x310
[   22.487754][  T435]  ? _raw_spin_unlock_irq+0x4e/0x70
[   22.492788][  T435]  ? __do_sys_vfork+0x130/0x130
[   22.497472][  T435]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   22.503016][  T435]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   22.508756][  T435]  do_syscall_64+0x44/0xd0
[   22.513009][  T435]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   22.518739][  T435] RIP: 0033:0x7f23b5b71829
[   22.522992][  T435] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   22.542432][  T435] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   22.550676][  T435] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   22.558487][  T435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   22.566301][  T435] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   22.574109][  T435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   22.581922][  T435] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[pid   435] <... clone resumed>, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   435] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   435] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   434] close(3)                    = 0
[pid   434] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   434] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   434] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   434] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   434] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   434] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   434] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   434] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   434] exit_group(0)               = ?
[pid   435] <... futex resumed>)        = ?
[pid   435] +++ exited with 0 +++
[pid   434] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=25, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 27
./strace-static-x86_64: Process 437 attached
[pid   437] set_robust_list(0x5555572d45e0, 24) = 0
[pid   437] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   437] setpgid(0, 0)               = 0
[pid   437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   437] write(3, "1000", 4)         = 4
[pid   437] close(3)                    = 0
[pid   437] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   437] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   437] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   437] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   437] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 438 attached
 <unfinished ...>
[pid   438] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   438] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   437] <... clone resumed>, parent_tid=[28], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 28
[pid   437] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   438] <... futex resumed>)        = 0
[pid   438] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   438] write(3, "63", 2)           = 2
[   22.589742][  T435]  </TASK>
[   22.607461][  T438] FAULT_INJECTION: forcing a failure.
[   22.607461][  T438] name failslab, interval 1, probability 0, space 0, times 0
[   22.619909][  T438] CPU: 1 PID: 438 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   22.629832][  T438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   22.639735][  T438] Call Trace:
[   22.642855][  T438]  <TASK>
[   22.645637][  T438]  dump_stack_lvl+0x151/0x1b7
[   22.650149][  T438]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   22.655436][  T438]  dump_stack+0x15/0x17
[   22.659428][  T438]  should_fail+0x3c0/0x510
[   22.663681][  T438]  __should_failslab+0x9f/0xe0
[   22.668282][  T438]  should_failslab+0x9/0x20
[   22.672620][  T438]  kmem_cache_alloc+0x4f/0x2f0
[   22.677220][  T438]  ? anon_vma_fork+0x1b9/0x4f0
[   22.681821][  T438]  anon_vma_fork+0x1b9/0x4f0
[   22.686247][  T438]  dup_mmap+0x750/0xea0
[   22.690239][  T438]  ? __delayed_free_task+0x20/0x20
[   22.695191][  T438]  ? mm_init+0x807/0x960
[   22.699265][  T438]  dup_mm+0x91/0x330
[   22.702997][  T438]  copy_mm+0x108/0x1b0
[   22.706910][  T438]  copy_process+0x1295/0x3250
[   22.711416][  T438]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   22.716368][  T438]  ? __kasan_check_write+0x14/0x20
[   22.721309][  T438]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   22.726257][  T438]  kernel_clone+0x22d/0x990
[   22.730602][  T438]  ? cgroup_update_frozen+0x155/0x320
[   22.735803][  T438]  ? _raw_spin_unlock_irq+0x4e/0x70
[   22.740845][  T438]  ? create_io_thread+0x1e0/0x1e0
[   22.745701][  T438]  ? ptrace_stop+0x6eb/0xa30
[   22.750125][  T438]  __x64_sys_clone+0x289/0x310
[   22.754725][  T438]  ? _raw_spin_unlock_irq+0x4e/0x70
[   22.759761][  T438]  ? __do_sys_vfork+0x130/0x130
[   22.764444][  T438]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   22.769913][  T438]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   22.775729][  T438]  do_syscall_64+0x44/0xd0
[   22.779981][  T438]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   22.785709][  T438] RIP: 0033:0x7f23b5b71829
[   22.789963][  T438] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   22.809411][  T438] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   22.817735][  T438] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   22.825550][  T438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   22.833361][  T438] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[pid   438] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   437] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   438] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   437] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid   438] <... futex resumed>)        = 0
[pid   437] close(3 <unfinished ...>
[pid   438] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   437] <... close resumed>)        = 0
[pid   437] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   437] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   437] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   437] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   437] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   437] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   437] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   437] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   437] exit_group(0 <unfinished ...>
[pid   438] <... futex resumed>)        = ?
[pid   437] <... exit_group resumed>)   = ?
[pid   438] +++ exited with 0 +++
[pid   437] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=27, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 29
./strace-static-x86_64: Process 439 attached
[pid   439] set_robust_list(0x5555572d45e0, 24) = 0
[pid   439] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   439] setpgid(0, 0)               = 0
[pid   439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   439] write(3, "1000", 4)         = 4
[pid   439] close(3)                    = 0
[pid   439] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   439] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   439] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   439] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   439] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 440 attached
 <unfinished ...>
[pid   440] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   440] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   439] <... clone resumed>, parent_tid=[30], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 30
[pid   439] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   440] <... futex resumed>)        = 0
[pid   440] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   440] write(3, "63", 2)           = 2
[   22.841171][  T438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   22.849070][  T438] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   22.856883][  T438]  </TASK>
[   22.877756][  T440] FAULT_INJECTION: forcing a failure.
[   22.877756][  T440] name failslab, interval 1, probability 0, space 0, times 0
[   22.890294][  T440] CPU: 1 PID: 440 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   22.900240][  T440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   22.910135][  T440] Call Trace:
[   22.913257][  T440]  <TASK>
[   22.916036][  T440]  dump_stack_lvl+0x151/0x1b7
[   22.920553][  T440]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   22.925851][  T440]  dump_stack+0x15/0x17
[   22.929836][  T440]  should_fail+0x3c0/0x510
[   22.934088][  T440]  __should_failslab+0x9f/0xe0
[   22.938688][  T440]  should_failslab+0x9/0x20
[   22.943027][  T440]  kmem_cache_alloc+0x4f/0x2f0
[   22.947627][  T440]  ? anon_vma_fork+0x1b9/0x4f0
[   22.952226][  T440]  anon_vma_fork+0x1b9/0x4f0
[   22.956654][  T440]  dup_mmap+0x750/0xea0
[   22.960647][  T440]  ? __delayed_free_task+0x20/0x20
[   22.965593][  T440]  ? mm_init+0x807/0x960
[   22.969670][  T440]  dup_mm+0x91/0x330
[   22.973407][  T440]  copy_mm+0x108/0x1b0
[   22.977309][  T440]  copy_process+0x1295/0x3250
[   22.981825][  T440]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   22.986771][  T440]  ? __kasan_check_write+0x14/0x20
[   22.991717][  T440]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   22.996664][  T440]  kernel_clone+0x22d/0x990
[   23.001003][  T440]  ? cgroup_update_frozen+0x155/0x320
[   23.006218][  T440]  ? _raw_spin_unlock_irq+0x4e/0x70
[   23.011254][  T440]  ? create_io_thread+0x1e0/0x1e0
[   23.016107][  T440]  ? ptrace_stop+0x6eb/0xa30
[   23.020541][  T440]  __x64_sys_clone+0x289/0x310
[   23.025133][  T440]  ? _raw_spin_unlock_irq+0x4e/0x70
[   23.030171][  T440]  ? __do_sys_vfork+0x130/0x130
[   23.034853][  T440]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   23.040320][  T440]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   23.046134][  T440]  do_syscall_64+0x44/0xd0
[   23.050388][  T440]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.056114][  T440] RIP: 0033:0x7f23b5b71829
[   23.060370][  T440] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   23.079899][  T440] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   440] clone(child_stack=NULL, flags=CLONE_PIDFD, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   439] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   440] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   439] <... futex resumed>)        = 0
[pid   439] close(3 <unfinished ...>
[pid   440] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   439] <... close resumed>)        = 0
[pid   439] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   439] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   439] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   439] exit_group(0)               = ?
[pid   440] <... futex resumed>)        = ?
[pid   440] +++ exited with 0 +++
[pid   439] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   408] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   408] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572d45d0) = 31
./strace-static-x86_64: Process 441 attached
[pid   441] set_robust_list(0x5555572d45e0, 24) = 0
[pid   441] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   441] setpgid(0, 0)               = 0
[pid   441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   441] write(3, "1000", 4)         = 4
[pid   441] close(3)                    = 0
[pid   441] read(200, 0x7fffb1accdf0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   441] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   441] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f23b5b02000
[pid   441] mprotect(0x7f23b5b03000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   441] clone(child_stack=0x7f23b5b223f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[32], tls=0x7f23b5b22700, child_tidptr=0x7f23b5b229d0) = 32
[pid   441] futex(0x7f23b5bfa4a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   441] futex(0x7f23b5bfa4ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 442 attached
 <unfinished ...>
[pid   442] set_robust_list(0x7f23b5b229e0, 24) = 0
[pid   442] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   442] write(3, "63", 2)           = 2
[   23.088142][  T440] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   23.095955][  T440] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   23.103765][  T440] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   23.111575][  T440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   23.119387][  T440] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   23.127201][  T440]  </TASK>
[   23.143804][  T442] FAULT_INJECTION: forcing a failure.
[   23.143804][  T442] name failslab, interval 1, probability 0, space 0, times 0
[   23.156230][  T442] CPU: 1 PID: 442 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   23.166189][  T442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   23.176092][  T442] Call Trace:
[   23.179210][  T442]  <TASK>
[   23.181989][  T442]  dump_stack_lvl+0x151/0x1b7
[   23.186586][  T442]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   23.191880][  T442]  ? vma_interval_tree_augment_rotate+0x210/0x210
[   23.198129][  T442]  dump_stack+0x15/0x17
[   23.202125][  T442]  should_fail+0x3c0/0x510
[   23.206375][  T442]  __should_failslab+0x9f/0xe0
[   23.210976][  T442]  should_failslab+0x9/0x20
[   23.215312][  T442]  kmem_cache_alloc+0x4f/0x2f0
[   23.219922][  T442]  ? anon_vma_fork+0xf7/0x4f0
[   23.224427][  T442]  anon_vma_fork+0xf7/0x4f0
[   23.228765][  T442]  ? anon_vma_name+0x43/0x70
[   23.233191][  T442]  dup_mmap+0x750/0xea0
[   23.237185][  T442]  ? __delayed_free_task+0x20/0x20
[   23.242133][  T442]  ? mm_init+0x807/0x960
[   23.246211][  T442]  dup_mm+0x91/0x330
[   23.249944][  T442]  copy_mm+0x108/0x1b0
[   23.253850][  T442]  copy_process+0x1295/0x3250
[   23.258363][  T442]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   23.263312][  T442]  ? __kasan_check_write+0x14/0x20
[   23.268259][  T442]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   23.273203][  T442]  kernel_clone+0x22d/0x990
[   23.277545][  T442]  ? cgroup_update_frozen+0x155/0x320
[   23.282749][  T442]  ? _raw_spin_unlock_irq+0x4e/0x70
[   23.287785][  T442]  ? create_io_thread+0x1e0/0x1e0
[   23.292645][  T442]  ? ptrace_stop+0x6eb/0xa30
[   23.297076][  T442]  __x64_sys_clone+0x289/0x310
[   23.301670][  T442]  ? _raw_spin_unlock_irq+0x4e/0x70
[   23.306705][  T442]  ? __do_sys_vfork+0x130/0x130
[   23.311394][  T442]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   23.316860][  T442]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   23.322675][  T442]  do_syscall_64+0x44/0xd0
[   23.326927][  T442]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.332655][  T442] RIP: 0033:0x7f23b5b71829
[   23.336916][  T442] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   23.356350][  T442] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   23.364594][  T442] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   23.372406][  T442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   23.380225][  T442] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[pid   442] clone(child_stack=NULL, flags=CLONE_PIDFD <unfinished ...>
[pid   441] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   23.388033][  T442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   23.395840][  T442] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   23.403658][  T442]  </TASK>
[   23.406602][  T442] ==================================================================
[   23.414418][  T442] BUG: KASAN: double-free or invalid-free in kfree+0xc8/0x210
[   23.421702][  T442] 
[   23.423872][  T442] CPU: 1 PID: 442 Comm: syz-executor351 Not tainted 5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   23.433853][  T442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   23.443750][  T442] Call Trace:
[   23.446874][  T442]  <TASK>
[   23.449650][  T442]  dump_stack_lvl+0x151/0x1b7
[   23.454164][  T442]  ? bfq_pos_tree_add_move+0x43e/0x43e
[   23.459458][  T442]  ? panic+0x727/0x727
[   23.463364][  T442]  ? debug_smp_processor_id+0x17/0x20
[   23.468579][  T442]  ? kmem_cache_free+0x11a/0x2e0
[   23.473344][  T442]  ? kfree+0xc8/0x210
[   23.477161][  T442]  print_address_description+0x87/0x3d0
[   23.482544][  T442]  ? kfree+0xc8/0x210
[   23.486362][  T442]  ? kfree+0xc8/0x210
[   23.490181][  T442]  kasan_report_invalid_free+0x72/0xa0
[   23.495482][  T442]  ____kasan_slab_free+0x13e/0x160
[   23.500424][  T442]  __kasan_slab_free+0x11/0x20
[   23.505034][  T442]  slab_free_freelist_hook+0xc9/0x1a0
[   23.510231][  T442]  ? anon_vma_name_free+0x15/0x20
[   23.515091][  T442]  kfree+0xc8/0x210
[   23.518744][  T442]  anon_vma_name_free+0x15/0x20
[   23.523427][  T442]  vm_area_free+0xa6/0x230
[   23.527676][  T442]  dup_mmap+0xbcd/0xea0
[   23.531674][  T442]  ? __delayed_free_task+0x20/0x20
[   23.536616][  T442]  ? mm_init+0x807/0x960
[   23.540694][  T442]  dup_mm+0x91/0x330
[   23.544428][  T442]  copy_mm+0x108/0x1b0
[   23.548333][  T442]  copy_process+0x1295/0x3250
[   23.552846][  T442]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   23.557791][  T442]  ? __kasan_check_write+0x14/0x20
[   23.562739][  T442]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   23.567690][  T442]  kernel_clone+0x22d/0x990
[   23.572026][  T442]  ? cgroup_update_frozen+0x155/0x320
[   23.577233][  T442]  ? _raw_spin_unlock_irq+0x4e/0x70
[   23.582266][  T442]  ? create_io_thread+0x1e0/0x1e0
[   23.587127][  T442]  ? ptrace_stop+0x6eb/0xa30
[   23.591554][  T442]  __x64_sys_clone+0x289/0x310
[   23.596152][  T442]  ? _raw_spin_unlock_irq+0x4e/0x70
[   23.601187][  T442]  ? __do_sys_vfork+0x130/0x130
[   23.605962][  T442]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   23.611429][  T442]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   23.617245][  T442]  do_syscall_64+0x44/0xd0
[   23.621498][  T442]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.627225][  T442] RIP: 0033:0x7f23b5b71829
[   23.631491][  T442] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   23.650922][  T442] RSP: 002b:00007f23b5b222f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   23.659164][  T442] RAX: ffffffffffffffda RBX: 00007f23b5bfa4a8 RCX: 00007f23b5b71829
[   23.666974][  T442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   23.674786][  T442] RBP: 00007f23b5bfa4a0 R08: 0000000000000000 R09: 0000000000003336
[   23.682610][  T442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   23.690408][  T442] R13: 00007f23b5b22300 R14: 00007f23b5b22400 R15: 0000000000022000
[   23.698223][  T442]  </TASK>
[   23.701091][  T442] 
[   23.703257][  T442] Allocated by task 407:
[   23.707333][  T442]  __kasan_slab_alloc+0xb2/0xe0
[   23.712020][  T442]  kmem_cache_alloc+0x189/0x2f0
[   23.716712][  T442]  vm_area_dup+0x26/0x1d0
[   23.720874][  T442]  dup_mmap+0x6b8/0xea0
[   23.724870][  T442]  dup_mm+0x91/0x330
[   23.728600][  T442]  copy_mm+0x108/0x1b0
[   23.732598][  T442]  copy_process+0x1295/0x3250
[   23.737101][  T442]  kernel_clone+0x22d/0x990
[   23.741442][  T442]  __x64_sys_clone+0x289/0x310
[   23.746131][  T442]  do_syscall_64+0x44/0xd0
[   23.750382][  T442]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.756197][  T442] 
[   23.758370][  T442] The buggy address belongs to the object at ffff88811eb79de0
[   23.758370][  T442]  which belongs to the cache vm_area_struct of size 232
[   23.772514][  T442] The buggy address is located 88 bytes inside of
[   23.772514][  T442]  232-byte region [ffff88811eb79de0, ffff88811eb79ec8)
[   23.785535][  T442] The buggy address belongs to the page:
[   23.791004][  T442] page:ffffea00047ade40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11eb79
[   23.801067][  T442] flags: 0x4000000000000200(slab|zone=1)
[   23.806543][  T442] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100275c80
[   23.814960][  T442] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[   23.823372][  T442] page dumped because: kasan: bad access detected
[   23.829622][  T442] page_owner tracks the page as allocated
[   23.835175][  T442] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 407, ts 19351738209, free_ts 19214197272
[   23.850974][  T442]  post_alloc_hook+0x1ab/0x1b0
[   23.855572][  T442]  get_page_from_freelist+0x38b/0x400
[   23.860782][  T442]  __alloc_pages+0x3a8/0x7c0
[   23.865206][  T442]  allocate_slab+0x62/0x580
[   23.869545][  T442]  ___slab_alloc+0x2e2/0x6f0
[   23.873972][  T442]  __slab_alloc+0x4a/0x90
[   23.878137][  T442]  kmem_cache_alloc+0x205/0x2f0
[   23.882831][  T442]  vm_area_dup+0x26/0x1d0
[   23.886991][  T442]  dup_mmap+0x6b8/0xea0
[   23.890982][  T442]  dup_mm+0x91/0x330
[   23.894715][  T442]  copy_mm+0x108/0x1b0
[   23.898624][  T442]  copy_process+0x1295/0x3250
[   23.903136][  T442]  kernel_clone+0x22d/0x990
[   23.907477][  T442]  __x64_sys_clone+0x289/0x310
[   23.912074][  T442]  do_syscall_64+0x44/0xd0
[   23.916330][  T442]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.922073][  T442] page last free stack trace:
[   23.926569][  T442]  free_pcp_prepare+0x448/0x450
[   23.931258][  T442]  free_unref_page+0x9c/0x370
[   23.935770][  T442]  __free_pages+0xd8/0x100
[   23.940021][  T442]  free_pages+0x7c/0x90
[   23.944014][  T442]  kasan_depopulate_vmalloc_pte+0x6a/0x90
[   23.949568][  T442]  __apply_to_page_range+0x8b8/0xb90
[   23.954688][  T442]  apply_to_existing_page_range+0x38/0x50
[   23.960246][  T442]  kasan_release_vmalloc+0x9a/0xb0
[   23.965189][  T442]  __purge_vmap_area_lazy+0xc6a/0x1800
[   23.970485][  T442]  _vm_unmap_aliases+0x364/0x3e0
[   23.975256][  T442]  vm_unmap_aliases+0x19/0x20
[   23.979770][  T442]  change_page_attr_set_clr+0x2ce/0x6d0
[   23.985153][  T442]  set_memory_ro+0xa1/0xe0
[   23.989406][  T442]  bpf_int_jit_compile+0xb845/0xc090
[   23.994524][  T442]  bpf_prog_select_runtime+0x6fd/0xa40
[   23.999822][  T442]  bpf_prepare_filter+0x10ca/0x1410
[   24.004948][  T442] 
[   24.007110][  T442] Memory state around the buggy address:
[   24.012584][  T442]  ffff88811eb79d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.021087][  T442]  ffff88811eb79d80: fb fb fb fb fc fc fc fc fc fc fc fc 00 00 00 00
[   24.029071][  T442] >ffff88811eb79e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.036967][  T442]                                         ^
[pid   442] <... clone resumed>, parent_tid=NULL) = -1 ENOMEM (Cannot allocate memory)
[pid   442] futex(0x7f23b5bfa4ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   442] futex(0x7f23b5bfa4a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   441] close(3)                    = 0
[pid   441] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   441] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   441] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   441] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   441] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   441] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   441] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   441] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   441] exit_group(0 <unfinished ...>
[pid   442] <... futex resumed>)        = ?
[pid   441] <... exit_group resumed>)   = ?
[pid   442] +++ exited with 0 +++
[pid   441] +++ exited with 0 +++
[pid   408] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=31, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[   24.042697][  T442]  ffff88811eb79e80: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   24.050595][  T442]  ffff88811eb79f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.058492][  T442] ==================================================================
[   24.066390][  T442] Disabling lock debugging due to kernel taint
[   24.078030][  T408] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
[   24.089560][  T408] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[   24.097802][  T408] CPU: 1 PID: 408 Comm: syz-executor351 Tainted: G    B             5.15.72-syzkaller-04310-g43eb03f7ce81 #0
[   24.109173][  T408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   24.119067][  T408] RIP: 0010:__rb_insert_augmented+0x9b/0x670
[   24.124881][  T408] Code: e8 7a e3 2c ff 4d 8b 27 41 f6 c4 01 0f 85 b5 05 00 00 48 89 5d a8 4c 89 75 b8 4c 89 7d d0 4d 8d 7c 24 08 4d 89 fe 49 c1 ee 03 <43> 80 3c 2e 00 74 08 4c 89 ff e8 46 e3 2c ff 49 8b 1f 48 3b 5d d0
[   24.144322][  T408] RSP: 0018:ffffc9000046f8a0 EFLAGS: 00010202
[   24.150224][  T408] RAX: 1ffff11023ecc6c4 RBX: 1ffff11023d6f3c7 RCX: dffffc0000000000
[   24.158121][  T408] RDX: ffffffff81a6fa00 RSI: ffff88810977c390 RDI: ffff88811f663620
[   24.165933][  T408] RBP: ffffc9000046f908 R08: dffffc0000000000 R09: ffff88811f663628
[   24.173743][  T408] R10: ffffed1023ecc6c7 R11: 1ffff11023ecc6c5 R12: 0000000000000000
[   24.181555][  T408] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000008
[   24.189453][  T408] FS:  00005555572d4300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   24.198234][  T408] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.204640][  T408] CR2: 00007f23b5bc69b8 CR3: 0000000110132000 CR4: 00000000003506a0
[   24.212452][  T408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   24.220264][  T408] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   24.228077][  T408] Call Trace:
[   24.231198][  T408]  <TASK>
[   24.233978][  T408]  ? anon_vma_interval_tree_iter_next+0x3b0/0x3b0
[   24.240228][  T408]  vma_interval_tree_insert_after+0x2cd/0x2e0
[   24.246214][  T408]  dup_mmap+0x8bd/0xea0
[   24.250206][  T408]  ? __delayed_free_task+0x20/0x20
[   24.255155][  T408]  ? mm_init+0x807/0x960
[   24.259231][  T408]  dup_mm+0x91/0x330
[   24.263079][  T408]  copy_mm+0x108/0x1b0
[   24.266983][  T408]  copy_process+0x1295/0x3250
[   24.271505][  T408]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   24.276444][  T408]  ? __kasan_check_write+0x14/0x20
[   24.281391][  T408]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   24.286342][  T408]  kernel_clone+0x22d/0x990
[   24.290678][  T408]  ? cgroup_update_frozen+0x155/0x320
[   24.295884][  T408]  ? _raw_spin_unlock_irq+0x4e/0x70
[   24.300917][  T408]  ? create_io_thread+0x1e0/0x1e0
[   24.305777][  T408]  ? ptrace_stop+0x6eb/0xa30
[   24.310204][  T408]  __x64_sys_clone+0x289/0x310
[   24.314808][  T408]  ? _raw_spin_unlock_irq+0x4e/0x70
[   24.319838][  T408]  ? __do_sys_vfork+0x130/0x130
[   24.324525][  T408]  ? fpregs_restore_userregs+0x1f0/0x3a0
[   24.329994][  T408]  ? syscall_enter_from_user_mode+0x71/0x1b0
[   24.335813][  T408]  do_syscall_64+0x44/0xd0
[   24.340060][  T408]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   24.345788][  T408] RIP: 0033:0x7f23b5b7018b
[   24.350044][  T408] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[   24.369485][  T408] RSP: 002b:00007fffb1acd1d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   24.377728][  T408] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f23b5b7018b
[   24.385538][  T408] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[   24.393352][  T408] RBP: 0000000000000000 R08: 0000000000000000 R09: 00005555572d4300
[   24.401171][  T408] R10: 00005555572d45d0 R11: 0000000000000246 R12: 0000000000000000
[   24.408972][  T408] R13: 00007fffb1acd260 R14: 00007fffb1acd250 R15: 00007fffb1acd20c
[   24.416788][  T408]  </TASK>
[   24.419650][  T408] Modules linked in:
[   24.423439][  T408] ---[ end trace a7fba47f1ed66ab4 ]---
[   24.428695][  T408] RIP: 0010:__rb_insert_augmented+0x9b/0x670
[   24.434514][  T408] Code: e8 7a e3 2c ff 4d 8b 27 41 f6 c4 01 0f 85 b5 05 00 00 48 89 5d a8 4c 89 75 b8 4c 89 7d d0 4d 8d 7c 24 08 4d 89 fe 49 c1 ee 03 <43> 80 3c 2e 00 74 08 4c 89 ff e8 46 e3 2c ff 49 8b 1f 48 3b 5d d0
[   24.453965][  T408] RSP: 0018:ffffc9000046f8a0 EFLAGS: 00010202
[   24.459832][  T408] RAX: 1ffff11023ecc6c4 RBX: 1ffff11023d6f3c7 RCX: dffffc0000000000
[   24.467668][  T408] RDX: ffffffff81a6fa00 RSI: ffff88810977c390 RDI: ffff88811f663620
[   24.475473][  T408] RBP: ffffc9000046f908 R08: dffffc0000000000 R09: ffff88811f663628
[   24.483266][  T408] R10: ffffed1023ecc6c7 R11: 1ffff11023ecc6c5 R12: 0000000000000000
[   24.491103][  T408] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000008
[   24.498902][  T408] FS:  00005555572d4300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   24.507679][  T408] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.514091][  T408] CR2: 00007f23b5bc69b8 CR3: 0000000110132000 CR4: 00000000003506a0
[   24.521950][  T408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   24.529725][  T408] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   24.537530][  T408] Kernel panic - not syncing: Fatal exception
[   24.543567][  T408] Kernel Offset: disabled
[   24.547687][  T408] Rebooting in 86400 seconds..