./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1010404635

<...>
[   19.186470][   T30] audit: type=1400 audit(1730023932.181:64): avc:  denied  { rlimitinh } for  pid=226 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   19.205403][   T30] audit: type=1400 audit(1730023932.181:65): avc:  denied  { siginh } for  pid=226 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  125.249779][  T378] sshd (378) used greatest stack depth: 20480 bytes left
Warning: Permanently added '10.128.0.80' (ED25519) to the list of known hosts.
execve("./syz-executor1010404635", ["./syz-executor1010404635"], 0x7ffc276e2980 /* 10 vars */) = 0
brk(NULL)                               = 0x555560cbc000
brk(0x555560cbcd40)                     = 0x555560cbcd40
arch_prctl(ARCH_SET_FS, 0x555560cbc3c0) = 0
set_tid_address(0x555560cbc690)         = 398
set_robust_list(0x555560cbc6a0, 24)     = 0
rseq(0x555560cbcce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1010404635", 4096) = 28
getrandom("\xd6\x94\x22\xea\x22\x1b\xc6\xa3", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555560cbcd40
brk(0x555560cddd40)                     = 0x555560cddd40
brk(0x555560cde000)                     = 0x555560cde000
mprotect(0x7f11f1664000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
swapoff("./swap-file")                  = -1 ENOENT (No such file or directory)
unlink("./swap-file")                   = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "./swap-file", O_WRONLY|O_CREAT|O_CLOEXEC, 0600) = 3
fallocate(3, FALLOC_FL_ZERO_RANGE, 0, 128000000) = 0
close(3)                                = 0
rt_sigaction(SIGINT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f1595000
rt_sigprocmask(SIG_BLOCK, ~[], [CHLD], 8) = 0
clone3({flags=CLONE_VM|CLONE_VFORK, exit_signal=SIGCHLD, stack=0x7f11f1595000, stack_size=0x9000}, 88./strace-static-x86_64: Process 399 attached
 <unfinished ...>
[pid   399] rt_sigprocmask(SIG_BLOCK, NULL, ~[KILL STOP], 8) = 0
[pid   399] rt_sigaction(SIGHUP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGHUP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, 8) = 0
[pid   399] rt_sigaction(SIGILL, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGILL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGTRAP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGTRAP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGABRT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGABRT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGBUS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGBUS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGFPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGFPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGUSR1, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGUSR1, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGSEGV, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGSEGV, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGUSR2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGUSR2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGPIPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGPIPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGTERM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGSTKFLT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGSTKFLT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGCHLD, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGCONT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGCONT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGTSTP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGTTIN, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGTTOU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGURG, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGURG, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGXCPU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGXCPU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGXFSZ, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGXFSZ, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGVTALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGVTALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGPROF, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGPROF, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGWINCH, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGWINCH, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGIO, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGIO, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGPWR, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGPWR, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGSYS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGSYS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_3, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_3, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_4, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_4, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_5, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_5, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_6, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_6, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_7, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_7, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_8, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_8, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_9, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_9, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_10, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_10, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_11, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_11, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_12, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_12, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_13, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_13, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_14, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_14, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_15, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_15, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_16, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_16, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_17, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_17, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_18, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_18, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_19, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_19, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_20, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_20, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_21, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_21, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_22, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_22, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_23, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_23, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_24, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_24, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_25, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_25, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_26, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_26, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_27, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_27, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_28, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_28, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_29, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_29, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_30, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_30, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_31, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_31, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGRT_32, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGRT_32, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   399] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[  131.414796][   T30] audit: type=1400 audit(1730024044.451:66): avc:  denied  { execmem } for  pid=398 comm="syz-executor101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid   399] execve("/bin/sh", ["sh", "-c", "mkswap ./swap-file"], 0x7ffe7e9aff38 /* 10 vars */ <unfinished ...>
[pid   398] <... clone3 resumed>)       = 399
[pid   398] munmap(0x7f11f1595000, 36864 <unfinished ...>
[pid   399] <... execve resumed>)       = 0
[pid   398] <... munmap resumed>)       = 0
[pid   399] brk(NULL <unfinished ...>
[pid   398] rt_sigprocmask(SIG_SETMASK, [CHLD],  <unfinished ...>
[pid   399] <... brk resumed>)          = 0x5584a8e56000
[pid   398] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   399] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1f07766000
[pid   399] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls/haswell/x86_64", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls/haswell", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls/x86_64", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/haswell/x86_64", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/haswell", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/x86_64", 0x7ffd60f3d560, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x70\x08\x01\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\xed\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 778504) = 48
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=792936, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 796968, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1f076a3000
[pid   399] mmap(0x7f1f076b2000, 557056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f1f076b2000
[pid   399] mmap(0x7f1f0773a000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x97000) = 0x7f1f0773a000
[pid   399] mmap(0x7f1f07762000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7f1f07762000
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x8c\x87\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x32\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3c\x00\x3b\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784
[pid   399] pread64(3, "\x04\x00\x00\x00\x30\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x02\x80\x00\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x3b\x08\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00", 64, 848) = 64
[pid   399] pread64(3, "\x04\x00\x00\x00\x10\x00\x00\x00\x01\x00\x00\x00\x47\x4e\x55\x00\x00\x00\x00\x00\x04\x00\x00\x00\x13\x00\x00\x00\x00\x00\x00\x00", 32, 912) = 32
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1720616, ...}, AT_EMPTY_PATH) = 0
[pid   399] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784
[pid   399] mmap(NULL, 1773008, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1f074f2000
[pid   399] mmap(0x7f1f0751a000, 1191936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7f1f0751a000
[pid   399] mmap(0x7f1f0763d000, 339968, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14b000) = 0x7f1f0763d000
[pid   399] mmap(0x7f1f07690000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19d000) = 0x7f1f07690000
[pid   399] mmap(0x7f1f07696000, 52688, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1f07696000
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x58\x33\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x90\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1c\x00\x1b\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x2e\x00\x00"..., 832) = 832
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=51344, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 63624, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1f074e2000
[pid   399] mmap(0x7f1f074e5000, 24576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f1f074e5000
[pid   399] mmap(0x7f1f074eb000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x7f1f074eb000
[pid   399] mmap(0x7f1f074ee000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f1f074ee000
[pid   399] mmap(0x7f1f074f0000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1f074f0000
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls/x86_64", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/haswell/x86_64", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/haswell", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/x86_64", 0x7ffd60f3d500, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x88\x7f\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x70\x31\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1f\x00\x1e\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x68\x6f\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 138152) = 48
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=145712, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 157200, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1f074bb000
[pid   399] mprotect(0x7f1f074c2000, 114688, PROT_NONE) = 0
[pid   399] mmap(0x7f1f074c2000, 81920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f1f074c2000
[pid   399] mmap(0x7f1f074d6000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7f1f074d6000
[pid   399] mmap(0x7f1f074de000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f1f074de000
[pid   399] mmap(0x7f1f074e0000, 5648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1f074e0000
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf8\x21\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x50\x32\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x1f\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 336112) = 48
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=342224, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 344456, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1f07466000
[pid   399] mmap(0x7f1f07468000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f1f07468000
[pid   399] mmap(0x7f1f07494000, 151552, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7f1f07494000
[pid   399] mmap(0x7f1f074b9000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x52000) = 0x7f1f074b9000
[pid   399] close(3)                    = 0
[pid   399] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1f07464000
[pid   399] arch_prctl(ARCH_SET_FS, 0x7f1f07465380) = 0
[pid   399] set_tid_address(0x7f1f07465650) = 399
[pid   399] set_robust_list(0x7f1f07465660, 24) = 0
[pid   399] rseq(0x7f1f07465d20, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
[pid   399] mprotect(0x7f1f07690000, 16384, PROT_READ) = 0
[pid   399] mprotect(0x7f1f074b9000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f1f074de000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f1f074ee000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f1f07762000, 12288, PROT_READ) = 0
[pid   399] mprotect(0x558485207000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f1f07795000, 8192, PROT_READ) = 0
[pid   399] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
[pid   399] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0
[pid   399] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0
[pid   399] getrandom("\x19\x81\xf3\x9a\x99\xbf\xa8\xc7", 8, GRND_NONBLOCK) = 8
[pid   399] brk(NULL)                   = 0x5584a8e56000
[pid   399] brk(0x5584a8e77000)         = 0x5584a8e77000
[pid   399] access("/etc/selinux/config", F_OK) = 0
[pid   399] getpid()                    = 399
[pid   399] rt_sigaction(SIGCHLD, {sa_handler=0x7f1f076e5c61, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7f1f07529ad0}, NULL, 8) = 0
[pid   399] getppid()                   = 398
[pid   399] uname({sysname="Linux", nodename="syzkaller", ...}) = 0
[pid   399] newfstatat(AT_FDCWD, "/root", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0
[pid   399] newfstatat(AT_FDCWD, ".", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0
[pid   399] rt_sigaction(SIGINT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGINT, {sa_handler=0x7f1f076e5c61, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7f1f07529ad0}, NULL, 8) = 0
[pid   399] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
[pid   399] newfstatat(AT_FDCWD, "/bin/mkswap", 0x7ffd60f3dde8, 0) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/sbin/mkswap", {st_mode=S_IFREG|0755, st_size=14248, ...}, 0) = 0
[pid   399] execve("/sbin/mkswap", ["mkswap", "./swap-file"], 0x5584a8e566f0 /* 10 vars */) = 0
[pid   399] brk(NULL)                   = 0x560138e58000
[pid   399] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3843a16000
[pid   399] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls/haswell/x86_64", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls/haswell", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls/x86_64", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/tls/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/tls", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/haswell/x86_64", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/haswell", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/lib64/x86_64", 0x7ffc4d5724d0, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/lib64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x70\x08\x01\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\xed\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 778504) = 48
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=792936, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 796968, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f3843953000
[pid   399] mmap(0x7f3843962000, 557056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f3843962000
[pid   399] mmap(0x7f38439ea000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x97000) = 0x7f38439ea000
[pid   399] mmap(0x7f3843a12000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7f3843a12000
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x8c\x87\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x32\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3c\x00\x3b\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784
[pid   399] pread64(3, "\x04\x00\x00\x00\x30\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x02\x80\x00\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x3b\x08\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00", 64, 848) = 64
[pid   399] pread64(3, "\x04\x00\x00\x00\x10\x00\x00\x00\x01\x00\x00\x00\x47\x4e\x55\x00\x00\x00\x00\x00\x04\x00\x00\x00\x13\x00\x00\x00\x00\x00\x00\x00", 32, 912) = 32
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1720616, ...}, AT_EMPTY_PATH) = 0
[pid   399] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784
[pid   399] mmap(NULL, 1773008, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f38437a2000
[pid   399] mmap(0x7f38437ca000, 1191936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7f38437ca000
[pid   399] mmap(0x7f38438ed000, 339968, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14b000) = 0x7f38438ed000
[pid   399] mmap(0x7f3843940000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19d000) = 0x7f3843940000
[pid   399] mmap(0x7f3843946000, 52688, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f3843946000
[pid   399] close(3)                    = 0
[  131.450555][   T30] audit: type=1400 audit(1730024044.451:67): avc:  denied  { integrity } for  pid=398 comm="syz-executor101" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[pid   399] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x58\x33\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x90\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1c\x00\x1b\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x2e\x00\x00"..., 832) = 832
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=51344, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 63624, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f3843792000
[pid   399] mmap(0x7f3843795000, 24576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f3843795000
[pid   399] mmap(0x7f384379b000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x7f384379b000
[pid   399] mmap(0x7f384379e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f384379e000
[pid   399] mmap(0x7f38437a0000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f38437a0000
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls/x86_64", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/tls/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/tls", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/haswell/x86_64", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/haswell", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] newfstatat(AT_FDCWD, "/usr/lib64/x86_64", 0x7ffc4d572470, 0) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x88\x7f\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x70\x31\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1f\x00\x1e\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x68\x6f\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 138152) = 48
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=145712, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 157200, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f384376b000
[pid   399] mprotect(0x7f3843772000, 114688, PROT_NONE) = 0
[pid   399] mmap(0x7f3843772000, 81920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f3843772000
[pid   399] mmap(0x7f3843786000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7f3843786000
[pid   399] mmap(0x7f384378e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f384378e000
[pid   399] mmap(0x7f3843790000, 5648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f3843790000
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   399] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3
[pid   399] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf8\x21\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x50\x32\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x1f\x00\x00"..., 832) = 832
[pid   399] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 336112) = 48
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=342224, ...}, AT_EMPTY_PATH) = 0
[pid   399] mmap(NULL, 344456, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f3843716000
[pid   399] mmap(0x7f3843718000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f3843718000
[pid   399] mmap(0x7f3843744000, 151552, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7f3843744000
[pid   399] mmap(0x7f3843769000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x52000) = 0x7f3843769000
[pid   399] close(3)                    = 0
[pid   399] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3843714000
[pid   399] arch_prctl(ARCH_SET_FS, 0x7f3843715380) = 0
[pid   399] set_tid_address(0x7f3843715650) = 399
[pid   399] set_robust_list(0x7f3843715660, 24) = 0
[pid   399] rseq(0x7f3843715d20, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
[pid   399] mprotect(0x7f3843940000, 16384, PROT_READ) = 0
[pid   399] mprotect(0x7f3843769000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f384378e000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f384379e000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f3843a12000, 12288, PROT_READ) = 0
[pid   399] mprotect(0x560127266000, 4096, PROT_READ) = 0
[pid   399] mprotect(0x7f3843a45000, 8192, PROT_READ) = 0
[pid   399] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
[pid   399] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0
[pid   399] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0
[pid   399] getrandom("\x47\xeb\xfa\x48\x1e\xed\xe0\x23", 8, GRND_NONBLOCK) = 8
[pid   399] brk(NULL)                   = 0x560138e58000
[pid   399] brk(0x560138e79000)         = 0x560138e79000
[pid   399] access("/etc/selinux/config", F_OK) = 0
[pid   399] openat(AT_FDCWD, "./swap-file", O_WRONLY) = 3
[pid   399] lseek(3, 0, SEEK_END)       = 128000000
[pid   399] lseek(3, 0, SEEK_SET)       = 0
[pid   399] newfstatat(1, "", {st_mode=S_IFIFO|0600, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid   399] newfstatat(3, "", {st_mode=S_IFREG|0600, st_size=128000000, ...}, AT_EMPTY_PATH) = 0
[pid   399] fgetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x75\x73\x65\x72\x5f\x68\x6f\x6d\x65\x5f\x74\x00", 255) = 26
[pid   399] access("/var/run/setrans/.setrans-unix", F_OK) = -1 ENOENT (No such file or directory)
[pid   399] futex(0x7f38437915f8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
[pid   399] fsetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x73\x77\x61\x70\x66\x69\x6c\x65\x5f\x74\x00", 25, 0) = 0
[pid   399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1024) = 1024
[pid   399] write(3, "\x01\x00\x00\x00\x11\x7a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 516) = 516
[pid   399] lseek(3, 4086, SEEK_SET)    = 4086
[pid   399] write(3, "SWAPSPACE2", 10)  = 10
[pid   399] fsync(3Setting up swapspace version 1, size = 127995904 bytes
)                    = 0
[pid   399] write(1, "Setting up swapspace version 1, size = 127995904 bytes\n", 55) = 55
[pid   399] exit_group(0)               = ?
[pid   399] +++ exited with 0 +++
rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=399, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[  131.552733][  T399] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  131.562704][   T30] audit: type=1400 audit(1730024044.601:68): avc:  denied  { relabelto } for  pid=399 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
swapon("./swap-file", SWAP_FLAG_PREFER|0) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 400
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 401
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 402
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 403
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 404
./strace-static-x86_64: Process 400 attached
[pid   400] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   400] unshare(CLONE_NEWPID)       = 0
./strace-static-x86_64: Process 404 attached
./strace-static-x86_64: Process 403 attached
[pid   403] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   404] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   403] <... set_robust_list resumed>) = 0
[pid   404] <... set_robust_list resumed>) = 0
[pid   403] unshare(CLONE_NEWPID <unfinished ...>
[pid   404] unshare(CLONE_NEWPID <unfinished ...>
[pid   403] <... unshare resumed>)      = 0
[pid   403] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   404] <... unshare resumed>)      = 0
[pid   400] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   404] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   400] <... clone resumed>, child_tidptr=0x555560cbc690) = 406
[pid   404] <... clone resumed>, child_tidptr=0x555560cbc690) = 407
[pid   403] <... clone resumed>, child_tidptr=0x555560cbc690) = 405
./strace-static-x86_64: Process 407 attached
./strace-static-x86_64: Process 405 attached
./strace-static-x86_64: Process 401 attached
[pid   407] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   405] set_robust_list(0x555560cbc6a0, 24./strace-static-x86_64: Process 402 attached
 <unfinished ...>
[pid   407] <... set_robust_list resumed>) = 0
[pid   401] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   405] <... set_robust_list resumed>) = 0
[pid   407] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   402] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   405] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   407] <... prctl resumed>)        = 0
[pid   402] <... set_robust_list resumed>) = 0
[pid   401] <... set_robust_list resumed>) = 0
./strace-static-x86_64: Process 406 attached
[pid   406] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   406] getppid()                   = 0
[  131.588187][   T30] audit: type=1400 audit(1730024044.601:69): avc:  denied  { write } for  pid=399 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  131.594222][  T398] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  131.622587][   T30] audit: type=1400 audit(1730024044.631:70): avc:  denied  { read } for  pid=398 comm="syz-executor101" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[pid   406] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid   406] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid   406] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid   406] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid   406] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid   406] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid   406] unshare(CLONE_NEWNS)        = 0
[pid   406] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid   406] unshare(CLONE_NEWIPC)       = -1 EINVAL (Invalid argument)
[pid   406] unshare(CLONE_NEWCGROUP)    = 0
[pid   406] unshare(CLONE_NEWUTS)       = 0
[pid   406] unshare(CLONE_SYSVSEM)      = 0
[pid   406] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   406] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   406] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   406] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   406] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   406] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   406] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   406] getpid()                    = 1
[pid   406] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   406] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   406] unshare(CLONE_NEWNET <unfinished ...>
[pid   405] <... prctl resumed>)        = 0
[pid   402] unshare(CLONE_NEWPID <unfinished ...>
[pid   401] unshare(CLONE_NEWPID <unfinished ...>
[pid   407] getppid( <unfinished ...>
[pid   405] getppid( <unfinished ...>
[pid   402] <... unshare resumed>)      = 0
[pid   401] <... unshare resumed>)      = 0
[pid   407] <... getppid resumed>)      = 0
[pid   405] <... getppid resumed>)      = 0
[pid   402] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   401] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   407] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024},  <unfinished ...>
[pid   405] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
./strace-static-x86_64: Process 409 attached
[pid   407] <... prlimit64 resumed>NULL) = 0
[pid   405] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024},  <unfinished ...>
[pid   402] <... clone resumed>, child_tidptr=0x555560cbc690) = 409
[pid   401] <... clone resumed>, child_tidptr=0x555560cbc690) = 408
[pid   407] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024},  <unfinished ...>
[pid   405] <... prlimit64 resumed>NULL) = 0
[pid   409] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   407] <... prlimit64 resumed>NULL) = 0
[pid   405] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024},  <unfinished ...>
[pid   409] <... set_robust_list resumed>) = 0
[pid   407] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024},  <unfinished ...>
[pid   405] <... prlimit64 resumed>NULL) = 0
[pid   409] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   407] <... prlimit64 resumed>NULL) = 0
[pid   405] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024},  <unfinished ...>
[pid   409] <... prctl resumed>)        = 0
[pid   407] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024},  <unfinished ...>
[pid   405] <... prlimit64 resumed>NULL) = 0
[pid   409] getppid( <unfinished ...>
[pid   407] <... prlimit64 resumed>NULL) = 0
[pid   407] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid   407] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256},  <unfinished ...>
[pid   409] <... getppid resumed>)      = 0
[pid   405] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024},  <unfinished ...>
[pid   407] <... prlimit64 resumed>NULL) = 0
[pid   407] unshare(CLONE_NEWNS <unfinished ...>
[pid   409] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024},  <unfinished ...>
[pid   407] <... unshare resumed>)      = 0
[pid   405] <... prlimit64 resumed>NULL) = 0
[pid   409] <... prlimit64 resumed>NULL) = 0
[pid   405] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256},  <unfinished ...>
[pid   409] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024},  <unfinished ...>
[pid   405] <... prlimit64 resumed>NULL) = 0
[pid   409] <... prlimit64 resumed>NULL) = 0
[pid   407] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL <unfinished ...>
[pid   405] unshare(CLONE_NEWNS <unfinished ...>
[pid   409] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024},  <unfinished ...>
[pid   407] <... mount resumed>)        = 0
[pid   409] <... prlimit64 resumed>NULL) = 0
[pid   405] <... unshare resumed>)      = 0
[pid   409] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid   407] unshare(CLONE_NEWIPC <unfinished ...>
[pid   405] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL <unfinished ...>
[pid   409] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid   407] <... unshare resumed>)      = -1 EINVAL (Invalid argument)
[pid   409] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256},  <unfinished ...>
[pid   405] <... mount resumed>)        = 0
[pid   409] <... prlimit64 resumed>NULL) = 0
[pid   405] unshare(CLONE_NEWIPC <unfinished ...>
[pid   409] unshare(CLONE_NEWNS <unfinished ...>
[pid   405] <... unshare resumed>)      = -1 EINVAL (Invalid argument)
[pid   407] unshare(CLONE_NEWCGROUP)    = 0
[pid   407] unshare(CLONE_NEWUTS)       = 0
[pid   407] unshare(CLONE_SYSVSEM)      = 0
[pid   407] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] <... unshare resumed>)      = 0
[pid   407] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   405] unshare(CLONE_NEWCGROUP <unfinished ...>
[pid   407] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] <... unshare resumed>)      = 0
[pid   409] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL <unfinished ...>
[pid   405] unshare(CLONE_NEWUTS <unfinished ...>
[pid   409] <... mount resumed>)        = 0
[pid   407] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   405] <... unshare resumed>)      = 0
[pid   409] unshare(CLONE_NEWIPC <unfinished ...>
[pid   405] unshare(CLONE_SYSVSEM <unfinished ...>
[pid   409] <... unshare resumed>)      = -1 EINVAL (Invalid argument)
[pid   405] <... unshare resumed>)      = 0
[pid   409] unshare(CLONE_NEWCGROUP <unfinished ...>
[pid   407] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] <... unshare resumed>)      = 0
[pid   407] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   407] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] unshare(CLONE_NEWUTS <unfinished ...>
[pid   407] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] <... unshare resumed>)      = 0
[pid   407] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] unshare(CLONE_SYSVSEM <unfinished ...>
[pid   407] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] <... unshare resumed>)      = 0
[pid   407] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   407] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   407] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   405] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   407] <... openat resumed>)       = -1 ENOENT (No such file or directory)
./strace-static-x86_64: Process 408 attached
[pid   409] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   407] getpid( <unfinished ...>
[pid   405] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   407] <... getpid resumed>)       = 1
[pid   409] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   408] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   407] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1},  <unfinished ...>
[pid   405] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] <... set_robust_list resumed>) = 0
[pid   407] <... capget resumed>{effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   409] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   407] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0} <unfinished ...>
[pid   405] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   407] <... capset resumed>)       = 0
[  131.649072][   T30] audit: type=1400 audit(1730024044.631:71): avc:  denied  { open } for  pid=398 comm="syz-executor101" path="/root/swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  131.676744][   T30] audit: type=1400 audit(1730024044.691:72): avc:  denied  { mounton } for  pid=406 comm="syz-executor101" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[pid   407] unshare(CLONE_NEWNET <unfinished ...>
[pid   409] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   405] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] <... prctl resumed>)        = 0
[pid   409] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] getppid( <unfinished ...>
[pid   406] <... unshare resumed>)      = 0
[pid   405] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   408] <... getppid resumed>)      = 0
[pid   406] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024},  <unfinished ...>
[pid   406] <... openat resumed>)       = 3
[pid   405] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   408] <... prlimit64 resumed>NULL) = 0
[pid   406] write(3, "0 65535", 7 <unfinished ...>
[pid   405] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] getpid( <unfinished ...>
[pid   408] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024},  <unfinished ...>
[pid   406] <... write resumed>)        = 7
[pid   405] <... openat resumed>)       = -1 ENOENT (No such file or directory)
[pid   409] <... getpid resumed>)       = 1
[pid   408] <... prlimit64 resumed>NULL) = 0
[pid   406] close(3 <unfinished ...>
[pid   405] getpid( <unfinished ...>
[pid   409] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1},  <unfinished ...>
[pid   408] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024},  <unfinished ...>
[pid   406] <... close resumed>)        = 0
[pid   405] <... getpid resumed>)       = 1
[pid   409] <... capget resumed>{effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   408] <... prlimit64 resumed>NULL) = 0
[pid   406] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK <unfinished ...>
[pid   405] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1},  <unfinished ...>
[pid   409] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0} <unfinished ...>
[pid   408] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024},  <unfinished ...>
[pid   406] <... openat resumed>)       = 3
[pid   405] <... capget resumed>{effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   409] <... capset resumed>)       = 0
[pid   408] <... prlimit64 resumed>NULL) = 0
[pid   406] dup2(3, 200 <unfinished ...>
[pid   405] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0} <unfinished ...>
[pid   409] unshare(CLONE_NEWNET <unfinished ...>
[pid   408] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024},  <unfinished ...>
[pid   406] <... dup2 resumed>)         = 200
[pid   405] <... capset resumed>)       = 0
[pid   408] <... prlimit64 resumed>NULL) = 0
[pid   406] close(3 <unfinished ...>
[pid   405] unshare(CLONE_NEWNET <unfinished ...>
[pid   408] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256},  <unfinished ...>
[pid   406] <... close resumed>)        = 0
[pid   408] <... prlimit64 resumed>NULL) = 0
[pid   407] <... unshare resumed>)      = 0
[pid   406] ioctl(200, TUNSETIFF, 0x7ffe7e9afc90 <unfinished ...>
[pid   408] unshare(CLONE_NEWNS)        = 0
[pid   408] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid   408] unshare(CLONE_NEWIPC)       = -1 EINVAL (Invalid argument)
[pid   408] unshare(CLONE_NEWCGROUP)    = 0
[pid   408] unshare(CLONE_NEWUTS)       = 0
[pid   408] unshare(CLONE_SYSVSEM)      = 0
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   408] getpid()                    = 1
[pid   408] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   408] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   408] unshare(CLONE_NEWNET <unfinished ...>
[pid   407] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   406] <... ioctl resumed>)        = 0
[pid   406] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid   406] write(3, "0", 1)            = 1
[pid   406] close(3)                    = 0
[pid   406] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid   406] write(3, "0", 1)            = 1
[pid   406] close(3)                    = 0
[pid   406] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid   406] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   407] <... openat resumed>)       = 3
[pid   406] <... socket resumed>)       = 4
[pid   406] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   406] close(4)                    = 0
[pid   406] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   407] write(3, "0 65535", 7)      = 7
[  131.818936][   T30] audit: type=1400 audit(1730024044.851:73): avc:  denied  { create } for  pid=395 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  131.841709][   T30] audit: type=1400 audit(1730024044.871:74): avc:  denied  { write } for  pid=395 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[pid   407] close(3)                    = 0
[pid   407] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK <unfinished ...>
[pid   406] <... sendto resumed>)       = 40
[pid   406] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   406] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   406] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   406] close(4)                    = 0
[pid   406] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid   406] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   406] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   406] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   406] close(4)                    = 0
[pid   406] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid   407] <... openat resumed>)       = 3
[pid   406] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   407] dup2(3, 200 <unfinished ...>
[pid   406] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   406] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   406] close(4)                    = 0
[pid   406] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   407] <... dup2 resumed>)         = 200
[pid   406] <... sendto resumed>)       = 60
[pid   407] close(3 <unfinished ...>
[pid   406] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   407] <... close resumed>)        = 0
[pid   406] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   406] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   406] close(4)                    = 0
[pid   406] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[  131.863181][   T30] audit: type=1400 audit(1730024044.871:75): avc:  denied  { nlmsg_read } for  pid=395 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[pid   407] ioctl(200, TUNSETIFF, 0x7ffe7e9afc90 <unfinished ...>
[pid   406] <... sendto resumed>)       = 44
[pid   406] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   406] close(3)                    = 0
[pid   406] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid   406] write(3, "100000", 6)       = 6
[pid   406] close(3)                    = 0
[pid   406] mkdir("./syz-tmp", 0777)    = 0
[pid   406] mount("", "./syz-tmp", "tmpfs", 0, NULL <unfinished ...>
[pid   407] <... ioctl resumed>)        = 0
[pid   407] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   406] <... mount resumed>)        = 0
[pid   406] mkdir("./syz-tmp/newroot", 0777) = 0
[pid   405] <... unshare resumed>)      = 0
[pid   407] <... openat resumed>)       = 3
[pid   406] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid   406] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL <unfinished ...>
[pid   405] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid   406] <... mount resumed>)        = 0
[pid   405] write(3, "0 65535", 7)      = 7
[pid   405] close(3 <unfinished ...>
[pid   406] mkdir("./syz-tmp/newroot/proc", 0700 <unfinished ...>
[pid   405] <... close resumed>)        = 0
[pid   406] <... mkdir resumed>)        = 0
[pid   405] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid   406] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL <unfinished ...>
[pid   407] write(3, "0", 1 <unfinished ...>
[pid   405] dup2(3, 200)                = 200
[pid   405] close(3)                    = 0
[pid   405] ioctl(200, TUNSETIFF, 0x7ffe7e9afc90 <unfinished ...>
[pid   406] <... mount resumed>)        = 0
[pid   406] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid   406] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid   406] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   406] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid   406] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   406] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL <unfinished ...>
[pid   407] <... write resumed>)        = 1
[pid   406] <... mount resumed>)        = 0
[pid   406] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL <unfinished ...>
[pid   407] close(3 <unfinished ...>
[pid   406] <... mount resumed>)        = -1 ENOENT (No such file or directory)
[pid   406] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid   406] mkdir("./syz-tmp/pivot", 0777) = 0
[pid   406] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid   406] chdir("/")                  = 0
[pid   406] umount2("./pivot", MNT_DETACH <unfinished ...>
[pid   407] <... close resumed>)        = 0
[pid   406] <... umount2 resumed>)      = 0
[pid   406] chroot("./newroot")         = 0
[pid   406] chdir("/")                  = 0
[pid   406] mkdir("/dev/binderfs", 0777) = 0
[pid   406] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid   406] symlink("/dev/binderfs", "./binderfs") = 0
[pid   406] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL <unfinished ...>
[pid   407] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid   407] write(3, "0", 1)            = 1
[pid   407] close(3)                    = 0
[pid   407] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid   407] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   407] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   407] close(4)                    = 0
[pid   407] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   406] <... mount resumed>)        = -1 EBUSY (Device or resource busy)
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   405] <... ioctl resumed>)        = 0
[pid   405] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid   405] write(3, "0", 1)            = 1
[pid   405] close(3)                    = 0
[pid   405] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid   405] write(3, "0", 1)            = 1
[pid   405] close(3)                    = 0
[pid   405] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid   405] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   405] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   405] close(4)                    = 0
./strace-static-x86_64: Process 410 attached
[pid   407] <... sendto resumed>)       = 40
[pid   410] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   407] recvfrom(3,  <unfinished ...>
[pid   405] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   410] <... set_robust_list resumed>) = 0
[pid   407] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   410] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   407] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   410] <... prctl resumed>)        = 0
[pid   410] setpgid(0, 0 <unfinished ...>
[pid   407] <... socket resumed>)       = 4
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 2
[pid   410] <... setpgid resumed>)      = 0
[pid   407] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   407] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   410] <... openat resumed>)       = 3
[pid   407] close(4 <unfinished ...>
[pid   410] write(3, "1000", 4)         = 4
[pid   409] <... unshare resumed>)      = 0
[pid   407] <... close resumed>)        = 0
[pid   410] close(3 <unfinished ...>
[pid   407] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   410] <... close resumed>)        = 0
[pid   410] read(200,  <unfinished ...>
[pid   409] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   410] <... read resumed>"\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   410] read(200,  <unfinished ...>
[pid   409] <... openat resumed>)       = 3
[pid   410] <... read resumed>0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   410] write(1, "executing program\n", 18 <unfinished ...>
[pid   409] write(3, "0 65535", 7 <unfinished ...>
[pid   410] <... write resumed>)        = 18
[pid   410] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   409] <... write resumed>)        = 7
[pid   410] <... futex resumed>)        = 0
[pid   410] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850},  <unfinished ...>
[pid   409] close(3 <unfinished ...>
[pid   410] <... rt_sigaction resumed>NULL, 8) = 0
[pid   410] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1],  <unfinished ...>
[pid   409] <... close resumed>)        = 0
[pid   410] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   409] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK <unfinished ...>
[pid   410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   409] <... openat resumed>)       = 3
[pid   409] dup2(3, 200 <unfinished ...>
[pid   410] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid   409] <... dup2 resumed>)         = 200
[pid   410] <... mprotect resumed>)     = 0
[pid   409] close(3)                    = 0
[pid   410] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid   409] ioctl(200, TUNSETIFF, 0x7ffe7e9afc90 <unfinished ...>
[pid   410] <... rt_sigprocmask resumed>[], 8) = 0
[pid   410] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} <unfinished ...>
[pid   405] <... sendto resumed>)       = 40
[pid   410] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3
[pid   405] recvfrom(3,  <unfinished ...>
[pid   410] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   405] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   410] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   405] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   410] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   405] <... socket resumed>)       = 4
[pid   410] <... futex resumed>)        = 0
[pid   405] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   410] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   405] <... ioctl resumed>, ifr_ifindex=11}) = 0
./strace-static-x86_64: Process 411 attached
[pid   408] <... unshare resumed>)      = 0
[pid   407] <... sendto resumed>)       = 64
[pid   405] close(4 <unfinished ...>
[pid   411] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   408] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   407] recvfrom(3,  <unfinished ...>
[pid   411] <... set_robust_list resumed>) = 0
[pid   408] <... openat resumed>)       = 3
[pid   407] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   405] <... close resumed>)        = 0
[pid   411] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   408] write(3, "0 65535", 7 <unfinished ...>
[pid   407] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   405] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   411] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   409] <... ioctl resumed>)        = 0
[pid   408] <... write resumed>)        = 7
[pid   407] <... socket resumed>)       = 4
[pid   405] <... sendto resumed>)       = 64
[pid   411] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   409] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] close(3 <unfinished ...>
[pid   407] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   405] recvfrom(3,  <unfinished ...>
[pid   411] <... openat resumed>)       = 3
[pid   408] <... close resumed>)        = 0
[pid   407] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   405] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   411] write(3, "69", 2 <unfinished ...>
[pid   409] <... openat resumed>)       = 3
[pid   408] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK <unfinished ...>
[pid   407] close(4 <unfinished ...>
[pid   405] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   411] <... write resumed>)        = 2
[pid   409] write(3, "0", 1 <unfinished ...>
[pid   408] <... openat resumed>)       = 3
[pid   407] <... close resumed>)        = 0
[pid   405] <... socket resumed>)       = 4
[pid   411] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   409] <... write resumed>)        = 1
[pid   408] dup2(3, 200 <unfinished ...>
[pid   407] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   405] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   409] close(3 <unfinished ...>
[pid   408] <... dup2 resumed>)         = 200
[pid   405] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   409] <... close resumed>)        = 0
[pid   408] close(3 <unfinished ...>
[pid   405] close(4 <unfinished ...>
[pid   409] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   405] <... close resumed>)        = 0
[pid   409] <... openat resumed>)       = 3
[pid   408] ioctl(200, TUNSETIFF, 0x7ffe7e9afc90 <unfinished ...>
[pid   405] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   409] write(3, "0", 1 <unfinished ...>
[pid   408] <... ioctl resumed>)        = 0
[pid   405] <... sendto resumed>)       = 48
[pid   409] <... write resumed>)        = 1
[pid   408] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] recvfrom(3,  <unfinished ...>
[pid   409] close(3 <unfinished ...>
[pid   408] <... openat resumed>)       = 3
[pid   405] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   409] <... close resumed>)        = 0
[pid   408] write(3, "0", 1 <unfinished ...>
[pid   407] <... sendto resumed>)       = 48
[pid   405] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   409] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE <unfinished ...>
[pid   408] <... write resumed>)        = 1
[pid   405] <... socket resumed>)       = 4
[pid   409] <... socket resumed>)       = 3
[pid   408] close(3 <unfinished ...>
[pid   405] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   409] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   405] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   409] <... socket resumed>)       = 4
[pid   408] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   405] close(4 <unfinished ...>
[pid   409] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   408] <... openat resumed>)       = 3
[pid   405] <... close resumed>)        = 0
[pid   409] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   408] write(3, "0", 1 <unfinished ...>
[pid   405] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   409] close(4 <unfinished ...>
[pid   408] <... write resumed>)        = 1
[pid   405] <... sendto resumed>)       = 60
[pid   409] <... close resumed>)        = 0
[pid   408] close(3 <unfinished ...>
[pid   405] recvfrom(3,  <unfinished ...>
[pid   409] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   405] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   409] <... sendto resumed>)       = 40
[pid   408] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE <unfinished ...>
[pid   405] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   409] recvfrom(3,  <unfinished ...>
[pid   408] <... socket resumed>)       = 3
[pid   405] <... socket resumed>)       = 4
[pid   409] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   405] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   409] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   408] <... socket resumed>)       = 4
[pid   405] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   409] <... socket resumed>)       = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   405] close(4 <unfinished ...>
[pid   409] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   408] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   405] <... close resumed>)        = 0
[pid   409] <... ioctl resumed>, ifr_ifindex=11}) = 0
[  132.002631][  T411] FAULT_INJECTION: forcing a failure.
[  132.002631][  T411] name failslab, interval 1, probability 0, space 0, times 1
[  132.016463][  T411] CPU: 1 PID: 411 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  132.026855][  T411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  132.036849][  T411] Call Trace:
[  132.039980][  T411]  <TASK>
[  132.042740][  T411]  dump_stack_lvl+0x151/0x1c0
[  132.047263][  T411]  ? io_uring_drop_tctx_refs+0x190/0x190
[pid   408] close(4 <unfinished ...>
[pid   405] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   409] close(4 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   405] <... sendto resumed>)       = 44
[pid   409] <... close resumed>)        = 0
[pid   408] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   405] recvfrom(3,  <unfinished ...>
[  132.052733][  T411]  dump_stack+0x15/0x20
[  132.057073][  T411]  should_fail+0x3c6/0x510
[  132.061420][  T411]  __should_failslab+0xa4/0xe0
[  132.066013][  T411]  ? anon_vma_clone+0x9a/0x500
[  132.070611][  T411]  should_failslab+0x9/0x20
[  132.074946][  T411]  slab_pre_alloc_hook+0x37/0xd0
[  132.079726][  T411]  ? anon_vma_clone+0x9a/0x500
[  132.084315][  T411]  kmem_cache_alloc+0x44/0x200
[  132.088923][  T411]  anon_vma_clone+0x9a/0x500
[  132.093353][  T411]  anon_vma_fork+0x91/0x4e0
[  132.097774][  T411]  ? anon_vma_name+0x4c/0x70
[  132.102206][  T411]  ? vm_area_dup+0x17a/0x230
[  132.106818][  T411]  copy_mm+0xa3a/0x13e0
[  132.110992][  T411]  ? copy_signal+0x610/0x610
[  132.115501][  T411]  ? __init_rwsem+0xfe/0x1d0
[  132.119922][  T411]  ? copy_signal+0x4e3/0x610
[  132.124385][  T411]  copy_process+0x1149/0x3290
[  132.129056][  T411]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  132.134002][  T411]  ? __kasan_check_write+0x14/0x20
[  132.139197][  T411]  kernel_clone+0x21e/0x9e0
[  132.143543][  T411]  ? _raw_spin_unlock_irq+0x4e/0x70
[  132.148747][  T411]  ? create_io_thread+0x1e0/0x1e0
[  132.153614][  T411]  __x64_sys_clone+0x23f/0x290
[  132.158212][  T411]  ? __do_sys_vfork+0x130/0x130
[  132.162896][  T411]  ? __kasan_check_write+0x14/0x20
[  132.167855][  T411]  x64_sys_call+0x1b0/0x9a0
[  132.172221][  T411]  do_syscall_64+0x3b/0xb0
[  132.176443][  T411]  ? clear_bhb_loop+0x35/0x90
[  132.180949][  T411]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  132.186681][  T411] RIP: 0033:0x7f11f15e60d9
[  132.190937][  T411] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  132.210384][  T411] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  132.218628][  T411] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  132.226532][  T411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  132.234602][  T411] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  132.242419][  T411] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   409] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   408] <... sendto resumed>)       = 40
[pid   405] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   409] <... sendto resumed>)       = 64
[pid   408] recvfrom(3,  <unfinished ...>
[pid   405] close(3 <unfinished ...>
[pid   409] recvfrom(3,  <unfinished ...>
[pid   408] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   405] <... close resumed>)        = 0
[pid   409] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   405] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   409] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   408] <... socket resumed>)       = 4
[pid   405] <... openat resumed>)       = 3
[pid   409] <... socket resumed>)       = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   405] write(3, "100000", 6 <unfinished ...>
[pid   409] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   408] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   405] <... write resumed>)        = 6
[pid   409] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   408] close(4 <unfinished ...>
[pid   405] close(3 <unfinished ...>
[pid   409] close(4 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   405] <... close resumed>)        = 0
[pid   409] <... close resumed>)        = 0
[pid   408] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   405] mkdir("./syz-tmp", 0777 <unfinished ...>
[pid   409] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   408] <... sendto resumed>)       = 64
[pid   405] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   409] <... sendto resumed>)       = 48
[pid   408] recvfrom(3,  <unfinished ...>
[pid   405] exit_group(1 <unfinished ...>
[pid   409] recvfrom(3,  <unfinished ...>
[pid   408] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   405] <... exit_group resumed>)   = ?
[pid   409] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   409] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   408] <... socket resumed>)       = 4
[pid   409] <... socket resumed>)       = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   409] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   408] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   409] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   408] close(4 <unfinished ...>
[pid   409] close(4 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   409] <... close resumed>)        = 0
[pid   408] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   409] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   408] <... sendto resumed>)       = 48
[pid   409] <... sendto resumed>)       = 60
[pid   408] recvfrom(3,  <unfinished ...>
[pid   407] recvfrom(3,  <unfinished ...>
[pid   409] recvfrom(3,  <unfinished ...>
[pid   408] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   407] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   409] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   407] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   409] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   408] <... socket resumed>)       = 4
[pid   407] <... socket resumed>)       = 4
[pid   409] <... socket resumed>)       = 4
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   407] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   409] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   408] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   407] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   409] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   408] close(4 <unfinished ...>
[pid   407] close(4 <unfinished ...>
[pid   409] close(4 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   407] <... close resumed>)        = 0
[pid   409] <... close resumed>)        = 0
[pid   408] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   407] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   409] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   408] <... sendto resumed>)       = 60
[pid   407] <... sendto resumed>)       = 60
[pid   409] <... sendto resumed>)       = 44
[pid   408] recvfrom(3,  <unfinished ...>
[pid   407] recvfrom(3,  <unfinished ...>
[pid   409] recvfrom(3,  <unfinished ...>
[pid   408] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   407] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   409] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   408] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   407] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0 <unfinished ...>
[pid   409] close(3 <unfinished ...>
[pid   408] <... socket resumed>)       = 4
[pid   407] <... socket resumed>)       = 4
[pid   409] <... close resumed>)        = 0
[pid   408] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   407] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun" <unfinished ...>
[pid   409] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   408] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   407] <... ioctl resumed>, ifr_ifindex=11}) = 0
[pid   409] <... openat resumed>)       = 3
[pid   408] close(4 <unfinished ...>
[pid   407] close(4 <unfinished ...>
[pid   409] write(3, "100000", 6 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   407] <... close resumed>)        = 0
[pid   409] <... write resumed>)        = 6
[pid   408] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   407] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 <unfinished ...>
[pid   409] close(3 <unfinished ...>
[pid   408] <... sendto resumed>)       = 44
[pid   407] <... sendto resumed>)       = 44
[pid   409] <... close resumed>)        = 0
[pid   408] recvfrom(3,  <unfinished ...>
[pid   407] recvfrom(3,  <unfinished ...>
[pid   409] mkdir("./syz-tmp", 0777 <unfinished ...>
[pid   408] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   407] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   409] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   408] close(3 <unfinished ...>
[pid   407] close(3 <unfinished ...>
[pid   409] exit_group(1 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   407] <... close resumed>)        = 0
[pid   409] <... exit_group resumed>)   = ?
[pid   408] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   407] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 413 attached
 <unfinished ...>
[pid   410] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   408] <... openat resumed>)       = 3
[pid   411] <... clone resumed>)        = 4
[pid   411] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   408] write(3, "100000", 6 <unfinished ...>
[pid   407] <... openat resumed>)       = 3
[pid   411] <... futex resumed>)        = 0
[pid   411] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   408] <... write resumed>)        = 6
[pid   407] write(3, "100000", 6 <unfinished ...>
[pid   410] close(3)                    = 0
[pid   408] close(3 <unfinished ...>
[pid   407] <... write resumed>)        = 6
[pid   410] close(4 <unfinished ...>
[pid   408] <... close resumed>)        = 0
[pid   407] close(3 <unfinished ...>
[pid   410] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   408] mkdir("./syz-tmp", 0777 <unfinished ...>
[pid   407] <... close resumed>)        = 0
[pid   410] close(5 <unfinished ...>
[pid   408] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   407] mkdir("./syz-tmp", 0777 <unfinished ...>
[pid   410] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   408] exit_group(1 <unfinished ...>
[pid   410] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   410] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   410] close(8 <unfinished ...>
[pid   408] <... exit_group resumed>)   = ?
[pid   407] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   410] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   410] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   410] close(10 <unfinished ...>
[pid   407] exit_group(1 <unfinished ...>
[pid   410] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   407] <... exit_group resumed>)   = ?
[pid   410] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   410] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   410] exit_group(0 <unfinished ...>
[pid   411] <... futex resumed>)        = ?
[pid   410] <... exit_group resumed>)   = ?
[pid   411] +++ exited with 0 +++
[pid   410] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 5
./strace-static-x86_64: Process 414 attached
[pid   414] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   414] setpgid(0, 0)               = 0
[pid   414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   414] write(3, "1000", 4)         = 4
[pid   414] close(3)                    = 0
[pid   414] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
executing program
[pid   414] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   414] write(1, "executing program\n", 18) = 18
[pid   414] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   414] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   414] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   414] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   414] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   414] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   414] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 415 attached
 <unfinished ...>
[pid   415] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   415] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   415] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   414] <... clone3 resumed> => {parent_tid=[6]}, 88) = 6
[pid   414] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   414] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   415] <... futex resumed>)        = 0
[pid   414] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   415] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   415] write(3, "69", 2)           = 2
[  132.250231][  T411] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  132.258050][  T411]  </TASK>
[  132.310486][  T415] FAULT_INJECTION: forcing a failure.
[  132.310486][  T415] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  132.323746][  T415] CPU: 1 PID: 415 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  132.334119][  T415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  132.344008][  T415] Call Trace:
[  132.347141][  T415]  <TASK>
[  132.349999][  T415]  dump_stack_lvl+0x151/0x1c0
[  132.354519][  T415]  ? io_uring_drop_tctx_refs+0x190/0x190
[  132.360002][  T415]  dump_stack+0x15/0x20
[  132.363974][  T415]  should_fail+0x3c6/0x510
[  132.368235][  T415]  should_fail_alloc_page+0x5a/0x80
[  132.373263][  T415]  prepare_alloc_pages+0x15c/0x700
[  132.378229][  T415]  ? __alloc_pages_bulk+0xe40/0xe40
[  132.383255][  T415]  __alloc_pages+0x18c/0x8f0
[  132.387673][  T415]  ? prep_new_page+0x110/0x110
[  132.392279][  T415]  ? __alloc_pages+0x27e/0x8f0
[  132.396881][  T415]  ? __kasan_check_write+0x14/0x20
[  132.401822][  T415]  ? _raw_spin_lock+0xa4/0x1b0
[  132.406428][  T415]  pte_alloc_one+0x73/0x1b0
[  132.410767][  T415]  ? pfn_modify_allowed+0x2f0/0x2f0
[  132.415804][  T415]  ? __pmd_alloc+0x48d/0x550
[  132.420424][  T415]  __pte_alloc+0x86/0x350
[  132.424656][  T415]  ? __pud_alloc+0x260/0x260
[  132.429095][  T415]  ? __pud_alloc+0x213/0x260
[  132.433517][  T415]  ? free_pgtables+0x280/0x280
[  132.438306][  T415]  ? do_handle_mm_fault+0x2400/0x2400
[  132.443518][  T415]  ? __stack_depot_save+0x34/0x470
[  132.448461][  T415]  ? anon_vma_clone+0x9a/0x500
[  132.453067][  T415]  copy_page_range+0x28a8/0x2f90
[  132.457837][  T415]  ? __kasan_slab_alloc+0xb1/0xe0
[  132.462704][  T415]  ? slab_post_alloc_hook+0x53/0x2c0
[  132.467818][  T415]  ? kernel_clone+0x21e/0x9e0
[  132.472333][  T415]  ? x64_sys_call+0x1b0/0x9a0
[  132.476843][  T415]  ? do_syscall_64+0x3b/0xb0
[  132.481396][  T415]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  132.487320][  T415]  ? pfn_valid+0x1e0/0x1e0
[  132.491544][  T415]  ? rwsem_write_trylock+0x153/0x340
[  132.496667][  T415]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  132.502922][  T415]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  132.508484][  T415]  ? __rb_insert_augmented+0x5de/0x610
[  132.513863][  T415]  copy_mm+0xc7e/0x13e0
[  132.518151][  T415]  ? copy_signal+0x610/0x610
[  132.522545][  T415]  ? __init_rwsem+0xfe/0x1d0
[  132.526974][  T415]  ? copy_signal+0x4e3/0x610
[  132.531409][  T415]  copy_process+0x1149/0x3290
[  132.536377][  T415]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  132.541298][  T415]  ? __kasan_check_write+0x14/0x20
[  132.546254][  T415]  kernel_clone+0x21e/0x9e0
[  132.550581][  T415]  ? _raw_spin_unlock_irq+0x4e/0x70
[  132.555621][  T415]  ? create_io_thread+0x1e0/0x1e0
[  132.560495][  T415]  __x64_sys_clone+0x23f/0x290
[  132.565086][  T415]  ? __do_sys_vfork+0x130/0x130
[  132.569780][  T415]  ? __kasan_check_write+0x14/0x20
[  132.574721][  T415]  x64_sys_call+0x1b0/0x9a0
[  132.579055][  T415]  do_syscall_64+0x3b/0xb0
[  132.583313][  T415]  ? clear_bhb_loop+0x35/0x90
[  132.587818][  T415]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  132.593559][  T415] RIP: 0033:0x7f11f15e60d9
[  132.597804][  T415] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  132.617336][  T415] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  132.625575][  T415] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  132.633387][  T415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  132.641203][  T415] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  132.649016][  T415] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   415] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   405] +++ exited with 1 +++
[pid   413] exit(0)                     = ?
[pid   403] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=405, si_uid=0, si_status=1, si_utime=0, si_stime=9} ---
[pid   413] +++ exited with 0 +++
[pid   403] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   403] <... clone resumed>, child_tidptr=0x555560cbc690) = -1 ENOMEM (Cannot allocate memory)
[pid   414] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   415] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   415] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   415] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   414] close(3)                    = 0
[pid   414] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   414] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   414] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   414] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   414] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   414] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   414] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   414] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   414] exit_group(0)               = ?
[pid   415] <... futex resumed>)        = ?
[pid   415] +++ exited with 0 +++
[pid   414] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 7
./strace-static-x86_64: Process 417 attached
[pid   417] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   417] setpgid(0, 0)               = 0
[pid   417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   417] write(3, "1000", 4)         = 4
[pid   417] close(3)                    = 0
[pid   417] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   417] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   417] write(1, "executing program\n", 18) = 18
[pid   417] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   417] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   417] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   417] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   417] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   417] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   417] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[8]}, 88) = 8
[pid   417] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   417] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   417] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 418 attached
 <unfinished ...>
[pid   409] +++ exited with 1 +++
[pid   402] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=409, si_uid=0, si_status=1, si_utime=0, si_stime=42} ---
[pid   402] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   418] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   408] +++ exited with 1 +++
[pid   407] +++ exited with 1 +++
[pid   402] <... clone resumed>, child_tidptr=0x555560cbc690) = -1 ENOMEM (Cannot allocate memory)
[pid   402] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   404] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=407, si_uid=0, si_status=1, si_utime=0, si_stime=7} ---
[pid   401] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=408, si_uid=0, si_status=1, si_utime=0, si_stime=7} ---
[pid   418] <... set_robust_list resumed>) = 0
[pid   418] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   401] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   418] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   418] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   418] write(3, "69", 2 <unfinished ...>
[pid   401] <... clone resumed>, child_tidptr=0x555560cbc690) = -1 ENOMEM (Cannot allocate memory)
[pid   418] <... write resumed>)        = 2
[pid   418] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   401] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   402] <... clone resumed>, child_tidptr=0x555560cbc690) = -1 ENOMEM (Cannot allocate memory)
[  132.656833][  T415] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  132.664646][  T415]  </TASK>
[pid   401] <... clone resumed>, child_tidptr=0x555560cbc690) = -1 ENOMEM (Cannot allocate memory)
[pid   401] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = -1 ENOMEM (Cannot allocate memory)
[pid   417] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  132.709904][  T418] FAULT_INJECTION: forcing a failure.
[  132.709904][  T418] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  132.723221][  T418] CPU: 1 PID: 418 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  132.733666][  T418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  132.743563][  T418] Call Trace:
[  132.746688][  T418]  <TASK>
[  132.749568][  T418]  dump_stack_lvl+0x151/0x1c0
[  132.754083][  T418]  ? io_uring_drop_tctx_refs+0x190/0x190
[  132.759559][  T418]  dump_stack+0x15/0x20
[  132.763552][  T418]  should_fail+0x3c6/0x510
[  132.767805][  T418]  should_fail_alloc_page+0x5a/0x80
[  132.772835][  T418]  prepare_alloc_pages+0x15c/0x700
[  132.777845][  T418]  ? __alloc_pages_bulk+0xe40/0xe40
[  132.782919][  T418]  __alloc_pages+0x18c/0x8f0
[  132.787343][  T418]  ? prep_new_page+0x110/0x110
[  132.792148][  T418]  get_zeroed_page+0x1b/0x40
[  132.796672][  T418]  __pud_alloc+0x8b/0x260
[  132.800829][  T418]  ? stack_trace_snprint+0xf0/0xf0
[  132.805776][  T418]  ? do_handle_mm_fault+0x2400/0x2400
[  132.810975][  T418]  ? __stack_depot_save+0x34/0x470
[  132.815931][  T418]  ? anon_vma_clone+0x9a/0x500
[  132.820534][  T418]  copy_page_range+0x2bcf/0x2f90
[  132.825293][  T418]  ? __kasan_slab_alloc+0xb1/0xe0
[  132.830169][  T418]  ? slab_post_alloc_hook+0x53/0x2c0
[  132.835290][  T418]  ? copy_mm+0xa3a/0x13e0
[  132.839485][  T418]  ? copy_process+0x1149/0x3290
[  132.844244][  T418]  ? kernel_clone+0x21e/0x9e0
[  132.848733][  T418]  ? __x64_sys_clone+0x23f/0x290
[  132.853507][  T418]  ? x64_sys_call+0x1b0/0x9a0
[  132.858105][  T418]  ? do_syscall_64+0x3b/0xb0
[  132.862543][  T418]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  132.868454][  T418]  ? pfn_valid+0x1e0/0x1e0
[  132.872706][  T418]  ? rwsem_write_trylock+0x153/0x340
[  132.877817][  T418]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  132.884066][  T418]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  132.889618][  T418]  ? __rb_insert_augmented+0x5de/0x610
[  132.894920][  T418]  copy_mm+0xc7e/0x13e0
[  132.898913][  T418]  ? copy_signal+0x610/0x610
[  132.903332][  T418]  ? __init_rwsem+0xfe/0x1d0
[  132.907764][  T418]  ? copy_signal+0x4e3/0x610
[  132.912185][  T418]  copy_process+0x1149/0x3290
[  132.916704][  T418]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  132.921648][  T418]  ? __kasan_check_write+0x14/0x20
[  132.926613][  T418]  kernel_clone+0x21e/0x9e0
[  132.930934][  T418]  ? _raw_spin_unlock_irq+0x4e/0x70
[  132.935972][  T418]  ? create_io_thread+0x1e0/0x1e0
[  132.940835][  T418]  __x64_sys_clone+0x23f/0x290
[  132.945447][  T418]  ? __do_sys_vfork+0x130/0x130
[  132.950120][  T418]  ? __kasan_check_write+0x14/0x20
[  132.955091][  T418]  x64_sys_call+0x1b0/0x9a0
[  132.959410][  T418]  do_syscall_64+0x3b/0xb0
[  132.963743][  T418]  ? clear_bhb_loop+0x35/0x90
[  132.968281][  T418]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  132.973984][  T418] RIP: 0033:0x7f11f15e60d9
[  132.978239][  T418] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  132.997770][  T418] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   418] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   418] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   418] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   417] close(3)                    = 0
[pid   417] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   417] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   417] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   417] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   417] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   417] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   417] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   417] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   417] exit_group(0 <unfinished ...>
[pid   418] <... futex resumed>)        = ?
[pid   417] <... exit_group resumed>)   = ?
[pid   418] +++ exited with 0 +++
[pid   417] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 9
./strace-static-x86_64: Process 424 attached
[pid   424] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   424] setpgid(0, 0)               = 0
[pid   424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   424] write(3, "1000", 4)         = 4
[pid   424] close(3)                    = 0
[pid   424] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   424] write(1, "executing program\n", 18) = 18
[pid   424] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   424] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   424] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   424] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   424] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   424] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 425 attached
 => {parent_tid=[10]}, 88) = 10
[pid   425] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   424] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   425] <... set_robust_list resumed>) = 0
[pid   424] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   425] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   424] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   424] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   425] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   425] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   425] write(3, "69", 2)           = 2
[  133.006021][  T418] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  133.013824][  T418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  133.021636][  T418] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  133.029456][  T418] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  133.037269][  T418] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  133.045088][  T418]  </TASK>
[  133.085040][  T425] FAULT_INJECTION: forcing a failure.
[  133.085040][  T425] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  133.098874][  T425] CPU: 1 PID: 425 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  133.109260][  T425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  133.119188][  T425] Call Trace:
[  133.122283][  T425]  <TASK>
[  133.125055][  T425]  dump_stack_lvl+0x151/0x1c0
[  133.129573][  T425]  ? io_uring_drop_tctx_refs+0x190/0x190
[  133.135149][  T425]  ? kmem_cache_alloc+0x134/0x200
[  133.140003][  T425]  dump_stack+0x15/0x20
[  133.143992][  T425]  should_fail+0x3c6/0x510
[  133.148235][  T425]  should_fail_alloc_page+0x5a/0x80
[  133.153285][  T425]  prepare_alloc_pages+0x15c/0x700
[  133.158247][  T425]  ? __alloc_pages_bulk+0xe40/0xe40
[  133.163278][  T425]  __alloc_pages+0x18c/0x8f0
[  133.167706][  T425]  ? prep_new_page+0x110/0x110
[  133.172394][  T425]  ? __alloc_pages+0x27e/0x8f0
[  133.176995][  T425]  ? __kasan_check_write+0x14/0x20
[  133.181944][  T425]  ? _raw_spin_lock+0xa4/0x1b0
[  133.186632][  T425]  __pmd_alloc+0xb1/0x550
[  133.190798][  T425]  ? __pud_alloc+0x260/0x260
[  133.195245][  T425]  ? __pud_alloc+0x213/0x260
[  133.199660][  T425]  ? do_handle_mm_fault+0x2400/0x2400
[  133.205030][  T425]  ? __stack_depot_save+0x34/0x470
[  133.209999][  T425]  ? anon_vma_clone+0x9a/0x500
[  133.214579][  T425]  copy_page_range+0x2b3d/0x2f90
[  133.219357][  T425]  ? __kasan_slab_alloc+0xb1/0xe0
[  133.224296][  T425]  ? slab_post_alloc_hook+0x53/0x2c0
[  133.229513][  T425]  ? copy_mm+0xa3a/0x13e0
[  133.233680][  T425]  ? copy_process+0x1149/0x3290
[  133.238358][  T425]  ? kernel_clone+0x21e/0x9e0
[  133.243017][  T425]  ? x64_sys_call+0x1b0/0x9a0
[  133.247535][  T425]  ? do_syscall_64+0x3b/0xb0
[  133.251950][  T425]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  133.257889][  T425]  ? pfn_valid+0x1e0/0x1e0
[  133.262135][  T425]  ? rwsem_write_trylock+0x153/0x340
[  133.267239][  T425]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  133.273486][  T425]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  133.279298][  T425]  ? __rb_insert_augmented+0x5de/0x610
[  133.284601][  T425]  copy_mm+0xc7e/0x13e0
[  133.288775][  T425]  ? copy_signal+0x610/0x610
[  133.293341][  T425]  ? __init_rwsem+0xfe/0x1d0
[  133.297936][  T425]  ? copy_signal+0x4e3/0x610
[  133.302359][  T425]  copy_process+0x1149/0x3290
[  133.306886][  T425]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  133.311818][  T425]  ? __kasan_check_write+0x14/0x20
[  133.316769][  T425]  kernel_clone+0x21e/0x9e0
[  133.321105][  T425]  ? _raw_spin_unlock_irq+0x4e/0x70
[  133.326138][  T425]  ? create_io_thread+0x1e0/0x1e0
[  133.331010][  T425]  __x64_sys_clone+0x23f/0x290
[  133.335605][  T425]  ? __do_sys_vfork+0x130/0x130
[  133.340380][  T425]  ? __kasan_check_write+0x14/0x20
[  133.345421][  T425]  x64_sys_call+0x1b0/0x9a0
[  133.349767][  T425]  do_syscall_64+0x3b/0xb0
[  133.354009][  T425]  ? clear_bhb_loop+0x35/0x90
[  133.358524][  T425]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  133.364256][  T425] RIP: 0033:0x7f11f15e60d9
[  133.368507][  T425] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  133.388148][  T425] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  133.396383][  T425] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  133.404229][  T425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  133.412011][  T425] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  133.419847][  T425] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  133.427635][  T425] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[pid   425] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   424] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   425] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   425] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   425] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   424] close(3)                    = 0
[pid   424] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   424] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   424] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   424] exit_group(0 <unfinished ...>
[pid   425] <... futex resumed>)        = ?
[pid   424] <... exit_group resumed>)   = ?
[pid   425] +++ exited with 0 +++
[pid   424] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=9, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 11
./strace-static-x86_64: Process 428 attached
[pid   428] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   428] setpgid(0, 0)               = 0
[pid   428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   428] write(3, "1000", 4)         = 4
[pid   428] close(3)                    = 0
[pid   428] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   428] write(1, "executing program\n", 18) = 18
[pid   428] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   428] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   428] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   428] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   428] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   428] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   428] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[12]}, 88) = 12
[pid   428] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   428] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   428] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 429 attached
 <unfinished ...>
[pid   429] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   429] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   429] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   429] write(3, "69", 2)           = 2
[  133.435450][  T425]  </TASK>
[  133.469908][  T429] FAULT_INJECTION: forcing a failure.
[  133.469908][  T429] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  133.483136][  T429] CPU: 0 PID: 429 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  133.493521][  T429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  133.503505][  T429] Call Trace:
[  133.506645][  T429]  <TASK>
[  133.509411][  T429]  dump_stack_lvl+0x151/0x1c0
[  133.513935][  T429]  ? io_uring_drop_tctx_refs+0x190/0x190
[  133.519388][  T429]  ? arch_stack_walk+0xf3/0x140
[  133.524085][  T429]  dump_stack+0x15/0x20
[  133.528131][  T429]  should_fail+0x3c6/0x510
[  133.532346][  T429]  should_fail_alloc_page+0x5a/0x80
[  133.537360][  T429]  prepare_alloc_pages+0x15c/0x700
[  133.542307][  T429]  ? __kasan_check_write+0x14/0x20
[  133.547258][  T429]  ? __alloc_pages_bulk+0xe40/0xe40
[  133.552283][  T429]  ? copy_page_range+0x2deb/0x2f90
[  133.557330][  T429]  ? __kasan_slab_alloc+0xb1/0xe0
[  133.562196][  T429]  ? slab_post_alloc_hook+0x53/0x2c0
[  133.567316][  T429]  __alloc_pages+0x18c/0x8f0
[  133.571742][  T429]  ? prep_new_page+0x110/0x110
[  133.576567][  T429]  ? avc_has_perm_noaudit+0x2dd/0x430
[  133.581837][  T429]  new_slab+0x9a/0x4e0
[  133.585738][  T429]  ___slab_alloc+0x39e/0x830
[  133.590165][  T429]  ? vm_area_dup+0x26/0x230
[  133.594648][  T429]  ? vm_area_dup+0x26/0x230
[  133.598963][  T429]  __slab_alloc+0x4a/0x90
[  133.603222][  T429]  ? vm_area_dup+0x26/0x230
[  133.607558][  T429]  kmem_cache_alloc+0x134/0x200
[  133.612695][  T429]  vm_area_dup+0x26/0x230
[  133.616845][  T429]  copy_mm+0x9a1/0x13e0
[  133.620966][  T429]  ? copy_signal+0x610/0x610
[  133.625456][  T429]  ? __init_rwsem+0xfe/0x1d0
[  133.629889][  T429]  ? copy_signal+0x4e3/0x610
[  133.634314][  T429]  copy_process+0x1149/0x3290
[  133.638925][  T429]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  133.643863][  T429]  ? __kasan_check_write+0x14/0x20
[  133.648820][  T429]  kernel_clone+0x21e/0x9e0
[  133.653155][  T429]  ? _raw_spin_unlock_irq+0x4e/0x70
[  133.658187][  T429]  ? create_io_thread+0x1e0/0x1e0
[  133.663057][  T429]  __x64_sys_clone+0x23f/0x290
[  133.667644][  T429]  ? __do_sys_vfork+0x130/0x130
[  133.672335][  T429]  ? __kasan_check_write+0x14/0x20
[  133.677292][  T429]  x64_sys_call+0x1b0/0x9a0
[  133.681621][  T429]  do_syscall_64+0x3b/0xb0
[  133.685872][  T429]  ? clear_bhb_loop+0x35/0x90
[  133.690387][  T429]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  133.696111][  T429] RIP: 0033:0x7f11f15e60d9
[  133.700382][  T429] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   429] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   428] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   429] <... clone resumed>)        = 13
[pid   429] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   429] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   428] close(3)                    = 0
./strace-static-x86_64: Process 430 attached
[pid   428] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   428] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   428] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   428] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   428] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   428] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   428] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   428] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   428] exit_group(0)               = ?
[pid   429] <... futex resumed>)        = ?
[pid   429] +++ exited with 0 +++
[pid   428] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=11, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 431 attached
, child_tidptr=0x555560cbc690) = 14
[pid   431] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   431] setpgid(0, 0)               = 0
[pid   431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   431] write(3, "1000", 4)         = 4
[pid   431] close(3)                    = 0
[pid   431] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   431] write(1, "executing program\n", 18) = 18
[pid   431] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   431] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   431] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   431] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   431] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   431] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 432 attached
[  133.719895][  T429] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  133.728143][  T429] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  133.736041][  T429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  133.743943][  T429] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  133.752210][  T429] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  133.760101][  T429] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  133.767918][  T429]  </TASK>
 <unfinished ...>
[pid   432] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   431] <... clone3 resumed> => {parent_tid=[15]}, 88) = 15
[pid   431] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   432] <... set_robust_list resumed>) = 0
[pid   431] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   432] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   431] <... futex resumed>)        = 0
[pid   432] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   431] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   432] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   432] write(3, "69", 2)           = 2
[  133.810743][  T432] FAULT_INJECTION: forcing a failure.
[  133.810743][  T432] name failslab, interval 1, probability 0, space 0, times 0
[  133.823309][  T432] CPU: 0 PID: 432 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  133.833678][  T432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  133.843581][  T432] Call Trace:
[  133.846714][  T432]  <TASK>
[  133.849476][  T432]  dump_stack_lvl+0x151/0x1c0
[  133.853988][  T432]  ? io_uring_drop_tctx_refs+0x190/0x190
[  133.859560][  T432]  ? avc_denied+0x1b0/0x1b0
[  133.863884][  T432]  dump_stack+0x15/0x20
[  133.867874][  T432]  should_fail+0x3c6/0x510
[  133.872132][  T432]  __should_failslab+0xa4/0xe0
[  133.876730][  T432]  ? vm_area_dup+0x26/0x230
[  133.881067][  T432]  should_failslab+0x9/0x20
[  133.885412][  T432]  slab_pre_alloc_hook+0x37/0xd0
[  133.890182][  T432]  ? vm_area_dup+0x26/0x230
[  133.894529][  T432]  kmem_cache_alloc+0x44/0x200
[  133.899127][  T432]  vm_area_dup+0x26/0x230
[  133.903290][  T432]  copy_mm+0x9a1/0x13e0
[pid   432] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   430] exit(0)                     = ?
[pid   430] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[  133.907296][  T432]  ? copy_signal+0x610/0x610
[  133.911708][  T432]  ? __init_rwsem+0xfe/0x1d0
[  133.916135][  T432]  ? copy_signal+0x4e3/0x610
[  133.920767][  T432]  copy_process+0x1149/0x3290
[  133.925288][  T432]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  133.930232][  T432]  ? __kasan_check_write+0x14/0x20
[  133.935205][  T432]  kernel_clone+0x21e/0x9e0
[  133.939534][  T432]  ? _raw_spin_unlock_irq+0x4e/0x70
[  133.945076][  T432]  ? create_io_thread+0x1e0/0x1e0
[  133.949940][  T432]  __x64_sys_clone+0x23f/0x290
[  133.954622][  T432]  ? __do_sys_vfork+0x130/0x130
[  133.959319][  T432]  ? __kasan_check_write+0x14/0x20
[  133.964276][  T432]  x64_sys_call+0x1b0/0x9a0
[  133.968597][  T432]  do_syscall_64+0x3b/0xb0
[  133.972853][  T432]  ? clear_bhb_loop+0x35/0x90
[  133.977366][  T432]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  133.983088][  T432] RIP: 0033:0x7f11f15e60d9
[  133.987346][  T432] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   432] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   431] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   432] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   432] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   431] close(3)                    = 0
[pid   431] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   431] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   431] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   431] exit_group(0 <unfinished ...>
[pid   432] <... futex resumed>)        = ?
[pid   431] <... exit_group resumed>)   = ?
[pid   432] +++ exited with 0 +++
[pid   431] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 433 attached
, child_tidptr=0x555560cbc690) = 16
[pid   433] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   433] setpgid(0, 0)               = 0
[pid   433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   433] write(3, "1000", 4)         = 4
[pid   433] close(3)                    = 0
[pid   433] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   433] write(1, "executing program\n", 18) = 18
[pid   433] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   433] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   433] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   433] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   433] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   433] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   433] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[17]}, 88) = 17
[pid   433] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   433] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   433] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 434 attached
 <unfinished ...>
[pid   434] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   434] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   434] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   434] write(3, "69", 2)           = 2
[  134.007154][  T432] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  134.015505][  T432] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  134.023339][  T432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  134.031125][  T432] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  134.038944][  T432] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  134.046750][  T432] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  134.054590][  T432]  </TASK>
[  134.080842][  T434] FAULT_INJECTION: forcing a failure.
[  134.080842][  T434] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  134.094033][  T434] CPU: 0 PID: 434 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  134.104401][  T434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  134.114302][  T434] Call Trace:
[  134.117418][  T434]  <TASK>
[  134.120218][  T434]  dump_stack_lvl+0x151/0x1c0
[  134.124730][  T434]  ? io_uring_drop_tctx_refs+0x190/0x190
[  134.130192][  T434]  dump_stack+0x15/0x20
[  134.134185][  T434]  should_fail+0x3c6/0x510
[  134.138428][  T434]  should_fail_alloc_page+0x5a/0x80
[  134.143638][  T434]  prepare_alloc_pages+0x15c/0x700
[  134.148601][  T434]  ? __alloc_pages_bulk+0xe40/0xe40
[  134.153617][  T434]  __alloc_pages+0x18c/0x8f0
[  134.158053][  T434]  ? prep_new_page+0x110/0x110
[  134.162655][  T434]  get_zeroed_page+0x1b/0x40
[  134.167072][  T434]  __pud_alloc+0x8b/0x260
[  134.171235][  T434]  ? stack_trace_snprint+0xf0/0xf0
[  134.176185][  T434]  ? do_handle_mm_fault+0x2400/0x2400
[  134.181394][  T434]  ? __stack_depot_save+0x34/0x470
[  134.186342][  T434]  ? anon_vma_clone+0x9a/0x500
[  134.190941][  T434]  copy_page_range+0x2bcf/0x2f90
[  134.195712][  T434]  ? __kasan_slab_alloc+0xb1/0xe0
[  134.200573][  T434]  ? slab_post_alloc_hook+0x53/0x2c0
[  134.205834][  T434]  ? copy_mm+0xa3a/0x13e0
[  134.209993][  T434]  ? copy_process+0x1149/0x3290
[  134.214802][  T434]  ? kernel_clone+0x21e/0x9e0
[  134.219396][  T434]  ? __x64_sys_clone+0x23f/0x290
[  134.224166][  T434]  ? x64_sys_call+0x1b0/0x9a0
[  134.228680][  T434]  ? do_syscall_64+0x3b/0xb0
[  134.233124][  T434]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  134.239032][  T434]  ? pfn_valid+0x1e0/0x1e0
[  134.243266][  T434]  ? rwsem_write_trylock+0x153/0x340
[  134.248400][  T434]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  134.254643][  T434]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  134.260191][  T434]  ? __rb_insert_augmented+0x5de/0x610
[  134.265492][  T434]  copy_mm+0xc7e/0x13e0
[  134.269485][  T434]  ? copy_signal+0x610/0x610
[  134.273904][  T434]  ? __init_rwsem+0xfe/0x1d0
[  134.278333][  T434]  ? copy_signal+0x4e3/0x610
[  134.282773][  T434]  copy_process+0x1149/0x3290
[  134.287383][  T434]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  134.292328][  T434]  ? __kasan_check_write+0x14/0x20
[  134.297269][  T434]  kernel_clone+0x21e/0x9e0
[  134.301606][  T434]  ? _raw_spin_unlock_irq+0x4e/0x70
[  134.306634][  T434]  ? create_io_thread+0x1e0/0x1e0
[  134.311500][  T434]  __x64_sys_clone+0x23f/0x290
[  134.316105][  T434]  ? __do_sys_vfork+0x130/0x130
[  134.320787][  T434]  ? __kasan_check_write+0x14/0x20
[  134.325747][  T434]  x64_sys_call+0x1b0/0x9a0
[  134.330081][  T434]  do_syscall_64+0x3b/0xb0
[  134.334333][  T434]  ? clear_bhb_loop+0x35/0x90
[  134.339017][  T434]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  134.344739][  T434] RIP: 0033:0x7f11f15e60d9
[  134.348997][  T434] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  134.368441][  T434] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   434] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   433] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   434] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   433] close(3 <unfinished ...>
[pid   434] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   433] <... close resumed>)        = 0
[pid   433] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   433] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   433] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   433] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   433] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   433] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   433] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   433] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   433] exit_group(0 <unfinished ...>
[pid   434] <... futex resumed>)        = ?
[pid   433] <... exit_group resumed>)   = ?
[pid   434] +++ exited with 0 +++
[pid   433] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 18
./strace-static-x86_64: Process 436 attached
[pid   436] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   436] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   436] setpgid(0, 0)               = 0
[pid   436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   436] write(3, "1000", 4)         = 4
[pid   436] close(3)                    = 0
[pid   436] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   436] write(1, "executing program\n", 18executing program
) = 18
[pid   436] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   436] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   436] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   436] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   436] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   436] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   436] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[19]}, 88) = 19
[pid   436] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   436] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   436] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 437 attached
 <unfinished ...>
[pid   437] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   437] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   437] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   437] write(3, "69", 2)           = 2
[  134.376686][  T434] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  134.384500][  T434] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  134.392307][  T434] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  134.400125][  T434] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  134.407937][  T434] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  134.415840][  T434]  </TASK>
[  134.454541][  T437] FAULT_INJECTION: forcing a failure.
[  134.454541][  T437] name failslab, interval 1, probability 0, space 0, times 0
[  134.467283][  T437] CPU: 0 PID: 437 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  134.478029][  T437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  134.488050][  T437] Call Trace:
[  134.491158][  T437]  <TASK>
[  134.494143][  T437]  dump_stack_lvl+0x151/0x1c0
[  134.498665][  T437]  ? io_uring_drop_tctx_refs+0x190/0x190
[  134.504131][  T437]  ? avc_denied+0x1b0/0x1b0
[  134.508694][  T437]  dump_stack+0x15/0x20
[  134.512873][  T437]  should_fail+0x3c6/0x510
[  134.518172][  T437]  __should_failslab+0xa4/0xe0
[  134.522941][  T437]  ? vm_area_dup+0x26/0x230
[  134.527288][  T437]  should_failslab+0x9/0x20
[  134.531629][  T437]  slab_pre_alloc_hook+0x37/0xd0
[  134.536497][  T437]  ? vm_area_dup+0x26/0x230
[  134.541446][  T437]  kmem_cache_alloc+0x44/0x200
[  134.546026][  T437]  vm_area_dup+0x26/0x230
[  134.550185][  T437]  copy_mm+0x9a1/0x13e0
[  134.554186][  T437]  ? copy_signal+0x610/0x610
[  134.558613][  T437]  ? __init_rwsem+0xfe/0x1d0
[  134.563035][  T437]  ? copy_signal+0x4e3/0x610
[  134.567471][  T437]  copy_process+0x1149/0x3290
[  134.572003][  T437]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  134.577474][  T437]  ? __kasan_check_write+0x14/0x20
[  134.582430][  T437]  kernel_clone+0x21e/0x9e0
[  134.586762][  T437]  ? _raw_spin_unlock_irq+0x4e/0x70
[  134.591817][  T437]  ? create_io_thread+0x1e0/0x1e0
[  134.596798][  T437]  __x64_sys_clone+0x23f/0x290
[  134.601488][  T437]  ? __do_sys_vfork+0x130/0x130
[  134.606165][  T437]  ? __kasan_check_write+0x14/0x20
[  134.611209][  T437]  x64_sys_call+0x1b0/0x9a0
[  134.615538][  T437]  do_syscall_64+0x3b/0xb0
[  134.619790][  T437]  ? clear_bhb_loop+0x35/0x90
[  134.624325][  T437]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  134.630038][  T437] RIP: 0033:0x7f11f15e60d9
[  134.634290][  T437] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   437] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   436] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   437] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   437] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   436] close(3)                    = 0
[pid   436] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   436] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   436] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   436] exit_group(0 <unfinished ...>
[pid   437] <... futex resumed>)        = ?
[pid   436] <... exit_group resumed>)   = ?
[pid   437] +++ exited with 0 +++
[pid   436] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 20
./strace-static-x86_64: Process 438 attached
[pid   438] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   438] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   438] setpgid(0, 0)               = 0
[pid   438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   438] write(3, "1000", 4)         = 4
[pid   438] close(3)                    = 0
[pid   438] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   438] write(1, "executing program\n", 18) = 18
[pid   438] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   438] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   438] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   438] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   438] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   438] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   438] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[21]}, 88) = 21
[pid   438] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   438] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   438] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 439 attached
 <unfinished ...>
[pid   439] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   439] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   439] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   439] write(3, "69", 2)           = 2
[  134.653728][  T437] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  134.661971][  T437] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  134.670224][  T437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  134.678033][  T437] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  134.686036][  T437] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  134.693893][  T437] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  134.701670][  T437]  </TASK>
[  134.732660][  T439] FAULT_INJECTION: forcing a failure.
[  134.732660][  T439] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  134.746130][  T439] CPU: 0 PID: 439 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  134.756528][  T439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  134.766437][  T439] Call Trace:
[  134.769545][  T439]  <TASK>
[  134.772324][  T439]  dump_stack_lvl+0x151/0x1c0
[  134.776843][  T439]  ? io_uring_drop_tctx_refs+0x190/0x190
[  134.782321][  T439]  dump_stack+0x15/0x20
[  134.786304][  T439]  should_fail+0x3c6/0x510
[  134.790703][  T439]  should_fail_alloc_page+0x5a/0x80
[  134.795716][  T439]  prepare_alloc_pages+0x15c/0x700
[  134.800794][  T439]  ? __alloc_pages_bulk+0xe40/0xe40
[  134.805825][  T439]  __alloc_pages+0x18c/0x8f0
[  134.810237][  T439]  ? prep_new_page+0x110/0x110
[  134.814834][  T439]  ? __alloc_pages+0x27e/0x8f0
[  134.819440][  T439]  ? __kasan_check_write+0x14/0x20
[  134.824382][  T439]  ? _raw_spin_lock+0xa4/0x1b0
[  134.829009][  T439]  __pmd_alloc+0xb1/0x550
[  134.833285][  T439]  ? __pud_alloc+0x260/0x260
[  134.837712][  T439]  ? __pud_alloc+0x213/0x260
[  134.842134][  T439]  ? do_handle_mm_fault+0x2400/0x2400
[  134.847352][  T439]  ? __stack_depot_save+0x34/0x470
[  134.852761][  T439]  ? anon_vma_clone+0x9a/0x500
[  134.857356][  T439]  copy_page_range+0x2b3d/0x2f90
[  134.862122][  T439]  ? __kasan_slab_alloc+0xb1/0xe0
[  134.866981][  T439]  ? slab_post_alloc_hook+0x53/0x2c0
[  134.872104][  T439]  ? copy_mm+0xa3a/0x13e0
[  134.876268][  T439]  ? copy_process+0x1149/0x3290
[  134.880956][  T439]  ? kernel_clone+0x21e/0x9e0
[  134.885469][  T439]  ? x64_sys_call+0x1b0/0x9a0
[  134.890006][  T439]  ? do_syscall_64+0x3b/0xb0
[  134.894412][  T439]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  134.900335][  T439]  ? pfn_valid+0x1e0/0x1e0
[  134.904657][  T439]  ? rwsem_write_trylock+0x153/0x340
[  134.909783][  T439]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  134.920659][  T439]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  134.926209][  T439]  ? __rb_insert_augmented+0x5de/0x610
[  134.931522][  T439]  copy_mm+0xc7e/0x13e0
[  134.935517][  T439]  ? copy_signal+0x610/0x610
[  134.939930][  T439]  ? __init_rwsem+0xfe/0x1d0
[  134.944363][  T439]  ? copy_signal+0x4e3/0x610
[  134.948785][  T439]  copy_process+0x1149/0x3290
[  134.953306][  T439]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  134.958243][  T439]  ? __kasan_check_write+0x14/0x20
[  134.963215][  T439]  kernel_clone+0x21e/0x9e0
[  134.967648][  T439]  ? _raw_spin_unlock_irq+0x4e/0x70
[  134.972685][  T439]  ? create_io_thread+0x1e0/0x1e0
[  134.977537][  T439]  __x64_sys_clone+0x23f/0x290
[  134.982147][  T439]  ? __do_sys_vfork+0x130/0x130
[  134.986817][  T439]  ? __kasan_check_write+0x14/0x20
[  134.991765][  T439]  x64_sys_call+0x1b0/0x9a0
[  134.996119][  T439]  do_syscall_64+0x3b/0xb0
[  135.000456][  T439]  ? clear_bhb_loop+0x35/0x90
[  135.005305][  T439]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  135.011085][  T439] RIP: 0033:0x7f11f15e60d9
[  135.015295][  T439] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  135.035126][  T439] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  135.043366][  T439] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  135.051184][  T439] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  135.059044][  T439] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  135.066806][  T439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  135.074614][  T439] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[pid   439] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   438] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   439] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   439] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   438] close(3 <unfinished ...>
[pid   439] <... futex resumed>)        = 0
[pid   439] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   438] <... close resumed>)        = 0
[pid   438] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   438] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   438] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   438] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   438] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   438] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   438] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   438] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   438] exit_group(0)               = ?
[pid   439] <... futex resumed>)        = ?
[pid   439] +++ exited with 0 +++
[pid   438] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 22
./strace-static-x86_64: Process 440 attached
[pid   440] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   440] setpgid(0, 0)               = 0
[pid   440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   440] write(3, "1000", 4)         = 4
[pid   440] close(3)                    = 0
[pid   440] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   440] write(1, "executing program\n", 18executing program
) = 18
[pid   440] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   440] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   440] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   440] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   440] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   440] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   440] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[23]}, 88) = 23
[pid   440] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   440] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   440] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 441 attached
 <unfinished ...>
[pid   441] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   441] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   441] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   441] write(3, "69", 2)           = 2
[  135.082438][  T439]  </TASK>
[  135.115862][  T441] FAULT_INJECTION: forcing a failure.
[  135.115862][  T441] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  135.129193][  T441] CPU: 0 PID: 441 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  135.139575][  T441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  135.149473][  T441] Call Trace:
[  135.152687][  T441]  <TASK>
[  135.155463][  T441]  dump_stack_lvl+0x151/0x1c0
[  135.159975][  T441]  ? io_uring_drop_tctx_refs+0x190/0x190
[  135.165569][  T441]  dump_stack+0x15/0x20
[  135.169545][  T441]  should_fail+0x3c6/0x510
[  135.173798][  T441]  should_fail_alloc_page+0x5a/0x80
[  135.178840][  T441]  prepare_alloc_pages+0x15c/0x700
[  135.183804][  T441]  ? __alloc_pages_bulk+0xe40/0xe40
[  135.188829][  T441]  __alloc_pages+0x18c/0x8f0
[  135.193366][  T441]  ? prep_new_page+0x110/0x110
[  135.197972][  T441]  get_zeroed_page+0x1b/0x40
[  135.202390][  T441]  __pud_alloc+0x8b/0x260
[  135.206564][  T441]  ? stack_trace_snprint+0xf0/0xf0
[  135.211510][  T441]  ? do_handle_mm_fault+0x2400/0x2400
[  135.216714][  T441]  ? __stack_depot_save+0x34/0x470
[  135.221835][  T441]  ? anon_vma_clone+0x9a/0x500
[  135.226439][  T441]  copy_page_range+0x2bcf/0x2f90
[  135.231234][  T441]  ? __kasan_slab_alloc+0xb1/0xe0
[  135.236068][  T441]  ? slab_post_alloc_hook+0x53/0x2c0
[  135.241210][  T441]  ? copy_mm+0xa3a/0x13e0
[  135.245356][  T441]  ? copy_process+0x1149/0x3290
[  135.250056][  T441]  ? kernel_clone+0x21e/0x9e0
[  135.254580][  T441]  ? __x64_sys_clone+0x23f/0x290
[  135.259329][  T441]  ? x64_sys_call+0x1b0/0x9a0
[  135.263846][  T441]  ? do_syscall_64+0x3b/0xb0
[  135.268266][  T441]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  135.274203][  T441]  ? pfn_valid+0x1e0/0x1e0
[  135.278424][  T441]  ? rwsem_write_trylock+0x153/0x340
[  135.283554][  T441]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  135.289991][  T441]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  135.296128][  T441]  ? __rb_insert_augmented+0x5de/0x610
[  135.301430][  T441]  copy_mm+0xc7e/0x13e0
[  135.305417][  T441]  ? copy_signal+0x610/0x610
[  135.309836][  T441]  ? __init_rwsem+0xfe/0x1d0
[  135.314265][  T441]  ? copy_signal+0x4e3/0x610
[  135.318788][  T441]  copy_process+0x1149/0x3290
[  135.323395][  T441]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  135.328413][  T441]  ? __kasan_check_write+0x14/0x20
[  135.333360][  T441]  kernel_clone+0x21e/0x9e0
[  135.337708][  T441]  ? _raw_spin_unlock_irq+0x4e/0x70
[  135.342735][  T441]  ? create_io_thread+0x1e0/0x1e0
[  135.347598][  T441]  __x64_sys_clone+0x23f/0x290
[  135.352297][  T441]  ? __do_sys_vfork+0x130/0x130
[  135.356989][  T441]  ? __kasan_check_write+0x14/0x20
[  135.361937][  T441]  x64_sys_call+0x1b0/0x9a0
[  135.366288][  T441]  do_syscall_64+0x3b/0xb0
[  135.370539][  T441]  ? clear_bhb_loop+0x35/0x90
[  135.375196][  T441]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  135.381028][  T441] RIP: 0033:0x7f11f15e60d9
[  135.385267][  T441] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  135.404971][  T441] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   441] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   440] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   441] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   441] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   440] close(3)                    = 0
[pid   440] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   440] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   440] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   440] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   440] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   440] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   440] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   440] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   440] exit_group(0 <unfinished ...>
[pid   441] <... futex resumed>)        = ?
[pid   440] <... exit_group resumed>)   = ?
[pid   441] +++ exited with 0 +++
[pid   440] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 24
./strace-static-x86_64: Process 443 attached
[pid   443] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   443] setpgid(0, 0)               = 0
[pid   443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   443] write(3, "1000", 4)         = 4
[pid   443] close(3)                    = 0
[pid   443] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   443] write(1, "executing program\n", 18executing program
) = 18
[pid   443] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   443] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   443] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   443] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   443] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   443] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   443] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 444 attached
 <unfinished ...>
[pid   444] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   443] <... clone3 resumed> => {parent_tid=[25]}, 88) = 25
[pid   444] <... set_robust_list resumed>) = 0
[pid   443] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   444] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   443] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   444] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   443] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   444] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   443] <... futex resumed>)        = 0
[pid   443] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   444] <... openat resumed>)       = 3
[pid   444] write(3, "69", 2)           = 2
[  135.413229][  T441] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  135.422571][  T441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  135.430413][  T441] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  135.438297][  T441] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  135.446138][  T441] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  135.453955][  T441]  </TASK>
[  135.490740][  T444] FAULT_INJECTION: forcing a failure.
[  135.490740][  T444] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  135.504541][  T444] CPU: 0 PID: 444 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  135.514946][  T444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  135.525023][  T444] Call Trace:
[  135.528144][  T444]  <TASK>
[  135.530908][  T444]  dump_stack_lvl+0x151/0x1c0
[  135.535424][  T444]  ? io_uring_drop_tctx_refs+0x190/0x190
[  135.541157][  T444]  ? arch_stack_walk+0xf3/0x140
[  135.545966][  T444]  dump_stack+0x15/0x20
[  135.550140][  T444]  should_fail+0x3c6/0x510
[  135.554431][  T444]  should_fail_alloc_page+0x5a/0x80
[  135.559539][  T444]  prepare_alloc_pages+0x15c/0x700
[  135.564572][  T444]  ? __alloc_pages_bulk+0xe40/0xe40
[  135.569687][  T444]  ? __kasan_slab_alloc+0xc3/0xe0
[  135.574545][  T444]  __alloc_pages+0x18c/0x8f0
[  135.578978][  T444]  ? prep_new_page+0x110/0x110
[  135.583586][  T444]  new_slab+0x9a/0x4e0
[  135.587484][  T444]  ___slab_alloc+0x39e/0x830
[  135.591905][  T444]  ? anon_vma_fork+0x1df/0x4e0
[  135.596510][  T444]  ? anon_vma_fork+0x1df/0x4e0
[  135.601193][  T444]  __slab_alloc+0x4a/0x90
[  135.605462][  T444]  ? anon_vma_fork+0x1df/0x4e0
[  135.610062][  T444]  kmem_cache_alloc+0x134/0x200
[  135.614869][  T444]  anon_vma_fork+0x1df/0x4e0
[  135.619478][  T444]  copy_mm+0xa3a/0x13e0
[  135.624106][  T444]  ? copy_signal+0x610/0x610
[  135.629525][  T444]  ? __init_rwsem+0xfe/0x1d0
[  135.634205][  T444]  ? copy_signal+0x4e3/0x610
[  135.638642][  T444]  copy_process+0x1149/0x3290
[  135.643166][  T444]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  135.648541][  T444]  ? __kasan_check_write+0x14/0x20
[  135.653484][  T444]  kernel_clone+0x21e/0x9e0
[  135.657814][  T444]  ? _raw_spin_unlock_irq+0x4e/0x70
[  135.662857][  T444]  ? create_io_thread+0x1e0/0x1e0
[  135.667719][  T444]  __x64_sys_clone+0x23f/0x290
[  135.672308][  T444]  ? __do_sys_vfork+0x130/0x130
[  135.677000][  T444]  ? __kasan_check_write+0x14/0x20
[  135.682130][  T444]  x64_sys_call+0x1b0/0x9a0
[  135.686465][  T444]  do_syscall_64+0x3b/0xb0
[  135.690738][  T444]  ? clear_bhb_loop+0x35/0x90
[  135.695314][  T444]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  135.701041][  T444] RIP: 0033:0x7f11f15e60d9
[  135.705296][  T444] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  135.725277][  T444] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  135.733521][  T444] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[pid   444] clone(child_stack=NULL, flags=0./strace-static-x86_64: Process 445 attached
 <unfinished ...>
[pid   443] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   444] <... clone resumed>)        = 26
[pid   444] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   444] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   443] close(3)                    = 0
[pid   443] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   443] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   443] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   443] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   443] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   443] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   443] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   443] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   443] exit_group(0 <unfinished ...>
[pid   444] <... futex resumed>)        = ?
[pid   443] <... exit_group resumed>)   = ?
[pid   444] +++ exited with 0 +++
[pid   443] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 27
./strace-static-x86_64: Process 446 attached
[pid   446] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   446] setpgid(0, 0)               = 0
[pid   446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   446] write(3, "1000", 4)         = 4
[pid   446] close(3)                    = 0
[pid   446] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   446] write(1, "executing program\n", 18) = 18
[pid   446] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   446] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   446] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   446] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   446] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   446] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   446] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[28]}, 88) = 28
[pid   446] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   446] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   446] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 447 attached
 <unfinished ...>
[pid   447] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   447] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   447] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   447] write(3, "69", 2)           = 2
[  135.741432][  T444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  135.749315][  T444] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  135.757132][  T444] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  135.764952][  T444] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  135.772766][  T444]  </TASK>
[  135.812056][  T447] FAULT_INJECTION: forcing a failure.
[  135.812056][  T447] name failslab, interval 1, probability 0, space 0, times 0
[  135.825185][  T447] CPU: 1 PID: 447 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  135.835664][  T447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  135.845798][  T447] Call Trace:
[  135.848944][  T447]  <TASK>
[  135.851690][  T447]  dump_stack_lvl+0x151/0x1c0
[  135.856465][  T447]  ? io_uring_drop_tctx_refs+0x190/0x190
[  135.862060][  T447]  ? avc_denied+0x1b0/0x1b0
[  135.866359][  T447]  dump_stack+0x15/0x20
[  135.870348][  T447]  should_fail+0x3c6/0x510
[  135.874601][  T447]  __should_failslab+0xa4/0xe0
[  135.879218][  T447]  ? vm_area_dup+0x26/0x230
[  135.883540][  T447]  should_failslab+0x9/0x20
[  135.887885][  T447]  slab_pre_alloc_hook+0x37/0xd0
[  135.892659][  T447]  ? vm_area_dup+0x26/0x230
[  135.896992][  T447]  kmem_cache_alloc+0x44/0x200
[  135.901602][  T447]  vm_area_dup+0x26/0x230
[  135.905762][  T447]  copy_mm+0x9a1/0x13e0
[  135.909784][  T447]  ? copy_signal+0x610/0x610
[  135.914178][  T447]  ? __init_rwsem+0xfe/0x1d0
[  135.918694][  T447]  ? copy_signal+0x4e3/0x610
[  135.923123][  T447]  copy_process+0x1149/0x3290
[  135.927643][  T447]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  135.932584][  T447]  ? __kasan_check_write+0x14/0x20
[  135.937559][  T447]  kernel_clone+0x21e/0x9e0
[  135.941874][  T447]  ? _raw_spin_unlock_irq+0x4e/0x70
[  135.946912][  T447]  ? create_io_thread+0x1e0/0x1e0
[  135.951780][  T447]  __x64_sys_clone+0x23f/0x290
[  135.956378][  T447]  ? __do_sys_vfork+0x130/0x130
[  135.961081][  T447]  ? __kasan_check_write+0x14/0x20
[  135.966004][  T447]  x64_sys_call+0x1b0/0x9a0
[  135.970345][  T447]  do_syscall_64+0x3b/0xb0
[  135.974630][  T447]  ? clear_bhb_loop+0x35/0x90
[  135.979107][  T447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  135.984837][  T447] RIP: 0033:0x7f11f15e60d9
[  135.989090][  T447] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   447] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   446] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   445] exit(0)                     = ?
[pid   445] +++ exited with 0 +++
[pid   447] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   447] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   446] close(3 <unfinished ...>
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   446] <... close resumed>)        = 0
[pid   446] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(7 <unfinished ...>
[pid   406] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   446] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   446] close(8 <unfinished ...>
[pid   406] <... restart_syscall resumed>) = 0
[pid   446] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   446] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   446] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   446] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   446] exit_group(0)               = ?
[pid   447] <... futex resumed>)        = ?
[pid   447] +++ exited with 0 +++
[pid   446] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=27, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 29
./strace-static-x86_64: Process 448 attached
[pid   448] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   448] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   448] setpgid(0, 0)               = 0
[pid   448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   448] write(3, "1000", 4)         = 4
[pid   448] close(3)                    = 0
[pid   448] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   448] write(1, "executing program\n", 18executing program
) = 18
[pid   448] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   448] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   448] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   448] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   448] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   448] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   448] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 449 attached
 => {parent_tid=[30]}, 88) = 30
[pid   449] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   448] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   449] <... set_robust_list resumed>) = 0
[pid   448] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   448] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   448] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   449] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   449] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   449] write(3, "69", 2)           = 2
[  136.009328][  T447] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  136.018074][  T447] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  136.025888][  T447] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  136.033963][  T447] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  136.041771][  T447] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  136.049588][  T447] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  136.057421][  T447]  </TASK>
[pid   449] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   448] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  136.095266][  T449] FAULT_INJECTION: forcing a failure.
[  136.095266][  T449] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  136.108890][  T449] CPU: 1 PID: 449 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  136.119287][  T449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  136.129467][  T449] Call Trace:
[  136.132599][  T449]  <TASK>
[  136.135394][  T449]  dump_stack_lvl+0x151/0x1c0
[  136.139863][  T449]  ? io_uring_drop_tctx_refs+0x190/0x190
[  136.145351][  T449]  dump_stack+0x15/0x20
[  136.149338][  T449]  should_fail+0x3c6/0x510
[  136.153582][  T449]  should_fail_alloc_page+0x5a/0x80
[  136.158630][  T449]  prepare_alloc_pages+0x15c/0x700
[  136.163742][  T449]  ? __alloc_pages_bulk+0xe40/0xe40
[  136.168786][  T449]  __alloc_pages+0x18c/0x8f0
[  136.173305][  T449]  ? prep_new_page+0x110/0x110
[  136.177928][  T449]  get_zeroed_page+0x1b/0x40
[  136.182347][  T449]  __pud_alloc+0x8b/0x260
[  136.186619][  T449]  ? stack_trace_snprint+0xf0/0xf0
[  136.191646][  T449]  ? do_handle_mm_fault+0x2400/0x2400
[  136.197027][  T449]  ? __stack_depot_save+0x34/0x470
[  136.201976][  T449]  ? anon_vma_clone+0x9a/0x500
[  136.206578][  T449]  copy_page_range+0x2bcf/0x2f90
[  136.211347][  T449]  ? __kasan_slab_alloc+0xb1/0xe0
[  136.216234][  T449]  ? slab_post_alloc_hook+0x53/0x2c0
[  136.221329][  T449]  ? copy_mm+0xa3a/0x13e0
[  136.225545][  T449]  ? copy_process+0x1149/0x3290
[  136.230210][  T449]  ? kernel_clone+0x21e/0x9e0
[  136.234704][  T449]  ? __x64_sys_clone+0x23f/0x290
[  136.239478][  T449]  ? x64_sys_call+0x1b0/0x9a0
[  136.243984][  T449]  ? do_syscall_64+0x3b/0xb0
[  136.248430][  T449]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  136.254428][  T449]  ? pfn_valid+0x1e0/0x1e0
[  136.258651][  T449]  ? rwsem_write_trylock+0x153/0x340
[  136.263777][  T449]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  136.270052][  T449]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  136.275580][  T449]  ? __rb_insert_augmented+0x5de/0x610
[  136.280880][  T449]  copy_mm+0xc7e/0x13e0
[  136.284898][  T449]  ? copy_signal+0x610/0x610
[  136.289469][  T449]  ? __init_rwsem+0xfe/0x1d0
[  136.293881][  T449]  ? copy_signal+0x4e3/0x610
[  136.298416][  T449]  copy_process+0x1149/0x3290
[  136.302912][  T449]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  136.307870][  T449]  ? __kasan_check_write+0x14/0x20
[  136.312812][  T449]  kernel_clone+0x21e/0x9e0
[  136.317140][  T449]  ? _raw_spin_unlock_irq+0x4e/0x70
[  136.322278][  T449]  ? create_io_thread+0x1e0/0x1e0
[  136.327125][  T449]  __x64_sys_clone+0x23f/0x290
[  136.331755][  T449]  ? __do_sys_vfork+0x130/0x130
[  136.336442][  T449]  ? __kasan_check_write+0x14/0x20
[  136.341359][  T449]  x64_sys_call+0x1b0/0x9a0
[  136.345703][  T449]  do_syscall_64+0x3b/0xb0
[  136.349950][  T449]  ? clear_bhb_loop+0x35/0x90
[  136.354465][  T449]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  136.360398][  T449] RIP: 0033:0x7f11f15e60d9
[  136.364650][  T449] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  136.384333][  T449] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   449] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   449] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   449] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   448] close(3)                    = 0
[pid   448] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   448] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   448] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   448] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   448] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   448] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   448] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   448] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   448] exit_group(0 <unfinished ...>
[pid   449] <... futex resumed>)        = ?
[pid   448] <... exit_group resumed>)   = ?
[pid   449] +++ exited with 0 +++
[pid   448] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 31
./strace-static-x86_64: Process 450 attached
[pid   450] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   450] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   450] setpgid(0, 0)               = 0
[pid   450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   450] write(3, "1000", 4)         = 4
[pid   450] close(3)                    = 0
[pid   450] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   450] write(1, "executing program\n", 18executing program
) = 18
[pid   450] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   450] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   450] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   450] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   450] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   450] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   450] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 451 attached
 => {parent_tid=[32]}, 88) = 32
[pid   451] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   450] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   451] <... set_robust_list resumed>) = 0
[pid   450] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   451] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   450] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   451] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   450] <... futex resumed>)        = 0
[pid   451] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   450] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   451] <... openat resumed>)       = 3
[pid   451] write(3, "69", 2)           = 2
[  136.392688][  T449] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  136.400501][  T449] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  136.408314][  T449] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  136.416118][  T449] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  136.424037][  T449] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  136.431867][  T449]  </TASK>
[  136.465477][  T451] FAULT_INJECTION: forcing a failure.
[  136.465477][  T451] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  136.479305][  T451] CPU: 0 PID: 451 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  136.489812][  T451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  136.500150][  T451] Call Trace:
[  136.503276][  T451]  <TASK>
[  136.506051][  T451]  dump_stack_lvl+0x151/0x1c0
[  136.510572][  T451]  ? io_uring_drop_tctx_refs+0x190/0x190
[  136.516037][  T451]  dump_stack+0x15/0x20
[  136.520019][  T451]  should_fail+0x3c6/0x510
[  136.524556][  T451]  should_fail_alloc_page+0x5a/0x80
[  136.529856][  T451]  prepare_alloc_pages+0x15c/0x700
[  136.534991][  T451]  ? __alloc_pages_bulk+0xe40/0xe40
[  136.540113][  T451]  __alloc_pages+0x18c/0x8f0
[  136.544530][  T451]  ? prep_new_page+0x110/0x110
[  136.549232][  T451]  get_zeroed_page+0x1b/0x40
[  136.553740][  T451]  __pud_alloc+0x8b/0x260
[  136.557894][  T451]  ? stack_trace_snprint+0xf0/0xf0
[  136.562866][  T451]  ? do_handle_mm_fault+0x2400/0x2400
[  136.568057][  T451]  ? __stack_depot_save+0x34/0x470
[  136.573096][  T451]  ? anon_vma_clone+0x9a/0x500
[  136.577691][  T451]  copy_page_range+0x2bcf/0x2f90
[  136.582459][  T451]  ? __kasan_slab_alloc+0xb1/0xe0
[  136.587322][  T451]  ? slab_post_alloc_hook+0x53/0x2c0
[  136.592448][  T451]  ? copy_mm+0xa3a/0x13e0
[  136.596612][  T451]  ? copy_process+0x1149/0x3290
[  136.601382][  T451]  ? kernel_clone+0x21e/0x9e0
[  136.605918][  T451]  ? __x64_sys_clone+0x23f/0x290
[  136.610669][  T451]  ? x64_sys_call+0x1b0/0x9a0
[  136.615180][  T451]  ? do_syscall_64+0x3b/0xb0
[  136.619603][  T451]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  136.625525][  T451]  ? pfn_valid+0x1e0/0x1e0
[  136.629760][  T451]  ? rwsem_write_trylock+0x153/0x340
[  136.634891][  T451]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  136.641137][  T451]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  136.646690][  T451]  ? __rb_insert_augmented+0x5de/0x610
[  136.651991][  T451]  copy_mm+0xc7e/0x13e0
[  136.656013][  T451]  ? copy_signal+0x610/0x610
[  136.660404][  T451]  ? __init_rwsem+0xfe/0x1d0
[  136.664828][  T451]  ? copy_signal+0x4e3/0x610
[  136.669256][  T451]  copy_process+0x1149/0x3290
[  136.673779][  T451]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  136.678721][  T451]  ? __kasan_check_write+0x14/0x20
[  136.683849][  T451]  kernel_clone+0x21e/0x9e0
[  136.688186][  T451]  ? _raw_spin_unlock_irq+0x4e/0x70
[  136.693213][  T451]  ? create_io_thread+0x1e0/0x1e0
[  136.698087][  T451]  __x64_sys_clone+0x23f/0x290
[  136.702687][  T451]  ? __do_sys_vfork+0x130/0x130
[  136.707377][  T451]  ? __kasan_check_write+0x14/0x20
[  136.712320][  T451]  x64_sys_call+0x1b0/0x9a0
[  136.716651][  T451]  do_syscall_64+0x3b/0xb0
[  136.720899][  T451]  ? clear_bhb_loop+0x35/0x90
[  136.725415][  T451]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  136.731143][  T451] RIP: 0033:0x7f11f15e60d9
[  136.735399][  T451] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  136.754867][  T451] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   451] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   450] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   451] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   450] close(3 <unfinished ...>
[pid   451] <... futex resumed>)        = 0
[pid   451] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   450] <... close resumed>)        = 0
[pid   450] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   450] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   450] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   450] exit_group(0 <unfinished ...>
[pid   451] <... futex resumed>)        = ?
[pid   450] <... exit_group resumed>)   = ?
[pid   451] +++ exited with 0 +++
[pid   450] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=31, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 453 attached
 <unfinished ...>
[pid   453] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   453] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   453] setpgid(0, 0)               = 0
[pid   453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   453] write(3, "1000", 4)         = 4
[pid   453] close(3)                    = 0
[pid   453] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   453] write(1, "executing program\n", 18executing program
) = 18
[pid   453] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   453] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   453] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   453] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   453] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   453] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   453] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[34]}, 88) = 34
[pid   453] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   453] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   453] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 454 attached
 <unfinished ...>
[pid   454] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   454] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   454] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   454] write(3, "69", 2)           = 2
[pid   454] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 33
[  136.763082][  T451] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  136.770907][  T451] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  136.778714][  T451] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  136.786522][  T451] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  136.794336][  T451] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  136.802160][  T451]  </TASK>
[  136.832963][  T454] FAULT_INJECTION: forcing a failure.
[  136.832963][  T454] name failslab, interval 1, probability 0, space 0, times 0
[  136.845805][  T454] CPU: 0 PID: 454 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  136.856187][  T454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  136.866085][  T454] Call Trace:
[  136.869314][  T454]  <TASK>
[  136.872073][  T454]  dump_stack_lvl+0x151/0x1c0
[  136.876590][  T454]  ? io_uring_drop_tctx_refs+0x190/0x190
[  136.882190][  T454]  dump_stack+0x15/0x20
[  136.886166][  T454]  should_fail+0x3c6/0x510
[  136.890621][  T454]  __should_failslab+0xa4/0xe0
[  136.895214][  T454]  ? anon_vma_clone+0x9a/0x500
[  136.899796][  T454]  should_failslab+0x9/0x20
[  136.904130][  T454]  slab_pre_alloc_hook+0x37/0xd0
[  136.908926][  T454]  ? anon_vma_clone+0x9a/0x500
[  136.913518][  T454]  kmem_cache_alloc+0x44/0x200
[  136.918232][  T454]  anon_vma_clone+0x9a/0x500
[  136.922664][  T454]  anon_vma_fork+0x91/0x4e0
[  136.926994][  T454]  ? anon_vma_name+0x4c/0x70
[  136.931431][  T454]  ? vm_area_dup+0x17a/0x230
[  136.935939][  T454]  copy_mm+0xa3a/0x13e0
[  136.939938][  T454]  ? copy_signal+0x610/0x610
[  136.944356][  T454]  ? __init_rwsem+0xfe/0x1d0
[  136.948782][  T454]  ? copy_signal+0x4e3/0x610
[  136.953400][  T454]  copy_process+0x1149/0x3290
[  136.957921][  T454]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  136.962852][  T454]  ? __kasan_check_write+0x14/0x20
[  136.967806][  T454]  kernel_clone+0x21e/0x9e0
[  136.972143][  T454]  ? _raw_spin_unlock_irq+0x4e/0x70
[  136.977185][  T454]  ? create_io_thread+0x1e0/0x1e0
[  136.982045][  T454]  __x64_sys_clone+0x23f/0x290
[  136.986668][  T454]  ? __do_sys_vfork+0x130/0x130
[  136.991335][  T454]  ? __kasan_check_write+0x14/0x20
[  136.996279][  T454]  x64_sys_call+0x1b0/0x9a0
[  137.000615][  T454]  do_syscall_64+0x3b/0xb0
[  137.004871][  T454]  ? clear_bhb_loop+0x35/0x90
[  137.009477][  T454]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  137.015314][  T454] RIP: 0033:0x7f11f15e60d9
[  137.019550][  T454] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  137.039199][  T454] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  137.047431][  T454] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  137.055334][  T454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  137.063140][  T454] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  137.071037][  T454] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   453] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   454] <... clone resumed>)        = 35
[pid   454] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   453] close(3./strace-static-x86_64: Process 455 attached
 <unfinished ...>
[pid   454] <... futex resumed>)        = 0
[pid   453] <... close resumed>)        = 0
[pid   454] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   453] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   453] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   453] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   453] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   453] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   453] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   453] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   453] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   453] exit_group(0)               = ?
[pid   454] <... futex resumed>)        = ?
[pid   454] +++ exited with 0 +++
[pid   453] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=33, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 456 attached
 <unfinished ...>
[pid   456] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 36
[pid   456] <... set_robust_list resumed>) = 0
[pid   456] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   456] setpgid(0, 0)               = 0
[pid   456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   456] write(3, "1000", 4)         = 4
[pid   456] close(3)                    = 0
[pid   456] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   456] write(1, "executing program\n", 18) = 18
[pid   456] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   456] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   456] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   456] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   456] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   456] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   456] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 457 attached
 => {parent_tid=[37]}, 88) = 37
[pid   457] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   457] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   457] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   456] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   456] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   457] <... futex resumed>)        = 0
[pid   456] <... futex resumed>)        = 1
[pid   457] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   456] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   457] <... openat resumed>)       = 3
[pid   457] write(3, "69", 2)           = 2
[  137.078849][  T454] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  137.086768][  T454]  </TASK>
[  137.123782][  T457] FAULT_INJECTION: forcing a failure.
[  137.123782][  T457] name failslab, interval 1, probability 0, space 0, times 0
[  137.136819][  T457] CPU: 1 PID: 457 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  137.147309][  T457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  137.157207][  T457] Call Trace:
[  137.160315][  T457]  <TASK>
[  137.163098][  T457]  dump_stack_lvl+0x151/0x1c0
[  137.167609][  T457]  ? io_uring_drop_tctx_refs+0x190/0x190
[  137.173077][  T457]  dump_stack+0x15/0x20
[  137.177066][  T457]  should_fail+0x3c6/0x510
[  137.181333][  T457]  __should_failslab+0xa4/0xe0
[  137.185923][  T457]  ? anon_vma_clone+0x9a/0x500
[  137.190519][  T457]  should_failslab+0x9/0x20
[  137.194888][  T457]  slab_pre_alloc_hook+0x37/0xd0
[  137.199900][  T457]  ? anon_vma_clone+0x9a/0x500
[  137.204494][  T457]  kmem_cache_alloc+0x44/0x200
[  137.209102][  T457]  anon_vma_clone+0x9a/0x500
[  137.213544][  T457]  anon_vma_fork+0x91/0x4e0
[  137.217866][  T457]  ? anon_vma_name+0x4c/0x70
[  137.222314][  T457]  ? vm_area_dup+0x17a/0x230
[  137.226717][  T457]  copy_mm+0xa3a/0x13e0
[pid   457] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   455] exit(0)                     = ?
[pid   455] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=35, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[  137.230729][  T457]  ? copy_signal+0x610/0x610
[  137.235142][  T457]  ? __init_rwsem+0xfe/0x1d0
[  137.239567][  T457]  ? copy_signal+0x4e3/0x610
[  137.243995][  T457]  copy_process+0x1149/0x3290
[  137.248513][  T457]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  137.253457][  T457]  ? __kasan_check_write+0x14/0x20
[  137.258406][  T457]  kernel_clone+0x21e/0x9e0
[  137.262758][  T457]  ? _raw_spin_unlock_irq+0x4e/0x70
[  137.267774][  T457]  ? create_io_thread+0x1e0/0x1e0
[  137.272639][  T457]  __x64_sys_clone+0x23f/0x290
[  137.277266][  T457]  ? __do_sys_vfork+0x130/0x130
[  137.281930][  T457]  ? __kasan_check_write+0x14/0x20
[  137.286873][  T457]  x64_sys_call+0x1b0/0x9a0
[  137.291325][  T457]  do_syscall_64+0x3b/0xb0
[  137.295553][  T457]  ? clear_bhb_loop+0x35/0x90
[  137.300078][  T457]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  137.305808][  T457] RIP: 0033:0x7f11f15e60d9
[  137.310140][  T457] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   456] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   457] <... clone resumed>)        = 38
[pid   457] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   457] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 458 attached
 <unfinished ...>
[pid   456] close(3)                    = 0
[pid   456] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   456] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   456] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   456] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   456] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   456] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   456] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   456] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   456] exit_group(0 <unfinished ...>
[pid   457] <... futex resumed>)        = ?
[pid   456] <... exit_group resumed>)   = ?
[pid   457] +++ exited with 0 +++
[pid   456] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 39
./strace-static-x86_64: Process 459 attached
[pid   459] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   459] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   459] setpgid(0, 0)               = 0
[pid   459] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid   459] write(3, "1000", 4)         = 4
[pid   459] close(3)                    = 0
[pid   459] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   459] write(1, "executing program\n", 18) = 18
[pid   459] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   459] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   459] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   459] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   459] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   459] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   459] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[40]}, 88) = 40
[pid   459] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   459] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   459] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 460 attached
 <unfinished ...>
[pid   460] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   460] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   460] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   460] write(3, "69", 2)           = 2
[  137.330033][  T457] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  137.338265][  T457] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  137.346084][  T457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  137.353894][  T457] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  137.361794][  T457] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  137.369608][  T457] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  137.377523][  T457]  </TASK>
[  137.410307][  T460] FAULT_INJECTION: forcing a failure.
[  137.410307][  T460] name failslab, interval 1, probability 0, space 0, times 0
[  137.423092][  T460] CPU: 1 PID: 460 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  137.433499][  T460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  137.443389][  T460] Call Trace:
[  137.446509][  T460]  <TASK>
[  137.449288][  T460]  dump_stack_lvl+0x151/0x1c0
[  137.453811][  T460]  ? io_uring_drop_tctx_refs+0x190/0x190
[  137.459273][  T460]  ? avc_denied+0x1b0/0x1b0
[  137.463617][  T460]  dump_stack+0x15/0x20
[  137.467723][  T460]  should_fail+0x3c6/0x510
[  137.472096][  T460]  __should_failslab+0xa4/0xe0
[  137.476687][  T460]  ? vm_area_dup+0x26/0x230
[  137.481016][  T460]  should_failslab+0x9/0x20
[  137.485453][  T460]  slab_pre_alloc_hook+0x37/0xd0
[  137.490222][  T460]  ? vm_area_dup+0x26/0x230
[  137.494562][  T460]  kmem_cache_alloc+0x44/0x200
[  137.499175][  T460]  vm_area_dup+0x26/0x230
[  137.503332][  T460]  copy_mm+0x9a1/0x13e0
[  137.507334][  T460]  ? copy_signal+0x610/0x610
[  137.511906][  T460]  ? __init_rwsem+0xfe/0x1d0
[  137.516508][  T460]  ? copy_signal+0x4e3/0x610
[  137.520938][  T460]  copy_process+0x1149/0x3290
[  137.525548][  T460]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  137.530492][  T460]  ? __kasan_check_write+0x14/0x20
[  137.535436][  T460]  kernel_clone+0x21e/0x9e0
[  137.539858][  T460]  ? _raw_spin_unlock_irq+0x4e/0x70
[  137.544886][  T460]  ? create_io_thread+0x1e0/0x1e0
[  137.549751][  T460]  __x64_sys_clone+0x23f/0x290
[  137.554350][  T460]  ? __do_sys_vfork+0x130/0x130
[  137.559111][  T460]  ? __kasan_check_write+0x14/0x20
[  137.564576][  T460]  x64_sys_call+0x1b0/0x9a0
[  137.568906][  T460]  do_syscall_64+0x3b/0xb0
[  137.573164][  T460]  ? clear_bhb_loop+0x35/0x90
[  137.577670][  T460]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  137.583393][  T460] RIP: 0033:0x7f11f15e60d9
[  137.587736][  T460] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   460] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   458] exit(0)                     = ?
[pid   459] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   458] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   460] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   460] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   459] close(3)                    = 0
[pid   459] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   459] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   459] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   459] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   459] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   459] close(9 <unfinished ...>
[pid   460] <... futex resumed>)        = 0
[pid   459] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   459] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   460] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   459] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   459] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   459] exit_group(0 <unfinished ...>
[pid   460] <... futex resumed>)        = ?
[pid   459] <... exit_group resumed>)   = ?
[pid   460] +++ exited with 0 +++
[pid   459] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=39, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 41
./strace-static-x86_64: Process 462 attached
[pid   462] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   462] setpgid(0, 0)               = 0
[pid   462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   462] write(3, "1000", 4)         = 4
[pid   462] close(3)                    = 0
[pid   462] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   462] write(1, "executing program\n", 18) = 18
[pid   462] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   462] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   462] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   462] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[  137.607559][  T460] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  137.615964][  T460] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  137.623740][  T460] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  137.631650][  T460] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  137.639562][  T460] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  137.647375][  T460] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  137.655196][  T460]  </TASK>
[pid   462] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   462] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   462] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 463 attached
 => {parent_tid=[42]}, 88) = 42
[pid   462] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   462] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   462] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   463] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   463] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   463] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   463] write(3, "69", 2)           = 2
[  137.699385][  T463] FAULT_INJECTION: forcing a failure.
[  137.699385][  T463] name failslab, interval 1, probability 0, space 0, times 0
[  137.712103][  T463] CPU: 1 PID: 463 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  137.722524][  T463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  137.732449][  T463] Call Trace:
[  137.735550][  T463]  <TASK>
[  137.738324][  T463]  dump_stack_lvl+0x151/0x1c0
[  137.742842][  T463]  ? io_uring_drop_tctx_refs+0x190/0x190
[  137.748326][  T463]  dump_stack+0x15/0x20
[  137.752304][  T463]  should_fail+0x3c6/0x510
[  137.756642][  T463]  __should_failslab+0xa4/0xe0
[  137.761246][  T463]  ? anon_vma_clone+0x9a/0x500
[  137.765834][  T463]  should_failslab+0x9/0x20
[  137.770192][  T463]  slab_pre_alloc_hook+0x37/0xd0
[  137.774955][  T463]  ? anon_vma_clone+0x9a/0x500
[  137.779639][  T463]  kmem_cache_alloc+0x44/0x200
[  137.784371][  T463]  anon_vma_clone+0x9a/0x500
[  137.788779][  T463]  anon_vma_fork+0x91/0x4e0
[  137.793239][  T463]  ? anon_vma_name+0x4c/0x70
[  137.797661][  T463]  ? vm_area_dup+0x17a/0x230
[  137.802084][  T463]  copy_mm+0xa3a/0x13e0
[  137.806088][  T463]  ? copy_signal+0x610/0x610
[  137.810506][  T463]  ? __init_rwsem+0xfe/0x1d0
[  137.815454][  T463]  ? copy_signal+0x4e3/0x610
[  137.819893][  T463]  copy_process+0x1149/0x3290
[  137.824402][  T463]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  137.829350][  T463]  ? __kasan_check_write+0x14/0x20
[  137.834292][  T463]  kernel_clone+0x21e/0x9e0
[  137.838625][  T463]  ? _raw_spin_unlock_irq+0x4e/0x70
[  137.843660][  T463]  ? create_io_thread+0x1e0/0x1e0
[  137.848550][  T463]  __x64_sys_clone+0x23f/0x290
[  137.853120][  T463]  ? __do_sys_vfork+0x130/0x130
[  137.857814][  T463]  ? __kasan_check_write+0x14/0x20
[  137.862781][  T463]  x64_sys_call+0x1b0/0x9a0
[  137.867097][  T463]  do_syscall_64+0x3b/0xb0
[  137.871350][  T463]  ? clear_bhb_loop+0x35/0x90
[  137.876037][  T463]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  137.881785][  T463] RIP: 0033:0x7f11f15e60d9
[  137.886019][  T463] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  137.905462][  T463] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  137.913722][  T463] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  137.921532][  T463] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  137.929332][  T463] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  137.937242][  T463] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   463] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   462] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
./strace-static-x86_64: Process 464 attached
[pid   463] <... clone resumed>)        = 43
[pid   463] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   463] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   462] close(3)                    = 0
[pid   462] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   462] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   462] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   462] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   462] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   462] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   462] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   462] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   462] exit_group(0)               = ?
[pid   463] <... futex resumed>)        = ?
[pid   463] +++ exited with 0 +++
[pid   462] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=41, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 44
./strace-static-x86_64: Process 465 attached
[pid   465] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   465] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   465] setpgid(0, 0)               = 0
[pid   465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   465] write(3, "1000", 4)         = 4
[pid   465] close(3)                    = 0
[pid   465] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   465] write(1, "executing program\n", 18executing program
) = 18
[pid   465] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   465] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   465] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   465] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   465] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   465] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   465] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 466 attached
 => {parent_tid=[45]}, 88) = 45
[pid   466] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   466] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   466] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   465] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   465] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   466] <... futex resumed>)        = 0
[pid   465] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   466] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   466] write(3, "69", 2)           = 2
[  137.945132][  T463] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  137.953144][  T463]  </TASK>
[pid   466] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   465] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  137.995069][  T466] FAULT_INJECTION: forcing a failure.
[  137.995069][  T466] name failslab, interval 1, probability 0, space 0, times 0
[  138.007888][  T466] CPU: 1 PID: 466 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  138.018275][  T466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  138.028177][  T466] Call Trace:
[  138.031294][  T466]  <TASK>
[  138.034098][  T466]  dump_stack_lvl+0x151/0x1c0
[  138.038586][  T466]  ? io_uring_drop_tctx_refs+0x190/0x190
[  138.044144][  T466]  ? avc_denied+0x1b0/0x1b0
[  138.048480][  T466]  dump_stack+0x15/0x20
[  138.052477][  T466]  should_fail+0x3c6/0x510
[  138.056899][  T466]  __should_failslab+0xa4/0xe0
[  138.061567][  T466]  ? vm_area_dup+0x26/0x230
[  138.065946][  T466]  should_failslab+0x9/0x20
[  138.070295][  T466]  slab_pre_alloc_hook+0x37/0xd0
[  138.075056][  T466]  ? vm_area_dup+0x26/0x230
[  138.079400][  T466]  kmem_cache_alloc+0x44/0x200
[  138.084002][  T466]  vm_area_dup+0x26/0x230
[  138.088165][  T466]  copy_mm+0x9a1/0x13e0
[pid   464] exit(0)                     = ?
[pid   464] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=43, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[  138.092179][  T466]  ? copy_signal+0x610/0x610
[  138.096586][  T466]  ? __init_rwsem+0xfe/0x1d0
[  138.101014][  T466]  ? copy_signal+0x4e3/0x610
[  138.105439][  T466]  copy_process+0x1149/0x3290
[  138.109973][  T466]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  138.114915][  T466]  ? __kasan_check_write+0x14/0x20
[  138.119864][  T466]  kernel_clone+0x21e/0x9e0
[  138.124187][  T466]  ? _raw_spin_unlock_irq+0x4e/0x70
[  138.129229][  T466]  ? create_io_thread+0x1e0/0x1e0
[  138.134100][  T466]  __x64_sys_clone+0x23f/0x290
[  138.138685][  T466]  ? __do_sys_vfork+0x130/0x130
[  138.143473][  T466]  ? __kasan_check_write+0x14/0x20
[  138.148413][  T466]  x64_sys_call+0x1b0/0x9a0
[  138.152750][  T466]  do_syscall_64+0x3b/0xb0
[  138.157000][  T466]  ? clear_bhb_loop+0x35/0x90
[  138.161509][  T466]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  138.167335][  T466] RIP: 0033:0x7f11f15e60d9
[  138.171592][  T466] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   466] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   466] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   466] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   465] close(3)                    = 0
[pid   465] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   465] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   465] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   465] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   465] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   465] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   465] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   465] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   465] exit_group(0 <unfinished ...>
[pid   466] <... futex resumed>)        = ?
[pid   465] <... exit_group resumed>)   = ?
[pid   466] +++ exited with 0 +++
[pid   465] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 46
./strace-static-x86_64: Process 467 attached
[pid   467] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   467] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   467] setpgid(0, 0)               = 0
[pid   467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   467] write(3, "1000", 4)         = 4
[pid   467] close(3)                    = 0
[pid   467] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   467] write(1, "executing program\n", 18executing program
) = 18
[pid   467] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   467] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   467] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[  138.191482][  T466] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  138.199717][  T466] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  138.207703][  T466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  138.215508][  T466] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  138.223322][  T466] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  138.231136][  T466] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  138.238955][  T466]  </TASK>
[pid   467] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   467] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   467] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   467] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[47]}, 88) = 47
./strace-static-x86_64: Process 468 attached
[pid   468] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   468] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   468] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   467] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   467] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   468] <... futex resumed>)        = 0
[pid   467] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   468] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   468] write(3, "69", 2)           = 2
[  138.290304][  T468] FAULT_INJECTION: forcing a failure.
[  138.290304][  T468] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  138.303499][  T468] CPU: 0 PID: 468 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  138.313886][  T468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  138.323776][  T468] Call Trace:
[  138.326904][  T468]  <TASK>
[  138.329681][  T468]  dump_stack_lvl+0x151/0x1c0
[  138.334199][  T468]  ? io_uring_drop_tctx_refs+0x190/0x190
[  138.339668][  T468]  dump_stack+0x15/0x20
[  138.343652][  T468]  should_fail+0x3c6/0x510
[  138.347910][  T468]  should_fail_alloc_page+0x5a/0x80
[  138.352942][  T468]  prepare_alloc_pages+0x15c/0x700
[  138.357894][  T468]  ? __alloc_pages_bulk+0xe40/0xe40
[  138.362931][  T468]  __alloc_pages+0x18c/0x8f0
[  138.367352][  T468]  ? prep_new_page+0x110/0x110
[  138.371954][  T468]  ? __alloc_pages+0x27e/0x8f0
[  138.376561][  T468]  ? __kasan_check_write+0x14/0x20
[  138.381503][  T468]  ? _raw_spin_lock+0xa4/0x1b0
[  138.386105][  T468]  __pmd_alloc+0xb1/0x550
[  138.390311][  T468]  ? __pud_alloc+0x260/0x260
[  138.394712][  T468]  ? __pud_alloc+0x213/0x260
[  138.399123][  T468]  ? do_handle_mm_fault+0x2400/0x2400
[  138.404361][  T468]  ? __stack_depot_save+0x34/0x470
[  138.409278][  T468]  ? anon_vma_clone+0x9a/0x500
[  138.413878][  T468]  copy_page_range+0x2b3d/0x2f90
[  138.418651][  T468]  ? __kasan_slab_alloc+0xb1/0xe0
[  138.423621][  T468]  ? slab_post_alloc_hook+0x53/0x2c0
[  138.428736][  T468]  ? copy_mm+0xa3a/0x13e0
[  138.432903][  T468]  ? copy_process+0x1149/0x3290
[  138.437591][  T468]  ? kernel_clone+0x21e/0x9e0
[  138.442109][  T468]  ? x64_sys_call+0x1b0/0x9a0
[  138.446618][  T468]  ? do_syscall_64+0x3b/0xb0
[  138.451043][  T468]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  138.456969][  T468]  ? pfn_valid+0x1e0/0x1e0
[  138.461202][  T468]  ? rwsem_write_trylock+0x153/0x340
[  138.466320][  T468]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  138.472656][  T468]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  138.478214][  T468]  ? __rb_insert_augmented+0x5de/0x610
[  138.483516][  T468]  copy_mm+0xc7e/0x13e0
[  138.487532][  T468]  ? copy_signal+0x610/0x610
[  138.491923][  T468]  ? __init_rwsem+0xfe/0x1d0
[  138.496385][  T468]  ? copy_signal+0x4e3/0x610
[  138.500780][  T468]  copy_process+0x1149/0x3290
[  138.505388][  T468]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  138.510355][  T468]  ? __kasan_check_write+0x14/0x20
[  138.515280][  T468]  kernel_clone+0x21e/0x9e0
[  138.519614][  T468]  ? _raw_spin_unlock_irq+0x4e/0x70
[  138.524650][  T468]  ? create_io_thread+0x1e0/0x1e0
[  138.529750][  T468]  __x64_sys_clone+0x23f/0x290
[  138.534327][  T468]  ? __do_sys_vfork+0x130/0x130
[  138.539069][  T468]  ? __kasan_check_write+0x14/0x20
[  138.544073][  T468]  x64_sys_call+0x1b0/0x9a0
[  138.548408][  T468]  do_syscall_64+0x3b/0xb0
[  138.552750][  T468]  ? clear_bhb_loop+0x35/0x90
[  138.557257][  T468]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  138.563102][  T468] RIP: 0033:0x7f11f15e60d9
[  138.567448][  T468] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   468] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   467] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   468] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   468] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   467] close(3)                    = 0
[pid   467] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   467] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   467] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   467] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   467] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   467] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   467] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   467] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   467] exit_group(0 <unfinished ...>
[pid   468] <... futex resumed>)        = ?
[pid   467] <... exit_group resumed>)   = ?
[pid   468] +++ exited with 0 +++
[pid   467] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=46, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 469 attached
 <unfinished ...>
[pid   469] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 48
[pid   469] <... set_robust_list resumed>) = 0
[pid   469] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program
) = 0
[pid   469] setpgid(0, 0)               = 0
[pid   469] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   469] write(3, "1000", 4)         = 4
[pid   469] close(3)                    = 0
[pid   469] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   469] write(1, "executing program\n", 18) = 18
[pid   469] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   469] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   469] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   469] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   469] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   469] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   469] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[49]}, 88) = 49
[pid   469] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   469] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   469] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 470 attached
 <unfinished ...>
[pid   470] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   470] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   470] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   470] write(3, "69", 2)           = 2
[  138.586979][  T468] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  138.595227][  T468] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  138.603040][  T468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  138.610952][  T468] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  138.618762][  T468] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  138.626573][  T468] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  138.634399][  T468]  </TASK>
[pid   470] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   469] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  138.673033][  T470] FAULT_INJECTION: forcing a failure.
[  138.673033][  T470] name failslab, interval 1, probability 0, space 0, times 0
[  138.685574][  T470] CPU: 0 PID: 470 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  138.695957][  T470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  138.705979][  T470] Call Trace:
[  138.709190][  T470]  <TASK>
[  138.711968][  T470]  dump_stack_lvl+0x151/0x1c0
[  138.716479][  T470]  ? io_uring_drop_tctx_refs+0x190/0x190
[  138.721950][  T470]  dump_stack+0x15/0x20
[  138.725944][  T470]  should_fail+0x3c6/0x510
[  138.730203][  T470]  __should_failslab+0xa4/0xe0
[  138.734794][  T470]  ? anon_vma_clone+0x9a/0x500
[  138.739484][  T470]  should_failslab+0x9/0x20
[  138.743830][  T470]  slab_pre_alloc_hook+0x37/0xd0
[  138.748597][  T470]  ? anon_vma_clone+0x9a/0x500
[  138.753199][  T470]  kmem_cache_alloc+0x44/0x200
[  138.757797][  T470]  anon_vma_clone+0x9a/0x500
[  138.762227][  T470]  anon_vma_fork+0x91/0x4e0
[  138.766561][  T470]  ? anon_vma_name+0x4c/0x70
[  138.771000][  T470]  ? vm_area_dup+0x17a/0x230
[  138.775414][  T470]  copy_mm+0xa3a/0x13e0
[  138.779432][  T470]  ? copy_signal+0x610/0x610
[  138.783839][  T470]  ? __init_rwsem+0xfe/0x1d0
[  138.788354][  T470]  ? copy_signal+0x4e3/0x610
[  138.792900][  T470]  copy_process+0x1149/0x3290
[  138.797420][  T470]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  138.802367][  T470]  ? __kasan_check_write+0x14/0x20
[  138.807322][  T470]  kernel_clone+0x21e/0x9e0
[  138.811639][  T470]  ? _raw_spin_unlock_irq+0x4e/0x70
[  138.816674][  T470]  ? create_io_thread+0x1e0/0x1e0
[  138.821536][  T470]  __x64_sys_clone+0x23f/0x290
[  138.826135][  T470]  ? __do_sys_vfork+0x130/0x130
[  138.830913][  T470]  ? __kasan_check_write+0x14/0x20
[  138.835886][  T470]  x64_sys_call+0x1b0/0x9a0
[  138.840261][  T470]  do_syscall_64+0x3b/0xb0
[  138.844446][  T470]  ? clear_bhb_loop+0x35/0x90
[  138.848962][  T470]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  138.854949][  T470] RIP: 0033:0x7f11f15e60d9
[  138.859209][  T470] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  138.878648][  T470] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  138.886899][  T470] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  138.894705][  T470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  138.902523][  T470] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  138.910416][  T470] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
./strace-static-x86_64: Process 472 attached
[pid   470] <... clone resumed>)        = 50
[pid   470] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   469] close(3)                    = 0
[pid   469] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   469] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   469] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   469] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   469] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   469] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   469] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   469] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   469] exit_group(0)               = ?
[pid   470] <... futex resumed>)        = ?
[pid   470] +++ exited with 0 +++
[pid   469] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=48, si_uid=0, si_status=0, si_utime=0, si_stime=4} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 51
./strace-static-x86_64: Process 474 attached
[pid   474] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   474] setpgid(0, 0)               = 0
[pid   474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   474] write(3, "1000", 4)         = 4
[pid   474] close(3)                    = 0
[  138.918401][  T470] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  138.926219][  T470]  </TASK>
[pid   474] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   474] write(1, "executing program\n", 18executing program
) = 18
[pid   474] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   474] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   474] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   474] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   474] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   474] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   474] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[52]}, 88) = 52
[pid   474] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   474] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   474] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 475 attached
 <unfinished ...>
[pid   475] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   475] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   475] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   475] write(3, "69", 2)           = 2
[  138.985013][  T475] FAULT_INJECTION: forcing a failure.
[  138.985013][  T475] name failslab, interval 1, probability 0, space 0, times 0
[  138.998147][  T475] CPU: 1 PID: 475 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  139.008641][  T475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.018620][  T475] Call Trace:
[  139.021824][  T475]  <TASK>
[  139.024608][  T475]  dump_stack_lvl+0x151/0x1c0
[  139.029105][  T475]  ? io_uring_drop_tctx_refs+0x190/0x190
[  139.034597][  T475]  dump_stack+0x15/0x20
[  139.038671][  T475]  should_fail+0x3c6/0x510
[  139.043008][  T475]  __should_failslab+0xa4/0xe0
[  139.047604][  T475]  ? anon_vma_clone+0x9a/0x500
[  139.052223][  T475]  should_failslab+0x9/0x20
[  139.056543][  T475]  slab_pre_alloc_hook+0x37/0xd0
[  139.061319][  T475]  ? anon_vma_clone+0x9a/0x500
[  139.065925][  T475]  kmem_cache_alloc+0x44/0x200
[  139.070524][  T475]  anon_vma_clone+0x9a/0x500
[  139.074960][  T475]  anon_vma_fork+0x91/0x4e0
[  139.079314][  T475]  ? anon_vma_name+0x4c/0x70
[  139.083718][  T475]  ? vm_area_dup+0x17a/0x230
[  139.088142][  T475]  copy_mm+0xa3a/0x13e0
[  139.092142][  T475]  ? copy_signal+0x610/0x610
[  139.096595][  T475]  ? __init_rwsem+0xfe/0x1d0
[  139.101002][  T475]  ? copy_signal+0x4e3/0x610
[  139.105417][  T475]  copy_process+0x1149/0x3290
[  139.109938][  T475]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  139.114875][  T475]  ? __kasan_check_write+0x14/0x20
[  139.119826][  T475]  kernel_clone+0x21e/0x9e0
[  139.124189][  T475]  ? _raw_spin_unlock_irq+0x4e/0x70
[  139.129196][  T475]  ? create_io_thread+0x1e0/0x1e0
[  139.134059][  T475]  __x64_sys_clone+0x23f/0x290
[  139.138664][  T475]  ? __do_sys_vfork+0x130/0x130
[  139.143349][  T475]  ? __kasan_check_write+0x14/0x20
[  139.148307][  T475]  x64_sys_call+0x1b0/0x9a0
[  139.152647][  T475]  do_syscall_64+0x3b/0xb0
[  139.156891][  T475]  ? clear_bhb_loop+0x35/0x90
[  139.161404][  T475]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  139.167136][  T475] RIP: 0033:0x7f11f15e60d9
[  139.171391][  T475] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  139.191000][  T475] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  139.199247][  T475] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  139.207152][  T475] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  139.215096][  T475] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  139.223460][  T475] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   475] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   474] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   472] exit(0)                     = ?
[pid   475] <... clone resumed>)        = 53
[pid   472] +++ exited with 0 +++
[pid   475] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   475] <... futex resumed>)        = 0
[pid   475] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   474] close(3)                    = 0
[pid   474] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   474] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   474] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   474] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   474] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   474] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   474] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   474] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   474] exit_group(0)               = ?
[pid   475] <... futex resumed>)        = ?
./strace-static-x86_64: Process 476 attached
[pid   475] +++ exited with 0 +++
[pid   474] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=51, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 477 attached
, child_tidptr=0x555560cbc690) = 54
[pid   477] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   477] setpgid(0, 0)               = 0
[pid   477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   477] write(3, "1000", 4)         = 4
[pid   477] close(3)                    = 0
[pid   477] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   477] write(1, "executing program\n", 18) = 18
[pid   477] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   477] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   477] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   477] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   477] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   477] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   477] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[55]}, 88) = 55
[pid   477] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   477] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   477] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 478 attached
 <unfinished ...>
[pid   478] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   478] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   478] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   478] write(3, "69", 2)           = 2
[  139.231264][  T475] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  139.239086][  T475]  </TASK>
[pid   478] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   477] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  139.277612][  T478] FAULT_INJECTION: forcing a failure.
[  139.277612][  T478] name failslab, interval 1, probability 0, space 0, times 0
[  139.290983][  T478] CPU: 1 PID: 478 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  139.301374][  T478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.311268][  T478] Call Trace:
[  139.314392][  T478]  <TASK>
[  139.317206][  T478]  dump_stack_lvl+0x151/0x1c0
[  139.321687][  T478]  ? io_uring_drop_tctx_refs+0x190/0x190
[  139.327175][  T478]  dump_stack+0x15/0x20
[  139.331142][  T478]  should_fail+0x3c6/0x510
[  139.335407][  T478]  __should_failslab+0xa4/0xe0
[  139.340040][  T478]  ? anon_vma_clone+0x9a/0x500
[  139.344596][  T478]  should_failslab+0x9/0x20
[  139.348941][  T478]  slab_pre_alloc_hook+0x37/0xd0
[  139.353716][  T478]  ? anon_vma_clone+0x9a/0x500
[  139.358321][  T478]  kmem_cache_alloc+0x44/0x200
[  139.362917][  T478]  anon_vma_clone+0x9a/0x500
[  139.367344][  T478]  anon_vma_fork+0x91/0x4e0
[  139.371681][  T478]  ? anon_vma_name+0x4c/0x70
[  139.376109][  T478]  ? vm_area_dup+0x17a/0x230
[  139.380534][  T478]  copy_mm+0xa3a/0x13e0
[  139.384537][  T478]  ? copy_signal+0x610/0x610
[  139.389021][  T478]  ? __init_rwsem+0xfe/0x1d0
[  139.393392][  T478]  ? copy_signal+0x4e3/0x610
[  139.397808][  T478]  copy_process+0x1149/0x3290
[  139.402335][  T478]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  139.407269][  T478]  ? __kasan_check_write+0x14/0x20
[  139.412229][  T478]  kernel_clone+0x21e/0x9e0
[  139.416561][  T478]  ? _raw_spin_unlock_irq+0x4e/0x70
[  139.421595][  T478]  ? create_io_thread+0x1e0/0x1e0
[  139.426459][  T478]  __x64_sys_clone+0x23f/0x290
[  139.431053][  T478]  ? __do_sys_vfork+0x130/0x130
[  139.435752][  T478]  ? __kasan_check_write+0x14/0x20
[  139.440707][  T478]  x64_sys_call+0x1b0/0x9a0
[  139.445032][  T478]  do_syscall_64+0x3b/0xb0
[  139.449293][  T478]  ? clear_bhb_loop+0x35/0x90
[  139.453890][  T478]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  139.459623][  T478] RIP: 0033:0x7f11f15e60d9
[  139.463892][  T478] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  139.483315][  T478] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  139.491689][  T478] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  139.499509][  T478] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  139.507317][  T478] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  139.515212][  T478] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
./strace-static-x86_64: Process 479 attached
[pid   478] <... clone resumed>)        = 56
[pid   476] exit(0 <unfinished ...>
[pid   478] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   476] <... exit resumed>)         = ?
[pid   478] <... futex resumed>)        = 0
[pid   478] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   477] close(3)                    = 0
[pid   477] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   477] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   476] +++ exited with 0 +++
[pid   477] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=53, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   477] close(7 <unfinished ...>
[pid   406] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   477] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   477] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   477] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   477] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   477] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   477] exit_group(0 <unfinished ...>
[pid   478] <... futex resumed>)        = ?
[pid   477] <... exit_group resumed>)   = ?
[pid   478] +++ exited with 0 +++
[pid   477] +++ exited with 0 +++
[pid   406] <... restart_syscall resumed>) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=54, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 480 attached
, child_tidptr=0x555560cbc690) = 57
[pid   480] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   480] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   480] setpgid(0, 0)               = 0
[pid   480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   480] write(3, "1000", 4)         = 4
[pid   480] close(3)                    = 0
[pid   480] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   480] write(1, "executing program\n", 18executing program
) = 18
[pid   480] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   480] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   480] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   480] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   480] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   480] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   480] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[58]}, 88) = 58
[pid   480] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   480] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   480] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 481 attached
 <unfinished ...>
[pid   481] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   481] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   481] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   481] write(3, "69", 2)           = 2
[  139.523091][  T478] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  139.530849][  T478]  </TASK>
[  139.567720][  T481] FAULT_INJECTION: forcing a failure.
[  139.567720][  T481] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  139.581013][  T481] CPU: 0 PID: 481 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  139.591407][  T481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.601391][  T481] Call Trace:
[  139.604506][  T481]  <TASK>
[  139.607298][  T481]  dump_stack_lvl+0x151/0x1c0
[  139.611868][  T481]  ? io_uring_drop_tctx_refs+0x190/0x190
[  139.617431][  T481]  dump_stack+0x15/0x20
[  139.621417][  T481]  should_fail+0x3c6/0x510
[  139.625678][  T481]  should_fail_alloc_page+0x5a/0x80
[  139.630715][  T481]  prepare_alloc_pages+0x15c/0x700
[  139.635795][  T481]  ? __alloc_pages_bulk+0xe40/0xe40
[  139.640818][  T481]  __alloc_pages+0x18c/0x8f0
[  139.645238][  T481]  ? prep_new_page+0x110/0x110
[  139.649844][  T481]  get_zeroed_page+0x1b/0x40
[  139.654266][  T481]  __pud_alloc+0x8b/0x260
[  139.658431][  T481]  ? stack_trace_snprint+0xf0/0xf0
[  139.663383][  T481]  ? do_handle_mm_fault+0x2400/0x2400
[  139.668584][  T481]  ? __stack_depot_save+0x34/0x470
[  139.673540][  T481]  ? anon_vma_clone+0x9a/0x500
[  139.678136][  T481]  copy_page_range+0x2bcf/0x2f90
[  139.682909][  T481]  ? __kasan_slab_alloc+0xb1/0xe0
[  139.687762][  T481]  ? slab_post_alloc_hook+0x53/0x2c0
[  139.692886][  T481]  ? copy_mm+0xa3a/0x13e0
[  139.697140][  T481]  ? copy_process+0x1149/0x3290
[  139.701835][  T481]  ? kernel_clone+0x21e/0x9e0
[  139.706344][  T481]  ? __x64_sys_clone+0x23f/0x290
[  139.711130][  T481]  ? x64_sys_call+0x1b0/0x9a0
[  139.715628][  T481]  ? do_syscall_64+0x3b/0xb0
[  139.720477][  T481]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  139.726402][  T481]  ? pfn_valid+0x1e0/0x1e0
[  139.730725][  T481]  ? rwsem_write_trylock+0x153/0x340
[  139.735869][  T481]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  139.742090][  T481]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  139.747714][  T481]  ? __rb_insert_augmented+0x5de/0x610
[  139.753035][  T481]  copy_mm+0xc7e/0x13e0
[  139.757029][  T481]  ? copy_signal+0x610/0x610
[  139.761554][  T481]  ? __init_rwsem+0xfe/0x1d0
[  139.765958][  T481]  ? copy_signal+0x4e3/0x610
[  139.770386][  T481]  copy_process+0x1149/0x3290
[  139.774907][  T481]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  139.779845][  T481]  ? __kasan_check_write+0x14/0x20
[  139.784797][  T481]  kernel_clone+0x21e/0x9e0
[  139.789185][  T481]  ? _raw_spin_unlock_irq+0x4e/0x70
[  139.794171][  T481]  ? create_io_thread+0x1e0/0x1e0
[  139.799034][  T481]  __x64_sys_clone+0x23f/0x290
[  139.803637][  T481]  ? __do_sys_vfork+0x130/0x130
[  139.808322][  T481]  ? __kasan_check_write+0x14/0x20
[  139.813272][  T481]  x64_sys_call+0x1b0/0x9a0
[  139.817606][  T481]  do_syscall_64+0x3b/0xb0
[  139.821868][  T481]  ? clear_bhb_loop+0x35/0x90
[  139.826371][  T481]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  139.832099][  T481] RIP: 0033:0x7f11f15e60d9
[  139.836354][  T481] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  139.856041][  T481] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   481] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   480] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   481] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   479] exit(0 <unfinished ...>
[pid   480] close(3 <unfinished ...>
[pid   479] <... exit resumed>)         = ?
[pid   481] <... futex resumed>)        = 0
[pid   480] <... close resumed>)        = 0
[pid   479] +++ exited with 0 +++
[pid   480] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   480] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   480] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   480] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   480] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   480] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   480] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(11 <unfinished ...>
[pid   481] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   480] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   480] close(12 <unfinished ...>
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   480] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   406] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   480] close(13 <unfinished ...>
[pid   406] <... restart_syscall resumed>) = 0
[pid   480] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   480] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   480] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   480] exit_group(0 <unfinished ...>
[pid   481] <... futex resumed>)        = ?
[pid   480] <... exit_group resumed>)   = ?
[pid   481] +++ exited with 0 +++
[pid   480] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=57, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 483 attached
 <unfinished ...>
[pid   483] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 59
[pid   483] <... set_robust_list resumed>) = 0
[pid   483] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   483] setpgid(0, 0)               = 0
[pid   483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   483] write(3, "1000", 4)         = 4
[pid   483] close(3)                    = 0
[pid   483] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   483] write(1, "executing program\n", 18) = 18
[pid   483] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   483] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   483] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   483] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   483] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   483] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   483] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[60]}, 88) = 60
[pid   483] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   483] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   483] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 484 attached
 <unfinished ...>
[pid   484] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   484] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   484] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   484] write(3, "69", 2)           = 2
[  139.864296][  T481] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  139.872104][  T481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  139.879933][  T481] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  139.887732][  T481] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  139.895645][  T481] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  139.903465][  T481]  </TASK>
[  139.937083][  T484] FAULT_INJECTION: forcing a failure.
[  139.937083][  T484] name failslab, interval 1, probability 0, space 0, times 0
[  139.949728][  T484] CPU: 0 PID: 484 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  139.960256][  T484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.970235][  T484] Call Trace:
[  139.973348][  T484]  <TASK>
[  139.976134][  T484]  dump_stack_lvl+0x151/0x1c0
[  139.980643][  T484]  ? io_uring_drop_tctx_refs+0x190/0x190
[  139.986207][  T484]  ? avc_denied+0x1b0/0x1b0
[  139.990641][  T484]  dump_stack+0x15/0x20
[  139.994718][  T484]  should_fail+0x3c6/0x510
[  139.998982][  T484]  __should_failslab+0xa4/0xe0
[  140.003583][  T484]  ? vm_area_dup+0x26/0x230
[  140.007920][  T484]  should_failslab+0x9/0x20
[  140.012346][  T484]  slab_pre_alloc_hook+0x37/0xd0
[  140.017123][  T484]  ? vm_area_dup+0x26/0x230
[  140.021467][  T484]  kmem_cache_alloc+0x44/0x200
[  140.026065][  T484]  vm_area_dup+0x26/0x230
[  140.030235][  T484]  copy_mm+0x9a1/0x13e0
[  140.034268][  T484]  ? copy_signal+0x610/0x610
[  140.038647][  T484]  ? __init_rwsem+0xfe/0x1d0
[  140.043092][  T484]  ? copy_signal+0x4e3/0x610
[  140.047499][  T484]  copy_process+0x1149/0x3290
[  140.052020][  T484]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  140.057086][  T484]  ? __kasan_check_write+0x14/0x20
[  140.062216][  T484]  kernel_clone+0x21e/0x9e0
[  140.066548][  T484]  ? _raw_spin_unlock_irq+0x4e/0x70
[  140.071575][  T484]  ? create_io_thread+0x1e0/0x1e0
[  140.076445][  T484]  __x64_sys_clone+0x23f/0x290
[  140.081126][  T484]  ? __do_sys_vfork+0x130/0x130
[  140.085815][  T484]  ? __kasan_check_write+0x14/0x20
[  140.090765][  T484]  x64_sys_call+0x1b0/0x9a0
[  140.095186][  T484]  do_syscall_64+0x3b/0xb0
[  140.099615][  T484]  ? clear_bhb_loop+0x35/0x90
[  140.104126][  T484]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  140.109946][  T484] RIP: 0033:0x7f11f15e60d9
[  140.114204][  T484] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   484] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   483] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   484] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   484] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   484] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   483] close(3)                    = 0
[pid   483] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   483] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   483] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   483] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   483] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   483] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   483] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   483] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   483] exit_group(0)               = ?
[pid   484] <... futex resumed>)        = ?
executing program
[pid   484] +++ exited with 0 +++
[pid   483] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=59, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 61
./strace-static-x86_64: Process 485 attached
[pid   485] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   485] setpgid(0, 0)               = 0
[pid   485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   485] write(3, "1000", 4)         = 4
[pid   485] close(3)                    = 0
[pid   485] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   485] write(1, "executing program\n", 18) = 18
[pid   485] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   485] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   485] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   485] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   485] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   485] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   485] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[62]}, 88) = 62
[pid   485] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   485] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   485] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 486 attached
 <unfinished ...>
[pid   486] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   486] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   486] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   486] write(3, "69", 2)           = 2
[  140.133643][  T484] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  140.141888][  T484] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  140.149697][  T484] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  140.157510][  T484] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  140.165318][  T484] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  140.173141][  T484] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  140.181052][  T484]  </TASK>
[  140.200477][  T486] FAULT_INJECTION: forcing a failure.
[  140.200477][  T486] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  140.213604][  T486] CPU: 0 PID: 486 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  140.223987][  T486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  140.233879][  T486] Call Trace:
[  140.237005][  T486]  <TASK>
[  140.239779][  T486]  dump_stack_lvl+0x151/0x1c0
[  140.244305][  T486]  ? io_uring_drop_tctx_refs+0x190/0x190
[  140.249872][  T486]  ? arch_stack_walk+0xf3/0x140
[  140.254651][  T486]  dump_stack+0x15/0x20
[  140.258616][  T486]  should_fail+0x3c6/0x510
[  140.262873][  T486]  should_fail_alloc_page+0x5a/0x80
[  140.267905][  T486]  prepare_alloc_pages+0x15c/0x700
[  140.272868][  T486]  ? __kasan_check_write+0x14/0x20
[  140.277807][  T486]  ? __alloc_pages_bulk+0xe40/0xe40
[  140.282924][  T486]  ? copy_page_range+0x2deb/0x2f90
[  140.287865][  T486]  ? __kasan_slab_alloc+0xb1/0xe0
[  140.292859][  T486]  ? slab_post_alloc_hook+0x53/0x2c0
[  140.297997][  T486]  __alloc_pages+0x18c/0x8f0
[  140.302583][  T486]  ? prep_new_page+0x110/0x110
[  140.307190][  T486]  ? avc_has_perm_noaudit+0x2dd/0x430
[  140.312400][  T486]  new_slab+0x9a/0x4e0
[  140.316397][  T486]  ___slab_alloc+0x39e/0x830
[  140.320821][  T486]  ? vm_area_dup+0x26/0x230
[  140.325165][  T486]  ? vm_area_dup+0x26/0x230
[  140.329508][  T486]  __slab_alloc+0x4a/0x90
[  140.333688][  T486]  ? vm_area_dup+0x26/0x230
[  140.338004][  T486]  kmem_cache_alloc+0x134/0x200
[  140.342699][  T486]  vm_area_dup+0x26/0x230
[  140.346863][  T486]  copy_mm+0x9a1/0x13e0
[  140.350860][  T486]  ? copy_signal+0x610/0x610
[  140.355281][  T486]  ? __init_rwsem+0xfe/0x1d0
[  140.359725][  T486]  ? copy_signal+0x4e3/0x610
[  140.364136][  T486]  copy_process+0x1149/0x3290
[  140.368665][  T486]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  140.373653][  T486]  ? __kasan_check_write+0x14/0x20
[  140.378660][  T486]  kernel_clone+0x21e/0x9e0
[  140.382996][  T486]  ? _raw_spin_unlock_irq+0x4e/0x70
[  140.388037][  T486]  ? create_io_thread+0x1e0/0x1e0
[  140.392903][  T486]  __x64_sys_clone+0x23f/0x290
[  140.397489][  T486]  ? __do_sys_vfork+0x130/0x130
[  140.402211][  T486]  ? __kasan_check_write+0x14/0x20
[  140.407130][  T486]  x64_sys_call+0x1b0/0x9a0
[  140.411459][  T486]  do_syscall_64+0x3b/0xb0
[  140.415715][  T486]  ? clear_bhb_loop+0x35/0x90
[  140.420231][  T486]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  140.425956][  T486] RIP: 0033:0x7f11f15e60d9
[  140.430238][  T486] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   486] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   485] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
./strace-static-x86_64: Process 487 attached
[pid   486] <... clone resumed>)        = 63
[pid   486] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   485] close(3)                    = 0
[pid   485] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   485] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   485] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   485] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   485] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   485] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   485] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   485] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   485] exit_group(0)               = ?
[pid   486] +++ exited with 0 +++
[pid   485] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=61, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 64
./strace-static-x86_64: Process 488 attached
[pid   488] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   488] setpgid(0, 0)               = 0
[pid   488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   488] write(3, "1000", 4)         = 4
[pid   488] close(3)                    = 0
[pid   488] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   488] write(1, "executing program\n", 18) = 18
[pid   488] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   488] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   488] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   488] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   488] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   488] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   488] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[65]}, 88) = 65
[pid   488] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   488] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   488] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 489 attached
 <unfinished ...>
[pid   489] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   489] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   489] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   489] write(3, "69", 2)           = 2
[  140.449746][  T486] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  140.457989][  T486] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  140.465886][  T486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  140.474099][  T486] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  140.481921][  T486] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  140.489726][  T486] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  140.497630][  T486]  </TASK>
[  140.527860][  T489] FAULT_INJECTION: forcing a failure.
[  140.527860][  T489] name failslab, interval 1, probability 0, space 0, times 0
[  140.540552][  T489] CPU: 0 PID: 489 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  140.550960][  T489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  140.561000][  T489] Call Trace:
[  140.564133][  T489]  <TASK>
[  140.566910][  T489]  dump_stack_lvl+0x151/0x1c0
[  140.571432][  T489]  ? io_uring_drop_tctx_refs+0x190/0x190
[  140.577152][  T489]  dump_stack+0x15/0x20
[  140.581128][  T489]  should_fail+0x3c6/0x510
[  140.585386][  T489]  __should_failslab+0xa4/0xe0
[  140.589978][  T489]  ? anon_vma_fork+0x1df/0x4e0
[  140.594782][  T489]  should_failslab+0x9/0x20
[  140.599119][  T489]  slab_pre_alloc_hook+0x37/0xd0
[  140.603884][  T489]  ? anon_vma_fork+0x1df/0x4e0
[  140.608483][  T489]  kmem_cache_alloc+0x44/0x200
[  140.613084][  T489]  anon_vma_fork+0x1df/0x4e0
[  140.617607][  T489]  copy_mm+0xa3a/0x13e0
[  140.621610][  T489]  ? copy_signal+0x610/0x610
[pid   489] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   487] exit(0)                     = ?
[pid   487] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=63, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[  140.626019][  T489]  ? __init_rwsem+0xfe/0x1d0
[  140.630446][  T489]  ? copy_signal+0x4e3/0x610
[  140.634893][  T489]  copy_process+0x1149/0x3290
[  140.639415][  T489]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  140.644330][  T489]  ? __kasan_check_write+0x14/0x20
[  140.649289][  T489]  kernel_clone+0x21e/0x9e0
[  140.653622][  T489]  ? _raw_spin_unlock_irq+0x4e/0x70
[  140.658743][  T489]  ? create_io_thread+0x1e0/0x1e0
[  140.663606][  T489]  __x64_sys_clone+0x23f/0x290
[  140.668213][  T489]  ? __do_sys_vfork+0x130/0x130
[  140.672907][  T489]  ? __kasan_check_write+0x14/0x20
[  140.677850][  T489]  x64_sys_call+0x1b0/0x9a0
[  140.682181][  T489]  do_syscall_64+0x3b/0xb0
[  140.686430][  T489]  ? clear_bhb_loop+0x35/0x90
[  140.690954][  T489]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  140.696672][  T489] RIP: 0033:0x7f11f15e60d9
[  140.700924][  T489] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  140.720477][  T489] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   489] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   488] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   489] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   488] close(3)                    = 0
[pid   488] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   488] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   488] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   488] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   488] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   488] close(9 <unfinished ...>
[pid   489] <... futex resumed>)        = 0
[pid   488] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   489] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   488] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   488] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   488] exit_group(0)               = ?
[pid   489] <... futex resumed>)        = ?
[pid   489] +++ exited with 0 +++
[pid   488] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=64, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 66
./strace-static-x86_64: Process 491 attached
[pid   491] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   491] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   491] setpgid(0, 0)               = 0
[pid   491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   491] write(3, "1000", 4)         = 4
[pid   491] close(3)                    = 0
[pid   491] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   491] write(1, "executing program\n", 18) = 18
[pid   491] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   491] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   491] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   491] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   491] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   491] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   491] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[67]}, 88) = 67
[pid   491] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   491] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   491] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 492 attached
 <unfinished ...>
[pid   492] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   492] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   492] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   492] write(3, "69", 2)           = 2
[  140.728728][  T489] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  140.736650][  T489] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  140.744473][  T489] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  140.752291][  T489] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  140.760304][  T489] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  140.768122][  T489]  </TASK>
[  140.800537][  T492] FAULT_INJECTION: forcing a failure.
[  140.800537][  T492] name failslab, interval 1, probability 0, space 0, times 0
[  140.813094][  T492] CPU: 0 PID: 492 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  140.823506][  T492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  140.833400][  T492] Call Trace:
[  140.836524][  T492]  <TASK>
[  140.839306][  T492]  dump_stack_lvl+0x151/0x1c0
[  140.843815][  T492]  ? io_uring_drop_tctx_refs+0x190/0x190
[  140.849287][  T492]  ? avc_denied+0x1b0/0x1b0
[  140.853626][  T492]  dump_stack+0x15/0x20
[  140.857715][  T492]  should_fail+0x3c6/0x510
[  140.861955][  T492]  __should_failslab+0xa4/0xe0
[  140.866557][  T492]  ? vm_area_dup+0x26/0x230
[  140.870893][  T492]  should_failslab+0x9/0x20
[  140.875236][  T492]  slab_pre_alloc_hook+0x37/0xd0
[  140.880201][  T492]  ? vm_area_dup+0x26/0x230
[  140.884617][  T492]  kmem_cache_alloc+0x44/0x200
[  140.889397][  T492]  vm_area_dup+0x26/0x230
[  140.893603][  T492]  copy_mm+0x9a1/0x13e0
[  140.898429][  T492]  ? copy_signal+0x610/0x610
[  140.902854][  T492]  ? __init_rwsem+0xfe/0x1d0
[  140.907270][  T492]  ? copy_signal+0x4e3/0x610
[  140.911693][  T492]  copy_process+0x1149/0x3290
[  140.916221][  T492]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  140.921205][  T492]  ? __kasan_check_write+0x14/0x20
[  140.926121][  T492]  kernel_clone+0x21e/0x9e0
[  140.930451][  T492]  ? _raw_spin_unlock_irq+0x4e/0x70
[  140.935477][  T492]  ? create_io_thread+0x1e0/0x1e0
[  140.940348][  T492]  __x64_sys_clone+0x23f/0x290
[  140.944940][  T492]  ? __do_sys_vfork+0x130/0x130
[  140.949635][  T492]  ? __kasan_check_write+0x14/0x20
[  140.954673][  T492]  x64_sys_call+0x1b0/0x9a0
[  140.959010][  T492]  do_syscall_64+0x3b/0xb0
[  140.963261][  T492]  ? clear_bhb_loop+0x35/0x90
[  140.967788][  T492]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  140.973494][  T492] RIP: 0033:0x7f11f15e60d9
[  140.977745][  T492] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   492] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   491] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   492] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   492] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   491] close(3)                    = 0
[pid   491] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   491] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   491] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   491] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   491] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   491] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   491] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   491] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   491] exit_group(0)               = ?
[pid   492] <... futex resumed>)        = ?
[pid   492] +++ exited with 0 +++
[pid   491] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=66, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 68
./strace-static-x86_64: Process 493 attached
[pid   493] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   493] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   493] setpgid(0, 0)               = 0
[pid   493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   493] write(3, "1000", 4)         = 4
[pid   493] close(3)                    = 0
[pid   493] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   493] write(1, "executing program\n", 18) = 18
[pid   493] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   493] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   493] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   493] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   493] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   493] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   493] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[69]}, 88) = 69
[pid   493] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   493] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   493] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 494 attached
 <unfinished ...>
[pid   494] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   494] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   494] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   494] write(3, "69", 2)           = 2
[  140.997207][  T492] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  141.005437][  T492] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  141.013359][  T492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.021239][  T492] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  141.029048][  T492] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  141.036856][  T492] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  141.044675][  T492]  </TASK>
[  141.073871][  T494] FAULT_INJECTION: forcing a failure.
[  141.073871][  T494] name failslab, interval 1, probability 0, space 0, times 0
[  141.086409][  T494] CPU: 0 PID: 494 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  141.096896][  T494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.106780][  T494] Call Trace:
[  141.109907][  T494]  <TASK>
[  141.112676][  T494]  dump_stack_lvl+0x151/0x1c0
[  141.117227][  T494]  ? io_uring_drop_tctx_refs+0x190/0x190
[  141.122663][  T494]  ? avc_denied+0x1b0/0x1b0
[  141.127012][  T494]  dump_stack+0x15/0x20
[  141.130993][  T494]  should_fail+0x3c6/0x510
[  141.135249][  T494]  __should_failslab+0xa4/0xe0
[  141.139843][  T494]  ? vm_area_dup+0x26/0x230
[  141.144182][  T494]  should_failslab+0x9/0x20
[  141.148524][  T494]  slab_pre_alloc_hook+0x37/0xd0
[  141.153310][  T494]  ? vm_area_dup+0x26/0x230
[  141.157642][  T494]  kmem_cache_alloc+0x44/0x200
[  141.162248][  T494]  vm_area_dup+0x26/0x230
[  141.166405][  T494]  copy_mm+0x9a1/0x13e0
[  141.170858][  T494]  ? copy_signal+0x610/0x610
[  141.175261][  T494]  ? __init_rwsem+0xfe/0x1d0
[  141.179693][  T494]  ? copy_signal+0x4e3/0x610
[  141.184131][  T494]  copy_process+0x1149/0x3290
[  141.188636][  T494]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  141.193576][  T494]  ? __kasan_check_write+0x14/0x20
[  141.198530][  T494]  kernel_clone+0x21e/0x9e0
[  141.202860][  T494]  ? _raw_spin_unlock_irq+0x4e/0x70
[  141.207910][  T494]  ? create_io_thread+0x1e0/0x1e0
[  141.212854][  T494]  __x64_sys_clone+0x23f/0x290
[  141.217445][  T494]  ? __do_sys_vfork+0x130/0x130
[  141.222142][  T494]  ? __kasan_check_write+0x14/0x20
[  141.227087][  T494]  x64_sys_call+0x1b0/0x9a0
[  141.231535][  T494]  do_syscall_64+0x3b/0xb0
[  141.235782][  T494]  ? clear_bhb_loop+0x35/0x90
[  141.240467][  T494]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  141.246196][  T494] RIP: 0033:0x7f11f15e60d9
[  141.250459][  T494] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   494] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   493] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   494] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   493] close(3 <unfinished ...>
[pid   494] <... futex resumed>)        = 0
[pid   493] <... close resumed>)        = 0
[pid   494] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   493] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   493] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   493] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   493] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   493] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   493] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   493] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   493] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   493] exit_group(0 <unfinished ...>
[pid   494] <... futex resumed>)        = ?
[pid   493] <... exit_group resumed>)   = ?
[pid   494] +++ exited with 0 +++
[pid   493] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=68, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 495 attached
 <unfinished ...>
[pid   495] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 70
[pid   495] <... set_robust_list resumed>) = 0
[pid   495] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   495] setpgid(0, 0)               = 0
[pid   495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   495] write(3, "1000", 4)         = 4
[pid   495] close(3)                    = 0
[pid   495] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   495] write(1, "executing program\n", 18) = 18
executing program
[pid   495] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   495] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   495] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   495] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   495] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   495] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   495] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[71]}, 88) = 71
[pid   495] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   495] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   495] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 496 attached
 <unfinished ...>
[pid   496] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   496] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   496] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   496] write(3, "69", 2)           = 2
[  141.269983][  T494] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  141.278227][  T494] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  141.286045][  T494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.293867][  T494] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  141.301756][  T494] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  141.309582][  T494] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  141.317481][  T494]  </TASK>
[  141.346877][  T496] FAULT_INJECTION: forcing a failure.
[  141.346877][  T496] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  141.360318][  T496] CPU: 0 PID: 496 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  141.370718][  T496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.380601][  T496] Call Trace:
[  141.383723][  T496]  <TASK>
[  141.386680][  T496]  dump_stack_lvl+0x151/0x1c0
[  141.391196][  T496]  ? io_uring_drop_tctx_refs+0x190/0x190
[  141.396668][  T496]  dump_stack+0x15/0x20
[  141.400654][  T496]  should_fail+0x3c6/0x510
[  141.404914][  T496]  should_fail_alloc_page+0x5a/0x80
[  141.409948][  T496]  prepare_alloc_pages+0x15c/0x700
[  141.415046][  T496]  ? __alloc_pages_bulk+0xe40/0xe40
[  141.420108][  T496]  __alloc_pages+0x18c/0x8f0
[  141.424514][  T496]  ? prep_new_page+0x110/0x110
[  141.429112][  T496]  get_zeroed_page+0x1b/0x40
[  141.433533][  T496]  __pud_alloc+0x8b/0x260
[  141.437888][  T496]  ? stack_trace_snprint+0xf0/0xf0
[  141.442832][  T496]  ? do_handle_mm_fault+0x2400/0x2400
[  141.448078][  T496]  ? __stack_depot_save+0x34/0x470
[  141.452987][  T496]  ? anon_vma_clone+0x9a/0x500
[  141.457594][  T496]  copy_page_range+0x2bcf/0x2f90
[  141.462372][  T496]  ? __kasan_slab_alloc+0xb1/0xe0
[  141.467247][  T496]  ? slab_post_alloc_hook+0x53/0x2c0
[  141.472463][  T496]  ? copy_mm+0xa3a/0x13e0
[  141.476633][  T496]  ? copy_process+0x1149/0x3290
[  141.481308][  T496]  ? kernel_clone+0x21e/0x9e0
[  141.485836][  T496]  ? __x64_sys_clone+0x23f/0x290
[  141.490598][  T496]  ? x64_sys_call+0x1b0/0x9a0
[  141.495109][  T496]  ? do_syscall_64+0x3b/0xb0
[  141.499535][  T496]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  141.505488][  T496]  ? pfn_valid+0x1e0/0x1e0
[  141.509788][  T496]  ? rwsem_write_trylock+0x153/0x340
[  141.514999][  T496]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  141.521241][  T496]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  141.526798][  T496]  ? __rb_insert_augmented+0x5de/0x610
[  141.532092][  T496]  copy_mm+0xc7e/0x13e0
[  141.536084][  T496]  ? copy_signal+0x610/0x610
[  141.540510][  T496]  ? __init_rwsem+0xfe/0x1d0
[  141.544932][  T496]  ? copy_signal+0x4e3/0x610
[  141.549361][  T496]  copy_process+0x1149/0x3290
[  141.553889][  T496]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  141.558819][  T496]  ? __kasan_check_write+0x14/0x20
[  141.563773][  T496]  kernel_clone+0x21e/0x9e0
[  141.568111][  T496]  ? _raw_spin_unlock_irq+0x4e/0x70
[  141.573151][  T496]  ? create_io_thread+0x1e0/0x1e0
[  141.578007][  T496]  __x64_sys_clone+0x23f/0x290
[  141.582617][  T496]  ? __do_sys_vfork+0x130/0x130
[  141.587558][  T496]  ? __kasan_check_write+0x14/0x20
[  141.592570][  T496]  x64_sys_call+0x1b0/0x9a0
[  141.596842][  T496]  do_syscall_64+0x3b/0xb0
[  141.601097][  T496]  ? clear_bhb_loop+0x35/0x90
[  141.605604][  T496]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  141.611336][  T496] RIP: 0033:0x7f11f15e60d9
[  141.615587][  T496] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  141.635077][  T496] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   496] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   495] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   496] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   496] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   495] close(3)                    = 0
[pid   495] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   496] <... futex resumed>)        = 0
[pid   495] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   495] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   495] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   495] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   496] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   495] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   495] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   495] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   495] exit_group(0)               = ?
[pid   496] <... futex resumed>)        = ?
[pid   496] +++ exited with 0 +++
[pid   495] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=70, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 498 attached
, child_tidptr=0x555560cbc690) = 72
[pid   498] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   498] setpgid(0, 0)               = 0
[pid   498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   498] write(3, "1000", 4)         = 4
[pid   498] close(3)                    = 0
[pid   498] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   498] write(1, "executing program\n", 18executing program
) = 18
[pid   498] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   498] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   498] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   498] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   498] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   498] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   498] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 499 attached
 <unfinished ...>
[pid   499] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   499] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   499] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   498] <... clone3 resumed> => {parent_tid=[73]}, 88) = 73
[pid   498] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   498] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   499] <... futex resumed>)        = 0
[pid   498] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   499] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   499] write(3, "69", 2)           = 2
[  141.643287][  T496] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  141.651092][  T496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.658995][  T496] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  141.666897][  T496] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  141.674722][  T496] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  141.682529][  T496]  </TASK>
[pid   499] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   498] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  141.714431][  T499] FAULT_INJECTION: forcing a failure.
[  141.714431][  T499] name failslab, interval 1, probability 0, space 0, times 0
[  141.727190][  T499] CPU: 0 PID: 499 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  141.737607][  T499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.748050][  T499] Call Trace:
[  141.751160][  T499]  <TASK>
[  141.753940][  T499]  dump_stack_lvl+0x151/0x1c0
[  141.758470][  T499]  ? io_uring_drop_tctx_refs+0x190/0x190
[  141.763933][  T499]  dump_stack+0x15/0x20
[  141.767921][  T499]  should_fail+0x3c6/0x510
[  141.772171][  T499]  __should_failslab+0xa4/0xe0
[  141.776857][  T499]  ? anon_vma_fork+0x1df/0x4e0
[  141.781458][  T499]  should_failslab+0x9/0x20
[  141.785801][  T499]  slab_pre_alloc_hook+0x37/0xd0
[  141.790585][  T499]  ? anon_vma_fork+0x1df/0x4e0
[  141.795174][  T499]  kmem_cache_alloc+0x44/0x200
[  141.799778][  T499]  anon_vma_fork+0x1df/0x4e0
[  141.804208][  T499]  copy_mm+0xa3a/0x13e0
[  141.808202][  T499]  ? copy_signal+0x610/0x610
[  141.812626][  T499]  ? __init_rwsem+0xfe/0x1d0
[  141.817046][  T499]  ? copy_signal+0x4e3/0x610
[  141.821480][  T499]  copy_process+0x1149/0x3290
[  141.826001][  T499]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  141.830941][  T499]  ? __kasan_check_write+0x14/0x20
[  141.835942][  T499]  kernel_clone+0x21e/0x9e0
[  141.840226][  T499]  ? _raw_spin_unlock_irq+0x4e/0x70
[  141.845283][  T499]  ? create_io_thread+0x1e0/0x1e0
[  141.850210][  T499]  __x64_sys_clone+0x23f/0x290
[  141.854987][  T499]  ? __do_sys_vfork+0x130/0x130
[  141.860087][  T499]  ? __kasan_check_write+0x14/0x20
[  141.865083][  T499]  x64_sys_call+0x1b0/0x9a0
[  141.869496][  T499]  do_syscall_64+0x3b/0xb0
[  141.873733][  T499]  ? clear_bhb_loop+0x35/0x90
[  141.878253][  T499]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  141.884062][  T499] RIP: 0033:0x7f11f15e60d9
[  141.888609][  T499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   499] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   499] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   498] close(3 <unfinished ...>
[pid   499] <... futex resumed>)        = 0
[pid   498] <... close resumed>)        = 0
[pid   499] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   498] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   498] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   498] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   498] exit_group(0)               = ?
[pid   499] <... futex resumed>)        = ?
[pid   499] +++ exited with 0 +++
[pid   498] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=72, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 74
./strace-static-x86_64: Process 500 attached
[pid   500] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   500] setpgid(0, 0)               = 0
[pid   500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   500] write(3, "1000", 4)         = 4
[pid   500] close(3)                    = 0
[pid   500] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   500] write(1, "executing program\n", 18executing program
) = 18
[pid   500] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   500] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   500] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   500] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   500] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   500] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   500] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[75]}, 88) = 75
[pid   500] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   500] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   500] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 501 attached
 <unfinished ...>
[pid   501] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   501] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   501] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   501] write(3, "69", 2)           = 2
[  141.908512][  T499] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  141.916839][  T499] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  141.924797][  T499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.932609][  T499] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  141.940698][  T499] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  141.948501][  T499] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  141.956328][  T499]  </TASK>
[  141.988208][  T501] FAULT_INJECTION: forcing a failure.
[  141.988208][  T501] name failslab, interval 1, probability 0, space 0, times 0
[  142.001050][  T501] CPU: 0 PID: 501 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  142.011539][  T501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.022146][  T501] Call Trace:
[  142.025261][  T501]  <TASK>
[  142.028041][  T501]  dump_stack_lvl+0x151/0x1c0
[  142.032567][  T501]  ? io_uring_drop_tctx_refs+0x190/0x190
[  142.038030][  T501]  dump_stack+0x15/0x20
[  142.042019][  T501]  should_fail+0x3c6/0x510
[  142.046274][  T501]  __should_failslab+0xa4/0xe0
[  142.050869][  T501]  ? anon_vma_fork+0x1df/0x4e0
[  142.055471][  T501]  should_failslab+0x9/0x20
[  142.059899][  T501]  slab_pre_alloc_hook+0x37/0xd0
[  142.064759][  T501]  ? anon_vma_fork+0x1df/0x4e0
[  142.069441][  T501]  kmem_cache_alloc+0x44/0x200
[  142.074089][  T501]  anon_vma_fork+0x1df/0x4e0
[  142.078478][  T501]  copy_mm+0xa3a/0x13e0
[  142.082472][  T501]  ? copy_signal+0x610/0x610
[  142.086890][  T501]  ? __init_rwsem+0xfe/0x1d0
[  142.091320][  T501]  ? copy_signal+0x4e3/0x610
[  142.095768][  T501]  copy_process+0x1149/0x3290
[  142.100378][  T501]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  142.105439][  T501]  ? __kasan_check_write+0x14/0x20
[  142.110383][  T501]  kernel_clone+0x21e/0x9e0
[  142.114720][  T501]  ? _raw_spin_unlock_irq+0x4e/0x70
[  142.119756][  T501]  ? create_io_thread+0x1e0/0x1e0
[  142.124622][  T501]  __x64_sys_clone+0x23f/0x290
[  142.129218][  T501]  ? __do_sys_vfork+0x130/0x130
[  142.133907][  T501]  ? __kasan_check_write+0x14/0x20
[  142.138970][  T501]  x64_sys_call+0x1b0/0x9a0
[  142.143300][  T501]  do_syscall_64+0x3b/0xb0
[  142.147556][  T501]  ? clear_bhb_loop+0x35/0x90
[  142.152067][  T501]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  142.157797][  T501] RIP: 0033:0x7f11f15e60d9
[  142.162069][  T501] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   501] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   500] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   501] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   500] close(3 <unfinished ...>
[pid   501] <... futex resumed>)        = 0
[pid   500] <... close resumed>)        = 0
[pid   501] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   500] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   500] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   500] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   500] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   500] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   500] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   500] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   500] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   500] exit_group(0 <unfinished ...>
[pid   501] <... futex resumed>)        = ?
[pid   500] <... exit_group resumed>)   = ?
[pid   501] +++ exited with 0 +++
[pid   500] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=74, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 76
./strace-static-x86_64: Process 502 attached
[pid   502] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   502] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   502] setpgid(0, 0)               = 0
[pid   502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   502] write(3, "1000", 4)         = 4
[pid   502] close(3)                    = 0
[pid   502] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   502] write(1, "executing program\n", 18) = 18
[pid   502] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   502] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   502] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   502] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   502] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   502] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   502] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[77]}, 88) = 77
[pid   502] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   502] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   502] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 503 attached
 <unfinished ...>
[pid   503] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   503] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   503] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   503] write(3, "69", 2)           = 2
[  142.181581][  T501] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  142.189917][  T501] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  142.197746][  T501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  142.205539][  T501] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  142.213348][  T501] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  142.221167][  T501] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  142.228982][  T501]  </TASK>
[  142.255980][  T503] FAULT_INJECTION: forcing a failure.
[  142.255980][  T503] name failslab, interval 1, probability 0, space 0, times 0
[  142.268677][  T503] CPU: 0 PID: 503 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  142.279061][  T503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.288957][  T503] Call Trace:
[  142.292265][  T503]  <TASK>
[  142.295763][  T503]  dump_stack_lvl+0x151/0x1c0
[  142.300280][  T503]  ? io_uring_drop_tctx_refs+0x190/0x190
[  142.305730][  T503]  ? avc_denied+0x1b0/0x1b0
[  142.310070][  T503]  dump_stack+0x15/0x20
[  142.314059][  T503]  should_fail+0x3c6/0x510
[  142.318313][  T503]  __should_failslab+0xa4/0xe0
[  142.322916][  T503]  ? vm_area_dup+0x26/0x230
[  142.327259][  T503]  should_failslab+0x9/0x20
[  142.331591][  T503]  slab_pre_alloc_hook+0x37/0xd0
[  142.336498][  T503]  ? vm_area_dup+0x26/0x230
[  142.340844][  T503]  kmem_cache_alloc+0x44/0x200
[  142.345458][  T503]  vm_area_dup+0x26/0x230
[  142.349603][  T503]  copy_mm+0x9a1/0x13e0
[  142.353599][  T503]  ? copy_signal+0x610/0x610
[  142.358020][  T503]  ? __init_rwsem+0xfe/0x1d0
[  142.362467][  T503]  ? copy_signal+0x4e3/0x610
[  142.366875][  T503]  copy_process+0x1149/0x3290
[  142.371395][  T503]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  142.376337][  T503]  ? __kasan_check_write+0x14/0x20
[  142.381806][  T503]  kernel_clone+0x21e/0x9e0
[  142.386153][  T503]  ? _raw_spin_unlock_irq+0x4e/0x70
[  142.391181][  T503]  ? create_io_thread+0x1e0/0x1e0
[  142.396096][  T503]  __x64_sys_clone+0x23f/0x290
[  142.400639][  T503]  ? __do_sys_vfork+0x130/0x130
[  142.405339][  T503]  ? __kasan_check_write+0x14/0x20
[  142.410285][  T503]  x64_sys_call+0x1b0/0x9a0
[  142.414787][  T503]  do_syscall_64+0x3b/0xb0
[  142.419041][  T503]  ? clear_bhb_loop+0x35/0x90
[  142.423556][  T503]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  142.429284][  T503] RIP: 0033:0x7f11f15e60d9
[  142.433536][  T503] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   503] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   502] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   503] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   503] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   502] close(3)                    = 0
[pid   502] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   502] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   502] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   502] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   502] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   502] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   502] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   502] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   502] exit_group(0)               = ?
[pid   503] +++ exited with 0 +++
[pid   502] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=76, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 504 attached
 <unfinished ...>
[pid   504] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 78
[pid   504] <... set_robust_list resumed>) = 0
[pid   504] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   504] setpgid(0, 0)               = 0
[pid   504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   504] write(3, "1000", 4)         = 4
[pid   504] close(3)                    = 0
[pid   504] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   504] write(1, "executing program\n", 18) = 18
[pid   504] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   504] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   504] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   504] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   504] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   504] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   504] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[79]}, 88) = 79
[pid   504] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   504] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   504] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 505 attached
 <unfinished ...>
[pid   505] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   505] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   505] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   505] write(3, "69", 2)           = 2
[  142.453235][  T503] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  142.461486][  T503] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  142.469297][  T503] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  142.477115][  T503] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  142.484923][  T503] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  142.492737][  T503] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  142.500562][  T503]  </TASK>
[  142.537909][  T505] FAULT_INJECTION: forcing a failure.
[  142.537909][  T505] name failslab, interval 1, probability 0, space 0, times 0
[  142.550675][  T505] CPU: 0 PID: 505 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  142.561170][  T505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.571240][  T505] Call Trace:
[  142.574349][  T505]  <TASK>
[  142.577149][  T505]  dump_stack_lvl+0x151/0x1c0
[  142.581640][  T505]  ? io_uring_drop_tctx_refs+0x190/0x190
[  142.587199][  T505]  dump_stack+0x15/0x20
[  142.591200][  T505]  should_fail+0x3c6/0x510
[  142.595447][  T505]  __should_failslab+0xa4/0xe0
[  142.600080][  T505]  ? anon_vma_fork+0xf7/0x4e0
[  142.604645][  T505]  should_failslab+0x9/0x20
[  142.608980][  T505]  slab_pre_alloc_hook+0x37/0xd0
[  142.613864][  T505]  ? anon_vma_fork+0xf7/0x4e0
[  142.618360][  T505]  kmem_cache_alloc+0x44/0x200
[  142.623095][  T505]  anon_vma_fork+0xf7/0x4e0
[  142.627388][  T505]  ? anon_vma_name+0x43/0x70
[  142.631816][  T505]  ? vm_area_dup+0x17a/0x230
[  142.636249][  T505]  copy_mm+0xa3a/0x13e0
[  142.640239][  T505]  ? copy_signal+0x610/0x610
[  142.644663][  T505]  ? __init_rwsem+0xfe/0x1d0
[  142.649378][  T505]  ? copy_signal+0x4e3/0x610
[  142.653883][  T505]  copy_process+0x1149/0x3290
[  142.658403][  T505]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  142.663356][  T505]  ? __kasan_check_write+0x14/0x20
[  142.668296][  T505]  kernel_clone+0x21e/0x9e0
[  142.672629][  T505]  ? _raw_spin_unlock_irq+0x4e/0x70
[  142.677675][  T505]  ? create_io_thread+0x1e0/0x1e0
[  142.682526][  T505]  __x64_sys_clone+0x23f/0x290
[  142.687122][  T505]  ? __do_sys_vfork+0x130/0x130
[  142.691819][  T505]  ? __kasan_check_write+0x14/0x20
[  142.696762][  T505]  x64_sys_call+0x1b0/0x9a0
[  142.701097][  T505]  do_syscall_64+0x3b/0xb0
[  142.705511][  T505]  ? clear_bhb_loop+0x35/0x90
[  142.709995][  T505]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  142.715778][  T505] RIP: 0033:0x7f11f15e60d9
[  142.719985][  T505] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  142.739420][  T505] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  142.747666][  T505] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  142.755486][  T505] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  142.763313][  T505] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  142.771105][  T505] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  142.778912][  T505] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[pid   505] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   504] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   505] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   504] close(3 <unfinished ...>
[pid   505] <... futex resumed>)        = 0
[pid   504] <... close resumed>)        = 0
[pid   505] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   504] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   504] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   504] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   504] exit_group(0 <unfinished ...>
[pid   505] <... futex resumed>)        = ?
[pid   504] <... exit_group resumed>)   = ?
[pid   505] +++ exited with 0 +++
[pid   504] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=78, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 507 attached
 <unfinished ...>
[pid   507] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 80
[pid   507] <... set_robust_list resumed>) = 0
[pid   507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   507] setpgid(0, 0)               = 0
[pid   507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   507] write(3, "1000", 4)         = 4
[pid   507] close(3)                    = 0
[pid   507] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   507] write(1, "executing program\n", 18) = 18
[pid   507] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   507] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   507] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   507] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   507] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   507] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   507] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[81]}, 88) = 81
[pid   507] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   507] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   507] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 508 attached
 <unfinished ...>
[pid   508] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   508] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   508] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   508] write(3, "69", 2)           = 2
[  142.787066][  T505]  </TASK>
[  142.819560][  T508] FAULT_INJECTION: forcing a failure.
[  142.819560][  T508] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  142.832930][  T508] CPU: 0 PID: 508 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  142.843310][  T508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.853320][  T508] Call Trace:
[  142.856446][  T508]  <TASK>
[  142.859246][  T508]  dump_stack_lvl+0x151/0x1c0
[  142.863736][  T508]  ? io_uring_drop_tctx_refs+0x190/0x190
[  142.869231][  T508]  dump_stack+0x15/0x20
[  142.873206][  T508]  should_fail+0x3c6/0x510
[  142.877450][  T508]  should_fail_alloc_page+0x5a/0x80
[  142.882485][  T508]  prepare_alloc_pages+0x15c/0x700
[  142.887430][  T508]  ? __alloc_pages_bulk+0xe40/0xe40
[  142.892466][  T508]  __alloc_pages+0x18c/0x8f0
[  142.896889][  T508]  ? prep_new_page+0x110/0x110
[  142.901583][  T508]  get_zeroed_page+0x1b/0x40
[  142.905998][  T508]  __pud_alloc+0x8b/0x260
[  142.910197][  T508]  ? stack_trace_snprint+0xf0/0xf0
[  142.915128][  T508]  ? do_handle_mm_fault+0x2400/0x2400
[  142.920343][  T508]  ? __stack_depot_save+0x34/0x470
[  142.925272][  T508]  ? anon_vma_clone+0x9a/0x500
[  142.929873][  T508]  copy_page_range+0x2bcf/0x2f90
[  142.934644][  T508]  ? __kasan_slab_alloc+0xb1/0xe0
[  142.939535][  T508]  ? slab_post_alloc_hook+0x53/0x2c0
[  142.944715][  T508]  ? copy_mm+0xa3a/0x13e0
[  142.948893][  T508]  ? copy_process+0x1149/0x3290
[  142.953575][  T508]  ? kernel_clone+0x21e/0x9e0
[  142.958083][  T508]  ? __x64_sys_clone+0x23f/0x290
[  142.962964][  T508]  ? x64_sys_call+0x1b0/0x9a0
[  142.967454][  T508]  ? do_syscall_64+0x3b/0xb0
[  142.971896][  T508]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  142.977986][  T508]  ? pfn_valid+0x1e0/0x1e0
[  142.982235][  T508]  ? rwsem_write_trylock+0x153/0x340
[  142.987339][  T508]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  142.993594][  T508]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  142.999160][  T508]  ? __rb_insert_augmented+0x5de/0x610
[  143.004446][  T508]  copy_mm+0xc7e/0x13e0
[  143.008441][  T508]  ? copy_signal+0x610/0x610
[  143.012860][  T508]  ? __init_rwsem+0xfe/0x1d0
[  143.017313][  T508]  ? copy_signal+0x4e3/0x610
[  143.021749][  T508]  copy_process+0x1149/0x3290
[  143.026239][  T508]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  143.031184][  T508]  ? __kasan_check_write+0x14/0x20
[  143.036138][  T508]  kernel_clone+0x21e/0x9e0
[  143.040581][  T508]  ? _raw_spin_unlock_irq+0x4e/0x70
[  143.045613][  T508]  ? create_io_thread+0x1e0/0x1e0
[  143.050568][  T508]  __x64_sys_clone+0x23f/0x290
[  143.055169][  T508]  ? __do_sys_vfork+0x130/0x130
[  143.059853][  T508]  ? __kasan_check_write+0x14/0x20
[  143.064802][  T508]  x64_sys_call+0x1b0/0x9a0
[  143.069135][  T508]  do_syscall_64+0x3b/0xb0
[  143.073476][  T508]  ? clear_bhb_loop+0x35/0x90
[  143.077994][  T508]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  143.083720][  T508] RIP: 0033:0x7f11f15e60d9
[  143.087979][  T508] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  143.107684][  T508] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   508] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   508] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   507] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   508] <... futex resumed>)        = 0
[pid   507] close(3 <unfinished ...>
[pid   508] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   507] <... close resumed>)        = 0
[pid   507] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   507] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   507] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   507] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   507] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   507] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   507] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   507] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   507] exit_group(0)               = ?
[pid   508] <... futex resumed>)        = ?
[pid   508] +++ exited with 0 +++
[pid   507] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=80, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 509 attached
, child_tidptr=0x555560cbc690) = 82
[pid   509] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   509] setpgid(0, 0)               = 0
[pid   509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   509] write(3, "1000", 4)         = 4
[pid   509] close(3)                    = 0
[pid   509] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   509] write(1, "executing program\n", 18) = 18
[pid   509] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   509] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   509] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   509] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   509] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   509] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   509] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[83]}, 88) = 83
[pid   509] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   509] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   509] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 510 attached
 <unfinished ...>
[pid   510] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   510] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   510] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   510] write(3, "69", 2)           = 2
[  143.115939][  T508] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  143.123730][  T508] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  143.131545][  T508] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  143.139361][  T508] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  143.147166][  T508] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  143.154994][  T508]  </TASK>
[  143.178575][  T510] FAULT_INJECTION: forcing a failure.
[  143.178575][  T510] name failslab, interval 1, probability 0, space 0, times 0
[  143.192997][  T510] CPU: 0 PID: 510 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  143.203841][  T510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.214019][  T510] Call Trace:
[  143.217138][  T510]  <TASK>
[  143.219998][  T510]  dump_stack_lvl+0x151/0x1c0
[  143.224524][  T510]  ? io_uring_drop_tctx_refs+0x190/0x190
[  143.229982][  T510]  ? avc_denied+0x1b0/0x1b0
[  143.234328][  T510]  dump_stack+0x15/0x20
[  143.238313][  T510]  should_fail+0x3c6/0x510
[  143.242577][  T510]  __should_failslab+0xa4/0xe0
[  143.247171][  T510]  ? vm_area_dup+0x26/0x230
[  143.251685][  T510]  should_failslab+0x9/0x20
[  143.256028][  T510]  slab_pre_alloc_hook+0x37/0xd0
[  143.260794][  T510]  ? vm_area_dup+0x26/0x230
[  143.265137][  T510]  kmem_cache_alloc+0x44/0x200
[  143.269735][  T510]  vm_area_dup+0x26/0x230
[  143.273903][  T510]  copy_mm+0x9a1/0x13e0
[  143.277903][  T510]  ? copy_signal+0x610/0x610
[  143.282408][  T510]  ? __init_rwsem+0xfe/0x1d0
[  143.286858][  T510]  ? copy_signal+0x4e3/0x610
[  143.291391][  T510]  copy_process+0x1149/0x3290
[  143.295910][  T510]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  143.300833][  T510]  ? __kasan_check_write+0x14/0x20
[  143.305952][  T510]  kernel_clone+0x21e/0x9e0
[  143.310903][  T510]  ? _raw_spin_unlock_irq+0x4e/0x70
[  143.316429][  T510]  ? create_io_thread+0x1e0/0x1e0
[  143.321975][  T510]  __x64_sys_clone+0x23f/0x290
[  143.326653][  T510]  ? __do_sys_vfork+0x130/0x130
[  143.331337][  T510]  ? __kasan_check_write+0x14/0x20
[  143.336295][  T510]  x64_sys_call+0x1b0/0x9a0
[  143.340632][  T510]  do_syscall_64+0x3b/0xb0
[  143.344874][  T510]  ? clear_bhb_loop+0x35/0x90
[  143.349392][  T510]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  143.355120][  T510] RIP: 0033:0x7f11f15e60d9
[  143.359374][  T510] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   510] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   509] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   510] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   510] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   509] close(3)                    = 0
[pid   509] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   509] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   509] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   509] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   509] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   509] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   509] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   509] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   509] exit_group(0)               = ?
[pid   510] <... futex resumed>)        = ?
[pid   510] +++ exited with 0 +++
[pid   509] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=82, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 511 attached
 <unfinished ...>
[pid   511] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 84
[pid   511] <... set_robust_list resumed>) = 0
[pid   511] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   511] setpgid(0, 0)               = 0
[pid   511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   511] write(3, "1000", 4)         = 4
[pid   511] close(3)                    = 0
[pid   511] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   511] write(1, "executing program\n", 18executing program
) = 18
[pid   511] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   511] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   511] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   511] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   511] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   511] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[85]}, 88) = 85
./strace-static-x86_64: Process 512 attached
[pid   511] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   511] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   511] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   512] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   512] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   512] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   512] write(3, "69", 2)           = 2
[  143.379019][  T510] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  143.387261][  T510] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  143.395067][  T510] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  143.402963][  T510] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  143.410920][  T510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  143.418729][  T510] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  143.426552][  T510]  </TASK>
[  143.458235][  T512] FAULT_INJECTION: forcing a failure.
[  143.458235][  T512] name failslab, interval 1, probability 0, space 0, times 0
[  143.472337][  T512] CPU: 0 PID: 512 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  143.483135][  T512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.493356][  T512] Call Trace:
[  143.496466][  T512]  <TASK>
[  143.499250][  T512]  dump_stack_lvl+0x151/0x1c0
[  143.503767][  T512]  ? io_uring_drop_tctx_refs+0x190/0x190
[  143.509424][  T512]  ? avc_denied+0x1b0/0x1b0
[  143.513723][  T512]  dump_stack+0x15/0x20
[  143.517721][  T512]  should_fail+0x3c6/0x510
[  143.521983][  T512]  __should_failslab+0xa4/0xe0
[  143.526564][  T512]  ? vm_area_dup+0x26/0x230
[  143.530903][  T512]  should_failslab+0x9/0x20
[  143.535241][  T512]  slab_pre_alloc_hook+0x37/0xd0
[  143.540050][  T512]  ? vm_area_dup+0x26/0x230
[  143.544445][  T512]  kmem_cache_alloc+0x44/0x200
[  143.549045][  T512]  vm_area_dup+0x26/0x230
[  143.553297][  T512]  copy_mm+0x9a1/0x13e0
[  143.557297][  T512]  ? copy_signal+0x610/0x610
[  143.561737][  T512]  ? __init_rwsem+0xfe/0x1d0
[  143.566183][  T512]  ? copy_signal+0x4e3/0x610
[  143.570583][  T512]  copy_process+0x1149/0x3290
[  143.575093][  T512]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  143.580333][  T512]  ? __kasan_check_write+0x14/0x20
[  143.585342][  T512]  kernel_clone+0x21e/0x9e0
[  143.589685][  T512]  ? _raw_spin_unlock_irq+0x4e/0x70
[  143.594718][  T512]  ? create_io_thread+0x1e0/0x1e0
[  143.599587][  T512]  __x64_sys_clone+0x23f/0x290
[  143.604180][  T512]  ? __do_sys_vfork+0x130/0x130
[  143.608870][  T512]  ? __kasan_check_write+0x14/0x20
[  143.613816][  T512]  x64_sys_call+0x1b0/0x9a0
[  143.618152][  T512]  do_syscall_64+0x3b/0xb0
[  143.622405][  T512]  ? clear_bhb_loop+0x35/0x90
[  143.627003][  T512]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  143.632735][  T512] RIP: 0033:0x7f11f15e60d9
[  143.636985][  T512] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   512] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   511] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   512] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   511] close(3 <unfinished ...>
[pid   512] <... futex resumed>)        = 0
[pid   511] <... close resumed>)        = 0
[pid   512] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   511] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   511] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   511] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   511] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   511] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   511] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   511] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   511] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   511] exit_group(0 <unfinished ...>
[pid   512] <... futex resumed>)        = ?
[pid   511] <... exit_group resumed>)   = ?
[pid   512] +++ exited with 0 +++
[pid   511] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=84, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 514 attached
, child_tidptr=0x555560cbc690) = 86
[pid   514] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   514] setpgid(0, 0)               = 0
[pid   514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   514] write(3, "1000", 4)         = 4
[pid   514] close(3)                    = 0
[pid   514] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   514] write(1, "executing program\n", 18) = 18
[pid   514] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   514] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   514] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   514] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   514] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   514] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[87]}, 88) = 87
[pid   514] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   514] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   514] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 515 attached
 <unfinished ...>
[pid   515] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   515] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   515] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   515] write(3, "69", 2)           = 2
[  143.656429][  T512] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  143.664690][  T512] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  143.672489][  T512] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  143.680310][  T512] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  143.688216][  T512] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  143.696020][  T512] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  143.703839][  T512]  </TASK>
[pid   515] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   514] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  143.731422][  T515] FAULT_INJECTION: forcing a failure.
[  143.731422][  T515] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  143.744597][  T515] CPU: 1 PID: 515 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  143.755078][  T515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.764970][  T515] Call Trace:
[  143.768095][  T515]  <TASK>
[  143.770869][  T515]  dump_stack_lvl+0x151/0x1c0
[  143.775389][  T515]  ? io_uring_drop_tctx_refs+0x190/0x190
[  143.780856][  T515]  dump_stack+0x15/0x20
[  143.784845][  T515]  should_fail+0x3c6/0x510
[  143.789111][  T515]  should_fail_alloc_page+0x5a/0x80
[  143.794151][  T515]  prepare_alloc_pages+0x15c/0x700
[  143.799102][  T515]  ? __alloc_pages_bulk+0xe40/0xe40
[  143.804119][  T515]  __alloc_pages+0x18c/0x8f0
[  143.808553][  T515]  ? prep_new_page+0x110/0x110
[  143.813152][  T515]  get_zeroed_page+0x1b/0x40
[  143.817574][  T515]  __pud_alloc+0x8b/0x260
[  143.821736][  T515]  ? stack_trace_snprint+0xf0/0xf0
[  143.826692][  T515]  ? do_handle_mm_fault+0x2400/0x2400
[  143.831889][  T515]  ? __stack_depot_save+0x34/0x470
[  143.836833][  T515]  ? anon_vma_clone+0x9a/0x500
[  143.841440][  T515]  copy_page_range+0x2bcf/0x2f90
[  143.846218][  T515]  ? __kasan_slab_alloc+0xb1/0xe0
[  143.851076][  T515]  ? slab_post_alloc_hook+0x53/0x2c0
[  143.856191][  T515]  ? copy_mm+0xa3a/0x13e0
[  143.860365][  T515]  ? copy_process+0x1149/0x3290
[  143.865049][  T515]  ? kernel_clone+0x21e/0x9e0
[  143.869561][  T515]  ? __x64_sys_clone+0x23f/0x290
[  143.874335][  T515]  ? x64_sys_call+0x1b0/0x9a0
[  143.878869][  T515]  ? do_syscall_64+0x3b/0xb0
[  143.883473][  T515]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  143.889373][  T515]  ? pfn_valid+0x1e0/0x1e0
[  143.893606][  T515]  ? rwsem_write_trylock+0x153/0x340
[  143.898849][  T515]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  143.905107][  T515]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  143.910647][  T515]  ? __rb_insert_augmented+0x5de/0x610
[  143.915952][  T515]  copy_mm+0xc7e/0x13e0
[  143.919936][  T515]  ? copy_signal+0x610/0x610
[  143.924354][  T515]  ? __init_rwsem+0xfe/0x1d0
[  143.928788][  T515]  ? copy_signal+0x4e3/0x610
[  143.933213][  T515]  copy_process+0x1149/0x3290
[  143.937738][  T515]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  143.942700][  T515]  ? __kasan_check_write+0x14/0x20
[  143.947709][  T515]  kernel_clone+0x21e/0x9e0
[  143.952073][  T515]  ? _raw_spin_unlock_irq+0x4e/0x70
[  143.957372][  T515]  ? create_io_thread+0x1e0/0x1e0
[  143.962321][  T515]  __x64_sys_clone+0x23f/0x290
[  143.966934][  T515]  ? __do_sys_vfork+0x130/0x130
[  143.971610][  T515]  ? __kasan_check_write+0x14/0x20
[  143.976794][  T515]  x64_sys_call+0x1b0/0x9a0
[  143.981146][  T515]  do_syscall_64+0x3b/0xb0
[  143.985787][  T515]  ? clear_bhb_loop+0x35/0x90
[  143.990255][  T515]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  143.995999][  T515] RIP: 0033:0x7f11f15e60d9
[  144.000230][  T515] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  144.019680][  T515] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   515] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   515] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   515] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   514] close(3)                    = 0
[pid   514] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   514] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   514] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   514] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   514] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   514] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   514] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   514] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   514] exit_group(0 <unfinished ...>
[pid   515] <... futex resumed>)        = ?
[pid   514] <... exit_group resumed>)   = ?
[pid   515] +++ exited with 0 +++
[pid   514] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=86, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 516 attached
, child_tidptr=0x555560cbc690) = 88
[pid   516] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   516] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   516] setpgid(0, 0)               = 0
[pid   516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   516] write(3, "1000", 4)         = 4
[pid   516] close(3)                    = 0
[pid   516] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   516] write(1, "executing program\n", 18) = 18
[pid   516] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   516] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   516] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   516] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   516] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   516] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   516] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[89]}, 88) = 89
[pid   516] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   516] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   516] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 517 attached
 <unfinished ...>
[pid   517] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   517] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   517] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   517] write(3, "69", 2)           = 2
[  144.027933][  T515] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  144.035731][  T515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  144.043544][  T515] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  144.051357][  T515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  144.059168][  T515] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  144.066992][  T515]  </TASK>
[  144.098306][  T517] FAULT_INJECTION: forcing a failure.
[  144.098306][  T517] name failslab, interval 1, probability 0, space 0, times 0
[  144.111032][  T517] CPU: 0 PID: 517 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  144.121502][  T517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  144.131395][  T517] Call Trace:
[  144.134517][  T517]  <TASK>
[  144.137295][  T517]  dump_stack_lvl+0x151/0x1c0
[  144.141813][  T517]  ? io_uring_drop_tctx_refs+0x190/0x190
[  144.147457][  T517]  dump_stack+0x15/0x20
[  144.151459][  T517]  should_fail+0x3c6/0x510
[  144.155701][  T517]  __should_failslab+0xa4/0xe0
[  144.160311][  T517]  ? anon_vma_fork+0x1df/0x4e0
[  144.164897][  T517]  should_failslab+0x9/0x20
[  144.169246][  T517]  slab_pre_alloc_hook+0x37/0xd0
[  144.174111][  T517]  ? anon_vma_fork+0x1df/0x4e0
[  144.178715][  T517]  kmem_cache_alloc+0x44/0x200
[  144.183348][  T517]  anon_vma_fork+0x1df/0x4e0
[  144.187741][  T517]  copy_mm+0xa3a/0x13e0
[  144.191840][  T517]  ? copy_signal+0x610/0x610
[  144.196256][  T517]  ? __init_rwsem+0xfe/0x1d0
[  144.200689][  T517]  ? copy_signal+0x4e3/0x610
[  144.205129][  T517]  copy_process+0x1149/0x3290
[  144.209636][  T517]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  144.214585][  T517]  ? __kasan_check_write+0x14/0x20
[  144.219520][  T517]  kernel_clone+0x21e/0x9e0
[  144.223859][  T517]  ? _raw_spin_unlock_irq+0x4e/0x70
[  144.228902][  T517]  ? create_io_thread+0x1e0/0x1e0
[  144.233783][  T517]  __x64_sys_clone+0x23f/0x290
[  144.238357][  T517]  ? __do_sys_vfork+0x130/0x130
[  144.243042][  T517]  ? __kasan_check_write+0x14/0x20
[  144.247997][  T517]  x64_sys_call+0x1b0/0x9a0
[  144.252325][  T517]  do_syscall_64+0x3b/0xb0
[  144.256590][  T517]  ? clear_bhb_loop+0x35/0x90
[  144.261105][  T517]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  144.266827][  T517] RIP: 0033:0x7f11f15e60d9
[  144.271076][  T517] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  144.290683][  T517] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   517] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   516] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   517] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   517] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   516] close(3)                    = 0
[pid   516] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   516] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   516] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   516] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   516] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   516] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   516] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   516] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   516] exit_group(0)               = ?
[pid   517] <... futex resumed>)        = ?
[pid   517] +++ exited with 0 +++
[pid   516] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=88, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 518 attached
, child_tidptr=0x555560cbc690) = 90
[pid   518] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   518] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   518] setpgid(0, 0)               = 0
[pid   518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   518] write(3, "1000", 4)         = 4
[pid   518] close(3)                    = 0
[pid   518] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   518] write(1, "executing program\n", 18) = 18
[pid   518] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   518] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   518] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   518] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   518] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   518] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   518] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[91]}, 88) = 91
[pid   518] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   518] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   518] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 519 attached
 <unfinished ...>
[pid   519] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   519] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   519] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   519] write(3, "69", 2)           = 2
[  144.298854][  T517] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  144.306752][  T517] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  144.314655][  T517] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  144.322477][  T517] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  144.330359][  T517] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  144.338527][  T517]  </TASK>
[pid   519] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   518] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  144.371612][  T519] FAULT_INJECTION: forcing a failure.
[  144.371612][  T519] name failslab, interval 1, probability 0, space 0, times 0
[  144.384173][  T519] CPU: 1 PID: 519 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  144.394574][  T519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  144.404908][  T519] Call Trace:
[  144.408037][  T519]  <TASK>
[  144.410807][  T519]  dump_stack_lvl+0x151/0x1c0
[  144.415328][  T519]  ? io_uring_drop_tctx_refs+0x190/0x190
[  144.420801][  T519]  dump_stack+0x15/0x20
[  144.424784][  T519]  should_fail+0x3c6/0x510
[  144.429042][  T519]  __should_failslab+0xa4/0xe0
[  144.433638][  T519]  ? anon_vma_fork+0x1df/0x4e0
[  144.438241][  T519]  should_failslab+0x9/0x20
[  144.442605][  T519]  slab_pre_alloc_hook+0x37/0xd0
[  144.447370][  T519]  ? anon_vma_fork+0x1df/0x4e0
[  144.452058][  T519]  kmem_cache_alloc+0x44/0x200
[  144.456659][  T519]  anon_vma_fork+0x1df/0x4e0
[  144.461090][  T519]  copy_mm+0xa3a/0x13e0
[  144.465081][  T519]  ? copy_signal+0x610/0x610
[  144.469509][  T519]  ? __init_rwsem+0xfe/0x1d0
[  144.473932][  T519]  ? copy_signal+0x4e3/0x610
[  144.478357][  T519]  copy_process+0x1149/0x3290
[  144.483000][  T519]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  144.487936][  T519]  ? __kasan_check_write+0x14/0x20
[  144.492906][  T519]  kernel_clone+0x21e/0x9e0
[  144.497219][  T519]  ? _raw_spin_unlock_irq+0x4e/0x70
[  144.502445][  T519]  ? create_io_thread+0x1e0/0x1e0
[  144.507299][  T519]  __x64_sys_clone+0x23f/0x290
[  144.511899][  T519]  ? __do_sys_vfork+0x130/0x130
[  144.516586][  T519]  ? __kasan_check_write+0x14/0x20
[  144.521542][  T519]  x64_sys_call+0x1b0/0x9a0
[  144.525957][  T519]  do_syscall_64+0x3b/0xb0
[  144.530216][  T519]  ? clear_bhb_loop+0x35/0x90
[  144.534725][  T519]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  144.540466][  T519] RIP: 0033:0x7f11f15e60d9
[  144.544708][  T519] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   519] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   519] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   519] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   518] close(3)                    = 0
[pid   518] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   518] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   518] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   518] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   518] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   518] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   518] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   518] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   518] exit_group(0 <unfinished ...>
[pid   519] <... futex resumed>)        = ?
[pid   518] <... exit_group resumed>)   = ?
[pid   519] +++ exited with 0 +++
[pid   518] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=90, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 520 attached
 <unfinished ...>
[pid   520] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 92
[pid   520] <... set_robust_list resumed>) = 0
[pid   520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   520] setpgid(0, 0)               = 0
[pid   520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   520] write(3, "1000", 4)         = 4
[pid   520] close(3)                    = 0
[pid   520] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   520] write(1, "executing program\n", 18) = 18
[pid   520] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   520] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   520] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   520] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   520] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   520] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[93]}, 88) = 93
[pid   520] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   520] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 521 attached
 <unfinished ...>
[pid   521] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   521] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   521] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   521] write(3, "69", 2)           = 2
[  144.564469][  T519] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  144.572756][  T519] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  144.580560][  T519] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  144.588340][  T519] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  144.596297][  T519] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  144.604098][  T519] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  144.612128][  T519]  </TASK>
[pid   521] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   520] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  144.636301][  T521] FAULT_INJECTION: forcing a failure.
[  144.636301][  T521] name failslab, interval 1, probability 0, space 0, times 0
[  144.649001][  T521] CPU: 1 PID: 521 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  144.659391][  T521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  144.669286][  T521] Call Trace:
[  144.672416][  T521]  <TASK>
[  144.675198][  T521]  dump_stack_lvl+0x151/0x1c0
[  144.679699][  T521]  ? io_uring_drop_tctx_refs+0x190/0x190
[  144.685181][  T521]  dump_stack+0x15/0x20
[  144.689159][  T521]  should_fail+0x3c6/0x510
[  144.693416][  T521]  __should_failslab+0xa4/0xe0
[  144.698012][  T521]  ? anon_vma_clone+0x9a/0x500
[  144.702635][  T521]  should_failslab+0x9/0x20
[  144.706955][  T521]  slab_pre_alloc_hook+0x37/0xd0
[  144.711737][  T521]  ? anon_vma_clone+0x9a/0x500
[  144.716439][  T521]  kmem_cache_alloc+0x44/0x200
[  144.721125][  T521]  anon_vma_clone+0x9a/0x500
[  144.725651][  T521]  anon_vma_fork+0x91/0x4e0
[  144.729990][  T521]  ? anon_vma_name+0x4c/0x70
[  144.734416][  T521]  ? vm_area_dup+0x17a/0x230
[  144.738840][  T521]  copy_mm+0xa3a/0x13e0
[  144.742851][  T521]  ? copy_signal+0x610/0x610
[  144.747260][  T521]  ? __init_rwsem+0xfe/0x1d0
[  144.751683][  T521]  ? copy_signal+0x4e3/0x610
[  144.756206][  T521]  copy_process+0x1149/0x3290
[  144.760731][  T521]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  144.765673][  T521]  ? __kasan_check_write+0x14/0x20
[  144.770610][  T521]  kernel_clone+0x21e/0x9e0
[  144.774948][  T521]  ? _raw_spin_unlock_irq+0x4e/0x70
[  144.779989][  T521]  ? create_io_thread+0x1e0/0x1e0
[  144.784963][  T521]  __x64_sys_clone+0x23f/0x290
[  144.789620][  T521]  ? __do_sys_vfork+0x130/0x130
[  144.794349][  T521]  ? __kasan_check_write+0x14/0x20
[  144.799299][  T521]  x64_sys_call+0x1b0/0x9a0
[  144.803632][  T521]  do_syscall_64+0x3b/0xb0
[  144.807880][  T521]  ? clear_bhb_loop+0x35/0x90
[  144.812395][  T521]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  144.818126][  T521] RIP: 0033:0x7f11f15e60d9
[  144.822378][  T521] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  144.841906][  T521] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  144.850163][  T521] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  144.857980][  T521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  144.865784][  T521] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  144.873600][  T521] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
./strace-static-x86_64: Process 523 attached
[pid   521] <... clone resumed>)        = 94
[pid   521] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   520] close(3)                    = 0
[pid   521] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   520] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   520] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   520] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   520] exit_group(0)               = ?
[pid   521] <... futex resumed>)        = ?
[pid   521] +++ exited with 0 +++
[pid   520] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=92, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 524 attached
, child_tidptr=0x555560cbc690) = 95
[pid   524] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   524] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   524] setpgid(0, 0)               = 0
[pid   524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   524] write(3, "1000", 4)         = 4
[pid   524] close(3)                    = 0
[pid   524] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   524] write(1, "executing program\n", 18) = 18
[pid   524] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   524] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   524] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   524] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   524] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   524] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   524] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 525 attached
 => {parent_tid=[96]}, 88) = 96
[pid   525] set_robust_list(0x7f11f159d9a0, 24 <unfinished ...>
[pid   524] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   525] <... set_robust_list resumed>) = 0
[pid   524] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   525] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid   524] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   525] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid   524] <... futex resumed>)        = 0
[pid   525] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   524] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   525] <... openat resumed>)       = 3
[pid   525] write(3, "69", 2)           = 2
[  144.881408][  T521] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  144.889235][  T521]  </TASK>
[pid   525] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   524] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  144.929788][  T525] FAULT_INJECTION: forcing a failure.
[  144.929788][  T525] name failslab, interval 1, probability 0, space 0, times 0
[  144.942301][  T525] CPU: 1 PID: 525 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  144.952681][  T525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  144.962570][  T525] Call Trace:
[  144.965695][  T525]  <TASK>
[  144.968483][  T525]  dump_stack_lvl+0x151/0x1c0
[  144.973081][  T525]  ? io_uring_drop_tctx_refs+0x190/0x190
[  144.978649][  T525]  dump_stack+0x15/0x20
[  144.982762][  T525]  should_fail+0x3c6/0x510
[  144.987242][  T525]  __should_failslab+0xa4/0xe0
[  144.991933][  T525]  ? anon_vma_clone+0x9a/0x500
[  144.996643][  T525]  should_failslab+0x9/0x20
[  145.000982][  T525]  slab_pre_alloc_hook+0x37/0xd0
[  145.005797][  T525]  ? anon_vma_clone+0x9a/0x500
[  145.010479][  T525]  kmem_cache_alloc+0x44/0x200
[  145.015096][  T525]  anon_vma_clone+0x9a/0x500
[  145.019815][  T525]  anon_vma_fork+0x91/0x4e0
[  145.024839][  T525]  ? anon_vma_name+0x4c/0x70
[  145.029278][  T525]  ? vm_area_dup+0x17a/0x230
[  145.033687][  T525]  copy_mm+0xa3a/0x13e0
[  145.037685][  T525]  ? copy_signal+0x610/0x610
[  145.042101][  T525]  ? __init_rwsem+0xfe/0x1d0
[  145.046539][  T525]  ? copy_signal+0x4e3/0x610
[  145.051103][  T525]  copy_process+0x1149/0x3290
[  145.055671][  T525]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  145.060609][  T525]  ? __kasan_check_write+0x14/0x20
[  145.065645][  T525]  kernel_clone+0x21e/0x9e0
[  145.069981][  T525]  ? _raw_spin_unlock_irq+0x4e/0x70
[  145.075121][  T525]  ? create_io_thread+0x1e0/0x1e0
[  145.080079][  T525]  __x64_sys_clone+0x23f/0x290
[  145.084672][  T525]  ? __do_sys_vfork+0x130/0x130
[  145.089365][  T525]  ? __kasan_check_write+0x14/0x20
[  145.094329][  T525]  x64_sys_call+0x1b0/0x9a0
[  145.099195][  T525]  do_syscall_64+0x3b/0xb0
[  145.103419][  T525]  ? clear_bhb_loop+0x35/0x90
[  145.107925][  T525]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  145.113920][  T525] RIP: 0033:0x7f11f15e60d9
[  145.118176][  T525] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  145.138007][  T525] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  145.146256][  T525] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  145.154062][  T525] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  145.161879][  T525] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  145.169693][  T525] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   525] <... clone resumed>)        = 97
[pid   523] exit(0)                     = ?
[pid   525] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   523] +++ exited with 0 +++
[pid   525] <... futex resumed>)        = 0
[pid   524] close(3 <unfinished ...>
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=94, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   525] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   524] <... close resumed>)        = 0
[pid   406] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   524] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   524] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   524] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   524] close(7)                    = -1 EBADF (Bad file descriptor)
./strace-static-x86_64: Process 526 attached
[pid   524] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   524] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   524] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(17 <unfinished ...>
[pid   406] <... restart_syscall resumed>) = 0
[pid   524] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   524] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   524] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   524] exit_group(0 <unfinished ...>
[pid   525] <... futex resumed>)        = ?
[pid   524] <... exit_group resumed>)   = ?
[pid   525] +++ exited with 0 +++
[pid   524] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=95, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 527 attached
, child_tidptr=0x555560cbc690) = 98
[pid   527] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   527] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   527] setpgid(0, 0)               = 0
[pid   527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   527] write(3, "1000", 4)         = 4
[pid   527] close(3)                    = 0
executing program
[pid   527] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   527] write(1, "executing program\n", 18) = 18
[pid   527] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   527] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   527] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   527] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   527] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   527] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   527] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[99]}, 88) = 99
[pid   527] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   527] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   527] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 528 attached
 <unfinished ...>
[pid   528] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   528] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   528] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   528] write(3, "69", 2)           = 2
[  145.177497][  T525] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  145.185406][  T525]  </TASK>
[  145.217720][  T528] FAULT_INJECTION: forcing a failure.
[  145.217720][  T528] name failslab, interval 1, probability 0, space 0, times 0
[  145.230660][  T528] CPU: 0 PID: 528 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  145.241236][  T528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  145.251118][  T528] Call Trace:
[  145.254244][  T528]  <TASK>
[  145.257023][  T528]  dump_stack_lvl+0x151/0x1c0
[  145.261539][  T528]  ? io_uring_drop_tctx_refs+0x190/0x190
[  145.267010][  T528]  dump_stack+0x15/0x20
[  145.271293][  T528]  should_fail+0x3c6/0x510
[  145.275769][  T528]  __should_failslab+0xa4/0xe0
[  145.280367][  T528]  ? anon_vma_clone+0x9a/0x500
[  145.284964][  T528]  should_failslab+0x9/0x20
[  145.289394][  T528]  slab_pre_alloc_hook+0x37/0xd0
[  145.294261][  T528]  ? anon_vma_clone+0x9a/0x500
[  145.298847][  T528]  kmem_cache_alloc+0x44/0x200
[  145.303451][  T528]  anon_vma_clone+0x9a/0x500
[  145.307890][  T528]  anon_vma_fork+0x91/0x4e0
[  145.312237][  T528]  ? anon_vma_name+0x4c/0x70
[  145.316643][  T528]  ? vm_area_dup+0x17a/0x230
[  145.321067][  T528]  copy_mm+0xa3a/0x13e0
[  145.325090][  T528]  ? copy_signal+0x610/0x610
[pid   528] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   526] exit(0)                     = ?
[pid   526] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=97, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[  145.329489][  T528]  ? __init_rwsem+0xfe/0x1d0
[  145.333916][  T528]  ? copy_signal+0x4e3/0x610
[  145.338347][  T528]  copy_process+0x1149/0x3290
[  145.342867][  T528]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  145.347815][  T528]  ? __kasan_check_write+0x14/0x20
[  145.352759][  T528]  kernel_clone+0x21e/0x9e0
[  145.357103][  T528]  ? _raw_spin_unlock_irq+0x4e/0x70
[  145.362124][  T528]  ? create_io_thread+0x1e0/0x1e0
[  145.367003][  T528]  __x64_sys_clone+0x23f/0x290
[  145.371594][  T528]  ? __do_sys_vfork+0x130/0x130
[  145.376298][  T528]  ? __kasan_check_write+0x14/0x20
[  145.381426][  T528]  x64_sys_call+0x1b0/0x9a0
[  145.385765][  T528]  do_syscall_64+0x3b/0xb0
[  145.390014][  T528]  ? clear_bhb_loop+0x35/0x90
[  145.394523][  T528]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  145.400254][  T528] RIP: 0033:0x7f11f15e60d9
[  145.404530][  T528] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   527] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   528] <... clone resumed>)        = 100
[pid   528] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   528] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   527] close(3)                    = 0
[pid   527] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   527] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   527] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   527] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   527] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   527] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   527] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(19./strace-static-x86_64: Process 529 attached
)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   527] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   527] exit_group(0 <unfinished ...>
[pid   528] <... futex resumed>)        = ?
[pid   527] <... exit_group resumed>)   = ?
[pid   528] +++ exited with 0 +++
[pid   527] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=98, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 530 attached
, child_tidptr=0x555560cbc690) = 101
[pid   530] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   530] setpgid(0, 0)               = 0
[pid   530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   530] write(3, "1000", 4)         = 4
[pid   530] close(3)                    = 0
[pid   530] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   530] write(1, "executing program\n", 18) = 18
[pid   530] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   530] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   530] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   530] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   530] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   530] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   530] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[102]}, 88) = 102
[pid   530] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   530] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   530] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 531 attached
 <unfinished ...>
[pid   531] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   531] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   531] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   531] write(3, "69", 2)           = 2
[  145.424056][  T528] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  145.432311][  T528] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  145.440148][  T528] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  145.447926][  T528] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  145.456008][  T528] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  145.463807][  T528] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  145.471920][  T528]  </TASK>
[  145.503744][  T531] FAULT_INJECTION: forcing a failure.
[  145.503744][  T531] name failslab, interval 1, probability 0, space 0, times 0
[  145.516416][  T531] CPU: 0 PID: 531 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  145.526802][  T531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  145.536786][  T531] Call Trace:
[  145.539915][  T531]  <TASK>
[  145.542688][  T531]  dump_stack_lvl+0x151/0x1c0
[  145.547222][  T531]  ? io_uring_drop_tctx_refs+0x190/0x190
[  145.552679][  T531]  dump_stack+0x15/0x20
[  145.556666][  T531]  should_fail+0x3c6/0x510
[  145.560915][  T531]  __should_failslab+0xa4/0xe0
[  145.565516][  T531]  ? anon_vma_fork+0x1df/0x4e0
[  145.570113][  T531]  should_failslab+0x9/0x20
[  145.574459][  T531]  slab_pre_alloc_hook+0x37/0xd0
[  145.579241][  T531]  ? anon_vma_fork+0x1df/0x4e0
[  145.583856][  T531]  kmem_cache_alloc+0x44/0x200
[  145.588435][  T531]  anon_vma_fork+0x1df/0x4e0
[  145.592863][  T531]  copy_mm+0xa3a/0x13e0
[  145.596880][  T531]  ? copy_signal+0x610/0x610
[pid   531] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   529] exit(0)                     = ?
[pid   529] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=100, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[  145.601273][  T531]  ? __init_rwsem+0xfe/0x1d0
[  145.605704][  T531]  ? copy_signal+0x4e3/0x610
[  145.610131][  T531]  copy_process+0x1149/0x3290
[  145.614673][  T531]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  145.619603][  T531]  ? __kasan_check_write+0x14/0x20
[  145.624546][  T531]  kernel_clone+0x21e/0x9e0
[  145.628881][  T531]  ? _raw_spin_unlock_irq+0x4e/0x70
[  145.633916][  T531]  ? create_io_thread+0x1e0/0x1e0
[  145.638788][  T531]  __x64_sys_clone+0x23f/0x290
[  145.643394][  T531]  ? __do_sys_vfork+0x130/0x130
[  145.648241][  T531]  ? __kasan_check_write+0x14/0x20
[  145.653158][  T531]  x64_sys_call+0x1b0/0x9a0
[  145.657507][  T531]  do_syscall_64+0x3b/0xb0
[  145.661733][  T531]  ? clear_bhb_loop+0x35/0x90
[  145.666246][  T531]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  145.671973][  T531] RIP: 0033:0x7f11f15e60d9
[  145.676227][  T531] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  145.695679][  T531] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   531] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   530] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   531] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   531] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   530] close(3)                    = 0
[pid   530] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   530] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   530] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   530] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   530] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   530] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   530] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   530] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   530] exit_group(0 <unfinished ...>
[pid   531] <... futex resumed>)        = ?
[pid   530] <... exit_group resumed>)   = ?
[pid   531] +++ exited with 0 +++
[pid   530] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=101, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 533 attached
 <unfinished ...>
[pid   533] set_robust_list(0x555560cbc6a0, 24 <unfinished ...>
[pid   406] <... clone resumed>, child_tidptr=0x555560cbc690) = 103
[pid   533] <... set_robust_list resumed>) = 0
[pid   533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   533] setpgid(0, 0)               = 0
[pid   533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   533] write(3, "1000", 4)         = 4
[pid   533] close(3)                    = 0
[pid   533] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   533] write(1, "executing program\n", 18) = 18
[pid   533] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   533] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   533] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   533] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   533] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   533] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   533] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[104]}, 88) = 104
[pid   533] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   533] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   533] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 534 attached
 <unfinished ...>
[pid   534] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   534] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   534] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   534] write(3, "69", 2)           = 2
[  145.703915][  T531] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  145.711733][  T531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  145.719545][  T531] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  145.727355][  T531] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  145.735277][  T531] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  145.743073][  T531]  </TASK>
[  145.775276][  T534] FAULT_INJECTION: forcing a failure.
[  145.775276][  T534] name failslab, interval 1, probability 0, space 0, times 0
[  145.788119][  T534] CPU: 0 PID: 534 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  145.798519][  T534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  145.808496][  T534] Call Trace:
[  145.811620][  T534]  <TASK>
[  145.814407][  T534]  dump_stack_lvl+0x151/0x1c0
[  145.818913][  T534]  ? io_uring_drop_tctx_refs+0x190/0x190
[  145.824391][  T534]  dump_stack+0x15/0x20
[  145.828372][  T534]  should_fail+0x3c6/0x510
[  145.832630][  T534]  __should_failslab+0xa4/0xe0
[  145.837244][  T534]  ? anon_vma_clone+0x9a/0x500
[  145.841914][  T534]  should_failslab+0x9/0x20
[  145.846253][  T534]  slab_pre_alloc_hook+0x37/0xd0
[  145.851318][  T534]  ? anon_vma_clone+0x9a/0x500
[  145.855883][  T534]  kmem_cache_alloc+0x44/0x200
[  145.860505][  T534]  anon_vma_clone+0x9a/0x500
[  145.864914][  T534]  anon_vma_fork+0x91/0x4e0
[  145.869251][  T534]  ? anon_vma_name+0x4c/0x70
[  145.873679][  T534]  ? vm_area_dup+0x17a/0x230
[  145.878106][  T534]  copy_mm+0xa3a/0x13e0
[  145.882116][  T534]  ? copy_signal+0x610/0x610
[  145.886526][  T534]  ? __init_rwsem+0xfe/0x1d0
[  145.890953][  T534]  ? copy_signal+0x4e3/0x610
[  145.895386][  T534]  copy_process+0x1149/0x3290
[  145.899934][  T534]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  145.904847][  T534]  ? __kasan_check_write+0x14/0x20
[  145.909793][  T534]  kernel_clone+0x21e/0x9e0
[  145.914141][  T534]  ? _raw_spin_unlock_irq+0x4e/0x70
[  145.919399][  T534]  ? create_io_thread+0x1e0/0x1e0
[  145.924265][  T534]  __x64_sys_clone+0x23f/0x290
[  145.928858][  T534]  ? __do_sys_vfork+0x130/0x130
[  145.933546][  T534]  ? __kasan_check_write+0x14/0x20
[  145.938686][  T534]  x64_sys_call+0x1b0/0x9a0
[  145.943283][  T534]  do_syscall_64+0x3b/0xb0
[  145.947691][  T534]  ? clear_bhb_loop+0x35/0x90
[  145.952215][  T534]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  145.957942][  T534] RIP: 0033:0x7f11f15e60d9
[  145.962453][  T534] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  145.982938][  T534] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  145.991172][  T534] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  145.999217][  T534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  146.007387][  T534] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  146.015288][  T534] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   534] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   533] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   534] <... clone resumed>)        = 105
[pid   534] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   534] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   533] close(3)                    = 0
[pid   533] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   533] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   533] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   533] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   533] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   533] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   533] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(18./strace-static-x86_64: Process 535 attached
)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   533] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   533] exit_group(0 <unfinished ...>
[pid   534] <... futex resumed>)        = ?
[pid   533] <... exit_group resumed>)   = ?
[pid   534] +++ exited with 0 +++
[pid   533] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=103, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 106
./strace-static-x86_64: Process 536 attached
[pid   536] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   536] setpgid(0, 0)               = 0
[pid   536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   536] write(3, "1000", 4)         = 4
[pid   536] close(3)                    = 0
[pid   536] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   536] write(1, "executing program\n", 18) = 18
[pid   536] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   536] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   536] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   536] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   536] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   536] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   536] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[107]}, 88) = 107
./strace-static-x86_64: Process 537 attached
[pid   537] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   537] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   537] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   536] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   536] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   537] <... futex resumed>)        = 0
[pid   537] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   536] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   537] <... openat resumed>)       = 3
[pid   537] write(3, "69", 2)           = 2
[  146.024023][  T534] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  146.032078][  T534]  </TASK>
[  146.070891][  T537] FAULT_INJECTION: forcing a failure.
[  146.070891][  T537] name failslab, interval 1, probability 0, space 0, times 0
[  146.083697][  T537] CPU: 1 PID: 537 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  146.094291][  T537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  146.104780][  T537] Call Trace:
[  146.107896][  T537]  <TASK>
[  146.111258][  T537]  dump_stack_lvl+0x151/0x1c0
[  146.115850][  T537]  ? io_uring_drop_tctx_refs+0x190/0x190
[  146.121625][  T537]  dump_stack+0x15/0x20
[  146.125670][  T537]  should_fail+0x3c6/0x510
[  146.129940][  T537]  __should_failslab+0xa4/0xe0
[  146.134502][  T537]  ? anon_vma_clone+0x9a/0x500
[  146.139112][  T537]  should_failslab+0x9/0x20
[  146.143583][  T537]  slab_pre_alloc_hook+0x37/0xd0
[  146.148437][  T537]  ? anon_vma_clone+0x9a/0x500
[  146.153140][  T537]  kmem_cache_alloc+0x44/0x200
[  146.157734][  T537]  anon_vma_clone+0x9a/0x500
[  146.162160][  T537]  anon_vma_fork+0x91/0x4e0
[  146.166613][  T537]  ? anon_vma_name+0x4c/0x70
[  146.171029][  T537]  ? vm_area_dup+0x17a/0x230
[  146.175449][  T537]  copy_mm+0xa3a/0x13e0
[  146.179452][  T537]  ? copy_signal+0x610/0x610
[  146.183867][  T537]  ? __init_rwsem+0xfe/0x1d0
[  146.188354][  T537]  ? copy_signal+0x4e3/0x610
[  146.192728][  T537]  copy_process+0x1149/0x3290
[  146.197250][  T537]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  146.202275][  T537]  ? __kasan_check_write+0x14/0x20
[  146.207225][  T537]  kernel_clone+0x21e/0x9e0
[  146.211568][  T537]  ? _raw_spin_unlock_irq+0x4e/0x70
[  146.216595][  T537]  ? create_io_thread+0x1e0/0x1e0
[  146.221486][  T537]  __x64_sys_clone+0x23f/0x290
[  146.226095][  T537]  ? __do_sys_vfork+0x130/0x130
[  146.230759][  T537]  ? __kasan_check_write+0x14/0x20
[  146.235884][  T537]  x64_sys_call+0x1b0/0x9a0
[  146.240235][  T537]  do_syscall_64+0x3b/0xb0
[  146.244477][  T537]  ? clear_bhb_loop+0x35/0x90
[  146.248985][  T537]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  146.254718][  T537] RIP: 0033:0x7f11f15e60d9
[  146.258976][  T537] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  146.278416][  T537] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  146.286658][  T537] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  146.294476][  T537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  146.302286][  T537] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  146.310097][  T537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[pid   537] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   536] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   535] exit(0)                     = ?
./strace-static-x86_64: Process 538 attached
[pid   537] <... clone resumed>)        = 108
[pid   535] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=105, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   537] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   536] close(3)                    = 0
[pid   536] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   406] <... restart_syscall resumed>) = 0
[pid   536] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   536] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   536] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   536] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   537] <... futex resumed>)        = 0
[pid   536] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   536] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   537] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   536] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   536] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   536] exit_group(0 <unfinished ...>
[pid   537] <... futex resumed>)        = ?
[pid   536] <... exit_group resumed>)   = ?
[pid   537] +++ exited with 0 +++
[pid   536] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=106, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 539 attached
, child_tidptr=0x555560cbc690) = 109
[pid   539] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   539] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   539] setpgid(0, 0)               = 0
[pid   539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   539] write(3, "1000", 4)         = 4
[pid   539] close(3)                    = 0
[pid   539] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   539] write(1, "executing program\n", 18) = 18
[pid   539] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   539] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   539] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   539] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   539] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   539] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   539] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[110]}, 88) = 110
[pid   539] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   539] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   539] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 540 attached
 <unfinished ...>
[pid   540] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   540] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   540] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   540] write(3, "69", 2)           = 2
[  146.317909][  T537] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  146.325750][  T537]  </TASK>
[  146.355515][  T540] FAULT_INJECTION: forcing a failure.
[  146.355515][  T540] name failslab, interval 1, probability 0, space 0, times 0
[  146.368112][  T540] CPU: 0 PID: 540 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  146.378509][  T540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  146.388405][  T540] Call Trace:
[  146.391530][  T540]  <TASK>
[  146.394298][  T540]  dump_stack_lvl+0x151/0x1c0
[  146.398820][  T540]  ? io_uring_drop_tctx_refs+0x190/0x190
[  146.404391][  T540]  dump_stack+0x15/0x20
[  146.408535][  T540]  should_fail+0x3c6/0x510
[  146.412784][  T540]  __should_failslab+0xa4/0xe0
[  146.417568][  T540]  ? anon_vma_clone+0x9a/0x500
[  146.422176][  T540]  should_failslab+0x9/0x20
[  146.426499][  T540]  slab_pre_alloc_hook+0x37/0xd0
[  146.431397][  T540]  ? anon_vma_clone+0x9a/0x500
[  146.435957][  T540]  kmem_cache_alloc+0x44/0x200
[  146.440592][  T540]  anon_vma_clone+0x9a/0x500
[  146.444991][  T540]  anon_vma_fork+0x91/0x4e0
[  146.449326][  T540]  ? anon_vma_name+0x4c/0x70
[  146.453753][  T540]  ? vm_area_dup+0x17a/0x230
[  146.458178][  T540]  copy_mm+0xa3a/0x13e0
[  146.462439][  T540]  ? copy_signal+0x610/0x610
[  146.466976][  T540]  ? __init_rwsem+0xfe/0x1d0
[pid   540] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   538] exit(0)                     = ?
[pid   538] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=108, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[  146.471403][  T540]  ? copy_signal+0x4e3/0x610
[  146.475831][  T540]  copy_process+0x1149/0x3290
[  146.480350][  T540]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  146.485291][  T540]  ? __kasan_check_write+0x14/0x20
[  146.490253][  T540]  kernel_clone+0x21e/0x9e0
[  146.495315][  T540]  ? _raw_spin_unlock_irq+0x4e/0x70
[  146.500726][  T540]  ? create_io_thread+0x1e0/0x1e0
[  146.505614][  T540]  __x64_sys_clone+0x23f/0x290
[  146.510291][  T540]  ? __do_sys_vfork+0x130/0x130
[  146.514958][  T540]  ? __kasan_check_write+0x14/0x20
[  146.519910][  T540]  x64_sys_call+0x1b0/0x9a0
[  146.524244][  T540]  do_syscall_64+0x3b/0xb0
[  146.528558][  T540]  ? clear_bhb_loop+0x35/0x90
[  146.533032][  T540]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  146.538761][  T540] RIP: 0033:0x7f11f15e60d9
[  146.543081][  T540] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  146.562523][  T540] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   539] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
./strace-static-x86_64: Process 541 attached
[pid   540] <... clone resumed>)        = 111
[pid   540] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   539] close(3)                    = 0
[pid   539] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   539] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   540] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   539] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   539] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   539] exit_group(0 <unfinished ...>
[pid   540] <... futex resumed>)        = ?
[pid   539] <... exit_group resumed>)   = ?
[pid   540] +++ exited with 0 +++
[pid   539] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=109, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 112
./strace-static-x86_64: Process 542 attached
[pid   542] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   542] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   542] setpgid(0, 0)               = 0
[pid   542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   542] write(3, "1000", 4)         = 4
[pid   542] close(3)                    = 0
[pid   542] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   542] write(1, "executing program\n", 18executing program
) = 18
[pid   542] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   542] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   542] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   542] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   542] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   542] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   542] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0}./strace-static-x86_64: Process 543 attached
 => {parent_tid=[113]}, 88) = 113
[pid   543] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   543] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   543] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   542] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   542] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   543] <... futex resumed>)        = 0
[pid   542] <... futex resumed>)        = 1
[pid   543] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   542] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   543] write(3, "69", 2)           = 2
[  146.570770][  T540] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  146.578584][  T540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  146.586394][  T540] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  146.594221][  T540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  146.602023][  T540] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  146.610027][  T540]  </TASK>
[pid   543] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   542] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  146.647045][  T543] FAULT_INJECTION: forcing a failure.
[  146.647045][  T543] name failslab, interval 1, probability 0, space 0, times 0
[  146.659720][  T543] CPU: 0 PID: 543 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  146.670119][  T543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  146.680089][  T543] Call Trace:
[  146.683226][  T543]  <TASK>
[  146.685989][  T543]  dump_stack_lvl+0x151/0x1c0
[  146.690509][  T543]  ? io_uring_drop_tctx_refs+0x190/0x190
[  146.696064][  T543]  dump_stack+0x15/0x20
[  146.700049][  T543]  should_fail+0x3c6/0x510
[  146.704310][  T543]  __should_failslab+0xa4/0xe0
[  146.709017][  T543]  ? anon_vma_fork+0xf7/0x4e0
[  146.713535][  T543]  should_failslab+0x9/0x20
[  146.717989][  T543]  slab_pre_alloc_hook+0x37/0xd0
[  146.722777][  T543]  ? anon_vma_fork+0xf7/0x4e0
[  146.727274][  T543]  kmem_cache_alloc+0x44/0x200
[  146.731877][  T543]  anon_vma_fork+0xf7/0x4e0
[  146.736358][  T543]  ? anon_vma_name+0x4c/0x70
[  146.740816][  T543]  ? vm_area_dup+0x17a/0x230
[pid   541] exit(0)                     = ?
[pid   541] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=111, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[  146.745247][  T543]  copy_mm+0xa3a/0x13e0
[  146.749367][  T543]  ? copy_signal+0x610/0x610
[  146.753774][  T543]  ? __init_rwsem+0xfe/0x1d0
[  146.758207][  T543]  ? copy_signal+0x4e3/0x610
[  146.762631][  T543]  copy_process+0x1149/0x3290
[  146.767189][  T543]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  146.772091][  T543]  ? __kasan_check_write+0x14/0x20
[  146.777062][  T543]  kernel_clone+0x21e/0x9e0
[  146.781382][  T543]  ? _raw_spin_unlock_irq+0x4e/0x70
[  146.786440][  T543]  ? create_io_thread+0x1e0/0x1e0
[  146.791292][  T543]  __x64_sys_clone+0x23f/0x290
[  146.795876][  T543]  ? __do_sys_vfork+0x130/0x130
[  146.800566][  T543]  ? __kasan_check_write+0x14/0x20
[  146.805517][  T543]  x64_sys_call+0x1b0/0x9a0
[  146.809956][  T543]  do_syscall_64+0x3b/0xb0
[  146.814206][  T543]  ? clear_bhb_loop+0x35/0x90
[  146.818723][  T543]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  146.824448][  T543] RIP: 0033:0x7f11f15e60d9
[  146.828704][  T543] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  146.848236][  T543] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  146.856588][  T543] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  146.864510][  T543] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  146.872293][  T543] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  146.880103][  T543] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  146.887925][  T543] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[pid   543] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   543] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   542] close(3)                    = 0
[pid   542] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   542] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   542] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   542] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   542] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   542] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   542] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   543] <... futex resumed>)        = 0
[pid   542] close(19 <unfinished ...>
[pid   543] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   542] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   542] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   542] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   542] exit_group(0 <unfinished ...>
[pid   543] <... futex resumed>)        = ?
[pid   542] <... exit_group resumed>)   = ?
[pid   543] +++ exited with 0 +++
[pid   542] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=112, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 114
./strace-static-x86_64: Process 545 attached
[pid   545] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   545] setpgid(0, 0)               = 0
[pid   545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   545] write(3, "1000", 4)         = 4
[pid   545] close(3)                    = 0
[pid   545] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   545] write(1, "executing program\n", 18) = 18
[pid   545] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   545] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   545] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   545] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   545] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   545] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   545] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[115]}, 88) = 115
[pid   545] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   545] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   545] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 546 attached
 <unfinished ...>
[pid   546] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   546] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   546] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   546] write(3, "69", 2)           = 2
[  146.895739][  T543]  </TASK>
[  146.932813][  T546] FAULT_INJECTION: forcing a failure.
[  146.932813][  T546] name failslab, interval 1, probability 0, space 0, times 0
[  146.945443][  T546] CPU: 0 PID: 546 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  146.955819][  T546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  146.965911][  T546] Call Trace:
[  146.969035][  T546]  <TASK>
[  146.971812][  T546]  dump_stack_lvl+0x151/0x1c0
[  146.976330][  T546]  ? io_uring_drop_tctx_refs+0x190/0x190
[  146.981898][  T546]  ? avc_denied+0x1b0/0x1b0
[  146.986238][  T546]  dump_stack+0x15/0x20
[  146.990226][  T546]  should_fail+0x3c6/0x510
[  146.994484][  T546]  __should_failslab+0xa4/0xe0
[  146.999102][  T546]  ? vm_area_dup+0x26/0x230
[  147.003418][  T546]  should_failslab+0x9/0x20
[  147.007764][  T546]  slab_pre_alloc_hook+0x37/0xd0
[  147.012540][  T546]  ? vm_area_dup+0x26/0x230
[  147.016977][  T546]  kmem_cache_alloc+0x44/0x200
[  147.021569][  T546]  vm_area_dup+0x26/0x230
[  147.025727][  T546]  copy_mm+0x9a1/0x13e0
[  147.029819][  T546]  ? copy_signal+0x610/0x610
[  147.034242][  T546]  ? __init_rwsem+0xfe/0x1d0
[  147.038664][  T546]  ? copy_signal+0x4e3/0x610
[  147.043089][  T546]  copy_process+0x1149/0x3290
[  147.047704][  T546]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  147.052647][  T546]  ? __kasan_check_write+0x14/0x20
[  147.057671][  T546]  kernel_clone+0x21e/0x9e0
[  147.062008][  T546]  ? _raw_spin_unlock_irq+0x4e/0x70
[  147.067072][  T546]  ? create_io_thread+0x1e0/0x1e0
[  147.071918][  T546]  __x64_sys_clone+0x23f/0x290
[  147.076517][  T546]  ? __do_sys_vfork+0x130/0x130
[  147.081212][  T546]  ? __kasan_check_write+0x14/0x20
[  147.086146][  T546]  x64_sys_call+0x1b0/0x9a0
[  147.090487][  T546]  do_syscall_64+0x3b/0xb0
[  147.094733][  T546]  ? clear_bhb_loop+0x35/0x90
[  147.099260][  T546]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  147.105064][  T546] RIP: 0033:0x7f11f15e60d9
[  147.109402][  T546] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   546] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   545] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   546] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   546] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   545] close(3)                    = 0
[pid   545] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   545] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   545] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   545] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   545] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   545] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   545] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   545] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   545] exit_group(0)               = ?
[pid   546] <... futex resumed>)        = ?
[pid   546] +++ exited with 0 +++
[pid   545] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=114, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 116
./strace-static-x86_64: Process 547 attached
[pid   547] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   547] setpgid(0, 0)               = 0
[pid   547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   547] write(3, "1000", 4)         = 4
[pid   547] close(3)                    = 0
[pid   547] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   547] write(1, "executing program\n", 18) = 18
[pid   547] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   547] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   547] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   547] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   547] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   547] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   547] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[117]}, 88) = 117
[pid   547] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   547] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   547] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 548 attached
 <unfinished ...>
[pid   548] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   548] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   548] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   548] write(3, "69", 2)           = 2
[  147.129282][  T546] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  147.137749][  T546] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  147.145548][  T546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  147.153358][  T546] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  147.161260][  T546] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  147.169068][  T546] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  147.176892][  T546]  </TASK>
[  147.208585][  T548] FAULT_INJECTION: forcing a failure.
[  147.208585][  T548] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  147.222571][  T548] CPU: 0 PID: 548 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  147.233147][  T548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  147.243036][  T548] Call Trace:
[  147.246278][  T548]  <TASK>
[  147.249090][  T548]  dump_stack_lvl+0x151/0x1c0
[  147.253566][  T548]  ? io_uring_drop_tctx_refs+0x190/0x190
[  147.259089][  T548]  ? kmem_cache_alloc+0x134/0x200
[  147.263989][  T548]  dump_stack+0x15/0x20
[  147.267979][  T548]  should_fail+0x3c6/0x510
[  147.272355][  T548]  should_fail_alloc_page+0x5a/0x80
[  147.277386][  T548]  prepare_alloc_pages+0x15c/0x700
[  147.282335][  T548]  ? __alloc_pages_bulk+0xe40/0xe40
[  147.287367][  T548]  __alloc_pages+0x18c/0x8f0
[  147.291800][  T548]  ? prep_new_page+0x110/0x110
[  147.296390][  T548]  ? __alloc_pages+0x27e/0x8f0
[  147.300995][  T548]  ? __kasan_check_write+0x14/0x20
[  147.305958][  T548]  ? _raw_spin_lock+0xa4/0x1b0
[  147.310720][  T548]  __pmd_alloc+0xb1/0x550
[  147.314817][  T548]  ? __pud_alloc+0x260/0x260
[  147.319500][  T548]  ? __pud_alloc+0x213/0x260
[  147.323931][  T548]  ? do_handle_mm_fault+0x2400/0x2400
[  147.329146][  T548]  ? __stack_depot_save+0x34/0x470
[  147.334082][  T548]  ? anon_vma_clone+0x9a/0x500
[  147.338691][  T548]  copy_page_range+0x2b3d/0x2f90
[  147.343471][  T548]  ? __kasan_slab_alloc+0xb1/0xe0
[  147.348326][  T548]  ? slab_post_alloc_hook+0x53/0x2c0
[  147.353437][  T548]  ? copy_mm+0xa3a/0x13e0
[  147.357604][  T548]  ? copy_process+0x1149/0x3290
[  147.362293][  T548]  ? kernel_clone+0x21e/0x9e0
[  147.366824][  T548]  ? x64_sys_call+0x1b0/0x9a0
[  147.371322][  T548]  ? do_syscall_64+0x3b/0xb0
[  147.375745][  T548]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  147.381669][  T548]  ? pfn_valid+0x1e0/0x1e0
[  147.385898][  T548]  ? rwsem_write_trylock+0x153/0x340
[  147.391123][  T548]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  147.397371][  T548]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  147.402935][  T548]  ? __rb_insert_augmented+0x5de/0x610
[  147.408233][  T548]  copy_mm+0xc7e/0x13e0
[  147.412396][  T548]  ? copy_signal+0x610/0x610
[  147.416819][  T548]  ? __init_rwsem+0xfe/0x1d0
[  147.421249][  T548]  ? copy_signal+0x4e3/0x610
[  147.425671][  T548]  copy_process+0x1149/0x3290
[  147.430223][  T548]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  147.435149][  T548]  ? __kasan_check_write+0x14/0x20
[  147.440081][  T548]  kernel_clone+0x21e/0x9e0
[  147.444428][  T548]  ? _raw_spin_unlock_irq+0x4e/0x70
[  147.449454][  T548]  ? create_io_thread+0x1e0/0x1e0
[  147.454505][  T548]  __x64_sys_clone+0x23f/0x290
[  147.459093][  T548]  ? __do_sys_vfork+0x130/0x130
[  147.463790][  T548]  ? __kasan_check_write+0x14/0x20
[  147.468740][  T548]  x64_sys_call+0x1b0/0x9a0
[  147.473067][  T548]  do_syscall_64+0x3b/0xb0
[  147.477318][  T548]  ? clear_bhb_loop+0x35/0x90
[  147.481830][  T548]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  147.487556][  T548] RIP: 0033:0x7f11f15e60d9
[  147.491817][  T548] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  147.512064][  T548] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  147.520378][  T548] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  147.528174][  T548] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  147.535990][  T548] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  147.544610][  T548] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  147.552422][  T548] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[pid   548] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   547] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   548] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   547] close(3 <unfinished ...>
[pid   548] <... futex resumed>)        = 0
[pid   547] <... close resumed>)        = 0
[pid   548] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   547] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   547] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   547] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   547] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   547] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   547] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   547] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   547] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   547] exit_group(0 <unfinished ...>
[pid   548] <... futex resumed>)        = ?
[pid   547] <... exit_group resumed>)   = ?
[pid   548] +++ exited with 0 +++
[pid   547] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=116, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 118
./strace-static-x86_64: Process 549 attached
[pid   549] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   549] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   549] setpgid(0, 0)               = 0
[pid   549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   549] write(3, "1000", 4)         = 4
[pid   549] close(3)                    = 0
[pid   549] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   549] write(1, "executing program\n", 18) = 18
[pid   549] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   549] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   549] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   549] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   549] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   549] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   549] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[119]}, 88) = 119
[pid   549] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   549] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   549] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 550 attached
 <unfinished ...>
[pid   550] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   550] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   550] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   550] write(3, "69", 2)           = 2
[  147.560238][  T548]  </TASK>
[  147.572882][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  147.572918][   T30] audit: type=1400 audit(1730024060.611:91): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[pid   550] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   549] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  147.606246][  T550] FAULT_INJECTION: forcing a failure.
[  147.606246][  T550] name failslab, interval 1, probability 0, space 0, times 0
[  147.618829][  T550] CPU: 1 PID: 550 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  147.629301][  T550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  147.639191][  T550] Call Trace:
[  147.642322][  T550]  <TASK>
[  147.645272][  T550]  dump_stack_lvl+0x151/0x1c0
[  147.649779][  T550]  ? io_uring_drop_tctx_refs+0x190/0x190
[  147.655253][  T550]  ? avc_denied+0x1b0/0x1b0
[  147.659596][  T550]  dump_stack+0x15/0x20
[  147.663580][  T550]  should_fail+0x3c6/0x510
[  147.667834][  T550]  __should_failslab+0xa4/0xe0
[  147.672435][  T550]  ? vm_area_dup+0x26/0x230
[  147.676772][  T550]  should_failslab+0x9/0x20
[  147.681118][  T550]  slab_pre_alloc_hook+0x37/0xd0
[  147.685897][  T550]  ? vm_area_dup+0x26/0x230
[  147.690237][  T550]  kmem_cache_alloc+0x44/0x200
[  147.694838][  T550]  vm_area_dup+0x26/0x230
[  147.699002][  T550]  copy_mm+0x9a1/0x13e0
[  147.703094][  T550]  ? copy_signal+0x610/0x610
[  147.707522][  T550]  ? __init_rwsem+0xfe/0x1d0
[  147.711941][  T550]  ? copy_signal+0x4e3/0x610
[  147.716373][  T550]  copy_process+0x1149/0x3290
[  147.720899][  T550]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  147.725921][  T550]  ? __kasan_check_write+0x14/0x20
[  147.731044][  T550]  kernel_clone+0x21e/0x9e0
[  147.735379][  T550]  ? _raw_spin_unlock_irq+0x4e/0x70
[  147.740409][  T550]  ? create_io_thread+0x1e0/0x1e0
[  147.745281][  T550]  __x64_sys_clone+0x23f/0x290
[  147.749887][  T550]  ? __do_sys_vfork+0x130/0x130
[  147.754567][  T550]  ? __kasan_check_write+0x14/0x20
[  147.759603][  T550]  x64_sys_call+0x1b0/0x9a0
[  147.763931][  T550]  do_syscall_64+0x3b/0xb0
[  147.768207][  T550]  ? clear_bhb_loop+0x35/0x90
[  147.772700][  T550]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  147.778427][  T550] RIP: 0033:0x7f11f15e60d9
[  147.782767][  T550] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  147.802383][  T550] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   550] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   550] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   550] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   549] close(3)                    = 0
[pid   549] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   549] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   549] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   549] exit_group(0 <unfinished ...>
[pid   550] <... futex resumed>)        = ?
[pid   549] <... exit_group resumed>)   = ?
[pid   550] +++ exited with 0 +++
[pid   549] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=118, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 120
./strace-static-x86_64: Process 552 attached
[pid   552] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   552] setpgid(0, 0)               = 0
[pid   552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   552] write(3, "1000", 4)         = 4
[pid   552] close(3)                    = 0
[pid   552] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   552] write(1, "executing program\n", 18executing program
) = 18
[pid   552] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   552] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   552] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   552] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[  147.810629][  T550] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  147.818539][  T550] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  147.826347][  T550] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  147.834167][  T550] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  147.842067][  T550] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  147.850144][  T550]  </TASK>
[pid   552] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   552] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   552] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[121]}, 88) = 121
[pid   552] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   552] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   552] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 553 attached
 <unfinished ...>
[pid   553] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   553] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   553] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   553] write(3, "69", 2)           = 2
[  147.904343][  T553] FAULT_INJECTION: forcing a failure.
[  147.904343][  T553] name failslab, interval 1, probability 0, space 0, times 0
[  147.918487][  T553] CPU: 1 PID: 553 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  147.929483][  T553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  147.939811][  T553] Call Trace:
[  147.943360][  T553]  <TASK>
[  147.946135][  T553]  dump_stack_lvl+0x151/0x1c0
[  147.950776][  T553]  ? io_uring_drop_tctx_refs+0x190/0x190
[  147.956255][  T553]  dump_stack+0x15/0x20
[  147.960319][  T553]  should_fail+0x3c6/0x510
[  147.964578][  T553]  __should_failslab+0xa4/0xe0
[  147.969190][  T553]  ? anon_vma_clone+0x9a/0x500
[  147.973862][  T553]  should_failslab+0x9/0x20
[  147.978320][  T553]  slab_pre_alloc_hook+0x37/0xd0
[  147.983155][  T553]  ? anon_vma_clone+0x9a/0x500
[  147.988888][  T553]  kmem_cache_alloc+0x44/0x200
[  147.993514][  T553]  anon_vma_clone+0x9a/0x500
[  147.998085][  T553]  anon_vma_fork+0x91/0x4e0
[  148.002536][  T553]  ? anon_vma_name+0x4c/0x70
[  148.006952][  T553]  ? vm_area_dup+0x17a/0x230
[  148.011385][  T553]  copy_mm+0xa3a/0x13e0
[  148.015547][  T553]  ? copy_signal+0x610/0x610
[  148.020321][  T553]  ? __init_rwsem+0xfe/0x1d0
[  148.025134][  T553]  ? copy_signal+0x4e3/0x610
[  148.029640][  T553]  copy_process+0x1149/0x3290
[  148.034177][  T553]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  148.039110][  T553]  ? __kasan_check_write+0x14/0x20
[  148.044105][  T553]  kernel_clone+0x21e/0x9e0
[  148.048519][  T553]  ? _raw_spin_unlock_irq+0x4e/0x70
[  148.053635][  T553]  ? create_io_thread+0x1e0/0x1e0
[  148.058519][  T553]  __x64_sys_clone+0x23f/0x290
[  148.063264][  T553]  ? __do_sys_vfork+0x130/0x130
[  148.068028][  T553]  ? __kasan_check_write+0x14/0x20
[  148.072973][  T553]  x64_sys_call+0x1b0/0x9a0
[  148.077424][  T553]  do_syscall_64+0x3b/0xb0
[  148.081677][  T553]  ? clear_bhb_loop+0x35/0x90
[  148.086220][  T553]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.091915][  T553] RIP: 0033:0x7f11f15e60d9
[  148.096186][  T553] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  148.116345][  T553] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  148.124692][  T553] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  148.132488][  T553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  148.140640][  T553] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[pid   553] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   552] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   553] <... clone resumed>)        = 122
[pid   553] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   553] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   552] close(3)                    = 0
[pid   552] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   552] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   552] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   552] exit_group(0)               = ?
[pid   553] <... futex resumed>)        = ?
[pid   553] +++ exited with 0 +++
[pid   552] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=120, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
./strace-static-x86_64: Process 554 attached
[  148.148444][  T553] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  148.156344][  T553] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  148.164334][  T553]  </TASK>
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 123
./strace-static-x86_64: Process 555 attached
[pid   555] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   555] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   555] setpgid(0, 0)               = 0
[pid   555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   555] write(3, "1000", 4)         = 4
[pid   555] close(3)                    = 0
[pid   555] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   555] write(1, "executing program\n", 18executing program
) = 18
[pid   555] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   555] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   555] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   555] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   555] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   555] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   555] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[124]}, 88) = 124
[pid   555] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   555] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   555] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 556 attached
 <unfinished ...>
[pid   556] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   556] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   556] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   556] write(3, "69", 2)           = 2
[  148.245562][  T556] FAULT_INJECTION: forcing a failure.
[  148.245562][  T556] name failslab, interval 1, probability 0, space 0, times 0
[  148.258778][  T556] CPU: 1 PID: 556 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  148.269188][  T556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.279076][  T556] Call Trace:
[  148.282235][  T556]  <TASK>
[  148.284964][  T556]  dump_stack_lvl+0x151/0x1c0
[  148.289569][  T556]  ? io_uring_drop_tctx_refs+0x190/0x190
[  148.295293][  T556]  dump_stack+0x15/0x20
[  148.299398][  T556]  should_fail+0x3c6/0x510
[  148.303729][  T556]  __should_failslab+0xa4/0xe0
[  148.308330][  T556]  ? anon_vma_fork+0x1df/0x4e0
[  148.312939][  T556]  should_failslab+0x9/0x20
[  148.317269][  T556]  slab_pre_alloc_hook+0x37/0xd0
[  148.322047][  T556]  ? anon_vma_fork+0x1df/0x4e0
[  148.326732][  T556]  kmem_cache_alloc+0x44/0x200
[  148.331335][  T556]  anon_vma_fork+0x1df/0x4e0
[  148.335762][  T556]  copy_mm+0xa3a/0x13e0
[  148.339774][  T556]  ? copy_signal+0x610/0x610
[  148.344187][  T556]  ? __init_rwsem+0xfe/0x1d0
[  148.348692][  T556]  ? copy_signal+0x4e3/0x610
[  148.353116][  T556]  copy_process+0x1149/0x3290
[  148.357729][  T556]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  148.362680][  T556]  ? __kasan_check_write+0x14/0x20
[  148.367615][  T556]  kernel_clone+0x21e/0x9e0
[  148.371953][  T556]  ? _raw_spin_unlock_irq+0x4e/0x70
[  148.377261][  T556]  ? create_io_thread+0x1e0/0x1e0
[  148.382210][  T556]  __x64_sys_clone+0x23f/0x290
[  148.386807][  T556]  ? __do_sys_vfork+0x130/0x130
[  148.391500][  T556]  ? __kasan_check_write+0x14/0x20
[  148.396442][  T556]  x64_sys_call+0x1b0/0x9a0
[  148.400783][  T556]  do_syscall_64+0x3b/0xb0
[  148.405033][  T556]  ? clear_bhb_loop+0x35/0x90
[  148.409664][  T556]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.415391][  T556] RIP: 0033:0x7f11f15e60d9
[  148.419791][  T556] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   556] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   555] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   554] exit(0)                     = ?
[pid   556] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   554] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=122, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   556] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   556] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   555] close(3)                    = 0
[pid   555] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   555] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   555] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   555] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   555] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   555] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   555] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   555] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   555] exit_group(0)               = ?
[pid   556] <... futex resumed>)        = ?
[pid   406] <... restart_syscall resumed>) = 0
[pid   556] +++ exited with 0 +++
[pid   555] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=123, si_uid=0, si_status=0, si_utime=0, si_stime=4} ---
[pid   406] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 557 attached
, child_tidptr=0x555560cbc690) = 125
[pid   557] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   557] setpgid(0, 0)               = 0
[pid   557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   557] write(3, "1000", 4)         = 4
[pid   557] close(3)                    = 0
[pid   557] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   557] write(1, "executing program\n", 18executing program
) = 18
[pid   557] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   557] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   557] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   557] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   557] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   557] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   557] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[126]}, 88) = 126
[pid   557] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   557] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   557] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 558 attached
 <unfinished ...>
[pid   558] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   558] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   558] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   558] write(3, "69", 2)           = 2
[  148.439231][  T556] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  148.447507][  T556] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  148.455375][  T556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  148.463269][  T556] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  148.471084][  T556] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  148.478899][  T556] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  148.487340][  T556]  </TASK>
[  148.524969][  T558] FAULT_INJECTION: forcing a failure.
[  148.524969][  T558] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  148.538496][  T558] CPU: 0 PID: 558 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  148.549047][  T558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.558959][  T558] Call Trace:
[  148.562072][  T558]  <TASK>
[  148.564845][  T558]  dump_stack_lvl+0x151/0x1c0
[  148.569358][  T558]  ? io_uring_drop_tctx_refs+0x190/0x190
[  148.574829][  T558]  dump_stack+0x15/0x20
[  148.578818][  T558]  should_fail+0x3c6/0x510
[  148.583081][  T558]  should_fail_alloc_page+0x5a/0x80
[  148.588104][  T558]  prepare_alloc_pages+0x15c/0x700
[  148.593069][  T558]  ? __alloc_pages_bulk+0xe40/0xe40
[  148.598112][  T558]  __alloc_pages+0x18c/0x8f0
[  148.602524][  T558]  ? prep_new_page+0x110/0x110
[  148.607128][  T558]  get_zeroed_page+0x1b/0x40
[  148.611562][  T558]  __pud_alloc+0x8b/0x260
[  148.615713][  T558]  ? stack_trace_snprint+0xf0/0xf0
[  148.620655][  T558]  ? do_handle_mm_fault+0x2400/0x2400
[  148.625867][  T558]  ? __stack_depot_save+0x34/0x470
[  148.630806][  T558]  ? anon_vma_clone+0x9a/0x500
[  148.635421][  T558]  copy_page_range+0x2bcf/0x2f90
[  148.640188][  T558]  ? __kasan_slab_alloc+0xb1/0xe0
[  148.645045][  T558]  ? slab_post_alloc_hook+0x53/0x2c0
[  148.650164][  T558]  ? copy_mm+0xa3a/0x13e0
[  148.654337][  T558]  ? copy_process+0x1149/0x3290
[  148.659021][  T558]  ? kernel_clone+0x21e/0x9e0
[  148.663621][  T558]  ? __x64_sys_clone+0x23f/0x290
[  148.668396][  T558]  ? x64_sys_call+0x1b0/0x9a0
[  148.673216][  T558]  ? do_syscall_64+0x3b/0xb0
[  148.677600][  T558]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.683517][  T558]  ? pfn_valid+0x1e0/0x1e0
[  148.687770][  T558]  ? rwsem_write_trylock+0x153/0x340
[  148.692872][  T558]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[  148.699123][  T558]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[  148.704694][  T558]  ? __rb_insert_augmented+0x5de/0x610
[  148.709982][  T558]  copy_mm+0xc7e/0x13e0
[  148.713974][  T558]  ? copy_signal+0x610/0x610
[  148.718392][  T558]  ? __init_rwsem+0xfe/0x1d0
[  148.722831][  T558]  ? copy_signal+0x4e3/0x610
[  148.727246][  T558]  copy_process+0x1149/0x3290
[  148.731769][  T558]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  148.737002][  T558]  ? __kasan_check_write+0x14/0x20
[  148.742031][  T558]  kernel_clone+0x21e/0x9e0
[  148.746374][  T558]  ? _raw_spin_unlock_irq+0x4e/0x70
[  148.751403][  T558]  ? create_io_thread+0x1e0/0x1e0
[  148.756266][  T558]  __x64_sys_clone+0x23f/0x290
[  148.760866][  T558]  ? __do_sys_vfork+0x130/0x130
[  148.765558][  T558]  ? __kasan_check_write+0x14/0x20
[  148.770596][  T558]  x64_sys_call+0x1b0/0x9a0
[  148.774947][  T558]  do_syscall_64+0x3b/0xb0
[  148.779178][  T558]  ? clear_bhb_loop+0x35/0x90
[  148.783691][  T558]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.789437][  T558] RIP: 0033:0x7f11f15e60d9
[  148.793680][  T558] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  148.813115][  T558] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   558] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   557] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   558] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   557] close(3 <unfinished ...>
[pid   558] <... futex resumed>)        = 0
[pid   557] <... close resumed>)        = 0
[pid   558] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   557] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   557] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   557] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   557] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   557] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   557] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   557] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   557] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   557] exit_group(0 <unfinished ...>
[pid   558] <... futex resumed>)        = ?
[pid   557] <... exit_group resumed>)   = ?
[pid   558] +++ exited with 0 +++
[pid   557] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=125, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555560cbc690) = 127
./strace-static-x86_64: Process 560 attached
[pid   560] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   560] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   560] setpgid(0, 0)               = 0
[pid   560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   560] write(3, "1000", 4)         = 4
[pid   560] close(3)                    = 0
[pid   560] read(200, executing program
0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   560] write(1, "executing program\n", 18) = 18
[pid   560] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   560] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   560] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   560] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   560] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   560] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   560] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[128]}, 88) = 128
[pid   560] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   560] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   560] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 561 attached
 <unfinished ...>
[pid   561] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   561] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   561] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   561] write(3, "69", 2)           = 2
[  148.821967][  T558] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  148.829782][  T558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  148.837591][  T558] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  148.845401][  T558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  148.853227][  T558] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  148.861044][  T558]  </TASK>
[  148.883496][  T561] FAULT_INJECTION: forcing a failure.
[  148.883496][  T561] name failslab, interval 1, probability 0, space 0, times 0
[  148.896220][  T561] CPU: 0 PID: 561 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  148.906613][  T561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.916502][  T561] Call Trace:
[  148.919631][  T561]  <TASK>
[  148.922402][  T561]  dump_stack_lvl+0x151/0x1c0
[  148.926937][  T561]  ? io_uring_drop_tctx_refs+0x190/0x190
[  148.932385][  T561]  dump_stack+0x15/0x20
[  148.936374][  T561]  should_fail+0x3c6/0x510
[  148.940631][  T561]  __should_failslab+0xa4/0xe0
[  148.945237][  T561]  ? anon_vma_fork+0x1df/0x4e0
[  148.949828][  T561]  should_failslab+0x9/0x20
[  148.954168][  T561]  slab_pre_alloc_hook+0x37/0xd0
[  148.958942][  T561]  ? anon_vma_fork+0x1df/0x4e0
[  148.963552][  T561]  kmem_cache_alloc+0x44/0x200
[  148.968348][  T561]  anon_vma_fork+0x1df/0x4e0
[  148.972783][  T561]  copy_mm+0xa3a/0x13e0
[  148.976766][  T561]  ? copy_signal+0x610/0x610
[  148.981182][  T561]  ? __init_rwsem+0xfe/0x1d0
[  148.985612][  T561]  ? copy_signal+0x4e3/0x610
[  148.990037][  T561]  copy_process+0x1149/0x3290
[  148.994564][  T561]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  148.999505][  T561]  ? __kasan_check_write+0x14/0x20
[  149.004467][  T561]  kernel_clone+0x21e/0x9e0
[  149.008790][  T561]  ? _raw_spin_unlock_irq+0x4e/0x70
[  149.013822][  T561]  ? create_io_thread+0x1e0/0x1e0
[  149.018811][  T561]  __x64_sys_clone+0x23f/0x290
[  149.023374][  T561]  ? __do_sys_vfork+0x130/0x130
[  149.028066][  T561]  ? __kasan_check_write+0x14/0x20
[  149.033017][  T561]  x64_sys_call+0x1b0/0x9a0
[  149.037345][  T561]  do_syscall_64+0x3b/0xb0
[  149.041598][  T561]  ? clear_bhb_loop+0x35/0x90
[  149.046129][  T561]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  149.052014][  T561] RIP: 0033:0x7f11f15e60d9
[  149.056268][  T561] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  149.075710][  T561] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   561] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   560] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   561] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   561] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   560] close(3)                    = 0
[pid   560] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   560] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   560] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   560] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   560] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   560] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   560] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   560] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   560] exit_group(0 <unfinished ...>
[pid   561] <... futex resumed>)        = ?
[pid   560] <... exit_group resumed>)   = ?
[pid   561] +++ exited with 0 +++
[pid   560] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=127, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 562 attached
, child_tidptr=0x555560cbc690) = 129
[pid   562] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   562] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   562] setpgid(0, 0)               = 0
[pid   562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   562] write(3, "1000", 4)         = 4
[pid   562] close(3)                    = 0
[pid   562] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   562] write(1, "executing program\n", 18executing program
) = 18
[pid   562] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   562] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   562] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   562] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   562] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   562] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   562] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[130]}, 88) = 130
[pid   562] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   562] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   562] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 563 attached
 <unfinished ...>
[pid   563] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   563] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   563] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   563] write(3, "69", 2)           = 2
[  149.083954][  T561] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  149.091770][  T561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  149.099583][  T561] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  149.107732][  T561] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  149.115642][  T561] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  149.123468][  T561]  </TASK>
[pid   563] clone(child_stack=NULL, flags=0 <unfinished ...>
[pid   562] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  149.152022][  T563] FAULT_INJECTION: forcing a failure.
[  149.152022][  T563] name failslab, interval 1, probability 0, space 0, times 0
[  149.165199][  T563] CPU: 0 PID: 563 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  149.175825][  T563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  149.185742][  T563] Call Trace:
[  149.188850][  T563]  <TASK>
[  149.191625][  T563]  dump_stack_lvl+0x151/0x1c0
[  149.196178][  T563]  ? io_uring_drop_tctx_refs+0x190/0x190
[  149.201621][  T563]  dump_stack+0x15/0x20
[  149.205624][  T563]  should_fail+0x3c6/0x510
[  149.209856][  T563]  __should_failslab+0xa4/0xe0
[  149.214543][  T563]  ? anon_vma_fork+0x1df/0x4e0
[  149.219138][  T563]  should_failslab+0x9/0x20
[  149.223480][  T563]  slab_pre_alloc_hook+0x37/0xd0
[  149.228261][  T563]  ? anon_vma_fork+0x1df/0x4e0
[  149.232986][  T563]  kmem_cache_alloc+0x44/0x200
[  149.237575][  T563]  anon_vma_fork+0x1df/0x4e0
[  149.242000][  T563]  copy_mm+0xa3a/0x13e0
[  149.245998][  T563]  ? copy_signal+0x610/0x610
[  149.250417][  T563]  ? __init_rwsem+0xfe/0x1d0
[  149.254843][  T563]  ? copy_signal+0x4e3/0x610
[  149.259283][  T563]  copy_process+0x1149/0x3290
[  149.263793][  T563]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  149.268731][  T563]  ? __kasan_check_write+0x14/0x20
[  149.273703][  T563]  kernel_clone+0x21e/0x9e0
[  149.278028][  T563]  ? _raw_spin_unlock_irq+0x4e/0x70
[  149.283054][  T563]  ? create_io_thread+0x1e0/0x1e0
[  149.287916][  T563]  __x64_sys_clone+0x23f/0x290
[  149.292523][  T563]  ? __do_sys_vfork+0x130/0x130
[  149.297206][  T563]  ? __kasan_check_write+0x14/0x20
[  149.302161][  T563]  x64_sys_call+0x1b0/0x9a0
[  149.306485][  T563]  do_syscall_64+0x3b/0xb0
[  149.310744][  T563]  ? clear_bhb_loop+0x35/0x90
[  149.315278][  T563]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  149.321005][  T563] RIP: 0033:0x7f11f15e60d9
[  149.325248][  T563] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[pid   563] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   563] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   563] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   562] close(3)                    = 0
[pid   562] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   562] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   562] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   562] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   562] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   562] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   562] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   562] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   562] exit_group(0)               = ?
[pid   563] <... futex resumed>)        = ?
[pid   563] +++ exited with 0 +++
[pid   562] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=129, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   406] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   406] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 564 attached
, child_tidptr=0x555560cbc690) = 131
[pid   564] set_robust_list(0x555560cbc6a0, 24) = 0
[pid   564] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   564] setpgid(0, 0)               = 0
[pid   564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   564] write(3, "1000", 4)         = 4
[pid   564] close(3)                    = 0
[pid   564] read(200, 0x7ffe7e9af7f0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
executing program
[pid   564] write(1, "executing program\n", 18) = 18
[pid   564] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   564] rt_sigaction(SIGRT_1, {sa_handler=0x7f11f160da40, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f11f15ff850}, NULL, 8) = 0
[pid   564] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid   564] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f11f157d000
[pid   564] mprotect(0x7f11f157e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   564] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid   564] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f11f159d990, parent_tid=0x7f11f159d990, exit_signal=0, stack=0x7f11f157d000, stack_size=0x20300, tls=0x7f11f159d6c0} => {parent_tid=[132]}, 88) = 132
[pid   564] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   564] futex(0x7f11f166a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   564] futex(0x7f11f166a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 565 attached
 <unfinished ...>
[pid   565] set_robust_list(0x7f11f159d9a0, 24) = 0
[pid   565] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid   565] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   565] write(3, "69", 2)           = 2
[  149.345314][  T563] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  149.353565][  T563] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  149.361445][  T563] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  149.369346][  T563] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  149.377242][  T563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  149.385069][  T563] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  149.392885][  T563]  </TASK>
[  149.417777][  T565] FAULT_INJECTION: forcing a failure.
[  149.417777][  T565] name failslab, interval 1, probability 0, space 0, times 0
[  149.430352][  T565] CPU: 0 PID: 565 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  149.440717][  T565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  149.450793][  T565] Call Trace:
[  149.453904][  T565]  <TASK>
[  149.456682][  T565]  dump_stack_lvl+0x151/0x1c0
[  149.461201][  T565]  ? io_uring_drop_tctx_refs+0x190/0x190
[  149.466671][  T565]  dump_stack+0x15/0x20
[  149.470690][  T565]  should_fail+0x3c6/0x510
[  149.474913][  T565]  __should_failslab+0xa4/0xe0
[  149.479519][  T565]  ? anon_vma_fork+0x1df/0x4e0
[  149.484120][  T565]  should_failslab+0x9/0x20
[  149.488548][  T565]  slab_pre_alloc_hook+0x37/0xd0
[  149.493578][  T565]  ? anon_vma_fork+0x1df/0x4e0
[  149.498173][  T565]  kmem_cache_alloc+0x44/0x200
[  149.502989][  T565]  anon_vma_fork+0x1df/0x4e0
[  149.507456][  T565]  copy_mm+0xa3a/0x13e0
[  149.511402][  T565]  ? copy_signal+0x610/0x610
[  149.515819][  T565]  ? __init_rwsem+0xfe/0x1d0
[  149.520244][  T565]  ? copy_signal+0x4e3/0x610
[  149.524674][  T565]  copy_process+0x1149/0x3290
[  149.529204][  T565]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  149.534138][  T565]  ? __kasan_check_write+0x14/0x20
[  149.539100][  T565]  kernel_clone+0x21e/0x9e0
[  149.543432][  T565]  ? _raw_spin_unlock_irq+0x4e/0x70
[  149.548457][  T565]  ? create_io_thread+0x1e0/0x1e0
[  149.553330][  T565]  __x64_sys_clone+0x23f/0x290
[  149.557919][  T565]  ? __do_sys_vfork+0x130/0x130
[  149.562634][  T565]  ? __kasan_check_write+0x14/0x20
[  149.567566][  T565]  x64_sys_call+0x1b0/0x9a0
[  149.571895][  T565]  do_syscall_64+0x3b/0xb0
[  149.576148][  T565]  ? clear_bhb_loop+0x35/0x90
[  149.580745][  T565]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  149.586569][  T565] RIP: 0033:0x7f11f15e60d9
[  149.590931][  T565] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  149.610388][  T565] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  149.618710][  T565] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  149.626777][  T565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  149.634585][  T565] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  149.642402][  T565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  149.650329][  T565] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  149.658149][  T565]  </TASK>
[  149.661354][  T565] ==================================================================
[  149.669270][  T565] BUG: KASAN: double-free or invalid-free in kfree+0xc8/0x220
[  149.676553][  T565] 
[  149.678729][  T565] CPU: 0 PID: 565 Comm: syz-executor101 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  149.689057][  T565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  149.699003][  T565] Call Trace:
[  149.702081][  T565]  <TASK>
[  149.704859][  T565]  dump_stack_lvl+0x151/0x1c0
[  149.709473][  T565]  ? io_uring_drop_tctx_refs+0x190/0x190
[  149.715054][  T565]  ? __wake_up_klogd+0xd5/0x110
[  149.719744][  T565]  ? panic+0x760/0x760
[  149.723667][  T565]  ? kfree+0xc8/0x220
[  149.727463][  T565]  print_address_description+0x87/0x3b0
[  149.732854][  T565]  ? kfree+0xc8/0x220
[  149.736685][  T565]  ? kfree+0xc8/0x220
[  149.740488][  T565]  kasan_report_invalid_free+0x6b/0xa0
[  149.745786][  T565]  ____kasan_slab_free+0x13e/0x160
[  149.750901][  T565]  __kasan_slab_free+0x11/0x20
[  149.755507][  T565]  slab_free_freelist_hook+0xbd/0x190
[  149.760846][  T565]  ? anon_vma_name_free+0x15/0x20
[  149.765699][  T565]  kfree+0xc8/0x220
[  149.769363][  T565]  anon_vma_name_free+0x15/0x20
[  149.774037][  T565]  vm_area_free_no_check+0xa6/0x130
[  149.779085][  T565]  copy_mm+0xefb/0x13e0
[  149.783067][  T565]  ? copy_signal+0x610/0x610
[  149.787500][  T565]  ? __init_rwsem+0xfe/0x1d0
[  149.792018][  T565]  ? copy_signal+0x4e3/0x610
[  149.796552][  T565]  copy_process+0x1149/0x3290
[  149.801082][  T565]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  149.806111][  T565]  ? __kasan_check_write+0x14/0x20
[  149.811053][  T565]  kernel_clone+0x21e/0x9e0
[  149.815425][  T565]  ? _raw_spin_unlock_irq+0x4e/0x70
[  149.820423][  T565]  ? create_io_thread+0x1e0/0x1e0
[  149.825284][  T565]  __x64_sys_clone+0x23f/0x290
[  149.829887][  T565]  ? __do_sys_vfork+0x130/0x130
[  149.834575][  T565]  ? __kasan_check_write+0x14/0x20
[  149.839515][  T565]  x64_sys_call+0x1b0/0x9a0
[  149.843859][  T565]  do_syscall_64+0x3b/0xb0
[  149.848103][  T565]  ? clear_bhb_loop+0x35/0x90
[  149.852625][  T565]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  149.858450][  T565] RIP: 0033:0x7f11f15e60d9
[  149.862689][  T565] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  149.882134][  T565] RSP: 002b:00007f11f159d208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  149.890378][  T565] RAX: ffffffffffffffda RBX: 00007f11f166a3c8 RCX: 00007f11f15e60d9
[  149.898222][  T565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  149.906001][  T565] RBP: 00007f11f166a3c0 R08: 0000000000000000 R09: 0000000000003936
[  149.913809][  T565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f166a3cc
[  149.921625][  T565] R13: 00007f11f159d210 R14: 0000000000000002 R15: 00007f11f163601d
[  149.929448][  T565]  </TASK>
[  149.932302][  T565] 
[  149.934560][  T565] Allocated by task 400:
[  149.938809][  T565]  __kasan_slab_alloc+0xb1/0xe0
[  149.943500][  T565]  slab_post_alloc_hook+0x53/0x2c0
[  149.948538][  T565]  kmem_cache_alloc+0xf5/0x200
[  149.953133][  T565]  vm_area_dup+0x26/0x230
[  149.957302][  T565]  copy_mm+0x9a1/0x13e0
[  149.961287][  T565]  copy_process+0x1149/0x3290
[  149.965809][  T565]  kernel_clone+0x21e/0x9e0
[  149.970378][  T565]  __x64_sys_clone+0x23f/0x290
[  149.975115][  T565]  x64_sys_call+0x1b0/0x9a0
[  149.979425][  T565]  do_syscall_64+0x3b/0xb0
[  149.983678][  T565]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  149.989403][  T565] 
[  149.991578][  T565] The buggy address belongs to the object at ffff88810d38aa68
[  149.991578][  T565]  which belongs to the cache vm_area_struct of size 232
[  150.005829][  T565] The buggy address is located 88 bytes inside of
[  150.005829][  T565]  232-byte region [ffff88810d38aa68, ffff88810d38ab50)
[  150.019110][  T565] The buggy address belongs to the page:
[  150.024598][  T565] page:ffffea000434e280 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d38a
[  150.034825][  T565] flags: 0x4000000000000200(slab|zone=1)
[  150.040848][  T565] raw: 4000000000000200 0000000000000000 dead000000000122 ffff88810018f800
[  150.049259][  T565] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[  150.057656][  T565] page dumped because: kasan: bad access detected
[  150.064003][  T565] page_owner tracks the page as allocated
[  150.069543][  T565] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 400, ts 131645012413, free_ts 125176374477
[  150.085784][  T565]  post_alloc_hook+0x1a3/0x1b0
[  150.090377][  T565]  prep_new_page+0x1b/0x110
[  150.094705][  T565]  get_page_from_freelist+0x3550/0x35d0
[  150.100190][  T565]  __alloc_pages+0x27e/0x8f0
[  150.104604][  T565]  new_slab+0x9a/0x4e0
[  150.108522][  T565]  ___slab_alloc+0x39e/0x830
[  150.113145][  T565]  __slab_alloc+0x4a/0x90
[  150.117386][  T565]  kmem_cache_alloc+0x134/0x200
[  150.122088][  T565]  vm_area_dup+0x26/0x230
[  150.126312][  T565]  copy_mm+0x9a1/0x13e0
[  150.130320][  T565]  copy_process+0x1149/0x3290
[  150.134824][  T565]  kernel_clone+0x21e/0x9e0
[  150.139248][  T565]  __x64_sys_clone+0x23f/0x290
[  150.143857][  T565]  x64_sys_call+0x1b0/0x9a0
[  150.148300][  T565]  do_syscall_64+0x3b/0xb0
[  150.152552][  T565]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  150.158385][  T565] page last free stack trace:
[  150.163001][  T565]  free_unref_page_prepare+0x7c8/0x7d0
[  150.168408][  T565]  free_unref_page+0xe8/0x750
[  150.172880][  T565]  __put_page+0xb0/0xe0
[  150.176882][  T565]  anon_pipe_buf_release+0x187/0x200
[  150.182014][  T565]  pipe_read+0x5a6/0x1040
[  150.186157][  T565]  vfs_read+0xa81/0xd40
[  150.190406][  T565]  ksys_read+0x199/0x2c0
[  150.194484][  T565]  __x64_sys_read+0x7b/0x90
[  150.198903][  T565]  x64_sys_call+0x28/0x9a0
[  150.203150][  T565]  do_syscall_64+0x3b/0xb0
[  150.207408][  T565]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  150.213134][  T565] 
[  150.215304][  T565] Memory state around the buggy address:
[  150.220796][  T565]  ffff88810d38a980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.228683][  T565]  ffff88810d38aa00: fb fb fb fb fb fc fc fc fc fc fc fc fc 00 00 00
[  150.236667][  T565] >ffff88810d38aa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  150.244558][  T565]                                            ^
[  150.250586][  T565]  ffff88810d38ab00: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[  150.258452][  T565]  ffff88810d38ab80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[pid   565] clone(child_stack=NULL, flags=0) = -1 ENOMEM (Cannot allocate memory)
[pid   564] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   565] futex(0x7f11f166a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   564] close(3 <unfinished ...>
[pid   565] futex(0x7f11f166a3c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   564] <... close resumed>)        = 0
[pid   564] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   564] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   564] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   564] exit_group(0 <unfinished ...>
[pid   565] <... futex resumed>)        = ?
[pid   564] <... exit_group resumed>)   = ?
[pid   565] +++ exited with 0 +++
[pid   564] +++ exited with 0 +++
[pid   406] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=131, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[  150.266342][  T565] ==================================================================
[  150.274241][  T565] Disabling lock debugging due to kernel taint
[  150.301918][  T406] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
[  150.313518][  T406] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  150.321747][  T406] CPU: 0 PID: 406 Comm: syz-executor101 Tainted: G    B             5.15.167-syzkaller-android13-5.15.167_r00 #0
[  150.333581][  T406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.343478][  T406] RIP: 0010:__rb_insert_augmented+0x91/0x610
[  150.349295][  T406] Code: 00 74 08 4c 89 ef e8 9e b1 2a ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 70 b1 2a ff 48 89 d8 48 8b 1b 4c
[  150.368844][  T406] RSP: 0018:ffffc900009f78f8 EFLAGS: 00010202
[  150.374727][  T406] RAX: 0000000000000000 RBX: 0000000000000008 RCX: dffffc0000000000
[  150.382539][  T406] RDX: ffffffff81a56990 RSI: ffff888111d3ac30 RDI: ffff8881236bce38
[  150.390562][  T406] RBP: ffffc900009f7960 R08: dffffc0000000000 R09: ffff8881236bce40
[  150.398381][  T406] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  150.406190][  T406] R13: ffff88810d38aac0 R14: 0000000000000001 R15: ffff8881236bce38
[  150.414082][  T406] FS:  0000555560cbc3c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  150.422952][  T406] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  150.429380][  T406] CR2: 00007f11f16355c8 CR3: 000000010d38d000 CR4: 00000000003506b0
[  150.437181][  T406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  150.445197][  T406] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  150.453125][  T406] Call Trace:
[  150.456253][  T406]  <TASK>
[  150.459029][  T406]  ? __die_body+0x62/0xb0
[  150.463217][  T406]  ? die_addr+0x9f/0xd0
[  150.467192][  T406]  ? exc_general_protection+0x311/0x4b0
[  150.472573][  T406]  ? asm_exc_general_protection+0x27/0x30
[  150.478125][  T406]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[  150.484370][  T406]  ? __rb_insert_augmented+0x91/0x610
[  150.489668][  T406]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[  150.495916][  T406]  vma_interval_tree_insert_after+0x2be/0x2d0
[  150.501922][  T406]  copy_mm+0xba2/0x13e0
[  150.505913][  T406]  ? copy_signal+0x610/0x610
[  150.510413][  T406]  ? __init_rwsem+0xfe/0x1d0
[  150.514848][  T406]  ? copy_signal+0x4e3/0x610
[  150.519267][  T406]  copy_process+0x1149/0x3290
[  150.523788][  T406]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  150.528727][  T406]  ? __kasan_check_write+0x14/0x20
[  150.533686][  T406]  kernel_clone+0x21e/0x9e0
[  150.538021][  T406]  ? _raw_spin_unlock_irq+0x4e/0x70
[  150.543138][  T406]  ? create_io_thread+0x1e0/0x1e0
[  150.548107][  T406]  __x64_sys_clone+0x23f/0x290
[  150.552702][  T406]  ? __do_sys_vfork+0x130/0x130
[  150.557395][  T406]  ? __kasan_check_write+0x14/0x20
[  150.562346][  T406]  x64_sys_call+0x1b0/0x9a0
[  150.566675][  T406]  do_syscall_64+0x3b/0xb0
[  150.570932][  T406]  ? clear_bhb_loop+0x35/0x90
[  150.575454][  T406]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  150.581258][  T406] RIP: 0033:0x7f11f15e33e3
[  150.585514][  T406] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  150.605265][  T406] RSP: 002b:00007ffe7e9afae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  150.613506][  T406] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f11f15e33e3
[  150.621402][  T406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  150.629225][  T406] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffe7e9e50b0
[  150.637234][  T406] R10: 0000555560cbc690 R11: 0000000000000246 R12: 0000000000000001
[  150.645079][  T406] R13: 00007ffe7e9afc0c R14: 00007ffe7e9afc60 R15: 00007ffe7e9afc50
[  150.653074][  T406]  </TASK>
[  150.655920][  T406] Modules linked in:
[  150.659757][  T406] ---[ end trace 09cbb413c8b116db ]---
[  150.665132][  T406] RIP: 0010:__rb_insert_augmented+0x91/0x610
[  150.671015][  T406] Code: 00 74 08 4c 89 ef e8 9e b1 2a ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 70 b1 2a ff 48 89 d8 48 8b 1b 4c
[  150.690509][  T406] RSP: 0018:ffffc900009f78f8 EFLAGS: 00010202
[  150.696633][  T406] RAX: 0000000000000000 RBX: 0000000000000008 RCX: dffffc0000000000
[  150.704430][  T406] RDX: ffffffff81a56990 RSI: ffff888111d3ac30 RDI: ffff8881236bce38
[  150.712196][  T406] RBP: ffffc900009f7960 R08: dffffc0000000000 R09: ffff8881236bce40
[  150.720155][  T406] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  150.728123][  T406] R13: ffff88810d38aac0 R14: 0000000000000001 R15: ffff8881236bce38
[  150.735941][  T406] FS:  0000555560cbc3c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  150.744701][  T406] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  150.751093][  T406] CR2: 00007f11f16355c8 CR3: 000000010d38d000 CR4: 00000000003506b0
[  150.758982][  T406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  150.766846][  T406] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  150.774694][  T406] Kernel panic - not syncing: Fatal exception
[  150.780770][  T406] Kernel Offset: disabled
[  150.784936][  T406] Rebooting in 86400 seconds..