./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor670828816

<...>
[    4.083038][   T30] audit: type=1400 audit(1684489987.204:10): avc:  denied  { getattr } for  pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[    4.379802][   T99] udevd[99]: starting version 3.2.11
[    4.416076][  T100] udevd[100]: starting eudev-3.2.11
[    8.092396][  T110] udevd (110) used greatest stack depth: 21552 bytes left
[   12.516435][   T30] kauditd_printk_skb: 50 callbacks suppressed
[   12.516447][   T30] audit: type=1400 audit(1684489995.674:61): avc:  denied  { transition } for  pid=223 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   12.522283][   T30] audit: type=1400 audit(1684489995.684:62): avc:  denied  { noatsecure } for  pid=223 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   12.530162][   T30] audit: type=1400 audit(1684489995.684:63): avc:  denied  { write } for  pid=223 comm="sh" path="pipe:[13085]" dev="pipefs" ino=13085 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   12.534745][   T30] audit: type=1400 audit(1684489995.684:64): avc:  denied  { rlimitinh } for  pid=223 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   12.539465][   T30] audit: type=1400 audit(1684489995.684:65): avc:  denied  { siginh } for  pid=223 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.1.17' (ECDSA) to the list of known hosts.
execve("./syz-executor670828816", ["./syz-executor670828816"], 0x7ffec4a759a0 /* 10 vars */) = 0
brk(NULL)                               = 0x55555591b000
brk(0x55555591bc40)                     = 0x55555591bc40
arch_prctl(ARCH_SET_FS, 0x55555591b300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x55555591b5d0)         = 300
set_robust_list(0x55555591b5e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7efd6467ec40, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7efd6467f310}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7efd6467ece0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7efd6467f310}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor670828816", 4096) = 27
brk(0x55555593cc40)                     = 0x55555593cc40
brk(0x55555593d000)                     = 0x55555593d000
mprotect(0x7efd64740000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 301
./strace-static-x86_64: Process 301 attached
[pid   301] set_robust_list(0x55555591b5e0, 24) = 0
[pid   301] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid   301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   301] setsid()                    = 1
[pid   301] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid   301] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid   301] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid   301] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid   301] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid   301] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid   301] unshare(CLONE_NEWNS)        = 0
[pid   301] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid   301] unshare(CLONE_NEWIPC)       = -1 EINVAL (Invalid argument)
[pid   301] unshare(CLONE_NEWCGROUP)    = 0
[pid   301] unshare(CLONE_NEWUTS)       = 0
[pid   301] unshare(CLONE_SYSVSEM)      = 0
[pid   301] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   301] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   301] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   301] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   301] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   301] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   301] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid   301] getpid()                    = 1
[pid   301] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   301] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid   301] unshare(CLONE_NEWNET)       = 0
[pid   301] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid   301] write(3, "0 65535", 7)      = 7
[pid   301] close(3)                    = 0
[pid   301] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid   301] dup2(3, 200)                = 200
[pid   301] close(3)                    = 0
[pid   301] ioctl(200, TUNSETIFF, 0x7ffe1c26f670) = 0
[pid   301] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid   301] write(3, "0", 1)            = 1
[pid   301] close(3)                    = 0
[pid   301] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid   301] write(3, "0", 1)            = 1
[pid   301] close(3)                    = 0
[pid   301] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid   301] access("/proc/net", R_OK)   = 0
[pid   301] access("/proc/net/unix", R_OK) = 0
[pid   301] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   301] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   301] close(4)                    = 0
[pid   301] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid   301] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   301] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   301] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   301] close(4)                    = 0
[pid   301] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid   301] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   301] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   301] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   301] close(4)                    = 0
[pid   301] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid   301] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   301] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   301] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   301] close(4)                    = 0
[pid   301] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid   301] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   301] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid   301] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid   301] close(4)                    = 0
[pid   301] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid   301] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid   301] close(3)                    = 0
[pid   301] mkdir("/dev/binderfs", 0777) = 0
[pid   301] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid   301] symlink("/dev/binderfs", "./binderfs") = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 2
./strace-static-x86_64: Process 302 attached
[pid   302] set_robust_list(0x55555591b5e0, 24) = 0
[pid   302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   302] setpgid(0, 0)               = 0
[pid   302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   302] write(3, "1000", 4)         = 4
[pid   302] close(3)                    = 0
[pid   302] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   302] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   302] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   302] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 3
[pid   302] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   302] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 303 attached
 <unfinished ...>
[pid   303] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   303] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   303] write(3, "57", 2)           = 2
[   29.121667][   T30] audit: type=1400 audit(1684490012.284:66): avc:  denied  { execmem } for  pid=300 comm="syz-executor670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   29.127471][   T30] audit: type=1400 audit(1684490012.284:67): avc:  denied  { integrity } for  pid=300 comm="syz-executor670" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   29.134804][   T30] audit: type=1400 audit(1684490012.284:68): avc:  denied  { mounton } for  pid=301 comm="syz-executor670" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   29.144670][   T30] audit: type=1400 audit(1684490012.284:69): avc:  denied  { mount } for  pid=301 comm="syz-executor670" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   29.167491][   T30] audit: type=1400 audit(1684490012.284:70): avc:  denied  { mounton } for  pid=301 comm="syz-executor670" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   29.168559][  T303] FAULT_INJECTION: forcing a failure.
[   29.168559][  T303] name failslab, interval 1, probability 0, space 0, times 1
[   29.189125][   T30] audit: type=1400 audit(1684490012.304:71): avc:  denied  { create } for  pid=297 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   29.202003][  T303] CPU: 0 PID: 303 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   29.222250][   T30] audit: type=1400 audit(1684490012.304:72): avc:  denied  { write } for  pid=297 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   29.231851][  T303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   29.231865][  T303] Call Trace:
[   29.231871][  T303]  <TASK>
[   29.231878][  T303]  dump_stack_lvl+0x151/0x1b7
[   29.231917][  T303]  ? io_uring_drop_tctx_refs+0x190/0x190
[   29.252935][   T30] audit: type=1400 audit(1684490012.304:73): avc:  denied  { nlmsg_read } for  pid=297 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   29.262324][  T303]  dump_stack+0x15/0x17
[   29.262354][  T303]  should_fail+0x3c6/0x510
[   29.262378][  T303]  __should_failslab+0xa4/0xe0
[   29.265910][   T30] audit: type=1400 audit(1684490012.304:74): avc:  denied  { module_request } for  pid=297 comm="strace-static-x" kmod="net-pf-16-proto-4-type-16" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   29.268220][  T303]  ? anon_vma_fork+0x1be/0x500
[   29.272973][   T30] audit: type=1400 audit(1684490012.304:75): avc:  denied  { read } for  pid=297 comm="strace-static-x" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   29.278285][  T303]  should_failslab+0x9/0x20
[   29.364399][  T303]  slab_pre_alloc_hook+0x37/0xd0
[   29.369267][  T303]  ? anon_vma_fork+0x1be/0x500
[   29.374413][  T303]  kmem_cache_alloc+0x44/0x200
[   29.378974][  T303]  anon_vma_fork+0x1be/0x500
[   29.383403][  T303]  ? vm_area_dup+0x17a/0x230
[   29.387829][  T303]  dup_mm+0x8c5/0x12c0
[   29.391738][  T303]  ? copy_init_mm+0x20/0x20
[   29.396073][  T303]  copy_mm+0x107/0x1b0
[   29.399986][  T303]  copy_process+0x12bc/0x3260
[   29.404499][  T303]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   29.409448][  T303]  ? __kasan_check_write+0x14/0x20
[   29.414390][  T303]  kernel_clone+0x21e/0x9e0
[   29.418732][  T303]  ? _raw_spin_unlock_irq+0x4e/0x70
[   29.423770][  T303]  ? create_io_thread+0x1e0/0x1e0
[   29.428623][  T303]  __x64_sys_clone+0x23f/0x290
[   29.433231][  T303]  ? __do_sys_vfork+0x130/0x130
[   29.437910][  T303]  ? __kasan_check_read+0x11/0x20
[   29.442768][  T303]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   29.448584][  T303]  do_syscall_64+0x3d/0xb0
[   29.452838][  T303]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   29.458647][  T303] RIP: 0033:0x7efd646bd829
[   29.462903][  T303] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   29.482434][  T303] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   29.490715][  T303] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   29.498582][  T303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   29.506389][  T303] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   29.514201][  T303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[pid   303] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   302] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   303] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   303] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   303] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   302] close(3)                    = 0
[pid   302] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   302] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   302] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   302] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   302] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   302] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   302] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   302] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   302] exit_group(0)               = ?
[pid   303] <... futex resumed>)        = ? <unavailable>
[pid   303] +++ exited with 0 +++
[pid   302] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 4
./strace-static-x86_64: Process 304 attached
[pid   304] set_robust_list(0x55555591b5e0, 24) = 0
[pid   304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   304] setpgid(0, 0)               = 0
[pid   304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   304] write(3, "1000", 4)         = 4
[pid   304] close(3)                    = 0
[pid   304] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   304] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   304] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   304] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   304] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   304] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 305 attached
 <unfinished ...>
[pid   305] set_robust_list(0x7efd6466e9e0, 24 <unfinished ...>
[pid   304] <... clone resumed>, parent_tid=[5], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 5
[pid   305] <... set_robust_list resumed>) = 0
[pid   305] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   304] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   305] <... futex resumed>)        = 0
[pid   305] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   304] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   305] <... openat resumed>)       = 3
[pid   305] write(3, "57", 2)           = 2
[   29.522009][  T303] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   29.529824][  T303]  </TASK>
[   29.556668][  T305] FAULT_INJECTION: forcing a failure.
[   29.556668][  T305] name failslab, interval 1, probability 0, space 0, times 0
[pid   305] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   304] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   29.569269][  T305] CPU: 1 PID: 305 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   29.579374][  T305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   29.589265][  T305] Call Trace:
[   29.592385][  T305]  <TASK>
[   29.595163][  T305]  dump_stack_lvl+0x151/0x1b7
[   29.599674][  T305]  ? io_uring_drop_tctx_refs+0x190/0x190
[   29.605144][  T305]  dump_stack+0x15/0x17
[   29.609135][  T305]  should_fail+0x3c6/0x510
[   29.613388][  T305]  __should_failslab+0xa4/0xe0
[   29.618079][  T305]  ? anon_vma_clone+0x9a/0x4c0
[   29.622781][  T305]  should_failslab+0x9/0x20
[   29.627127][  T305]  slab_pre_alloc_hook+0x37/0xd0
[   29.632010][  T305]  ? anon_vma_clone+0x9a/0x4c0
[   29.636605][  T305]  kmem_cache_alloc+0x44/0x200
[   29.641205][  T305]  anon_vma_clone+0x9a/0x4c0
[   29.645640][  T305]  anon_vma_fork+0x91/0x500
[   29.649968][  T305]  ? anon_vma_name+0x4c/0x70
[   29.654396][  T305]  ? vm_area_dup+0x17a/0x230
[   29.658831][  T305]  dup_mm+0x8c5/0x12c0
[   29.662740][  T305]  ? copy_init_mm+0x20/0x20
[   29.667069][  T305]  copy_mm+0x107/0x1b0
[   29.670975][  T305]  copy_process+0x12bc/0x3260
[   29.675491][  T305]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   29.680456][  T305]  ? __kasan_check_write+0x14/0x20
[   29.685385][  T305]  kernel_clone+0x21e/0x9e0
[   29.689720][  T305]  ? _raw_spin_unlock_irq+0x4e/0x70
[   29.694757][  T305]  ? create_io_thread+0x1e0/0x1e0
[   29.699617][  T305]  __x64_sys_clone+0x23f/0x290
[   29.704215][  T305]  ? __do_sys_vfork+0x130/0x130
[   29.708994][  T305]  ? __kasan_check_read+0x11/0x20
[   29.713858][  T305]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   29.719663][  T305]  do_syscall_64+0x3d/0xb0
[   29.723916][  T305]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   29.729754][  T305] RIP: 0033:0x7efd646bd829
[   29.734178][  T305] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   29.753709][  T305] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   29.762045][  T305] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[pid   305] <... clone resumed>)        = 6
[pid   305] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   304] close(3)                    = 0
[pid   304] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   304] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   304] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   305] <... futex resumed>)        = 0
[pid   304] close(7 <unfinished ...>
[pid   305] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   304] <... close resumed>)        = -1 EBADF (Bad file descriptor)
./strace-static-x86_64: Process 306 attached
[pid   304] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   304] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   304] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   304] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   304] exit_group(0 <unfinished ...>
[pid   305] <... futex resumed>)        = ?
[pid   304] <... exit_group resumed>)   = ?
[pid   305] +++ exited with 0 +++
[pid   304] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 7
./strace-static-x86_64: Process 307 attached
[pid   307] set_robust_list(0x55555591b5e0, 24) = 0
[pid   307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   307] setpgid(0, 0)               = 0
[pid   307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   307] write(3, "1000", 4)         = 4
[pid   307] close(3)                    = 0
[pid   307] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   307] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   307] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   307] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   307] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   307] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 308 attached
 <unfinished ...>
[pid   308] set_robust_list(0x7efd6466e9e0, 24 <unfinished ...>
[pid   307] <... clone resumed>, parent_tid=[8], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 8
[pid   308] <... set_robust_list resumed>) = 0
[pid   307] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   307] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   308] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   308] write(3, "57", 2)           = 2
[   29.770016][  T305] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   29.777991][  T305] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   29.786131][  T305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   29.794061][  T305] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   29.802696][  T305]  </TASK>
[   29.830324][  T308] FAULT_INJECTION: forcing a failure.
[   29.830324][  T308] name failslab, interval 1, probability 0, space 0, times 0
[   29.842855][  T308] CPU: 1 PID: 308 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   29.853403][  T308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   29.863383][  T308] Call Trace:
[   29.866508][  T308]  <TASK>
[   29.869285][  T308]  dump_stack_lvl+0x151/0x1b7
[   29.873801][  T308]  ? io_uring_drop_tctx_refs+0x190/0x190
[   29.879951][  T308]  dump_stack+0x15/0x17
[   29.883949][  T308]  should_fail+0x3c6/0x510
[   29.888204][  T308]  __should_failslab+0xa4/0xe0
[   29.892793][  T308]  ? anon_vma_fork+0x1be/0x500
[   29.897400][  T308]  should_failslab+0x9/0x20
[   29.901815][  T308]  slab_pre_alloc_hook+0x37/0xd0
[   29.906677][  T308]  ? anon_vma_fork+0x1be/0x500
[   29.911278][  T308]  kmem_cache_alloc+0x44/0x200
[   29.915994][  T308]  anon_vma_fork+0x1be/0x500
[   29.920392][  T308]  ? vm_area_dup+0x17a/0x230
[   29.924817][  T308]  dup_mm+0x8c5/0x12c0
[   29.928730][  T308]  ? copy_init_mm+0x20/0x20
[   29.933064][  T308]  copy_mm+0x107/0x1b0
[   29.936979][  T308]  copy_process+0x12bc/0x3260
[   29.941484][  T308]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   29.946518][  T308]  ? __kasan_check_write+0x14/0x20
[   29.951596][  T308]  kernel_clone+0x21e/0x9e0
[   29.955924][  T308]  ? _raw_spin_unlock_irq+0x4e/0x70
[   29.960953][  T308]  ? create_io_thread+0x1e0/0x1e0
[   29.965906][  T308]  __x64_sys_clone+0x23f/0x290
[   29.970640][  T308]  ? __do_sys_vfork+0x130/0x130
[   29.975325][  T308]  ? __kasan_check_read+0x11/0x20
[   29.980182][  T308]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   29.985995][  T308]  do_syscall_64+0x3d/0xb0
[   29.990254][  T308]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   29.995976][  T308] RIP: 0033:0x7efd646bd829
[   30.000239][  T308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   30.020111][  T308] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   308] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   307] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   308] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   306] exit(0 <unfinished ...>
[pid   308] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   308] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   306] <... exit resumed>)         = ?
[pid   306] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   307] close(3 <unfinished ...>
[pid   301] <... restart_syscall resumed>) = 0
[pid   307] <... close resumed>)        = 0
[pid   307] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   307] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   307] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   307] exit_group(0 <unfinished ...>
[pid   308] <... futex resumed>)        = ?
[pid   307] <... exit_group resumed>)   = ?
[pid   308] +++ exited with 0 +++
[pid   307] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 9
./strace-static-x86_64: Process 310 attached
[pid   310] set_robust_list(0x55555591b5e0, 24) = 0
[pid   310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   310] setpgid(0, 0)               = 0
[pid   310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   310] write(3, "1000", 4)         = 4
[pid   310] close(3)                    = 0
[pid   310] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid   310] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   310] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   310] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   310] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   310] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[10], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 10
./strace-static-x86_64: Process 311 attached
[pid   311] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   311] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   310] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   311] <... futex resumed>)        = 0
[pid   311] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   310] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   311] <... openat resumed>)       = 3
[pid   311] write(3, "57", 2)           = 2
[   30.028357][  T308] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   30.036161][  T308] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   30.043978][  T308] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   30.052404][  T308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   30.060214][  T308] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   30.068091][  T308]  </TASK>
[pid   311] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   310] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   30.087719][  T311] FAULT_INJECTION: forcing a failure.
[   30.087719][  T311] name failslab, interval 1, probability 0, space 0, times 0
[   30.100275][  T311] CPU: 1 PID: 311 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   30.110439][  T311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   30.120333][  T311] Call Trace:
[   30.123458][  T311]  <TASK>
[   30.126235][  T311]  dump_stack_lvl+0x151/0x1b7
[   30.130751][  T311]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.136214][  T311]  ? avc_denied+0x1b0/0x1b0
[   30.140554][  T311]  dump_stack+0x15/0x17
[   30.144552][  T311]  should_fail+0x3c6/0x510
[   30.148796][  T311]  __should_failslab+0xa4/0xe0
[   30.153400][  T311]  ? vm_area_dup+0x26/0x230
[   30.157740][  T311]  should_failslab+0x9/0x20
[   30.162077][  T311]  slab_pre_alloc_hook+0x37/0xd0
[   30.166852][  T311]  ? vm_area_dup+0x26/0x230
[   30.171191][  T311]  kmem_cache_alloc+0x44/0x200
[   30.175804][  T311]  vm_area_dup+0x26/0x230
[   30.179957][  T311]  dup_mm+0x81b/0x12c0
[   30.183867][  T311]  ? copy_init_mm+0x20/0x20
[   30.188200][  T311]  copy_mm+0x107/0x1b0
[   30.192154][  T311]  copy_process+0x12bc/0x3260
[   30.196710][  T311]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   30.201656][  T311]  ? __kasan_check_write+0x14/0x20
[   30.206729][  T311]  kernel_clone+0x21e/0x9e0
[   30.211214][  T311]  ? _raw_spin_unlock_irq+0x4e/0x70
[   30.216243][  T311]  ? create_io_thread+0x1e0/0x1e0
[   30.221103][  T311]  __x64_sys_clone+0x23f/0x290
[   30.225705][  T311]  ? __do_sys_vfork+0x130/0x130
[   30.230398][  T311]  ? __kasan_check_read+0x11/0x20
[   30.235339][  T311]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   30.241151][  T311]  do_syscall_64+0x3d/0xb0
[   30.245406][  T311]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   30.251132][  T311] RIP: 0033:0x7efd646bd829
[   30.255389][  T311] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   30.274837][  T311] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   311] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   311] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   311] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   310] close(3)                    = 0
[pid   310] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   310] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   310] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   310] exit_group(0)               = ?
[pid   311] <... futex resumed>)        = ?
[pid   311] +++ exited with 0 +++
[pid   310] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=9, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 11
./strace-static-x86_64: Process 312 attached
[pid   312] set_robust_list(0x55555591b5e0, 24) = 0
[pid   312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   312] setpgid(0, 0)               = 0
[pid   312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   312] write(3, "1000", 4)         = 4
[pid   312] close(3)                    = 0
[pid   312] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   312] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   312] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   312] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   312] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 313 attached
, parent_tid=[12], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 12
[pid   313] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   313] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   312] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   313] <... futex resumed>)        = 0
[pid   313] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   312] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   313] <... openat resumed>)       = 3
[pid   313] write(3, "57", 2)           = 2
[   30.283075][  T311] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   30.291325][  T311] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   30.299128][  T311] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   30.306949][  T311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   30.314759][  T311] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   30.322580][  T311]  </TASK>
[pid   313] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   312] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   30.346214][  T313] FAULT_INJECTION: forcing a failure.
[   30.346214][  T313] name failslab, interval 1, probability 0, space 0, times 0
[   30.358915][  T313] CPU: 0 PID: 313 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   30.368972][  T313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   30.378856][  T313] Call Trace:
[   30.381981][  T313]  <TASK>
[   30.384869][  T313]  dump_stack_lvl+0x151/0x1b7
[   30.389386][  T313]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.394859][  T313]  dump_stack+0x15/0x17
[   30.398844][  T313]  should_fail+0x3c6/0x510
[   30.403178][  T313]  __should_failslab+0xa4/0xe0
[   30.407778][  T313]  ? anon_vma_clone+0x9a/0x4c0
[   30.412467][  T313]  should_failslab+0x9/0x20
[   30.416804][  T313]  slab_pre_alloc_hook+0x37/0xd0
[   30.421577][  T313]  ? anon_vma_clone+0x9a/0x4c0
[   30.426177][  T313]  kmem_cache_alloc+0x44/0x200
[   30.430777][  T313]  anon_vma_clone+0x9a/0x4c0
[   30.435204][  T313]  anon_vma_fork+0x91/0x500
[   30.439541][  T313]  ? anon_vma_name+0x4c/0x70
[   30.443966][  T313]  ? vm_area_dup+0x17a/0x230
[   30.448396][  T313]  dup_mm+0x8c5/0x12c0
[   30.452735][  T313]  ? copy_init_mm+0x20/0x20
[   30.457081][  T313]  copy_mm+0x107/0x1b0
[   30.460986][  T313]  copy_process+0x12bc/0x3260
[   30.465497][  T313]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   30.470441][  T313]  ? __kasan_check_write+0x14/0x20
[   30.475390][  T313]  kernel_clone+0x21e/0x9e0
[   30.479728][  T313]  ? _raw_spin_unlock_irq+0x4e/0x70
[   30.484761][  T313]  ? create_io_thread+0x1e0/0x1e0
[   30.489622][  T313]  __x64_sys_clone+0x23f/0x290
[   30.494224][  T313]  ? __do_sys_vfork+0x130/0x130
[   30.498909][  T313]  ? __kasan_check_read+0x11/0x20
[   30.503770][  T313]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   30.509583][  T313]  do_syscall_64+0x3d/0xb0
[   30.513838][  T313]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   30.519563][  T313] RIP: 0033:0x7efd646bd829
[   30.523821][  T313] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[pid   313] <... clone resumed>)        = 13
[pid   313] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   313] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   312] close(3)                    = 0
[pid   312] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   312] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   312] close(6)                    = -1 EBADF (Bad file descriptor)
./strace-static-x86_64: Process 314 attached
[pid   312] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   312] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   312] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   312] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   312] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   312] exit_group(0)               = ?
[pid   313] <... futex resumed>)        = 231
[pid   313] +++ exited with 0 +++
[pid   312] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=11, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 315 attached
, child_tidptr=0x55555591b5d0) = 14
[pid   315] set_robust_list(0x55555591b5e0, 24) = 0
[pid   315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   315] setpgid(0, 0)               = 0
[pid   315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   315] write(3, "1000", 4)         = 4
[pid   315] close(3)                    = 0
[pid   315] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   315] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   315] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   315] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   315] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 316 attached
, parent_tid=[15], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 15
[pid   316] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   316] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   315] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   316] <... futex resumed>)        = 0
[pid   315] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   316] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   316] write(3, "57", 2)           = 2
[   30.543287][  T313] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   30.551505][  T313] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   30.559340][  T313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   30.567222][  T313] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   30.575115][  T313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   30.582921][  T313] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   30.590744][  T313]  </TASK>
[pid   316] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   315] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   30.607214][  T316] FAULT_INJECTION: forcing a failure.
[   30.607214][  T316] name failslab, interval 1, probability 0, space 0, times 0
[   30.619763][  T316] CPU: 0 PID: 316 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   30.629933][  T316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   30.639977][  T316] Call Trace:
[   30.643070][  T316]  <TASK>
[   30.645840][  T316]  dump_stack_lvl+0x151/0x1b7
[   30.650353][  T316]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.655989][  T316]  ? avc_denied+0x1b0/0x1b0
[   30.660287][  T316]  dump_stack+0x15/0x17
[   30.664276][  T316]  should_fail+0x3c6/0x510
[   30.668532][  T316]  __should_failslab+0xa4/0xe0
[   30.673133][  T316]  ? vm_area_dup+0x26/0x230
[   30.677471][  T316]  should_failslab+0x9/0x20
[   30.681827][  T316]  slab_pre_alloc_hook+0x37/0xd0
[   30.686587][  T316]  ? vm_area_dup+0x26/0x230
[   30.690922][  T316]  kmem_cache_alloc+0x44/0x200
[   30.695528][  T316]  vm_area_dup+0x26/0x230
[   30.699690][  T316]  dup_mm+0x81b/0x12c0
[   30.703769][  T316]  ? copy_init_mm+0x20/0x20
[   30.708195][  T316]  copy_mm+0x107/0x1b0
[   30.712101][  T316]  copy_process+0x12bc/0x3260
[   30.716613][  T316]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   30.721559][  T316]  ? __kasan_check_write+0x14/0x20
[   30.726510][  T316]  kernel_clone+0x21e/0x9e0
[   30.730848][  T316]  ? _raw_spin_unlock_irq+0x4e/0x70
[   30.735882][  T316]  ? create_io_thread+0x1e0/0x1e0
[   30.740751][  T316]  __x64_sys_clone+0x23f/0x290
[   30.745347][  T316]  ? __do_sys_vfork+0x130/0x130
[   30.750029][  T316]  ? __kasan_check_read+0x11/0x20
[   30.754889][  T316]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   30.760722][  T316]  do_syscall_64+0x3d/0xb0
[   30.764968][  T316]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   30.770684][  T316] RIP: 0033:0x7efd646bd829
[   30.774941][  T316] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   30.794533][  T316] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   316] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   314] exit(0 <unfinished ...>
[pid   316] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid   314] <... exit resumed>)         = ?
[pid   315] close(3 <unfinished ...>
[pid   316] <... futex resumed>)        = 0
[pid   315] <... close resumed>)        = 0
[pid   316] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   314] +++ exited with 0 +++
[pid   315] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   315] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   315] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   315] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   315] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   315] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   315] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   315] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   315] exit_group(0 <unfinished ...>
[pid   316] <... futex resumed>)        = ?
[pid   315] <... exit_group resumed>)   = ?
[pid   316] +++ exited with 0 +++
[pid   315] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=13, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 16
./strace-static-x86_64: Process 317 attached
[pid   317] set_robust_list(0x55555591b5e0, 24) = 0
[pid   317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   317] setpgid(0, 0)               = 0
[pid   317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   317] write(3, "1000", 4)         = 4
[pid   317] close(3)                    = 0
[pid   317] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   317] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   317] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   317] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   317] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 318 attached
, parent_tid=[17], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 17
[pid   318] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   318] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   317] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   318] <... futex resumed>)        = 0
[pid   318] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   317] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   318] write(3, "57", 2)           = 2
[   30.802759][  T316] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   30.810545][  T316] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   30.818357][  T316] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   30.826168][  T316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   30.833982][  T316] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   30.841794][  T316]  </TASK>
[pid   318] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   317] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   30.869883][  T318] FAULT_INJECTION: forcing a failure.
[   30.869883][  T318] name failslab, interval 1, probability 0, space 0, times 0
[   30.882388][  T318] CPU: 0 PID: 318 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   30.892371][  T318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   30.902364][  T318] Call Trace:
[   30.905645][  T318]  <TASK>
[   30.908428][  T318]  dump_stack_lvl+0x151/0x1b7
[   30.912935][  T318]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.918494][  T318]  ? avc_denied+0x1b0/0x1b0
[   30.922826][  T318]  dump_stack+0x15/0x17
[   30.926821][  T318]  should_fail+0x3c6/0x510
[   30.931072][  T318]  __should_failslab+0xa4/0xe0
[   30.935671][  T318]  ? vm_area_dup+0x26/0x230
[   30.940015][  T318]  should_failslab+0x9/0x20
[   30.944351][  T318]  slab_pre_alloc_hook+0x37/0xd0
[   30.949122][  T318]  ? vm_area_dup+0x26/0x230
[   30.953477][  T318]  kmem_cache_alloc+0x44/0x200
[   30.958066][  T318]  vm_area_dup+0x26/0x230
[   30.962575][  T318]  dup_mm+0x81b/0x12c0
[   30.966578][  T318]  ? copy_init_mm+0x20/0x20
[   30.970913][  T318]  copy_mm+0x107/0x1b0
[   30.974817][  T318]  copy_process+0x12bc/0x3260
[   30.979345][  T318]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   30.984277][  T318]  ? __kasan_check_write+0x14/0x20
[   30.989314][  T318]  kernel_clone+0x21e/0x9e0
[   30.993654][  T318]  ? _raw_spin_unlock_irq+0x4e/0x70
[   30.998682][  T318]  ? create_io_thread+0x1e0/0x1e0
[   31.003544][  T318]  __x64_sys_clone+0x23f/0x290
[   31.008148][  T318]  ? __do_sys_vfork+0x130/0x130
[   31.012846][  T318]  ? __kasan_check_read+0x11/0x20
[   31.017694][  T318]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   31.023509][  T318]  do_syscall_64+0x3d/0xb0
[   31.027767][  T318]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.033489][  T318] RIP: 0033:0x7efd646bd829
[   31.037746][  T318] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   31.057271][  T318] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   318] <... clone resumed>)        = -1 ENOMEM (Cannot allocate memory)
[pid   318] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   317] close(3)                    = 0
[pid   317] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   317] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   317] close(6 <unfinished ...>
[pid   318] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   317] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   317] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   317] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   317] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   317] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   317] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   317] exit_group(0 <unfinished ...>
[pid   318] <... futex resumed>)        = ?
[pid   317] <... exit_group resumed>)   = ?
[pid   318] +++ exited with 0 +++
[pid   317] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 320 attached
, child_tidptr=0x55555591b5d0) = 18
[pid   320] set_robust_list(0x55555591b5e0, 24) = 0
[pid   320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   320] setpgid(0, 0)               = 0
[pid   320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   320] write(3, "1000", 4)         = 4
[pid   320] close(3)                    = 0
[pid   320] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   320] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   320] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   320] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 321 attached
, parent_tid=[19], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 19
[pid   320] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   320] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   321] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   321] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   321] write(3, "57", 2)           = 2
[   31.065519][  T318] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   31.073323][  T318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   31.081141][  T318] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   31.088968][  T318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   31.096766][  T318] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   31.104575][  T318]  </TASK>
[   31.125887][  T321] FAULT_INJECTION: forcing a failure.
[   31.125887][  T321] name failslab, interval 1, probability 0, space 0, times 0
[   31.138611][  T321] CPU: 1 PID: 321 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   31.148672][  T321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   31.158558][  T321] Call Trace:
[   31.161768][  T321]  <TASK>
[   31.164563][  T321]  dump_stack_lvl+0x151/0x1b7
[   31.169058][  T321]  ? io_uring_drop_tctx_refs+0x190/0x190
[   31.174531][  T321]  dump_stack+0x15/0x17
[   31.178517][  T321]  should_fail+0x3c6/0x510
[   31.182786][  T321]  __should_failslab+0xa4/0xe0
[   31.187371][  T321]  ? anon_vma_fork+0xf7/0x500
[   31.191891][  T321]  should_failslab+0x9/0x20
[   31.196349][  T321]  slab_pre_alloc_hook+0x37/0xd0
[   31.201111][  T321]  ? anon_vma_fork+0xf7/0x500
[   31.205620][  T321]  kmem_cache_alloc+0x44/0x200
[   31.210218][  T321]  anon_vma_fork+0xf7/0x500
[   31.214557][  T321]  ? anon_vma_name+0x43/0x70
[   31.218990][  T321]  ? vm_area_dup+0x17a/0x230
[   31.223410][  T321]  dup_mm+0x8c5/0x12c0
[   31.227318][  T321]  ? copy_init_mm+0x20/0x20
[   31.231907][  T321]  copy_mm+0x107/0x1b0
[   31.235814][  T321]  copy_process+0x12bc/0x3260
[   31.240350][  T321]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   31.245483][  T321]  ? __kasan_check_write+0x14/0x20
[   31.250429][  T321]  kernel_clone+0x21e/0x9e0
[   31.254773][  T321]  ? _raw_spin_unlock_irq+0x4e/0x70
[   31.259801][  T321]  ? create_io_thread+0x1e0/0x1e0
[   31.264662][  T321]  __x64_sys_clone+0x23f/0x290
[   31.269357][  T321]  ? __do_sys_vfork+0x130/0x130
[   31.274147][  T321]  ? __kasan_check_read+0x11/0x20
[   31.279000][  T321]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   31.284822][  T321]  do_syscall_64+0x3d/0xb0
[   31.289065][  T321]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.294795][  T321] RIP: 0033:0x7efd646bd829
[   31.299057][  T321] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   31.318488][  T321] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   321] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID) = -1 ENOMEM (Cannot allocate memory)
[pid   320] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   321] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   321] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   320] close(3)                    = 0
[pid   320] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   320] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   320] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   320] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   320] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   320] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   320] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   320] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   320] exit_group(0 <unfinished ...>
[pid   321] <... futex resumed>)        = ?
[pid   320] <... exit_group resumed>)   = ?
[pid   321] +++ exited with 0 +++
[pid   320] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 20
./strace-static-x86_64: Process 322 attached
[pid   322] set_robust_list(0x55555591b5e0, 24) = 0
[pid   322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   322] setpgid(0, 0)               = 0
[pid   322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   322] write(3, "1000", 4)         = 4
[pid   322] close(3)                    = 0
[pid   322] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   322] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   322] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   322] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   322] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[21], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 21
[pid   322] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   322] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 323 attached
 <unfinished ...>
[pid   323] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   323] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3
[pid   323] write(3, "57", 2)           = 2
[   31.326819][  T321] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   31.334631][  T321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   31.342443][  T321] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   31.350257][  T321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   31.358063][  T321] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   31.365880][  T321]  </TASK>
[   31.378615][  T323] FAULT_INJECTION: forcing a failure.
[   31.378615][  T323] name failslab, interval 1, probability 0, space 0, times 0
[   31.391118][  T323] CPU: 0 PID: 323 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   31.401100][  T323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   31.411094][  T323] Call Trace:
[   31.414313][  T323]  <TASK>
[   31.417079][  T323]  dump_stack_lvl+0x151/0x1b7
[   31.421582][  T323]  ? io_uring_drop_tctx_refs+0x190/0x190
[   31.427052][  T323]  dump_stack+0x15/0x17
[   31.431041][  T323]  should_fail+0x3c6/0x510
[   31.435311][  T323]  __should_failslab+0xa4/0xe0
[   31.439899][  T323]  ? anon_vma_fork+0x1be/0x500
[   31.444498][  T323]  should_failslab+0x9/0x20
[   31.448839][  T323]  slab_pre_alloc_hook+0x37/0xd0
[   31.453719][  T323]  ? anon_vma_fork+0x1be/0x500
[   31.458320][  T323]  kmem_cache_alloc+0x44/0x200
[   31.462918][  T323]  anon_vma_fork+0x1be/0x500
[   31.467344][  T323]  ? vm_area_dup+0x17a/0x230
[   31.471766][  T323]  dup_mm+0x8c5/0x12c0
[   31.475678][  T323]  ? copy_init_mm+0x20/0x20
[   31.480024][  T323]  copy_mm+0x107/0x1b0
[   31.483946][  T323]  copy_process+0x12bc/0x3260
[   31.488441][  T323]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   31.493381][  T323]  ? __kasan_check_write+0x14/0x20
[   31.498328][  T323]  kernel_clone+0x21e/0x9e0
[   31.502756][  T323]  ? _raw_spin_unlock_irq+0x4e/0x70
[   31.507788][  T323]  ? create_io_thread+0x1e0/0x1e0
[   31.512651][  T323]  __x64_sys_clone+0x23f/0x290
[   31.517249][  T323]  ? __do_sys_vfork+0x130/0x130
[   31.521934][  T323]  ? __kasan_check_read+0x11/0x20
[   31.526793][  T323]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   31.532610][  T323]  do_syscall_64+0x3d/0xb0
[   31.537054][  T323]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.542904][  T323] RIP: 0033:0x7efd646bd829
[   31.547162][  T323] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   31.566600][  T323] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[pid   323] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID) = -1 ENOMEM (Cannot allocate memory)
[pid   322] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[pid   323] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   323] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   322] close(3)                    = 0
[pid   322] close(4)                    = -1 EBADF (Bad file descriptor)
[pid   322] close(5)                    = -1 EBADF (Bad file descriptor)
[pid   322] close(6)                    = -1 EBADF (Bad file descriptor)
[pid   322] close(7)                    = -1 EBADF (Bad file descriptor)
[pid   322] close(8)                    = -1 EBADF (Bad file descriptor)
[pid   322] close(9)                    = -1 EBADF (Bad file descriptor)
[pid   322] close(10)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(11)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(12)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(13)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(14)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(15)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(16)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(17)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(18)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(19)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(20)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(21)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(22)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(23)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(24)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(25)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(26)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(27)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(28)                   = -1 EBADF (Bad file descriptor)
[pid   322] close(29)                   = -1 EBADF (Bad file descriptor)
[pid   322] exit_group(0 <unfinished ...>
[pid   323] <... futex resumed>)        = ?
[pid   322] <... exit_group resumed>)   = ?
[pid   323] +++ exited with 0 +++
[pid   322] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555591b5d0) = 22
./strace-static-x86_64: Process 324 attached
[pid   324] set_robust_list(0x55555591b5e0, 24) = 0
[pid   324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   324] setpgid(0, 0)               = 0
[pid   324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   324] write(3, "1000", 4)         = 4
[pid   324] close(3)                    = 0
[pid   324] read(200, 0x7ffe1c26f1d0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid   324] futex(0x7efd647464ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid   324] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efd6464e000
[pid   324] mprotect(0x7efd6464f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid   324] clone(child_stack=0x7efd6466e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 325 attached
, parent_tid=[23], tls=0x7efd6466e700, child_tidptr=0x7efd6466e9d0) = 23
[pid   325] set_robust_list(0x7efd6466e9e0, 24) = 0
[pid   325] futex(0x7efd647464a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid   324] futex(0x7efd647464a8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid   325] <... futex resumed>)        = 0
[pid   325] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   324] futex(0x7efd647464ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid   325] <... openat resumed>)       = 3
[pid   325] write(3, "57", 2)           = 2
[   31.574844][  T323] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   31.582649][  T323] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   31.590464][  T323] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   31.598359][  T323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   31.606255][  T323] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   31.614072][  T323]  </TASK>
[pid   325] clone(child_stack=NULL, flags=CLONE_PTRACE|CLONE_NEWCGROUP|CLONE_NEWPID <unfinished ...>
[pid   324] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   31.629854][  T325] general protection fault, probably for non-canonical address 0xe397ba5520000001: 0000 [#1] PREEMPT SMP KASAN
[   31.641580][  T325] KASAN: maybe wild-memory-access in range [0x1cbdf2a900000008-0x1cbdf2a90000000f]
[   31.650806][  T325] CPU: 0 PID: 325 Comm: syz-executor670 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0
[   31.660868][  T325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   31.670849][  T325] RIP: 0010:__rb_insert_augmented+0x91/0x610
[   31.677275][  T325] Code: 00 74 08 4c 89 ef e8 0e 0c 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 e0 0b 2b ff 48 89 d8 48 8b 1b 4c
[   31.696731][  T325] RSP: 0018:ffffc90000a178d8 EFLAGS: 00010202
[   31.702664][  T325] RAX: 1cbdf2a900000000 RBX: 1cbdf2a900000008 RCX: dffffc0000000000
[   31.710550][  T325] RDX: ffffffff81a44dc0 RSI: ffff8881091ac390 RDI: ffff88811e005180
[   31.718357][  T325] RBP: ffffc90000a17940 R08: dffffc0000000000 R09: ffff88811e005188
[   31.726244][  T325] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   31.734171][  T325] R13: ffff88811bbc386c R14: 0397be5520000001 R15: ffff88811ca083d0
[   31.741979][  T325] FS:  00007efd6466e700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   31.750742][  T325] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   31.757174][  T325] CR2: 00007efd646f6290 CR3: 000000011e9ab000 CR4: 00000000003506b0
[   31.764990][  T325] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   31.772815][  T325] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   31.780691][  T325] Call Trace:
[   31.783814][  T325]  <TASK>
[   31.786593][  T325]  ? anon_vma_interval_tree_iter_next+0x390/0x390
[   31.792839][  T325]  vma_interval_tree_insert_after+0x2be/0x2d0
[   31.798749][  T325]  dup_mm+0xa11/0x12c0
[   31.802648][  T325]  ? copy_init_mm+0x20/0x20
[   31.806988][  T325]  copy_mm+0x107/0x1b0
[   31.810890][  T325]  copy_process+0x12bc/0x3260
[   31.815412][  T325]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[   31.820349][  T325]  ? __kasan_check_write+0x14/0x20
[   31.825299][  T325]  kernel_clone+0x21e/0x9e0
[   31.829636][  T325]  ? _raw_spin_unlock_irq+0x4e/0x70
[   31.834670][  T325]  ? create_io_thread+0x1e0/0x1e0
[   31.839532][  T325]  __x64_sys_clone+0x23f/0x290
[   31.844134][  T325]  ? __do_sys_vfork+0x130/0x130
[   31.848823][  T325]  ? __kasan_check_read+0x11/0x20
[   31.853676][  T325]  ? syscall_enter_from_user_mode+0x70/0x1b0
[   31.859496][  T325]  do_syscall_64+0x3d/0xb0
[   31.863744][  T325]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.869476][  T325] RIP: 0033:0x7efd646bd829
[   31.873733][  T325] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   31.893169][  T325] RSP: 002b:00007efd6466e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   31.901416][  T325] RAX: ffffffffffffffda RBX: 00007efd647464a8 RCX: 00007efd646bd829
[   31.909227][  T325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022002000
[   31.917037][  T325] RBP: 00007efd647464a0 R08: 0000000000000000 R09: 0000000000003735
[   31.924848][  T325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   31.932747][  T325] R13: 00007efd6466e300 R14: 00007efd6466e400 R15: 0000000000022000
[   31.940560][  T325]  </TASK>
[   31.943421][  T325] Modules linked in:
[   31.948556][  T325] ---[ end trace cf27375e9552b55d ]---
[   31.954018][  T325] RIP: 0010:__rb_insert_augmented+0x91/0x610
[   31.959810][  T325] Code: 00 74 08 4c 89 ef e8 0e 0c 2b ff 49 8b 45 00 a8 01 0f 85 60 05 00 00 48 89 5d a0 48 89 45 c0 48 8d 58 08 49 89 de 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 df e8 e0 0b 2b ff 48 89 d8 48 8b 1b 4c
[   31.979454][  T325] RSP: 0018:ffffc90000a178d8 EFLAGS: 00010202
[   31.985456][  T325] RAX: 1cbdf2a900000000 RBX: 1cbdf2a900000008 RCX: dffffc0000000000
[   31.993260][  T325] RDX: ffffffff81a44dc0 RSI: ffff8881091ac390 RDI: ffff88811e005180
[   32.001152][  T325] RBP: ffffc90000a17940 R08: dffffc0000000000 R09: ffff88811e005188
[   32.008873][  T325] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   32.016833][  T325] R13: ffff88811bbc386c R14: 0397be5520000001 R15: ffff88811ca083d0
[   32.024802][  T325] FS:  00007efd6466e700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   32.033527][  T325] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   32.040073][  T325] CR2: 00007efd646f6290 CR3: 000000011e9ab000 CR4: 00000000003506b0
[   32.047912][  T325] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   32.055684][  T325] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   32.063641][  T325] Kernel panic - not syncing: Fatal exception
[   32.069728][  T325] Kernel Offset: disabled
[   32.073866][  T325] Rebooting in 86400 seconds..