./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2685757325 <...> Warning: Permanently added '10.128.1.133' (ED25519) to the list of known hosts. execve("./syz-executor2685757325", ["./syz-executor2685757325"], 0x7ffff7c1f4f0 /* 10 vars */) = 0 brk(NULL) = 0x555555bad000 brk(0x555555badd40) = 0x555555badd40 arch_prctl(ARCH_SET_FS, 0x555555bad3c0) = 0 set_tid_address(0x555555bad690) = 5025 set_robust_list(0x555555bad6a0, 24) = 0 rseq(0x555555badce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2685757325", 4096) = 28 getrandom("\x9d\x23\xc7\xa5\x93\x34\x39\x10", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555badd40 brk(0x555555bced40) = 0x555555bced40 brk(0x555555bcf000) = 0x555555bcf000 mprotect(0x7f5b71d42000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bad690) = 5026 ./strace-static-x86_64: Process 5026 attached [pid 5026] set_robust_list(0x555555bad6a0, 24) = 0 [pid 5026] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5026] setpgid(0, 0) = 0 [pid 5026] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5026] write(3, "1000", 4) = 4 [pid 5026] close(3) = 0 [pid 5026] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5026] rt_sigaction(SIGRT_1, {sa_handler=0x7f5b71ce7420, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5b71cd8aa0}, NULL, 8) = 0 [pid 5026] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5026] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c5f000 [pid 5026] mprotect(0x7f5b71c60000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5026] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5026] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c7f990, parent_tid=0x7f5b71c7f990, exit_signal=0, stack=0x7f5b71c5f000, stack_size=0x20300, tls=0x7f5b71c7f6c0} => {parent_tid=[5027]}, 88) = 5027 [pid 5026] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5026] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5026] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5027 attached [pid 5027] rseq(0x7f5b71c7ffe0, 0x20, 0, 0x53053053) = 0 [pid 5027] set_robust_list(0x7f5b71c7f9a0, 24) = 0 [pid 5027] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5027] openat(AT_FDCWD, "/dev/dri/card1", O_RDONLY) = 3 [pid 5027] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5027] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5026] <... futex resumed>) = 0 [pid 5026] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5027] <... futex resumed>) = 0 [pid 5026] <... futex resumed>) = 1 [pid 5027] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5026] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5027] <... openat resumed>) = 4 [pid 5027] write(4, "11", 2) = 2 [ 58.139572][ T5027] FAULT_INJECTION: forcing a failure. [ 58.139572][ T5027] name failslab, interval 1, probability 0, space 0, times 1 [ 58.152343][ T5027] CPU: 1 PID: 5027 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 58.161289][ T5027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 58.171338][ T5027] Call Trace: [ 58.174606][ T5027] [ 58.177522][ T5027] dump_stack_lvl+0x1e7/0x2d0 [ 58.182191][ T5027] ? nf_tcp_handle_invalid+0x650/0x650 [ 58.187635][ T5027] ? panic+0x770/0x770 [ 58.191686][ T5027] ? __might_sleep+0xc0/0xc0 [ 58.196270][ T5027] should_fail_ex+0x3aa/0x4e0 [ 58.200938][ T5027] should_failslab+0x9/0x20 [ 58.205429][ T5027] slab_pre_alloc_hook+0x59/0x2b0 [ 58.210443][ T5027] ? ktime_get_coarse_real_ts64+0x10b/0x120 [ 58.216320][ T5027] kmem_cache_alloc_lru+0x4e/0x300 [ 58.221417][ T5027] ? __d_alloc+0x31/0x710 [ 58.225760][ T5027] __d_alloc+0x31/0x710 [ 58.229899][ T5027] ? lockdep_softirqs_off+0x420/0x420 [ 58.235283][ T5027] d_alloc_pseudo+0x1d/0x70 [ 58.239779][ T5027] alloc_file_pseudo+0x135/0x2f0 [ 58.244709][ T5027] ? alloc_empty_backing_file+0xe0/0xe0 [ 58.250359][ T5027] __shmem_file_setup+0x232/0x2b0 [ 58.255370][ T5027] drm_gem_object_init+0x299/0x360 [ 58.260484][ T5027] __drm_gem_shmem_create+0x175/0x2d0 [ 58.265935][ T5027] drm_gem_shmem_dumb_create+0x252/0x400 [ 58.271562][ T5027] drm_ioctl_kernel+0x349/0x4f0 [ 58.276400][ T5027] ? drm_mode_create_dumb+0x320/0x320 [ 58.281756][ T5027] ? drm_copy_field+0x170/0x170 [ 58.286593][ T5027] ? __might_fault+0xba/0x120 [ 58.291260][ T5027] drm_ioctl+0x636/0xb00 [ 58.295494][ T5027] ? drm_mode_create_dumb+0x320/0x320 [ 58.300852][ T5027] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 58.305870][ T5027] ? bpf_lsm_file_ioctl+0x9/0x10 [ 58.310790][ T5027] ? security_file_ioctl+0x81/0xa0 [ 58.315888][ T5027] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 58.320904][ T5027] __se_sys_ioctl+0xf8/0x170 [ 58.325499][ T5027] do_syscall_64+0x41/0xc0 [ 58.329902][ T5027] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.335782][ T5027] RIP: 0033:0x7f5b71cc14e9 [ 58.340182][ T5027] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 58.359773][ T5027] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.368174][ T5027] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 58.376131][ T5027] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [pid 5027] ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB, 0x20000080) = -1 ENOMEM (Cannot allocate memory) [pid 5026] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5027] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5026] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5027] <... futex resumed>) = 0 [pid 5026] <... futex resumed>) = 0 [pid 5027] openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY [pid 5026] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5027] <... openat resumed>) = 5 [pid 5027] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5026] <... futex resumed>) = 0 [pid 5026] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5026] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5027] <... futex resumed>) = 1 [pid 5027] ioctl(5, DRM_IOCTL_MODE_CREATE_DUMB, 0x20000200) = 0 [pid 5027] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5026] <... futex resumed>) = 0 [pid 5027] ioctl(3, DRM_IOCTL_MODE_DESTROY_DUMB [pid 5026] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5026] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5027] <... ioctl resumed>, 0x20000200) = -1 EINVAL (Invalid argument) [pid 5027] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5026] <... futex resumed>) = 0 [pid 5026] exit_group(0) = ? [pid 5027] <... futex resumed>) = ? [pid 5027] +++ exited with 0 +++ [pid 5026] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5026, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bad690) = 5028 ./strace-static-x86_64: Process 5028 attached [pid 5028] set_robust_list(0x555555bad6a0, 24) = 0 [pid 5028] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5028] setpgid(0, 0) = 0 [pid 5028] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5028] write(3, "1000", 4) = 4 [pid 5028] close(3) = 0 [pid 5028] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5028] rt_sigaction(SIGRT_1, {sa_handler=0x7f5b71ce7420, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5b71cd8aa0}, NULL, 8) = 0 [pid 5028] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5028] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c5f000 [pid 5028] mprotect(0x7f5b71c60000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5028] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [ 58.384086][ T5027] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 58.392040][ T5027] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 58.399995][ T5027] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 58.407959][ T5027] [pid 5028] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c7f990, parent_tid=0x7f5b71c7f990, exit_signal=0, stack=0x7f5b71c5f000, stack_size=0x20300, tls=0x7f5b71c7f6c0}./strace-static-x86_64: Process 5029 attached => {parent_tid=[5029]}, 88) = 5029 [pid 5029] rseq(0x7f5b71c7ffe0, 0x20, 0, 0x53053053) = 0 [pid 5028] rt_sigprocmask(SIG_SETMASK, [], [pid 5029] set_robust_list(0x7f5b71c7f9a0, 24 [pid 5028] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5028] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5029] <... set_robust_list resumed>) = 0 [pid 5028] <... futex resumed>) = 0 [pid 5028] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5029] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5029] openat(AT_FDCWD, "/dev/dri/card1", O_RDONLY) = 3 [pid 5029] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5028] <... futex resumed>) = 0 [pid 5029] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5028] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5029] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5028] <... futex resumed>) = 0 [pid 5029] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5028] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5029] <... openat resumed>) = 4 [pid 5029] write(4, "11", 2) = 2 [ 58.455735][ T5029] FAULT_INJECTION: forcing a failure. [ 58.455735][ T5029] name failslab, interval 1, probability 0, space 0, times 0 [ 58.468439][ T5029] CPU: 0 PID: 5029 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 58.477106][ T5029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 58.487144][ T5029] Call Trace: [ 58.490425][ T5029] [ 58.493341][ T5029] dump_stack_lvl+0x1e7/0x2d0 [ 58.498013][ T5029] ? nf_tcp_handle_invalid+0x650/0x650 [ 58.503464][ T5029] ? panic+0x770/0x770 [ 58.507522][ T5029] ? __might_sleep+0xc0/0xc0 [ 58.512102][ T5029] ? __lock_acquire+0x7f70/0x7f70 [ 58.517160][ T5029] should_fail_ex+0x3aa/0x4e0 [ 58.521864][ T5029] should_failslab+0x9/0x20 [ 58.526448][ T5029] slab_pre_alloc_hook+0x59/0x2b0 [ 58.531464][ T5029] ? vma_node_allow+0x59/0x240 [ 58.536220][ T5029] __kmem_cache_alloc_node+0x4b/0x270 [ 58.541860][ T5029] ? vma_node_allow+0x59/0x240 [ 58.546613][ T5029] kmalloc_trace+0x2a/0xe0 [ 58.551038][ T5029] vma_node_allow+0x59/0x240 [ 58.555825][ T5029] drm_gem_handle_create_tail+0x1e4/0x380 [ 58.561896][ T5029] drm_gem_shmem_dumb_create+0x279/0x400 [ 58.567616][ T5029] drm_ioctl_kernel+0x349/0x4f0 [ 58.572472][ T5029] ? drm_mode_create_dumb+0x320/0x320 [ 58.577914][ T5029] ? drm_copy_field+0x170/0x170 [ 58.582758][ T5029] ? __might_fault+0xba/0x120 [ 58.588213][ T5029] drm_ioctl+0x636/0xb00 [ 58.592455][ T5029] ? drm_mode_create_dumb+0x320/0x320 [ 58.597831][ T5029] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 58.602935][ T5029] ? bpf_lsm_file_ioctl+0x9/0x10 [ 58.607877][ T5029] ? security_file_ioctl+0x81/0xa0 [ 58.613001][ T5029] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 58.618015][ T5029] __se_sys_ioctl+0xf8/0x170 [ 58.622604][ T5029] do_syscall_64+0x41/0xc0 [ 58.627031][ T5029] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.632910][ T5029] RIP: 0033:0x7f5b71cc14e9 [ 58.637400][ T5029] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 58.657187][ T5029] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.665591][ T5029] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 58.673603][ T5029] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 58.681774][ T5029] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 58.689749][ T5029] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 58.697721][ T5029] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [pid 5029] ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB [pid 5028] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5028] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5028] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c3e000 [pid 5029] <... ioctl resumed>, 0x20000080) = -1 ENOMEM (Cannot allocate memory) [pid 5028] mprotect(0x7f5b71c3f000, 131072, PROT_READ|PROT_WRITE [pid 5029] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5028] <... mprotect resumed>) = 0 [pid 5029] <... futex resumed>) = 0 [pid 5028] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5029] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5028] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5028] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c5e990, parent_tid=0x7f5b71c5e990, exit_signal=0, stack=0x7f5b71c3e000, stack_size=0x20300, tls=0x7f5b71c5e6c0}./strace-static-x86_64: Process 5030 attached => {parent_tid=[5030]}, 88) = 5030 [pid 5028] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5028] futex(0x7f5b71d483f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5028] futex(0x7f5b71d483fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5030] rseq(0x7f5b71c5efe0, 0x20, 0, 0x53053053) = 0 [pid 5030] set_robust_list(0x7f5b71c5e9a0, 24) = 0 [pid 5030] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5030] openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY) = 5 [pid 5030] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5028] <... futex resumed>) = 0 [pid 5028] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5028] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5029] <... futex resumed>) = 0 [pid 5030] <... futex resumed>) = 1 [pid 5029] ioctl(5, DRM_IOCTL_MODE_CREATE_DUMB [pid 5030] futex(0x7f5b71d483f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5029] <... ioctl resumed>, 0x20000200) = 0 [pid 5029] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5028] <... futex resumed>) = 0 [pid 5028] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5028] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5029] <... futex resumed>) = 1 [pid 5029] ioctl(3, DRM_IOCTL_MODE_DESTROY_DUMB, 0x20000200) = -1 EINVAL (Invalid argument) [pid 5029] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5028] <... futex resumed>) = 0 [pid 5029] <... futex resumed>) = 1 [pid 5028] exit_group(0 [pid 5030] <... futex resumed>) = ? [pid 5028] <... exit_group resumed>) = ? [pid 5030] +++ exited with 0 +++ [pid 5029] +++ exited with 0 +++ [pid 5028] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5028, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bad690) = 5031 ./strace-static-x86_64: Process 5031 attached [pid 5031] set_robust_list(0x555555bad6a0, 24) = 0 [pid 5031] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5031] setpgid(0, 0) = 0 [pid 5031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5031] write(3, "1000", 4) = 4 [pid 5031] close(3) = 0 [pid 5031] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5031] rt_sigaction(SIGRT_1, {sa_handler=0x7f5b71ce7420, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5b71cd8aa0}, NULL, 8) = 0 [pid 5031] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5031] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c5f000 [pid 5031] mprotect(0x7f5b71c60000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5031] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5031] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c7f990, parent_tid=0x7f5b71c7f990, exit_signal=0, stack=0x7f5b71c5f000, stack_size=0x20300, tls=0x7f5b71c7f6c0}./strace-static-x86_64: Process 5032 attached [pid 5032] rseq(0x7f5b71c7ffe0, 0x20, 0, 0x53053053 [pid 5031] <... clone3 resumed> => {parent_tid=[5032]}, 88) = 5032 [pid 5032] <... rseq resumed>) = 0 [pid 5031] rt_sigprocmask(SIG_SETMASK, [], [pid 5032] set_robust_list(0x7f5b71c7f9a0, 24 [pid 5031] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5032] <... set_robust_list resumed>) = 0 [pid 5031] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5032] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5031] <... futex resumed>) = 0 [pid 5032] openat(AT_FDCWD, "/dev/dri/card1", O_RDONLY [pid 5031] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] <... openat resumed>) = 3 [pid 5032] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5031] <... futex resumed>) = 0 [pid 5032] <... futex resumed>) = 1 [pid 5031] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5032] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5031] <... futex resumed>) = 0 [pid 5031] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] write(4, "11", 2) = 2 [ 58.705688][ T5029] [ 58.740895][ T5032] FAULT_INJECTION: forcing a failure. [ 58.740895][ T5032] name failslab, interval 1, probability 0, space 0, times 0 [ 58.753742][ T5032] CPU: 0 PID: 5032 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 58.762437][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 58.772498][ T5032] Call Trace: [ 58.775765][ T5032] [ 58.778683][ T5032] dump_stack_lvl+0x1e7/0x2d0 [ 58.783357][ T5032] ? nf_tcp_handle_invalid+0x650/0x650 [ 58.788801][ T5032] ? panic+0x770/0x770 [ 58.792856][ T5032] ? __might_sleep+0xc0/0xc0 [ 58.797438][ T5032] ? __lock_acquire+0x7f70/0x7f70 [ 58.802539][ T5032] should_fail_ex+0x3aa/0x4e0 [ 58.807201][ T5032] should_failslab+0x9/0x20 [ 58.811692][ T5032] slab_pre_alloc_hook+0x59/0x2b0 [ 58.816708][ T5032] ? vma_node_allow+0x59/0x240 [ 58.821554][ T5032] __kmem_cache_alloc_node+0x4b/0x270 [ 58.826918][ T5032] ? vma_node_allow+0x59/0x240 [ 58.831668][ T5032] kmalloc_trace+0x2a/0xe0 [ 58.836086][ T5032] vma_node_allow+0x59/0x240 [ 58.840660][ T5032] drm_gem_handle_create_tail+0x1e4/0x380 [ 58.846375][ T5032] drm_gem_shmem_dumb_create+0x279/0x400 [ 58.852014][ T5032] drm_ioctl_kernel+0x349/0x4f0 [ 58.856850][ T5032] ? drm_mode_create_dumb+0x320/0x320 [ 58.862211][ T5032] ? drm_copy_field+0x170/0x170 [ 58.867049][ T5032] ? __might_fault+0xba/0x120 [ 58.871796][ T5032] drm_ioctl+0x636/0xb00 [ 58.876044][ T5032] ? drm_mode_create_dumb+0x320/0x320 [ 58.881418][ T5032] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 58.886439][ T5032] ? bpf_lsm_file_ioctl+0x9/0x10 [ 58.891380][ T5032] ? security_file_ioctl+0x81/0xa0 [ 58.896497][ T5032] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 58.901517][ T5032] __se_sys_ioctl+0xf8/0x170 [ 58.906102][ T5032] do_syscall_64+0x41/0xc0 [ 58.910504][ T5032] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.916390][ T5032] RIP: 0033:0x7f5b71cc14e9 [ 58.920794][ T5032] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 5032] ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB [pid 5031] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5031] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5031] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5032] <... ioctl resumed>, 0x20000080) = -1 ENOMEM (Cannot allocate memory) [pid 5031] <... mmap resumed>) = 0x7f5b71c3e000 [pid 5031] mprotect(0x7f5b71c3f000, 131072, PROT_READ|PROT_WRITE [pid 5032] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5031] <... mprotect resumed>) = 0 [pid 5032] <... futex resumed>) = 0 [pid 5032] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5031] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c5e990, parent_tid=0x7f5b71c5e990, exit_signal=0, stack=0x7f5b71c3e000, stack_size=0x20300, tls=0x7f5b71c5e6c0}./strace-static-x86_64: Process 5033 attached [pid 5033] rseq(0x7f5b71c5efe0, 0x20, 0, 0x53053053) = 0 [pid 5033] set_robust_list(0x7f5b71c5e9a0, 24) = 0 [pid 5033] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5033] futex(0x7f5b71d483f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] <... clone3 resumed> => {parent_tid=[5033]}, 88) = 5033 [pid 5031] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5031] futex(0x7f5b71d483f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5033] <... futex resumed>) = 0 [pid 5031] <... futex resumed>) = 1 [pid 5033] openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY [pid 5031] futex(0x7f5b71d483fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5033] <... openat resumed>) = 5 [pid 5033] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5031] <... futex resumed>) = 0 [pid 5033] futex(0x7f5b71d483f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5032] <... futex resumed>) = 0 [pid 5031] <... futex resumed>) = 1 [pid 5032] ioctl(5, DRM_IOCTL_MODE_CREATE_DUMB, 0x20000200) = 0 [pid 5031] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5032] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5031] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5032] <... futex resumed>) = 0 [pid 5031] <... futex resumed>) = 1 [pid 5032] ioctl(3, DRM_IOCTL_MODE_DESTROY_DUMB [pid 5031] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] <... ioctl resumed>, 0x20000200) = -1 EINVAL (Invalid argument) [pid 5032] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5031] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5032] <... futex resumed>) = 0 [pid 5032] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] exit_group(0 [pid 5032] <... futex resumed>) = ? [pid 5031] <... exit_group resumed>) = ? [pid 5033] <... futex resumed>) = ? [pid 5032] +++ exited with 0 +++ [pid 5033] +++ exited with 0 +++ [pid 5031] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5031, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bad690) = 5034 ./strace-static-x86_64: Process 5034 attached [pid 5034] set_robust_list(0x555555bad6a0, 24) = 0 [pid 5034] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5034] setpgid(0, 0) = 0 [pid 5034] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5034] write(3, "1000", 4) = 4 [pid 5034] close(3) = 0 [pid 5034] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5034] rt_sigaction(SIGRT_1, {sa_handler=0x7f5b71ce7420, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5b71cd8aa0}, NULL, 8) = 0 [pid 5034] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5034] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c5f000 [pid 5034] mprotect(0x7f5b71c60000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5034] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5034] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c7f990, parent_tid=0x7f5b71c7f990, exit_signal=0, stack=0x7f5b71c5f000, stack_size=0x20300, tls=0x7f5b71c7f6c0}./strace-static-x86_64: Process 5035 attached => {parent_tid=[5035]}, 88) = 5035 [pid 5035] rseq(0x7f5b71c7ffe0, 0x20, 0, 0x53053053 [pid 5034] rt_sigprocmask(SIG_SETMASK, [], [pid 5035] <... rseq resumed>) = 0 [pid 5034] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5035] set_robust_list(0x7f5b71c7f9a0, 24) = 0 [ 58.940398][ T5032] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.948819][ T5032] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 58.956773][ T5032] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 58.964731][ T5032] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 58.972704][ T5032] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 58.980667][ T5032] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 58.988638][ T5032] [pid 5034] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5035] rt_sigprocmask(SIG_SETMASK, [], [pid 5034] <... futex resumed>) = 0 [pid 5035] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5034] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5035] openat(AT_FDCWD, "/dev/dri/card1", O_RDONLY) = 3 [pid 5035] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5034] <... futex resumed>) = 0 [pid 5034] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5035] <... futex resumed>) = 1 [pid 5034] <... futex resumed>) = 0 [pid 5035] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5034] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5035] <... openat resumed>) = 4 [pid 5035] write(4, "11", 2) = 2 [ 59.024513][ T5035] FAULT_INJECTION: forcing a failure. [ 59.024513][ T5035] name failslab, interval 1, probability 0, space 0, times 0 [ 59.037400][ T5035] CPU: 1 PID: 5035 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 59.046092][ T5035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 59.056148][ T5035] Call Trace: [ 59.059415][ T5035] [ 59.062342][ T5035] dump_stack_lvl+0x1e7/0x2d0 [ 59.067010][ T5035] ? nf_tcp_handle_invalid+0x650/0x650 [ 59.072458][ T5035] ? panic+0x770/0x770 [ 59.076528][ T5035] ? __might_sleep+0xc0/0xc0 [ 59.081109][ T5035] ? __lock_acquire+0x7f70/0x7f70 [ 59.086138][ T5035] should_fail_ex+0x3aa/0x4e0 [ 59.090838][ T5035] should_failslab+0x9/0x20 [ 59.095334][ T5035] slab_pre_alloc_hook+0x59/0x2b0 [ 59.100347][ T5035] ? vma_node_allow+0x59/0x240 [ 59.105098][ T5035] __kmem_cache_alloc_node+0x4b/0x270 [ 59.110464][ T5035] ? vma_node_allow+0x59/0x240 [ 59.115215][ T5035] kmalloc_trace+0x2a/0xe0 [ 59.119619][ T5035] vma_node_allow+0x59/0x240 [ 59.124197][ T5035] drm_gem_handle_create_tail+0x1e4/0x380 [ 59.129925][ T5035] drm_gem_shmem_dumb_create+0x279/0x400 [ 59.135552][ T5035] drm_ioctl_kernel+0x349/0x4f0 [ 59.140394][ T5035] ? drm_mode_create_dumb+0x320/0x320 [ 59.145755][ T5035] ? drm_copy_field+0x170/0x170 [ 59.150595][ T5035] ? __might_fault+0xba/0x120 [ 59.155260][ T5035] drm_ioctl+0x636/0xb00 [ 59.159493][ T5035] ? drm_mode_create_dumb+0x320/0x320 [ 59.164849][ T5035] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 59.169868][ T5035] ? bpf_lsm_file_ioctl+0x9/0x10 [ 59.174795][ T5035] ? security_file_ioctl+0x81/0xa0 [ 59.179896][ T5035] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 59.184913][ T5035] __se_sys_ioctl+0xf8/0x170 [ 59.189494][ T5035] do_syscall_64+0x41/0xc0 [ 59.193908][ T5035] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.199792][ T5035] RIP: 0033:0x7f5b71cc14e9 [ 59.204194][ T5035] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 59.223871][ T5035] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 59.232277][ T5035] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 59.240236][ T5035] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 59.248279][ T5035] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 59.256348][ T5035] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 59.264329][ T5035] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 59.272380][ T5035] [pid 5035] ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB, 0x20000080) = -1 ENOMEM (Cannot allocate memory) [pid 5035] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5035] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5034] <... futex resumed>) = 0 [pid 5034] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5035] <... futex resumed>) = 0 [pid 5035] openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY) = 5 [pid 5035] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5035] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5034] <... futex resumed>) = 1 [pid 5034] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5034] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5035] <... futex resumed>) = 0 [pid 5035] ioctl(5, DRM_IOCTL_MODE_CREATE_DUMB, 0x20000200) = 0 [pid 5035] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5035] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5034] <... futex resumed>) = 1 [pid 5034] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5034] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5035] <... futex resumed>) = 0 [pid 5035] ioctl(3, DRM_IOCTL_MODE_DESTROY_DUMB [pid 5034] <... futex resumed>) = 1 [pid 5035] <... ioctl resumed>, 0x20000200) = -1 EINVAL (Invalid argument) [pid 5034] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5035] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5034] <... futex resumed>) = 0 [pid 5035] <... futex resumed>) = 1 [pid 5034] exit_group(0 [pid 5035] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5034] <... exit_group resumed>) = ? [pid 5035] <... futex resumed>) = ? [pid 5035] +++ exited with 0 +++ [pid 5034] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5034, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bad690) = 5036 ./strace-static-x86_64: Process 5036 attached [pid 5036] set_robust_list(0x555555bad6a0, 24) = 0 [pid 5036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5036] setpgid(0, 0) = 0 [pid 5036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5036] write(3, "1000", 4) = 4 [pid 5036] close(3) = 0 [pid 5036] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5036] rt_sigaction(SIGRT_1, {sa_handler=0x7f5b71ce7420, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5b71cd8aa0}, NULL, 8) = 0 [pid 5036] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c5f000 [pid 5036] mprotect(0x7f5b71c60000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5036] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5036] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c7f990, parent_tid=0x7f5b71c7f990, exit_signal=0, stack=0x7f5b71c5f000, stack_size=0x20300, tls=0x7f5b71c7f6c0}./strace-static-x86_64: Process 5037 attached [pid 5037] rseq(0x7f5b71c7ffe0, 0x20, 0, 0x53053053 [pid 5036] <... clone3 resumed> => {parent_tid=[5037]}, 88) = 5037 [pid 5037] <... rseq resumed>) = 0 [pid 5036] rt_sigprocmask(SIG_SETMASK, [], [pid 5037] set_robust_list(0x7f5b71c7f9a0, 24 [pid 5036] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5037] <... set_robust_list resumed>) = 0 [pid 5036] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5037] rt_sigprocmask(SIG_SETMASK, [], [pid 5036] <... futex resumed>) = 0 [pid 5037] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5037] openat(AT_FDCWD, "/dev/dri/card1", O_RDONLY [pid 5036] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5037] <... openat resumed>) = 3 [pid 5037] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5036] <... futex resumed>) = 0 [pid 5037] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5036] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5037] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5036] <... futex resumed>) = 0 [pid 5037] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5036] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5037] <... openat resumed>) = 4 [pid 5037] write(4, "11", 2) = 2 [ 59.275459][ C1] vkms_vblank_simulate: vblank timer overrun [ 59.318462][ T5037] FAULT_INJECTION: forcing a failure. [ 59.318462][ T5037] name failslab, interval 1, probability 0, space 0, times 0 [ 59.331304][ T5037] CPU: 0 PID: 5037 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 59.339988][ T5037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 59.350122][ T5037] Call Trace: [ 59.353400][ T5037] [ 59.356323][ T5037] dump_stack_lvl+0x1e7/0x2d0 [ 59.361000][ T5037] ? nf_tcp_handle_invalid+0x650/0x650 [ 59.366458][ T5037] ? panic+0x770/0x770 [ 59.370518][ T5037] ? __might_sleep+0xc0/0xc0 [ 59.375111][ T5037] ? __lock_acquire+0x7f70/0x7f70 [ 59.380136][ T5037] should_fail_ex+0x3aa/0x4e0 [ 59.384798][ T5037] should_failslab+0x9/0x20 [ 59.389286][ T5037] slab_pre_alloc_hook+0x59/0x2b0 [ 59.394298][ T5037] ? vma_node_allow+0x59/0x240 [ 59.399304][ T5037] __kmem_cache_alloc_node+0x4b/0x270 [ 59.404664][ T5037] ? vma_node_allow+0x59/0x240 [ 59.409412][ T5037] kmalloc_trace+0x2a/0xe0 [ 59.413846][ T5037] vma_node_allow+0x59/0x240 [ 59.418421][ T5037] drm_gem_handle_create_tail+0x1e4/0x380 [ 59.424139][ T5037] drm_gem_shmem_dumb_create+0x279/0x400 [ 59.429781][ T5037] drm_ioctl_kernel+0x349/0x4f0 [ 59.434622][ T5037] ? drm_mode_create_dumb+0x320/0x320 [ 59.439985][ T5037] ? drm_copy_field+0x170/0x170 [ 59.444824][ T5037] ? __might_fault+0xba/0x120 [ 59.449575][ T5037] drm_ioctl+0x636/0xb00 [ 59.453808][ T5037] ? drm_mode_create_dumb+0x320/0x320 [ 59.459165][ T5037] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 59.464184][ T5037] ? bpf_lsm_file_ioctl+0x9/0x10 [ 59.469106][ T5037] ? security_file_ioctl+0x81/0xa0 [ 59.474203][ T5037] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 59.479215][ T5037] __se_sys_ioctl+0xf8/0x170 [ 59.483796][ T5037] do_syscall_64+0x41/0xc0 [ 59.488200][ T5037] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.494258][ T5037] RIP: 0033:0x7f5b71cc14e9 [ 59.498681][ T5037] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 5037] ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB [pid 5036] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5036] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c3e000 [pid 5037] <... ioctl resumed>, 0x20000080) = -1 ENOMEM (Cannot allocate memory) [pid 5036] mprotect(0x7f5b71c3f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5037] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5037] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5036] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5036] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c5e990, parent_tid=0x7f5b71c5e990, exit_signal=0, stack=0x7f5b71c3e000, stack_size=0x20300, tls=0x7f5b71c5e6c0}./strace-static-x86_64: Process 5038 attached => {parent_tid=[5038]}, 88) = 5038 [pid 5038] rseq(0x7f5b71c5efe0, 0x20, 0, 0x53053053) = 0 [pid 5036] rt_sigprocmask(SIG_SETMASK, [], [pid 5038] set_robust_list(0x7f5b71c5e9a0, 24 [pid 5036] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5038] <... set_robust_list resumed>) = 0 [pid 5036] futex(0x7f5b71d483f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5038] rt_sigprocmask(SIG_SETMASK, [], [pid 5036] <... futex resumed>) = 0 [pid 5038] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5036] futex(0x7f5b71d483fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5038] openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY) = 5 [pid 5038] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5036] <... futex resumed>) = 0 [pid 5036] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5038] futex(0x7f5b71d483f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5037] <... futex resumed>) = 0 [pid 5036] <... futex resumed>) = 1 [pid 5037] ioctl(5, DRM_IOCTL_MODE_CREATE_DUMB [pid 5036] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5037] <... ioctl resumed>, 0x20000200) = 0 [pid 5037] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5036] <... futex resumed>) = 0 [pid 5036] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5037] ioctl(3, DRM_IOCTL_MODE_DESTROY_DUMB [pid 5036] <... futex resumed>) = 0 [pid 5036] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5037] <... ioctl resumed>, 0x20000200) = -1 EINVAL (Invalid argument) [pid 5037] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5036] <... futex resumed>) = 0 [pid 5036] exit_group(0 [pid 5038] <... futex resumed>) = ? [pid 5036] <... exit_group resumed>) = ? [pid 5038] +++ exited with 0 +++ [pid 5037] +++ exited with 0 +++ [pid 5036] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5036, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5039 attached , child_tidptr=0x555555bad690) = 5039 [pid 5039] set_robust_list(0x555555bad6a0, 24) = 0 [pid 5039] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5039] setpgid(0, 0) = 0 [ 59.518272][ T5037] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 59.526689][ T5037] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 59.534647][ T5037] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 59.542603][ T5037] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 59.550578][ T5037] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 59.558560][ T5037] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 59.566535][ T5037] [pid 5039] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5039] write(3, "1000", 4) = 4 [pid 5039] close(3) = 0 [pid 5039] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5039] rt_sigaction(SIGRT_1, {sa_handler=0x7f5b71ce7420, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5b71cd8aa0}, NULL, 8) = 0 [pid 5039] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5039] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c5f000 [pid 5039] mprotect(0x7f5b71c60000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5039] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5039] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c7f990, parent_tid=0x7f5b71c7f990, exit_signal=0, stack=0x7f5b71c5f000, stack_size=0x20300, tls=0x7f5b71c7f6c0}./strace-static-x86_64: Process 5040 attached => {parent_tid=[5040]}, 88) = 5040 [pid 5040] rseq(0x7f5b71c7ffe0, 0x20, 0, 0x53053053 [pid 5039] rt_sigprocmask(SIG_SETMASK, [], [pid 5040] <... rseq resumed>) = 0 [pid 5040] set_robust_list(0x7f5b71c7f9a0, 24) = 0 [pid 5040] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5040] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5039] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5039] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] <... futex resumed>) = 0 [pid 5039] <... futex resumed>) = 1 [pid 5040] openat(AT_FDCWD, "/dev/dri/card1", O_RDONLY [pid 5039] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5040] <... openat resumed>) = 3 [pid 5040] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5039] <... futex resumed>) = 0 [pid 5040] <... futex resumed>) = 1 [pid 5039] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5039] <... futex resumed>) = 0 [pid 5040] <... openat resumed>) = 4 [pid 5039] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5040] write(4, "11", 2) = 2 [ 59.607924][ T5040] FAULT_INJECTION: forcing a failure. [ 59.607924][ T5040] name failslab, interval 1, probability 0, space 0, times 0 [ 59.620914][ T5040] CPU: 0 PID: 5040 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 59.629588][ T5040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 59.639650][ T5040] Call Trace: [ 59.642916][ T5040] [ 59.645834][ T5040] dump_stack_lvl+0x1e7/0x2d0 [ 59.650500][ T5040] ? nf_tcp_handle_invalid+0x650/0x650 [ 59.656029][ T5040] ? panic+0x770/0x770 [ 59.660166][ T5040] ? __might_sleep+0xc0/0xc0 [ 59.664761][ T5040] ? __lock_acquire+0x7f70/0x7f70 [ 59.669806][ T5040] should_fail_ex+0x3aa/0x4e0 [ 59.674485][ T5040] should_failslab+0x9/0x20 [ 59.678993][ T5040] slab_pre_alloc_hook+0x59/0x2b0 [ 59.684028][ T5040] ? vma_node_allow+0x59/0x240 [ 59.688798][ T5040] __kmem_cache_alloc_node+0x4b/0x270 [ 59.694188][ T5040] ? vma_node_allow+0x59/0x240 [ 59.698954][ T5040] kmalloc_trace+0x2a/0xe0 [ 59.703367][ T5040] vma_node_allow+0x59/0x240 [ 59.707955][ T5040] drm_gem_handle_create_tail+0x1e4/0x380 [ 59.713661][ T5040] drm_gem_shmem_dumb_create+0x279/0x400 [ 59.719377][ T5040] drm_ioctl_kernel+0x349/0x4f0 [ 59.724234][ T5040] ? drm_mode_create_dumb+0x320/0x320 [ 59.729592][ T5040] ? drm_copy_field+0x170/0x170 [ 59.734440][ T5040] ? __might_fault+0xba/0x120 [ 59.739109][ T5040] drm_ioctl+0x636/0xb00 [ 59.743342][ T5040] ? drm_mode_create_dumb+0x320/0x320 [ 59.748701][ T5040] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 59.753719][ T5040] ? bpf_lsm_file_ioctl+0x9/0x10 [ 59.758650][ T5040] ? security_file_ioctl+0x81/0xa0 [ 59.763755][ T5040] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 59.768767][ T5040] __se_sys_ioctl+0xf8/0x170 [ 59.773349][ T5040] do_syscall_64+0x41/0xc0 [ 59.777805][ T5040] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.783685][ T5040] RIP: 0033:0x7f5b71cc14e9 [ 59.788084][ T5040] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 5040] ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB [pid 5039] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5039] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5039] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c3e000 [pid 5039] mprotect(0x7f5b71c3f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5040] <... ioctl resumed>, 0x20000080) = -1 ENOMEM (Cannot allocate memory) [pid 5039] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5039] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c5e990, parent_tid=0x7f5b71c5e990, exit_signal=0, stack=0x7f5b71c3e000, stack_size=0x20300, tls=0x7f5b71c5e6c0} => {parent_tid=[5041]}, 88) = 5041 [pid 5039] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5039] futex(0x7f5b71d483f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5039] futex(0x7f5b71d483fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5040] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5041 attached ) = 0 [pid 5041] rseq(0x7f5b71c5efe0, 0x20, 0, 0x53053053 [pid 5040] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5041] <... rseq resumed>) = 0 [pid 5041] set_robust_list(0x7f5b71c5e9a0, 24) = 0 [pid 5041] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5041] openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY) = 5 [pid 5041] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5039] <... futex resumed>) = 0 [pid 5041] futex(0x7f5b71d483f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5039] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] <... futex resumed>) = 0 [pid 5039] <... futex resumed>) = 1 [pid 5040] ioctl(5, DRM_IOCTL_MODE_CREATE_DUMB, 0x20000200) = 0 [pid 5039] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5040] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5040] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5039] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5039] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] <... futex resumed>) = 0 [pid 5039] <... futex resumed>) = 1 [pid 5040] ioctl(3, DRM_IOCTL_MODE_DESTROY_DUMB [pid 5039] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5040] <... ioctl resumed>, 0x20000200) = -1 EINVAL (Invalid argument) [pid 5040] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5039] <... futex resumed>) = 0 [pid 5039] exit_group(0 [pid 5040] futex(0x7f5b71d483e8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 5039] <... exit_group resumed>) = ? [pid 5041] <... futex resumed>) = ? [pid 5040] +++ exited with 0 +++ [pid 5041] +++ exited with 0 +++ [pid 5039] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5039, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5042 attached , child_tidptr=0x555555bad690) = 5042 [pid 5042] set_robust_list(0x555555bad6a0, 24) = 0 [pid 5042] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5042] setpgid(0, 0) = 0 [pid 5042] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5042] write(3, "1000", 4) = 4 [pid 5042] close(3) = 0 [pid 5042] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5042] rt_sigaction(SIGRT_1, {sa_handler=0x7f5b71ce7420, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5b71cd8aa0}, NULL, 8) = 0 [pid 5042] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5042] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c5f000 [pid 5042] mprotect(0x7f5b71c60000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5042] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5042] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c7f990, parent_tid=0x7f5b71c7f990, exit_signal=0, stack=0x7f5b71c5f000, stack_size=0x20300, tls=0x7f5b71c7f6c0}./strace-static-x86_64: Process 5043 attached => {parent_tid=[5043]}, 88) = 5043 [pid 5043] rseq(0x7f5b71c7ffe0, 0x20, 0, 0x53053053 [pid 5042] rt_sigprocmask(SIG_SETMASK, [], [pid 5043] <... rseq resumed>) = 0 [pid 5042] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5043] set_robust_list(0x7f5b71c7f9a0, 24 [pid 5042] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5043] <... set_robust_list resumed>) = 0 [pid 5042] <... futex resumed>) = 0 [pid 5043] rt_sigprocmask(SIG_SETMASK, [], [pid 5042] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5043] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5043] openat(AT_FDCWD, "/dev/dri/card1", O_RDONLY) = 3 [ 59.807675][ T5040] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 59.816072][ T5040] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 59.824030][ T5040] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 59.831984][ T5040] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 59.839940][ T5040] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 59.847892][ T5040] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 59.855855][ T5040] [pid 5043] futex(0x7f5b71d483ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5042] <... futex resumed>) = 0 [pid 5043] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5042] futex(0x7f5b71d483e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5043] <... openat resumed>) = 4 [pid 5042] futex(0x7f5b71d483ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5043] write(4, "11", 2) = 2 [pid 5043] ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB [pid 5042] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5042] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5042] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5b71c3e000 [ 59.890991][ T5043] FAULT_INJECTION: forcing a failure. [ 59.890991][ T5043] name failslab, interval 1, probability 0, space 0, times 0 [ 59.904449][ T5043] CPU: 1 PID: 5043 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 59.913124][ T5043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 59.923177][ T5043] Call Trace: [ 59.926456][ T5043] [ 59.929378][ T5043] dump_stack_lvl+0x1e7/0x2d0 [ 59.934063][ T5043] ? nf_tcp_handle_invalid+0x650/0x650 [pid 5042] mprotect(0x7f5b71c3f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5042] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5042] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5b71c5e990, parent_tid=0x7f5b71c5e990, exit_signal=0, stack=0x7f5b71c3e000, stack_size=0x20300, tls=0x7f5b71c5e6c0}./strace-static-x86_64: Process 5044 attached => {parent_tid=[5044]}, 88) = 5044 [pid 5044] rseq(0x7f5b71c5efe0, 0x20, 0, 0x53053053 [pid 5042] rt_sigprocmask(SIG_SETMASK, [], [pid 5044] <... rseq resumed>) = 0 [pid 5044] set_robust_list(0x7f5b71c5e9a0, 24 [pid 5042] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5044] <... set_robust_list resumed>) = 0 [pid 5042] futex(0x7f5b71d483f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5044] rt_sigprocmask(SIG_SETMASK, [], [pid 5042] <... futex resumed>) = 0 [pid 5044] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5042] futex(0x7f5b71d483fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5044] openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY) = 5 [pid 5044] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5042] <... futex resumed>) = 0 [pid 5044] <... futex resumed>) = 1 [pid 5042] futex(0x7f5b71d483f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5044] ioctl(5, DRM_IOCTL_MODE_CREATE_DUMB [pid 5042] <... futex resumed>) = 0 [pid 5042] futex(0x7f5b71d483fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5044] <... ioctl resumed>, 0x20000200) = 0 [pid 5044] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5042] <... futex resumed>) = 0 [pid 5044] <... futex resumed>) = 1 [pid 5044] ioctl(3, DRM_IOCTL_MODE_DESTROY_DUMB [pid 5042] futex(0x7f5b71d483f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5044] <... ioctl resumed>, 0x20000200) = 0 [pid 5042] futex(0x7f5b71d483fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5044] futex(0x7f5b71d483fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5044] futex(0x7f5b71d483f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5042] <... futex resumed>) = 0 [ 59.939508][ T5043] ? panic+0x770/0x770 [ 59.943585][ T5043] ? __might_sleep+0xc0/0xc0 [ 59.948195][ T5043] ? __lock_acquire+0x7f70/0x7f70 [ 59.953243][ T5043] should_fail_ex+0x3aa/0x4e0 [ 59.957914][ T5043] should_failslab+0x9/0x20 [ 59.962404][ T5043] slab_pre_alloc_hook+0x59/0x2b0 [ 59.967416][ T5043] ? vma_node_allow+0x59/0x240 [ 59.972162][ T5043] __kmem_cache_alloc_node+0x4b/0x270 [ 59.977521][ T5043] ? vma_node_allow+0x59/0x240 [ 59.982271][ T5043] kmalloc_trace+0x2a/0xe0 [ 59.986695][ T5043] vma_node_allow+0x59/0x240 [ 59.991295][ T5043] drm_gem_handle_create_tail+0x1e4/0x380 [ 59.997011][ T5043] drm_gem_shmem_dumb_create+0x279/0x400 [ 60.002637][ T5043] drm_ioctl_kernel+0x349/0x4f0 [ 60.007483][ T5043] ? drm_mode_create_dumb+0x320/0x320 [ 60.012839][ T5043] ? drm_copy_field+0x170/0x170 [ 60.017685][ T5043] ? __might_fault+0xba/0x120 [ 60.022368][ T5043] drm_ioctl+0x636/0xb00 [ 60.026613][ T5043] ? drm_mode_create_dumb+0x320/0x320 [ 60.031987][ T5043] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 60.037003][ T5043] ? bpf_lsm_file_ioctl+0x9/0x10 [pid 5042] exit_group(0 [pid 5044] <... futex resumed>) = ? [pid 5042] <... exit_group resumed>) = ? [pid 5044] +++ exited with 0 +++ [ 60.041923][ T5043] ? security_file_ioctl+0x81/0xa0 [ 60.047023][ T5043] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 60.052034][ T5043] __se_sys_ioctl+0xf8/0x170 [ 60.056621][ T5043] do_syscall_64+0x41/0xc0 [ 60.061046][ T5043] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 60.066940][ T5043] RIP: 0033:0x7f5b71cc14e9 [ 60.071345][ T5043] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 60.090957][ T5043] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.099375][ T5043] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 60.107418][ T5043] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 60.115465][ T5043] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 60.123424][ T5043] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 60.131380][ T5043] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 60.139343][ T5043] [ 60.142408][ C1] vkms_vblank_simulate: vblank timer overrun [ 60.148897][ T5043] ------------[ cut here ]------------ [ 60.154389][ T5043] WARNING: CPU: 1 PID: 5043 at drivers/gpu/drm/drm_gem.c:225 drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.165884][ T5043] Modules linked in: [ 60.169789][ T5043] CPU: 1 PID: 5043 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 60.178527][ T5043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 60.188607][ T5043] RIP: 0010:drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.195859][ T5043] Code: af fc eb 12 31 ff 89 de e8 62 b9 af fc 85 db 7e 26 e8 a9 b5 af fc 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 95 b5 af fc <0f> 0b eb e8 e8 8c b5 af fc 0f 0b eb df e8 83 b5 af fc 4c 89 f7 be [ 60.215496][ T5043] RSP: 0018:ffffc90003b3fb50 EFLAGS: 00010293 [ 60.221602][ T5043] RAX: ffffffff84ddedfb RBX: 1ffff11003f5f800 RCX: ffff888020c99dc0 [ 60.229605][ T5043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 60.237633][ T5043] RBP: 0000000000000000 R08: ffffffff84ddebd0 R09: 1ffff1100389181b [ 60.245627][ T5043] R10: dffffc0000000000 R11: ffffed100389181c R12: ffff88801fafc008 [ 60.253616][ T5043] R13: ffff88801c574000 R14: ffff88801fafc004 R15: 1ffff11003f5f801 [ 60.261602][ T5043] FS: 00007f5b71c7f6c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 60.270537][ T5043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.277170][ T5043] CR2: 00007f5b71d2a794 CR3: 000000002831c000 CR4: 00000000003506e0 [ 60.285214][ T5043] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.293215][ T5043] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.301217][ T5043] Call Trace: [ 60.304512][ T5043] [ 60.307472][ T5043] ? __warn+0x162/0x4a0 [ 60.311648][ T5043] ? drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.318258][ T5043] ? report_bug+0x2b3/0x500 [ 60.322889][ T5043] ? drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.329609][ T5043] ? handle_bug+0x3d/0x70 [ 60.334069][ T5043] ? exc_invalid_op+0x1a/0x50 [ 60.338756][ T5043] ? asm_exc_invalid_op+0x1a/0x20 [ 60.343822][ T5043] ? drm_gem_object_handle_put_unlocked+0x70/0x350 [ 60.350352][ T5043] ? drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.356984][ T5043] ? drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.363745][ T5043] drm_gem_handle_create_tail+0x227/0x380 [ 60.369487][ T5043] drm_gem_shmem_dumb_create+0x279/0x400 [ 60.375148][ T5043] drm_ioctl_kernel+0x349/0x4f0 [ 60.380027][ T5043] ? drm_mode_create_dumb+0x320/0x320 [ 60.385421][ T5043] ? drm_copy_field+0x170/0x170 [ 60.390278][ T5043] ? __might_fault+0xba/0x120 [ 60.395085][ T5043] drm_ioctl+0x636/0xb00 [ 60.399339][ T5043] ? drm_mode_create_dumb+0x320/0x320 [ 60.404743][ T5043] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 60.409784][ T5043] ? bpf_lsm_file_ioctl+0x9/0x10 [ 60.414760][ T5043] ? security_file_ioctl+0x81/0xa0 [ 60.419884][ T5043] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 60.424970][ T5043] __se_sys_ioctl+0xf8/0x170 [ 60.429586][ T5043] do_syscall_64+0x41/0xc0 [ 60.434220][ T5043] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 60.440127][ T5043] RIP: 0033:0x7f5b71cc14e9 [ 60.444646][ T5043] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 60.464332][ C1] vkms_vblank_simulate: vblank timer overrun [ 60.470374][ T5043] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.478910][ T5043] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 60.486904][ T5043] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 60.494897][ T5043] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 60.502919][ T5043] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 60.510900][ T5043] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 60.518927][ T5043] [ 60.521985][ T5043] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 60.529269][ T5043] CPU: 1 PID: 5043 Comm: syz-executor268 Not tainted 6.6.0-rc1-syzkaller #0 [ 60.537926][ T5043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 60.547972][ T5043] Call Trace: [ 60.551246][ T5043] [ 60.554164][ T5043] dump_stack_lvl+0x1e7/0x2d0 [ 60.558833][ T5043] ? nf_tcp_handle_invalid+0x650/0x650 [ 60.564299][ T5043] ? panic+0x770/0x770 [ 60.568394][ T5043] ? vscnprintf+0x5d/0x80 [ 60.572726][ T5043] panic+0x30f/0x770 [ 60.576630][ T5043] ? __warn+0x171/0x4a0 [ 60.580787][ T5043] ? __memcpy_flushcache+0x2b0/0x2b0 [ 60.586265][ T5043] __warn+0x314/0x4a0 [ 60.590236][ T5043] ? drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.596816][ T5043] report_bug+0x2b3/0x500 [ 60.601137][ T5043] ? drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.607714][ T5043] handle_bug+0x3d/0x70 [ 60.611858][ T5043] exc_invalid_op+0x1a/0x50 [ 60.616349][ T5043] asm_exc_invalid_op+0x1a/0x20 [ 60.621186][ T5043] RIP: 0010:drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.628372][ T5043] Code: af fc eb 12 31 ff 89 de e8 62 b9 af fc 85 db 7e 26 e8 a9 b5 af fc 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 95 b5 af fc <0f> 0b eb e8 e8 8c b5 af fc 0f 0b eb df e8 83 b5 af fc 4c 89 f7 be [ 60.647979][ T5043] RSP: 0018:ffffc90003b3fb50 EFLAGS: 00010293 [ 60.654049][ T5043] RAX: ffffffff84ddedfb RBX: 1ffff11003f5f800 RCX: ffff888020c99dc0 [ 60.662011][ T5043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 60.669967][ T5043] RBP: 0000000000000000 R08: ffffffff84ddebd0 R09: 1ffff1100389181b [ 60.678018][ T5043] R10: dffffc0000000000 R11: ffffed100389181c R12: ffff88801fafc008 [ 60.686150][ T5043] R13: ffff88801c574000 R14: ffff88801fafc004 R15: 1ffff11003f5f801 [ 60.694135][ T5043] ? drm_gem_object_handle_put_unlocked+0x70/0x350 [ 60.700642][ T5043] ? drm_gem_object_handle_put_unlocked+0x29b/0x350 [ 60.707229][ T5043] drm_gem_handle_create_tail+0x227/0x380 [ 60.712941][ T5043] drm_gem_shmem_dumb_create+0x279/0x400 [ 60.718566][ T5043] drm_ioctl_kernel+0x349/0x4f0 [ 60.723408][ T5043] ? drm_mode_create_dumb+0x320/0x320 [ 60.728768][ T5043] ? drm_copy_field+0x170/0x170 [ 60.733607][ T5043] ? __might_fault+0xba/0x120 [ 60.738269][ T5043] drm_ioctl+0x636/0xb00 [ 60.742505][ T5043] ? drm_mode_create_dumb+0x320/0x320 [ 60.747865][ T5043] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 60.752977][ T5043] ? bpf_lsm_file_ioctl+0x9/0x10 [ 60.758003][ T5043] ? security_file_ioctl+0x81/0xa0 [ 60.763102][ T5043] ? drm_ioctl_kernel+0x4f0/0x4f0 [ 60.768115][ T5043] __se_sys_ioctl+0xf8/0x170 [ 60.772698][ T5043] do_syscall_64+0x41/0xc0 [ 60.777104][ T5043] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 60.782992][ T5043] RIP: 0033:0x7f5b71cc14e9 [ 60.787393][ T5043] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 60.807082][ T5043] RSP: 002b:00007f5b71c7f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.815481][ T5043] RAX: ffffffffffffffda RBX: 00007f5b71d483e8 RCX: 00007f5b71cc14e9 [ 60.823440][ T5043] RDX: 0000000020000080 RSI: 00000000c02064b2 RDI: 0000000000000003 [ 60.831397][ T5043] RBP: 00007f5b71d483e0 R08: 00007f5b71c7ef96 R09: 0000000000000000 [ 60.839355][ T5043] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5b71d1517c [ 60.847311][ T5043] R13: 00007f5b71c7f210 R14: 0023647261632f69 R15: 6972642f7665642f [ 60.855278][ T5043] [ 60.858470][ T5043] Kernel Offset: disabled [ 60.862779][ T5043] Rebooting in 86400 seconds..