./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2741441793 <...> Warning: Permanently added '10.128.0.240' (ECDSA) to the list of known hosts. execve("./syz-executor2741441793", ["./syz-executor2741441793"], 0x7ffe6e20d5e0 /* 10 vars */) = 0 brk(NULL) = 0x55555720b000 brk(0x55555720bc40) = 0x55555720bc40 arch_prctl(ARCH_SET_FS, 0x55555720b300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2741441793", 4096) = 28 brk(0x55555722cc40) = 0x55555722cc40 brk(0x55555722d000) = 0x55555722d000 mprotect(0x7f8883244000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3605 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3606 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3607 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3608 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3609 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3610 ./strace-static-x86_64: Process 3610 attached [pid 3610] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3609 attached [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3610] <... clone resumed>, child_tidptr=0x55555720b5d0) = 3611 [pid 3609] <... clone resumed>, child_tidptr=0x55555720b5d0) = 3612 ./strace-static-x86_64: Process 3608 attached [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3613 ./strace-static-x86_64: Process 3612 attached ./strace-static-x86_64: Process 3611 attached ./strace-static-x86_64: Process 3613 attached [pid 3612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3612] setpgid(0, 0 [pid 3613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3613] setpgid(0, 0 [pid 3612] <... setpgid resumed>) = 0 [pid 3613] <... setpgid resumed>) = 0 [pid 3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 3605 attached [pid 3611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3611] <... prctl resumed>) = 0 [pid 3611] setpgid(0, 0) = 0 [pid 3613] <... openat resumed>) = 3 [pid 3612] <... openat resumed>) = 3 [pid 3612] write(3, "1000", 4) = 4 [pid 3612] close(3) = 0 [pid 3612] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 3611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 3606 attached ./strace-static-x86_64: Process 3607 attached [pid 3613] write(3, "1000", 4 [pid 3611] <... openat resumed>) = 3 [pid 3613] <... write resumed>) = 4 [pid 3611] write(3, "1000", 4 [pid 3613] close(3 [pid 3612] <... openat resumed>) = 3 [pid 3611] <... write resumed>) = 4 [pid 3605] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3613] <... close resumed>) = 0 [pid 3611] close(3 [pid 3607] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3612] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3613] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 3612] <... openat resumed>) = 4 [pid 3611] <... close resumed>) = 0 [pid 3613] <... openat resumed>) = 3 [pid 3612] write(4, "2", 1 [pid 3611] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 3606] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3612] <... write resumed>) = 1 [ 51.589205][ T27] audit: type=1400 audit(1652479071.517:75): avc: denied { execmem } for pid=3604 comm="syz-executor274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 51.628654][ T3612] FAULT_INJECTION: forcing a failure. [pid 3612] ioctl(3, FBIO_WAITFORVSYNC./strace-static-x86_64: Process 3616 attached [pid 3613] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3611] <... openat resumed>) = 3 [ 51.628654][ T3612] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 51.631832][ T27] audit: type=1400 audit(1652479071.557:76): avc: denied { read } for pid=3612 comm="syz-executor274" name="fb0" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 51.641883][ T3612] CPU: 0 PID: 3612 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 51.641917][ T3612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.641930][ T3612] Call Trace: [pid 3616] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3613] <... openat resumed>) = 4 [pid 3611] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3607] <... clone resumed>, child_tidptr=0x55555720b5d0) = 3614 [pid 3606] <... clone resumed>, child_tidptr=0x55555720b5d0) = 3616 [pid 3605] <... clone resumed>, child_tidptr=0x55555720b5d0) = 3615 [pid 3616] <... prctl resumed>) = 0 [pid 3613] write(4, "2", 1 [pid 3611] <... openat resumed>) = 4 [pid 3616] setpgid(0, 0 [pid 3613] <... write resumed>) = 1 [pid 3611] write(4, "2", 1 [pid 3616] <... setpgid resumed>) = 0 [ 51.641937][ T3612] [ 51.641945][ T3612] dump_stack_lvl+0xcd/0x134 [ 51.665343][ T27] audit: type=1400 audit(1652479071.557:77): avc: denied { open } for pid=3612 comm="syz-executor274" path="/dev/fb0" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 51.675846][ T3612] should_fail.cold+0x5/0xa [ 51.675876][ T3612] prepare_alloc_pages+0x17b/0x570 [ 51.703395][ T3613] FAULT_INJECTION: forcing a failure. [ 51.703395][ T3613] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 51.720507][ T3612] __alloc_pages+0x12f/0x500 [ 51.747803][ T3612] ? __alloc_pages_slowpath.constprop.0+0x20e0/0x20e0 [ 51.754564][ T3612] ? find_held_lock+0x2d/0x110 [ 51.759331][ T3612] cache_grow_begin+0x75/0x350 [ 51.764090][ T3612] cache_alloc_refill+0x27f/0x380 [ 51.769110][ T3612] __kmalloc+0x3b3/0x4d0 [ 51.773349][ T3612] ? tomoyo_realpath_from_path+0xc3/0x620 [ 51.779063][ T3612] tomoyo_realpath_from_path+0xc3/0x620 [ 51.784691][ T3612] ? tomoyo_profile+0x42/0x50 [ 51.789361][ T3612] tomoyo_path_number_perm+0x1d5/0x590 [ 51.794812][ T3612] ? tomoyo_path_number_perm+0x18d/0x590 [ 51.800446][ T3612] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 51.806248][ T3612] ? find_held_lock+0x2d/0x110 [ 51.811052][ T3612] ? ptrace_notify+0xfa/0x140 [ 51.815748][ T3612] ? lock_downgrade+0x6e0/0x6e0 [ 51.820595][ T3612] security_file_ioctl+0x50/0xb0 [ 51.825531][ T3612] __x64_sys_ioctl+0xb3/0x200 [ 51.830203][ T3612] do_syscall_64+0x35/0xb0 [ 51.834620][ T3612] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 51.840628][ T3612] RIP: 0033:0x7f88831d7139 [ 51.845049][ T3612] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 51.864744][ T3612] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 51.873164][ T3612] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 51.881564][ T3612] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [pid 3613] ioctl(3, FBIO_WAITFORVSYNC [pid 3611] <... write resumed>) = 1 ./strace-static-x86_64: Process 3615 attached ./strace-static-x86_64: Process 3614 attached [pid 3616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3614] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3615] <... prctl resumed>) = 0 [pid 3614] <... prctl resumed>) = 0 [pid 3615] setpgid(0, 0 [pid 3614] setpgid(0, 0 [pid 3615] <... setpgid resumed>) = 0 [pid 3614] <... setpgid resumed>) = 0 [pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3615] <... openat resumed>) = 3 [pid 3614] <... openat resumed>) = 3 [pid 3615] write(3, "1000", 4 [pid 3614] write(3, "1000", 4 [pid 3615] <... write resumed>) = 4 [pid 3614] <... write resumed>) = 4 [pid 3615] close(3 [pid 3614] close(3 [pid 3615] <... close resumed>) = 0 [pid 3614] <... close resumed>) = 0 [pid 3615] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [ 51.889530][ T3612] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 51.897497][ T3612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 51.905518][ T3612] R13: 0000000000000000 R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 51.913517][ T3612] [ 51.916539][ T3613] CPU: 1 PID: 3613 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 51.927048][ T3613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [pid 3614] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 3615] <... openat resumed>) = 3 [pid 3614] <... openat resumed>) = 3 [pid 3612] <... ioctl resumed>, 0) = 0 [pid 3615] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3614] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3612] exit_group(0 [pid 3615] <... openat resumed>) = 4 [pid 3614] <... openat resumed>) = 4 [pid 3612] <... exit_group resumed>) = ? [ 51.931521][ T27] audit: type=1400 audit(1652479071.847:78): avc: denied { ioctl } for pid=3612 comm="syz-executor274" path="/dev/fb0" dev="devtmpfs" ino=626 ioctlcmd=0x4620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 51.937109][ T3613] Call Trace: [ 51.937120][ T3613] [ 51.937129][ T3613] dump_stack_lvl+0xcd/0x134 [ 51.937160][ T3613] should_fail.cold+0x5/0xa [ 51.937184][ T3613] prepare_alloc_pages+0x17b/0x570 [ 51.937209][ T3613] __alloc_pages+0x12f/0x500 [ 51.937233][ T3613] ? __alloc_pages_slowpath.constprop.0+0x20e0/0x20e0 [ 51.937259][ T3613] ? find_held_lock+0x2d/0x110 [ 51.937281][ T3613] cache_grow_begin+0x75/0x350 [ 51.937304][ T3613] cache_alloc_refill+0x27f/0x380 [ 51.937326][ T3613] __kmalloc+0x3b3/0x4d0 [ 51.937347][ T3613] ? tomoyo_realpath_from_path+0xc3/0x620 [ 51.937370][ T3613] tomoyo_realpath_from_path+0xc3/0x620 [ 51.937409][ T3613] ? tomoyo_profile+0x42/0x50 [ 51.937428][ T3613] tomoyo_path_number_perm+0x1d5/0x590 [ 51.937449][ T3613] ? tomoyo_path_number_perm+0x18d/0x590 [ 51.937470][ T3613] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 51.937495][ T3613] ? find_held_lock+0x2d/0x110 [ 51.937517][ T3613] ? ptrace_notify+0xfa/0x140 [ 51.937540][ T3613] ? lock_downgrade+0x6e0/0x6e0 [ 51.937562][ T3613] security_file_ioctl+0x50/0xb0 [ 51.937586][ T3613] __x64_sys_ioctl+0xb3/0x200 [ 51.937610][ T3613] do_syscall_64+0x35/0xb0 [ 51.937638][ T3613] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 51.937666][ T3613] RIP: 0033:0x7f88831d7139 [ 51.937684][ T3613] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 51.937705][ T3613] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 51.937728][ T3613] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 51.974848][ T3615] FAULT_INJECTION: forcing a failure. [ 51.974848][ T3615] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 51.978320][ T3613] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 52.142437][ T3613] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 52.150407][ T3613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 52.158373][ T3613] R13: 0000000000000000 R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 52.166350][ T3613] [ 52.169378][ T3615] CPU: 0 PID: 3615 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 52.179882][ T3615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.189934][ T3615] Call Trace: [ 52.193205][ T3615] [ 52.196130][ T3615] dump_stack_lvl+0xcd/0x134 [ 52.200725][ T3615] should_fail.cold+0x5/0xa [ 52.205230][ T3615] prepare_alloc_pages+0x17b/0x570 [ 52.210341][ T3615] __alloc_pages+0x12f/0x500 [ 52.214932][ T3615] ? __alloc_pages_slowpath.constprop.0+0x20e0/0x20e0 [ 52.221700][ T3615] ? find_held_lock+0x2d/0x110 [ 52.226465][ T3615] cache_grow_begin+0x75/0x350 [ 52.231229][ T3615] cache_alloc_refill+0x27f/0x380 [ 52.236256][ T3615] __kmalloc+0x3b3/0x4d0 [ 52.240498][ T3615] ? tomoyo_realpath_from_path+0xc3/0x620 [ 52.246217][ T3615] tomoyo_realpath_from_path+0xc3/0x620 [ 52.251761][ T3615] ? tomoyo_profile+0x42/0x50 [ 52.256444][ T3615] tomoyo_path_number_perm+0x1d5/0x590 [ 52.261901][ T3615] ? tomoyo_path_number_perm+0x18d/0x590 [ 52.267528][ T3615] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 52.273331][ T3615] ? find_held_lock+0x2d/0x110 [ 52.278179][ T3615] ? ptrace_notify+0xfa/0x140 [ 52.282863][ T3615] ? lock_downgrade+0x6e0/0x6e0 [ 52.287717][ T3615] security_file_ioctl+0x50/0xb0 [ 52.292655][ T3615] __x64_sys_ioctl+0xb3/0x200 [ 52.297331][ T3615] do_syscall_64+0x35/0xb0 [ 52.301756][ T3615] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 52.307655][ T3615] RIP: 0033:0x7f88831d7139 [ 52.312078][ T3615] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 52.331770][ T3615] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [pid 3615] write(4, "2", 1 [pid 3614] write(4, "2", 1 [pid 3612] +++ exited with 0 +++ [pid 3615] <... write resumed>) = 1 [pid 3614] <... write resumed>) = 1 [ 52.340185][ T3615] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 52.348148][ T3615] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 52.356112][ T3615] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 52.364081][ T3615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 52.372045][ T3615] R13: 0000000000000000 R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 52.380011][ T3615] [ 52.383112][ C0] vkms_vblank_simulate: vblank timer overrun [pid 3615] ioctl(3, FBIO_WAITFORVSYNC [pid 3614] ioctl(3, FBIO_WAITFORVSYNC [pid 3609] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3612, si_uid=0, si_status=0, si_utime=0, si_stime=29} --- [pid 3616] <... openat resumed>) = 3 [pid 3611] ioctl(3, FBIO_WAITFORVSYNC [pid 3616] write(3, "1000", 4 [pid 3609] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3617 ./strace-static-x86_64: Process 3617 attached [pid 3617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3617] setpgid(0, 0) = 0 [pid 3617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3617] write(3, "1000", 4) = 4 [pid 3617] close(3) = 0 [pid 3617] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 3 [pid 3617] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [ 52.389960][ T3611] FAULT_INJECTION: forcing a failure. [ 52.389960][ T3611] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 52.392983][ T3614] FAULT_INJECTION: forcing a failure. [ 52.392983][ T3614] name failslab, interval 1, probability 0, space 0, times 1 [ 52.403168][ T3611] CPU: 1 PID: 3611 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 52.403193][ T3611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.403205][ T3611] Call Trace: [ 52.403213][ T3611] [ 52.403221][ T3611] dump_stack_lvl+0xcd/0x134 [ 52.403251][ T3611] should_fail.cold+0x5/0xa [ 52.403277][ T3611] prepare_alloc_pages+0x17b/0x570 [ 52.440977][ T3617] FAULT_INJECTION: forcing a failure. [ 52.440977][ T3617] name failslab, interval 1, probability 0, space 0, times 1 [ 52.442642][ T3611] __alloc_pages+0x12f/0x500 [ 52.474730][ T3611] ? __alloc_pages_slowpath.constprop.0+0x20e0/0x20e0 [ 52.481518][ T3611] ? find_held_lock+0x2d/0x110 [ 52.486286][ T3611] cache_grow_begin+0x75/0x350 [ 52.491066][ T3611] cache_alloc_refill+0x27f/0x380 [ 52.496101][ T3611] __kmalloc+0x3b3/0x4d0 [ 52.500352][ T3611] ? tomoyo_realpath_from_path+0xc3/0x620 [ 52.506089][ T3611] tomoyo_realpath_from_path+0xc3/0x620 [ 52.511639][ T3611] ? tomoyo_profile+0x42/0x50 [ 52.516314][ T3611] tomoyo_path_number_perm+0x1d5/0x590 [ 52.521779][ T3611] ? tomoyo_path_number_perm+0x18d/0x590 [ 52.527420][ T3611] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 52.533239][ T3611] ? find_held_lock+0x2d/0x110 [ 52.538009][ T3611] ? ptrace_notify+0xfa/0x140 [ 52.542690][ T3611] ? lock_downgrade+0x6e0/0x6e0 [ 52.547550][ T3611] security_file_ioctl+0x50/0xb0 [ 52.552508][ T3611] __x64_sys_ioctl+0xb3/0x200 [ 52.557197][ T3611] do_syscall_64+0x35/0xb0 [ 52.561634][ T3611] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 52.567533][ T3611] RIP: 0033:0x7f88831d7139 [ 52.571967][ T3611] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 52.591591][ T3611] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 52.600019][ T3611] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 52.607988][ T3611] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 52.615959][ T3611] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 52.624280][ T3611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 52.632257][ T3611] R13: 0000000000000000 R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [pid 3617] write(4, "2", 1) = 1 [pid 3617] ioctl(3, FBIO_WAITFORVSYNC [pid 3616] <... write resumed>) = 4 [pid 3611] <... ioctl resumed>, 0) = 0 [pid 3611] exit_group(0) = ? [pid 3615] <... ioctl resumed>, 0) = 0 [pid 3615] exit_group(0) = ? [pid 3615] +++ exited with 0 +++ [pid 3616] close(3) = 0 [pid 3616] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 3 [pid 3613] <... ioctl resumed>, 0) = 0 [pid 3611] +++ exited with 0 +++ [pid 3616] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3613] exit_group(0 [pid 3616] <... openat resumed>) = 4 [pid 3613] <... exit_group resumed>) = ? [pid 3610] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3611, si_uid=0, si_status=0, si_utime=0, si_stime=25} --- [pid 3616] write(4, "2", 1 [pid 3613] +++ exited with 0 +++ [pid 3610] restart_syscall(<... resuming interrupted clone ...> [pid 3616] <... write resumed>) = 1 [pid 3610] <... restart_syscall resumed>) = 0 [pid 3608] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3613, si_uid=0, si_status=0, si_utime=0, si_stime=47} --- [ 52.641454][ T3611] [ 52.648222][ T3617] CPU: 1 PID: 3617 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 52.658743][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.669850][ T3617] Call Trace: [ 52.673133][ T3617] [ 52.676065][ T3617] dump_stack_lvl+0xcd/0x134 [ 52.680752][ T3617] should_fail.cold+0x5/0xa [ 52.685269][ T3617] should_failslab+0x5/0x10 [ 52.689796][ T3617] __kmalloc+0x7b/0x4d0 [pid 3616] ioctl(3, FBIO_WAITFORVSYNC [pid 3610] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3618 [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555720b5d0) = 3619 ./strace-static-x86_64: Process 3619 attached [pid 3619] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3619] setpgid(0, 0) = 0 [pid 3619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 52.692080][ T3616] FAULT_INJECTION: forcing a failure. [ 52.692080][ T3616] name failslab, interval 1, probability 0, space 0, times 1 [ 52.693987][ T3617] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 52.694017][ T3617] ? d_absolute_path+0x127/0x1a0 [ 52.694047][ T3617] tomoyo_encode2.part.0+0xe9/0x3a0 [ 52.694071][ T3617] ? tomoyo_realpath_from_path+0xc3/0x620 [ 52.694097][ T3617] tomoyo_encode+0x28/0x50 [ 52.732759][ T3617] tomoyo_realpath_from_path+0x186/0x620 [ 52.738410][ T3617] tomoyo_path_number_perm+0x1d5/0x590 [ 52.743887][ T3617] ? tomoyo_path_number_perm+0x18d/0x590 [ 52.746544][ T3619] FAULT_INJECTION: forcing a failure. [ 52.746544][ T3619] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 52.750337][ T3617] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 52.769293][ T3617] ? find_held_lock+0x2d/0x110 [ 52.774057][ T3617] ? ptrace_notify+0xfa/0x140 [ 52.778734][ T3617] ? lock_downgrade+0x6e0/0x6e0 [ 52.783593][ T3617] security_file_ioctl+0x50/0xb0 [ 52.788539][ T3617] __x64_sys_ioctl+0xb3/0x200 [ 52.793216][ T3617] do_syscall_64+0x35/0xb0 [ 52.797636][ T3617] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 52.803549][ T3617] RIP: 0033:0x7f88831d7139 [ 52.807977][ T3617] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 52.827594][ T3617] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 52.836542][ T3617] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [pid 3619] write(3, "1000", 4) = 4 [pid 3619] close(3) = 0 [pid 3619] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 3 [pid 3619] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 3619] write(4, "2", 1) = 1 [ 52.844511][ T3617] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 52.852569][ T3617] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 52.860623][ T3617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 52.868590][ T3617] R13: 00007ffc254f647c R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 52.876650][ T3617] [ 52.879665][ T3619] CPU: 0 PID: 3619 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 52.883024][ T3617] ERROR: Out of memory at tomoyo_realpath_from_path. [ 52.890172][ T3619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.890187][ T3619] Call Trace: [ 52.910151][ T3619] [ 52.913082][ T3619] dump_stack_lvl+0xcd/0x134 [ 52.917678][ T3619] should_fail.cold+0x5/0xa [ 52.922182][ T3619] prepare_alloc_pages+0x17b/0x570 [ 52.927296][ T3619] __alloc_pages+0x12f/0x500 [ 52.931894][ T3619] ? __alloc_pages_slowpath.constprop.0+0x20e0/0x20e0 [ 52.938665][ T3619] ? find_held_lock+0x2d/0x110 [ 52.943429][ T3619] cache_grow_begin+0x75/0x350 [ 52.948230][ T3619] cache_alloc_refill+0x27f/0x380 [ 52.953253][ T3619] __kmalloc+0x3b3/0x4d0 [ 52.957583][ T3619] ? tomoyo_realpath_from_path+0xc3/0x620 [ 52.963323][ T3619] tomoyo_realpath_from_path+0xc3/0x620 [ 52.968868][ T3619] ? tomoyo_profile+0x42/0x50 [ 52.973538][ T3619] tomoyo_path_number_perm+0x1d5/0x590 [ 52.979092][ T3619] ? tomoyo_path_number_perm+0x18d/0x590 [ 52.984720][ T3619] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 52.990711][ T3619] ? find_held_lock+0x2d/0x110 [ 52.995476][ T3619] ? ptrace_notify+0xfa/0x140 [ 53.000159][ T3619] ? lock_downgrade+0x6e0/0x6e0 [ 53.005012][ T3619] security_file_ioctl+0x50/0xb0 [ 53.009953][ T3619] __x64_sys_ioctl+0xb3/0x200 [ 53.014625][ T3619] do_syscall_64+0x35/0xb0 [ 53.019044][ T3619] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 53.024930][ T3619] RIP: 0033:0x7f88831d7139 [ 53.029338][ T3619] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 53.048935][ T3619] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.057336][ T3619] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 53.065293][ T3619] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 53.073248][ T3619] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 53.081212][ T3619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 53.089172][ T3619] R13: 00007ffc254f647c R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [pid 3619] ioctl(3, FBIO_WAITFORVSYNC./strace-static-x86_64: Process 3618 attached [ 53.097136][ T3619] [ 53.100208][ C0] vkms_vblank_simulate: vblank timer overrun [ 53.100212][ T3617] ------------[ cut here ]------------ [ 53.108057][ T3616] CPU: 0 PID: 3616 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 53.113172][ T3617] platform vkms: vblank wait timed out on crtc 0 [ 53.122401][ T3616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.129187][ T3617] WARNING: CPU: 1 PID: 3617 at drivers/gpu/drm/drm_vblank.c:1269 drm_wait_one_vblank+0x2bc/0x500 [ 53.138749][ T3616] Call Trace: [ 53.138760][ T3616] [ 53.138767][ T3616] dump_stack_lvl+0xcd/0x134 [ 53.149380][ T3617] Modules linked in: [ 53.152612][ T3616] should_fail.cold+0x5/0xa [ 53.155551][ T3617] [ 53.160088][ T3616] should_failslab+0x5/0x10 [ 53.172568][ T3617] CPU: 1 PID: 3617 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 53.175219][ T3616] __kmalloc+0x7b/0x4d0 [ 53.175248][ T3616] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 53.175274][ T3616] ? d_absolute_path+0x127/0x1a0 [ 53.192765][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.195216][ T3616] tomoyo_encode2.part.0+0xe9/0x3a0 [ 53.200129][ T3617] RIP: 0010:drm_wait_one_vblank+0x2bc/0x500 [ 53.210160][ T3616] ? tomoyo_realpath_from_path+0xc3/0x620 [ 53.210185][ T3616] tomoyo_encode+0x28/0x50 [ 53.210205][ T3616] tomoyo_realpath_from_path+0x186/0x620 [ 53.236921][ T3616] tomoyo_path_number_perm+0x1d5/0x590 [ 53.242382][ T3616] ? tomoyo_path_number_perm+0x18d/0x590 [ 53.242765][ T3617] Code: 85 f6 0f 84 a3 01 00 00 e8 91 34 04 fd 4c 89 ef e8 39 17 16 00 44 89 e1 4c 89 f2 48 c7 c7 40 3b 3b 8a 48 89 c6 e8 c4 f9 b3 04 <0f> 0b e9 87 fe ff ff e8 68 34 04 fd 31 ff 4c 89 ee e8 ee 36 04 fd [ 53.248006][ T3616] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 53.273377][ T3616] ? find_held_lock+0x2d/0x110 [ 53.278140][ T3616] ? ptrace_notify+0xfa/0x140 [ 53.282815][ T3616] ? lock_downgrade+0x6e0/0x6e0 [ 53.287660][ T3616] security_file_ioctl+0x50/0xb0 [ 53.292597][ T3616] __x64_sys_ioctl+0xb3/0x200 [ 53.292763][ T3617] RSP: 0018:ffffc9000305fb40 EFLAGS: 00010282 [ 53.297264][ T3616] do_syscall_64+0x35/0xb0 [ 53.307707][ T3616] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 53.312765][ T3617] RAX: 0000000000000000 RBX: 0000000000000aa5 RCX: 0000000000000000 [ 53.313597][ T3616] RIP: 0033:0x7f88831d7139 [ 53.321545][ T3617] RDX: ffff8880734ee040 RSI: ffffffff815f4a18 RDI: fffff5200060bf5a [pid 3618] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3605] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3615, si_uid=0, si_status=0, si_utime=0, si_stime=41} --- [ 53.325934][ T3616] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 53.325954][ T3616] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.325975][ T3616] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 53.325989][ T3616] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 53.326001][ T3616] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 53.326014][ T3616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 53.326026][ T3616] R13: 0000000000000000 R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 53.326040][ T3616] [ 53.326109][ C0] vkms_vblank_simulate: vblank timer overrun [ 53.335319][ T3614] CPU: 1 PID: 3614 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 53.353666][ C0] vkms_vblank_simulate: vblank timer overrun [ 53.361974][ T3614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.372541][ T3616] ERROR: Out of memory at tomoyo_realpath_from_path. [ 53.377881][ T3614] Call Trace: [ 53.377890][ T3614] [ 53.377898][ T3614] dump_stack_lvl+0xcd/0x134 [ 53.377929][ T3614] should_fail.cold+0x5/0xa [ 53.377952][ T3614] should_failslab+0x5/0x10 [ 53.377976][ T3614] __kmalloc+0x7b/0x4d0 [ 53.378005][ T3614] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 53.378030][ T3614] ? d_absolute_path+0x127/0x1a0 [ 53.378058][ T3614] tomoyo_encode2.part.0+0xe9/0x3a0 [ 53.378081][ T3614] ? tomoyo_realpath_from_path+0xc3/0x620 [ 53.488941][ T3614] tomoyo_encode+0x28/0x50 [ 53.493363][ T3614] tomoyo_realpath_from_path+0x186/0x620 [ 53.498991][ T3614] tomoyo_path_number_perm+0x1d5/0x590 [ 53.504441][ T3614] ? tomoyo_path_number_perm+0x18d/0x590 [ 53.510065][ T3614] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 53.515863][ T3614] ? find_held_lock+0x2d/0x110 [ 53.520618][ T3614] ? ptrace_notify+0xfa/0x140 [ 53.525288][ T3614] ? lock_downgrade+0x6e0/0x6e0 [ 53.530132][ T3614] security_file_ioctl+0x50/0xb0 [ 53.535058][ T3614] __x64_sys_ioctl+0xb3/0x200 [ 53.539727][ T3614] do_syscall_64+0x35/0xb0 [ 53.544140][ T3614] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 53.550028][ T3614] RIP: 0033:0x7f88831d7139 [ 53.554430][ T3614] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 53.574050][ T3614] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.582452][ T3614] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 53.590410][ T3614] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [pid 3618] <... prctl resumed>) = 0 [pid 3605] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3618] setpgid(0, 0./strace-static-x86_64: Process 3620 attached [pid 3620] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3620] setpgid(0, 0) = 0 [pid 3620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3618] <... setpgid resumed>) = 0 [pid 3605] <... clone resumed>, child_tidptr=0x55555720b5d0) = 3620 [pid 3618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3620] <... openat resumed>) = 3 [pid 3620] write(3, "1000", 4) = 4 [pid 3620] close(3) = 0 [pid 3620] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 3618] write(3, "1000", 4) = 4 [ 53.598371][ T3614] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 53.606329][ T3614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 53.614285][ T3614] R13: 0000000000000000 R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 53.622244][ T3614] [ 53.628094][ T3617] RBP: ffff888019e80000 R08: 0000000000000000 R09: 0000000000000001 [ 53.630562][ T3614] ERROR: Out of memory at tomoyo_realpath_from_path. [pid 3618] close(3) = 0 [ 53.644552][ T3617] R10: ffffffff815ef3ee R11: 0000000000000000 R12: 0000000000000000 [ 53.654262][ T3617] R13: ffff888148622010 R14: ffff88801bab1e00 R15: ffff88801b89f030 [ 53.662261][ T3617] FS: 000055555720b300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 53.671284][ T3617] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.677984][ T3617] CR2: 00007f888321b01d CR3: 0000000072f57000 CR4: 00000000003506e0 [ 53.686037][ T3617] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.694085][ T3617] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.702064][ T3617] Call Trace: [ 53.705449][ T3617] [ 53.708381][ T3617] ? drm_crtc_vblank_put+0x80/0x80 [ 53.713713][ T3617] ? prepare_to_wait_exclusive+0x2b0/0x2b0 [ 53.719528][ T3617] ? lockdep_hardirqs_on+0x79/0x100 [ 53.724873][ T3617] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 53.731828][ T3617] ? drm_vblank_get+0x14c/0x280 [ 53.737051][ T3617] drm_fb_helper_ioctl+0x159/0x1a0 [ 53.742190][ T3617] do_fb_ioctl+0x1d5/0x6c0 [ 53.747388][ T3617] ? drm_fb_helper_sys_read+0x30/0x30 [ 53.753084][ T3617] ? fb_getput_cmap+0x270/0x270 [ 53.757968][ T3617] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 53.764210][ T3617] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 53.770135][ T3617] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 53.776769][ T3617] ? do_vfs_ioctl+0x132/0x15c0 [ 53.781555][ T3617] ? vfs_fileattr_set+0xbe0/0xbe0 [ 53.786916][ T3617] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x400 [ 53.793803][ T3617] ? ioctl_has_perm.constprop.0.isra.0+0x2a4/0x400 [ 53.800335][ T3617] ? selinux_inode_getsecctx+0x90/0x90 [ 53.806261][ T3617] ? find_held_lock+0x2d/0x110 [ 53.811049][ T3617] ? ptrace_notify+0xfa/0x140 [ 53.816262][ T3617] ? lock_downgrade+0x6e0/0x6e0 [ 53.821220][ T3617] ? selinux_file_ioctl+0xb1/0x270 [ 53.826670][ T3617] fb_ioctl+0xe7/0x150 [ 53.830747][ T3617] ? do_fb_ioctl+0x6c0/0x6c0 [ 53.835767][ T3617] __x64_sys_ioctl+0x193/0x200 [ 53.840554][ T3617] do_syscall_64+0x35/0xb0 [ 53.845378][ T3617] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 53.851295][ T3617] RIP: 0033:0x7f88831d7139 [ 53.856147][ T3617] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 53.876571][ T3617] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.885344][ T3617] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 53.893656][ T3617] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 53.901642][ T3617] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 53.910063][ T3617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 53.918358][ T3617] R13: 00007ffc254f647c R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 53.926689][ T3617] [ 53.929722][ T3617] Kernel panic - not syncing: panic_on_warn set ... [ 53.936306][ T3617] CPU: 1 PID: 3617 Comm: syz-executor274 Not tainted 5.18.0-rc6-syzkaller-00085-gf3f19f939c11 #0 [ 53.946803][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.956937][ T3617] Call Trace: [ 53.960215][ T3617] [ 53.963129][ T3617] dump_stack_lvl+0xcd/0x134 [ 53.967715][ T3617] panic+0x2d7/0x636 [ 53.971625][ T3617] ? panic_print_sys_info.part.0+0x10b/0x10b [ 53.977626][ T3617] ? __warn.cold+0x1d1/0x2c5 [ 53.982242][ T3617] ? drm_wait_one_vblank+0x2bc/0x500 [ 53.987540][ T3617] __warn.cold+0x1e2/0x2c5 [ 53.991956][ T3617] ? wake_up_klogd.part.0+0x8e/0xd0 [ 53.997153][ T3617] ? drm_wait_one_vblank+0x2bc/0x500 [ 54.002447][ T3617] report_bug+0x1bd/0x210 [ 54.006768][ T3617] handle_bug+0x3c/0x60 [ 54.010913][ T3617] exc_invalid_op+0x14/0x40 [ 54.015418][ T3617] asm_exc_invalid_op+0x12/0x20 [ 54.020286][ T3617] RIP: 0010:drm_wait_one_vblank+0x2bc/0x500 [ 54.026190][ T3617] Code: 85 f6 0f 84 a3 01 00 00 e8 91 34 04 fd 4c 89 ef e8 39 17 16 00 44 89 e1 4c 89 f2 48 c7 c7 40 3b 3b 8a 48 89 c6 e8 c4 f9 b3 04 <0f> 0b e9 87 fe ff ff e8 68 34 04 fd 31 ff 4c 89 ee e8 ee 36 04 fd [ 54.045890][ T3617] RSP: 0018:ffffc9000305fb40 EFLAGS: 00010282 [ 54.052063][ T3617] RAX: 0000000000000000 RBX: 0000000000000aa5 RCX: 0000000000000000 [ 54.060028][ T3617] RDX: ffff8880734ee040 RSI: ffffffff815f4a18 RDI: fffff5200060bf5a [ 54.067996][ T3617] RBP: ffff888019e80000 R08: 0000000000000000 R09: 0000000000000001 [ 54.075962][ T3617] R10: ffffffff815ef3ee R11: 0000000000000000 R12: 0000000000000000 [ 54.083933][ T3617] R13: ffff888148622010 R14: ffff88801bab1e00 R15: ffff88801b89f030 [ 54.091918][ T3617] ? wake_up_klogd.part.0+0x8e/0xd0 [ 54.097120][ T3617] ? vprintk+0x88/0x90 [ 54.101206][ T3617] ? drm_crtc_vblank_put+0x80/0x80 [ 54.106319][ T3617] ? prepare_to_wait_exclusive+0x2b0/0x2b0 [ 54.112123][ T3617] ? lockdep_hardirqs_on+0x79/0x100 [ 54.117317][ T3617] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 54.123122][ T3617] ? drm_vblank_get+0x14c/0x280 [ 54.127972][ T3617] drm_fb_helper_ioctl+0x159/0x1a0 [ 54.133086][ T3617] do_fb_ioctl+0x1d5/0x6c0 [ 54.137757][ T3617] ? drm_fb_helper_sys_read+0x30/0x30 [ 54.143124][ T3617] ? fb_getput_cmap+0x270/0x270 [ 54.147968][ T3617] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 54.153774][ T3617] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 54.159666][ T3617] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 54.165902][ T3617] ? do_vfs_ioctl+0x132/0x15c0 [ 54.170664][ T3617] ? vfs_fileattr_set+0xbe0/0xbe0 [ 54.175687][ T3617] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x400 [ 54.182184][ T3617] ? ioctl_has_perm.constprop.0.isra.0+0x2a4/0x400 [ 54.188690][ T3617] ? selinux_inode_getsecctx+0x90/0x90 [ 54.194143][ T3617] ? find_held_lock+0x2d/0x110 [ 54.198901][ T3617] ? ptrace_notify+0xfa/0x140 [ 54.203576][ T3617] ? lock_downgrade+0x6e0/0x6e0 [ 54.208420][ T3617] ? selinux_file_ioctl+0xb1/0x270 [ 54.213529][ T3617] fb_ioctl+0xe7/0x150 [ 54.217591][ T3617] ? do_fb_ioctl+0x6c0/0x6c0 [ 54.222175][ T3617] __x64_sys_ioctl+0x193/0x200 [ 54.226933][ T3617] do_syscall_64+0x35/0xb0 [ 54.231351][ T3617] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 54.237242][ T3617] RIP: 0033:0x7f88831d7139 [ 54.241648][ T3617] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 54.261247][ T3617] RSP: 002b:00007ffc254f6468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 54.269663][ T3617] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f88831d7139 [ 54.277622][ T3617] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 54.285582][ T3617] RBP: 00007ffc254f6480 R08: 0000000000000001 R09: 0000000000000000 [ 54.293543][ T3617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 54.301505][ T3617] R13: 00007ffc254f647c R14: 00007ffc254f64a0 R15: 00007ffc254f6490 [ 54.309469][ T3617] [ 54.312761][ T3617] Kernel Offset: disabled [ 54.317152][ T3617] Rebooting in 86400 seconds..