./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4049959255 <...> forked to background, child pid 3185 no interfaces have a carrier [ 23.368756][ T3186] 8021q: adding VLAN 0 to HW filter on device bond0 [ 23.377782][ T3186] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.88' (ECDSA) to the list of known hosts. execve("./syz-executor4049959255", ["./syz-executor4049959255"], 0x7ffff9a86980 /* 10 vars */) = 0 brk(NULL) = 0x555556c23000 brk(0x555556c23c40) = 0x555556c23c40 arch_prctl(ARCH_SET_FS, 0x555556c23300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555556c235d0) = 3607 set_robust_list(0x555556c235e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7fde62bf9430, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fde62bf9b00}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7fde62bf94d0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fde62bf9b00}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4049959255", 4096) = 28 brk(0x555556c44c40) = 0x555556c44c40 brk(0x555556c45000) = 0x555556c45000 mprotect(0x7fde62cba000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3608 attached , child_tidptr=0x555556c235d0) = 3608 [pid 3608] set_robust_list(0x555556c235e0, 24) = 0 [pid 3608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3608] setpgid(0, 0) = 0 [pid 3608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3608] write(3, "1000", 4) = 4 [pid 3608] close(3) = 0 [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3608] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fde62bc9000 [pid 3608] mprotect(0x7fde62bca000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3608] clone(child_stack=0x7fde62be93f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3609 attached , parent_tid=[3609], tls=0x7fde62be9700, child_tidptr=0x7fde62be99d0) = 3609 [pid 3609] set_robust_list(0x7fde62be99e0, 24 [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3609] <... set_robust_list resumed>) = 0 [pid 3608] <... futex resumed>) = 0 [pid 3609] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] <... openat resumed>) = 3 [pid 3609] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3608] <... futex resumed>) = 0 [pid 3609] futex(0x7fde62cc04e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3609] <... futex resumed>) = 0 [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] ioctl(3, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS|NBD_FLAG_READ_ONLY|NBD_FLAG_SEND_FLUSH|NBD_FLAG_SEND_FUA|NBD_FLAG_ROTATIONAL|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_WRITE_ZEROES|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE) = 0 [pid 3609] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3608] <... futex resumed>) = 0 [pid 3609] futex(0x7fde62cc04e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3609] <... futex resumed>) = 0 [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 4 [pid 3609] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3608] <... futex resumed>) = 0 [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 3609] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3609] futex(0x7fde62cc04e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3608] <... futex resumed>) = 0 [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] <... futex resumed>) = 0 [pid 3609] ioctl(4, NBD_SET_SOCK, 5) = 0 [pid 3609] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3608] <... futex resumed>) = 0 [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 7 [pid 3609] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3608] <... futex resumed>) = 0 [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] ioctl(4, NBD_SET_SOCK, 5) = 0 [pid 3609] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3609] futex(0x7fde62cc04e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3608] <... futex resumed>) = 0 [pid 3608] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3609] <... futex resumed>) = 0 [pid 3608] <... futex resumed>) = 1 [pid 3609] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3608] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3609] <... openat resumed>) = 8 [pid 3609] write(8, "13", 2) = 2 [pid 3609] ioctl(7, NBD_DO_IT [pid 3608] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) syzkaller login: [ 41.847241][ T3609] Increasing nr_hw_queues to 2 fails, fallback to 1 [pid 3608] exit_group(0 [pid 3609] <... ioctl resumed>) = ? [pid 3608] <... exit_group resumed>) = ? [pid 3609] +++ exited with 0 +++ [pid 3608] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3608, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c235d0) = 3613 ./strace-static-x86_64: Process 3613 attached [pid 3613] set_robust_list(0x555556c235e0, 24) = 0 [pid 3613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3613] setpgid(0, 0) = 0 [pid 3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3613] write(3, "1000", 4) = 4 [pid 3613] close(3) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fde62bc9000 [pid 3613] mprotect(0x7fde62bca000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3613] clone(child_stack=0x7fde62be93f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3614], tls=0x7fde62be9700, child_tidptr=0x7fde62be99d0) = 3614 [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3614 attached [pid 3614] set_robust_list(0x7fde62be99e0, 24) = 0 [pid 3614] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 3614] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3613] <... futex resumed>) = 0 [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3614] <... futex resumed>) = 1 [pid 3614] ioctl(3, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS|NBD_FLAG_READ_ONLY|NBD_FLAG_SEND_FLUSH|NBD_FLAG_SEND_FUA|NBD_FLAG_ROTATIONAL|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_WRITE_ZEROES|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE) = 0 [pid 3614] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3613] <... futex resumed>) = 0 [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3614] <... futex resumed>) = 1 [pid 3614] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 4 [pid 3614] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3613] <... futex resumed>) = 0 [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3614] <... futex resumed>) = 1 [pid 3614] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 3614] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3613] <... futex resumed>) = 0 [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3614] <... futex resumed>) = 1 [pid 3614] ioctl(4, NBD_SET_SOCK, 5) = 0 [pid 3614] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3613] <... futex resumed>) = 0 [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3614] <... futex resumed>) = 1 [pid 3614] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 7 [pid 3614] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3613] <... futex resumed>) = 0 [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3614] <... futex resumed>) = 1 [ 41.990982][ T3609] block nbd0: shutting down sockets [pid 3614] ioctl(4, NBD_SET_SOCK, 5) = 0 [pid 3614] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3613] <... futex resumed>) = 0 [pid 3614] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3613] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3613] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3614] <... openat resumed>) = 8 [pid 3614] write(8, "13", 2) = 2 [pid 3614] ioctl(7, NBD_DO_IT [pid 3613] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 3613] exit_group(0) = ? [pid 3614] <... ioctl resumed>) = ? [pid 3614] +++ exited with 0 +++ [pid 3613] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3613, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c235d0) = 3615 ./strace-static-x86_64: Process 3615 attached [pid 3615] set_robust_list(0x555556c235e0, 24) = 0 [pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3615] setpgid(0, 0) = 0 [pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3615] write(3, "1000", 4) = 4 [pid 3615] close(3) = 0 [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fde62bc9000 [pid 3615] mprotect(0x7fde62bca000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3615] clone(child_stack=0x7fde62be93f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3616], tls=0x7fde62be9700, child_tidptr=0x7fde62be99d0) = 3616 [pid 3615] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3616 attached [pid 3616] set_robust_list(0x7fde62be99e0, 24) = 0 [pid 3616] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 3616] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3615] <... futex resumed>) = 0 [pid 3615] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... futex resumed>) = 1 [pid 3616] ioctl(3, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS|NBD_FLAG_READ_ONLY|NBD_FLAG_SEND_FLUSH|NBD_FLAG_SEND_FUA|NBD_FLAG_ROTATIONAL|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_WRITE_ZEROES|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE) = 0 [pid 3616] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3615] <... futex resumed>) = 0 [pid 3615] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... futex resumed>) = 1 [pid 3616] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 4 [pid 3616] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3615] <... futex resumed>) = 0 [pid 3615] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... futex resumed>) = 1 [pid 3616] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 3616] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3615] <... futex resumed>) = 0 [pid 3615] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... futex resumed>) = 1 [ 42.268487][ T3614] block nbd0: shutting down sockets [pid 3616] ioctl(4, NBD_SET_SOCK, 5 [pid 3615] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 3615] futex(0x7fde62cc04fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fde62ba8000 [pid 3615] mprotect(0x7fde62ba9000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3615] clone(child_stack=0x7fde62bc83f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3617 attached , parent_tid=[3617], tls=0x7fde62bc8700, child_tidptr=0x7fde62bc89d0) = 3617 [pid 3615] futex(0x7fde62cc04f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7fde62cc04fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3617] set_robust_list(0x7fde62bc89e0, 24) = 0 [pid 3617] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 7 [pid 3617] futex(0x7fde62cc04fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3615] <... futex resumed>) = 0 [pid 3617] futex(0x7fde62cc04f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3615] futex(0x7fde62cc04f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3617] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3615] <... futex resumed>) = 0 [pid 3617] ioctl(4, NBD_SET_SOCK, 5 [pid 3615] futex(0x7fde62cc04fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... ioctl resumed>) = 0 [pid 3616] futex(0x7fde62cc04ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3616] futex(0x7fde62cc04e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3617] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3617] futex(0x7fde62cc04fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3615] <... futex resumed>) = 0 [pid 3617] futex(0x7fde62cc04f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3615] futex(0x7fde62cc04e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3616] <... futex resumed>) = 0 [pid 3615] <... futex resumed>) = 1 [pid 3616] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3615] futex(0x7fde62cc04ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... openat resumed>) = 8 [pid 3616] write(8, "13", 2) = 2 [ 42.406001][ T3617] block nbd0: Device being setup by another task [ 42.456125][ T3616] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 42.467861][ T3616] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 42.476269][ T3616] CPU: 0 PID: 3616 Comm: syz-executor404 Not tainted 6.0.0-rc2-next-20220826-syzkaller #0 [ 42.486142][ T3616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 42.496180][ T3616] RIP: 0010:blk_mq_free_rqs+0x3f8/0x960 [ 42.501718][ T3616] Code: de e8 9c 1c 96 fd 83 fb 3f 0f 87 46 fd 68 05 e8 be 1f 96 fd b8 00 10 00 00 89 d9 48 d3 e0 4c 01 e8 48 89 44 24 08 48 8b 04 24 <0f> b6 00 84 c0 74 08 3c 03 0f 8e 96 03 00 00 41 8b 1f 31 ff 31 ed [ 42.521318][ T3616] RSP: 0018:ffffc90003ccfaa8 EFLAGS: 00010286 [ 42.527402][ T3616] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000004 [ 42.535374][ T3616] RDX: ffff888077b8d7c0 RSI: ffffffff83e5e3a2 RDI: 0000000000000005 [ 42.543345][ T3616] RBP: ffff8880179a7000 R08: 0000000000000005 R09: 000000000000003f [ 42.551315][ T3616] R10: 0000000000000004 R11: ffff88813fffa700 R12: ffffc90003ccfb60 [ 42.559286][ T3616] R13: ffff888073850000 R14: ffff888147198000 R15: 0000000000000000 [ 42.567255][ T3616] FS: 00007fde62be9700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 42.576191][ T3616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.582780][ T3616] CR2: 00007fde62ca2004 CR3: 000000007597d000 CR4: 00000000003506f0 [ 42.590754][ T3616] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.598738][ T3616] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.606713][ T3616] Call Trace: [ 42.610000][ T3616] [ 42.612933][ T3616] blk_mq_sched_free_rqs+0x1d4/0x250 [ 42.618238][ T3616] ? blk_mq_sched_insert_requests+0x9a0/0x9a0 [ 42.624320][ T3616] ? kobject_put+0xb9/0x4c0 [ 42.628831][ T3616] ? kobject_del+0x44/0x60 [ 42.633254][ T3616] elevator_switch_mq+0xc2/0x6c0 [ 42.638209][ T3616] blk_mq_update_nr_hw_queues+0x3ee/0xdf0 [ 42.643943][ T3616] ? blk_mq_init_queue+0x140/0x140 [ 42.649084][ T3616] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 42.654897][ T3616] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.660372][ T3616] nbd_start_device+0x153/0xc30 [ 42.665230][ T3616] ? bpf_lsm_capable+0x5/0x10 [ 42.669908][ T3616] ? security_capable+0x8f/0xc0 [ 42.674767][ T3616] nbd_ioctl+0x5a1/0xbd0 [ 42.679016][ T3616] ? blkdev_bszset+0x1f0/0x1f0 [ 42.683792][ T3616] ? nbd_start_device+0xc30/0xc30 [ 42.688826][ T3616] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.694288][ T3616] ? lock_release+0x560/0x780 [ 42.698969][ T3616] ? ptrace_notify+0xfa/0x140 [ 42.703652][ T3616] ? nbd_start_device+0xc30/0xc30 [ 42.708685][ T3616] blkdev_ioctl+0x36e/0x800 [ 42.713203][ T3616] ? blkdev_common_ioctl+0x1a30/0x1a30 [ 42.718675][ T3616] ? bpf_lsm_file_ioctl+0x5/0x10 [ 42.723622][ T3616] ? blkdev_common_ioctl+0x1a30/0x1a30 [ 42.729092][ T3616] __x64_sys_ioctl+0x193/0x200 [ 42.733864][ T3616] do_syscall_64+0x35/0xb0 [ 42.738290][ T3616] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.744193][ T3616] RIP: 0033:0x7fde62c3c319 [pid 3616] ioctl(7, NBD_DO_IT [pid 3615] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 42.748612][ T3616] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 42.768223][ T3616] RSP: 002b:00007fde62be92e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 42.776639][ T3616] RAX: ffffffffffffffda RBX: 00007fde62cc04e0 RCX: 00007fde62c3c319 [ 42.784614][ T3616] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000007 [ 42.792584][ T3616] RBP: 00007fde62c8d194 R08: 0000000000000002 R09: 0000000000003331 [ 42.800577][ T3616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde62cc04ec [ 42.808554][ T3616] R13: 00007fde62be92f0 R14: 00007fde62cc04e8 R15: 0000000000000002 [ 42.816537][ T3616] [ 42.819551][ T3616] Modules linked in: [ 42.824200][ T3616] ---[ end trace 0000000000000000 ]--- [ 42.829698][ T3616] RIP: 0010:blk_mq_free_rqs+0x3f8/0x960 [ 42.835265][ T3616] Code: de e8 9c 1c 96 fd 83 fb 3f 0f 87 46 fd 68 05 e8 be 1f 96 fd b8 00 10 00 00 89 d9 48 d3 e0 4c 01 e8 48 89 44 24 08 48 8b 04 24 <0f> b6 00 84 c0 74 08 3c 03 0f 8e 96 03 00 00 41 8b 1f 31 ff 31 ed [pid 3615] exit_group(0 [pid 3617] <... futex resumed>) = ? [pid 3615] <... exit_group resumed>) = ? [pid 3617] +++ exited with 0 +++ [ 42.854919][ T3616] RSP: 0018:ffffc90003ccfaa8 EFLAGS: 00010286 [ 42.861023][ T3616] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000004 [ 42.869018][ T3616] RDX: ffff888077b8d7c0 RSI: ffffffff83e5e3a2 RDI: 0000000000000005 [ 42.877041][ T3616] RBP: ffff8880179a7000 R08: 0000000000000005 R09: 000000000000003f [ 42.885023][ T3616] R10: 0000000000000004 R11: ffff88813fffa700 R12: ffffc90003ccfb60 [ 42.893017][ T3616] R13: ffff888073850000 R14: ffff888147198000 R15: 0000000000000000 [ 42.901016][ T3616] FS: 00007fde62be9700(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 42.909996][ T3616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.916620][ T3616] CR2: 00007fde62bc8718 CR3: 000000007597d000 CR4: 00000000003506e0 [ 42.924594][ T3616] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.932692][ T3616] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.940840][ T3616] Kernel panic - not syncing: Fatal exception [ 42.947082][ T3616] Kernel Offset: disabled [ 42.951399][ T3616] Rebooting in 86400 seconds..