./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1408071256 <...> DUID 00:04:a3:03:08:15:93:78:e3:1f:4c:1c:fb:56:e6:f5:4b:05 forked to background, child pid 3189 [ 27.274839][ T3190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.287560][ T3190] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.94' (ECDSA) to the list of known hosts. execve("./syz-executor1408071256", ["./syz-executor1408071256"], 0x7fffd68f0c20 /* 10 vars */) = 0 brk(NULL) = 0x555556fa5000 brk(0x555556fa5c40) = 0x555556fa5c40 arch_prctl(ARCH_SET_FS, 0x555556fa5300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555556fa55d0) = 3611 set_robust_list(0x555556fa55e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f59e636f1a0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f59e636f870}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f59e636f240, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f59e636f870}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1408071256", 4096) = 28 brk(0x555556fc6c40) = 0x555556fc6c40 brk(0x555556fc7000) = 0x555556fc7000 mprotect(0x7f59e6430000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3612 attached , child_tidptr=0x555556fa55d0) = 3612 [pid 3612] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3612] setpgid(0, 0) = 0 [pid 3612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3612] write(3, "1000", 4) = 4 [pid 3612] close(3) = 0 [pid 3612] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3612] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3612] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3612] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3613 attached , parent_tid=[3613], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3613 [pid 3612] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3612] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3613] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3613] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3613] write(3, "2", 1) = 1 [pid 3613] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3613] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3613] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3612] <... futex resumed>) = 0 [pid 3612] exit_group(0) = ? syzkaller login: [ 50.348257][ T3613] FAULT_INJECTION: forcing a failure. [ 50.348257][ T3613] name fail_futex, interval 1, probability 0, space 0, times 1 [ 50.361246][ T3613] CPU: 1 PID: 3613 Comm: syz-executor140 Not tainted 6.0.0-rc1-next-20220819-syzkaller #0 [ 50.371293][ T3613] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 50.380666][ T3613] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3613, name: syz-executor140 [ 50.390230][ T3613] preempt_count: 0, expected: 0 [ 50.395103][ T3613] RCU nest depth: 0, expected: 0 [ 50.400040][ T3613] no locks held by syz-executor140/3613. [ 50.405676][ T3613] irq event stamp: 496 [ 50.409765][ T3613] hardirqs last enabled at (495): [] finish_task_switch.isra.0+0x2b5/0xc70 [ 50.420030][ T3613] hardirqs last disabled at (496): [] dump_stack_lvl+0x2e/0x134 [ 50.429269][ T3613] softirqs last enabled at (488): [] __irq_exit_rcu+0x123/0x180 [ 50.438789][ T3613] softirqs last disabled at (471): [] __irq_exit_rcu+0x123/0x180 [ 50.448105][ T3613] CPU: 1 PID: 3613 Comm: syz-executor140 Not tainted 6.0.0-rc1-next-20220819-syzkaller #0 [ 50.458033][ T3613] syz-executor140[3613] cmdline: [ 50.463059][ T3613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 50.473119][ T3613] Call Trace: [ 50.476401][ T3613] [ 50.479336][ T3613] dump_stack_lvl+0xcd/0x134 [ 50.483978][ T3613] __might_resched.cold+0x222/0x26b [ 50.489191][ T3613] down_read_killable+0x75/0x490 [ 50.494152][ T3613] ? down_read+0x450/0x450 [ 50.498616][ T3613] __access_remote_vm+0xac/0x6f0 [ 50.503573][ T3613] ? follow_phys+0x2c0/0x2c0 [ 50.508177][ T3613] ? do_raw_spin_lock+0x120/0x2a0 [ 50.514446][ T3613] ? rwlock_bug.part.0+0x90/0x90 [ 50.519464][ T3613] ? __up_console_sem+0x47/0xc0 [ 50.524595][ T3613] get_mm_cmdline.part.0+0x217/0x620 [ 50.529930][ T3613] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 50.535671][ T3613] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 50.541502][ T3613] get_task_cmdline_kernel+0x1d9/0x220 [ 50.546988][ T3613] dump_stack_print_cmdline.part.0+0x82/0x150 [ 50.553082][ T3613] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 50.559200][ T3613] ? dump_stack_print_info+0xc6/0x190 [ 50.564591][ T3613] dump_stack_print_info+0x185/0x190 [ 50.569901][ T3613] dump_stack_lvl+0xc1/0x134 [ 50.574515][ T3613] should_fail.cold+0x5/0xa [ 50.579040][ T3613] get_futex_key+0x5a8/0x1c30 [ 50.583730][ T3613] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 50.589725][ T3613] ? futex_setup_timer+0xf0/0xf0 [ 50.594701][ T3613] futex_wait_setup+0xa7/0x230 [ 50.599501][ T3613] ? futex_wait_multiple+0xc90/0xc90 [ 50.604809][ T3613] futex_wait+0x264/0x680 [ 50.609166][ T3613] ? futex_wait_setup+0x230/0x230 [ 50.614239][ T3613] ? do_raw_spin_lock+0x120/0x2a0 [ 50.619277][ T3613] ? rwlock_bug.part.0+0x90/0x90 [ 50.624224][ T3613] ? _raw_spin_lock_irq+0x41/0x50 [ 50.629277][ T3613] do_futex+0x1af/0x300 [ 50.633448][ T3613] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 50.639352][ T3613] ? find_held_lock+0x2d/0x110 [ 50.644132][ T3613] __x64_sys_futex+0x1b0/0x4a0 [ 50.648916][ T3613] ? do_futex+0x300/0x300 [ 50.653256][ T3613] ? _raw_spin_unlock_irq+0x1f/0x40 [ 50.658462][ T3613] ? lockdep_hardirqs_on+0x79/0x100 [ 50.663679][ T3613] ? _raw_spin_unlock_irq+0x2a/0x40 [ 50.668884][ T3613] ? ptrace_notify+0xfa/0x140 [ 50.673576][ T3613] do_syscall_64+0x35/0xb0 [ 50.678008][ T3613] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.683912][ T3613] RIP: 0033:0x7f59e63adb19 [ 50.688341][ T3613] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 50.708047][ T3613] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 50.716492][ T3613] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 50.724468][ T3613] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 50.732445][ T3613] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 50.740420][ T3613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.748393][ T3613] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 50.756386][ T3613] [ 50.759418][ T3613] syz-executor140[3613] cmdline: [ 50.764440][ T3613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 50.774495][ T3613] Call Trace: [ 50.777775][ T3613] [ 50.780712][ T3613] dump_stack_lvl+0xcd/0x134 [ 50.785326][ T3613] should_fail.cold+0x5/0xa [ 50.789847][ T3613] get_futex_key+0x5a8/0x1c30 [ 50.794539][ T3613] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 50.800532][ T3613] ? futex_setup_timer+0xf0/0xf0 [ 50.805494][ T3613] futex_wait_setup+0xa7/0x230 [ 50.810279][ T3613] ? futex_wait_multiple+0xc90/0xc90 [ 50.815584][ T3613] futex_wait+0x264/0x680 [ 50.820021][ T3613] ? futex_wait_setup+0x230/0x230 [ 50.825077][ T3613] ? do_raw_spin_lock+0x120/0x2a0 [ 50.830144][ T3613] ? rwlock_bug.part.0+0x90/0x90 [ 50.835097][ T3613] ? _raw_spin_lock_irq+0x41/0x50 [ 50.840132][ T3613] do_futex+0x1af/0x300 [ 50.844318][ T3613] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 50.850220][ T3613] ? find_held_lock+0x2d/0x110 [ 50.855085][ T3613] __x64_sys_futex+0x1b0/0x4a0 [ 50.859864][ T3613] ? do_futex+0x300/0x300 [ 50.864201][ T3613] ? _raw_spin_unlock_irq+0x1f/0x40 [ 50.869408][ T3613] ? lockdep_hardirqs_on+0x79/0x100 [ 50.874622][ T3613] ? _raw_spin_unlock_irq+0x2a/0x40 [ 50.879911][ T3613] ? ptrace_notify+0xfa/0x140 [ 50.884607][ T3613] do_syscall_64+0x35/0xb0 [ 50.889037][ T3613] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.894940][ T3613] RIP: 0033:0x7f59e63adb19 [ 50.899359][ T3613] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 50.918970][ T3613] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 50.927387][ T3613] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 50.935360][ T3613] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 50.943347][ T3613] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [pid 3613] <... futex resumed>) = ? [pid 3613] +++ exited with 0 +++ [pid 3612] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3612, si_uid=0, si_status=0, si_utime=0, si_stime=63} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3614 attached [pid 3614] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3614] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3614 [pid 3614] <... prctl resumed>) = 0 [pid 3614] setpgid(0, 0) = 0 [pid 3614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3614] write(3, "1000", 4) = 4 [pid 3614] close(3) = 0 [pid 3614] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3614] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3614] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3614] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3615], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3615 [pid 3614] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3614] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3615 attached [pid 3615] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3615] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3615] write(3, "2", 1) = 1 [pid 3615] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3615] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3614] <... futex resumed>) = 0 [pid 3614] exit_group(0) = ? [pid 3615] <... futex resumed>) = ? [pid 3615] +++ exited with 0 +++ [pid 3614] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3614, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3616 ./strace-static-x86_64: Process 3616 attached [pid 3616] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3616] setpgid(0, 0) = 0 [pid 3616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3616] write(3, "1000", 4) = 4 [pid 3616] close(3) = 0 [pid 3616] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3616] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3616] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3616] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3617], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3617 [pid 3616] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3616] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3617 attached [pid 3617] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3617] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3617] write(3, "2", 1) = 1 [pid 3617] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3617] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3616] <... futex resumed>) = 0 [pid 3616] exit_group(0) = ? [pid 3617] <... futex resumed>) = ? [pid 3617] +++ exited with 0 +++ [pid 3616] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3616, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3618 attached , child_tidptr=0x555556fa55d0) = 3618 [pid 3618] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3618] setpgid(0, 0) = 0 [pid 3618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3618] write(3, "1000", 4) = 4 [pid 3618] close(3) = 0 [pid 3618] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3618] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3618] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3618] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3619], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3619 [pid 3618] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3618] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3619 attached [pid 3619] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3619] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [ 50.951317][ T3613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.959296][ T3613] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 50.967370][ T3613] [pid 3619] write(3, "2", 1) = 1 [pid 3619] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3619] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3618] <... futex resumed>) = 0 [pid 3618] exit_group(0) = ? [pid 3619] <... futex resumed>) = ? [pid 3619] +++ exited with 0 +++ [pid 3618] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3618, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3620 ./strace-static-x86_64: Process 3620 attached [pid 3620] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3620] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3620] setpgid(0, 0) = 0 [pid 3620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3620] write(3, "1000", 4) = 4 [pid 3620] close(3) = 0 [pid 3620] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3620] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3620] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3620] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3621 attached [pid 3621] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3621] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3620] <... clone resumed>, parent_tid=[3621], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3621 [pid 3620] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3621] <... futex resumed>) = 0 [pid 3620] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3621] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3621] write(3, "2", 1) = 1 [pid 3621] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3621] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3620] <... futex resumed>) = 0 [pid 3621] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3620] exit_group(0) = ? [ 51.039680][ T3621] FAULT_INJECTION: forcing a failure. [ 51.039680][ T3621] name fail_futex, interval 1, probability 0, space 0, times 0 [ 51.053891][ T3621] CPU: 0 PID: 3621 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 51.065275][ T3621] syz-executor140[3621] cmdline: [ 51.070307][ T3621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 51.080359][ T3621] Call Trace: [ 51.083628][ T3621] [ 51.086550][ T3621] dump_stack_lvl+0xcd/0x134 [ 51.091179][ T3621] should_fail.cold+0x5/0xa [ 51.095691][ T3621] get_futex_key+0x5a8/0x1c30 [ 51.100394][ T3621] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 51.106406][ T3621] ? futex_setup_timer+0xf0/0xf0 [ 51.111367][ T3621] futex_wait_setup+0xa7/0x230 [ 51.116135][ T3621] ? futex_wait_multiple+0xc90/0xc90 [ 51.121608][ T3621] futex_wait+0x264/0x680 [ 51.125972][ T3621] ? futex_wait_setup+0x230/0x230 [ 51.131044][ T3621] ? __pv_queued_spin_lock_slowpath+0x264/0xb50 [ 51.137309][ T3621] ? trace_contention_end.constprop.0+0x1b0/0x1b0 [ 51.143813][ T3621] ? do_raw_spin_lock+0x200/0x2a0 [ 51.148836][ T3621] ? rwlock_bug.part.0+0x90/0x90 [ 51.153768][ T3621] ? _raw_spin_lock_irq+0x41/0x50 [ 51.158784][ T3621] do_futex+0x1af/0x300 [ 51.162938][ T3621] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 51.168823][ T3621] ? find_held_lock+0x2d/0x110 [ 51.173589][ T3621] __x64_sys_futex+0x1b0/0x4a0 [ 51.178346][ T3621] ? do_futex+0x300/0x300 [ 51.182663][ T3621] ? _raw_spin_unlock_irq+0x1f/0x40 [ 51.187939][ T3621] ? lockdep_hardirqs_on+0x79/0x100 [ 51.193133][ T3621] ? _raw_spin_unlock_irq+0x2a/0x40 [ 51.198407][ T3621] ? ptrace_notify+0xfa/0x140 [ 51.203101][ T3621] do_syscall_64+0x35/0xb0 [ 51.207519][ T3621] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.213428][ T3621] RIP: 0033:0x7f59e63adb19 [ 51.217835][ T3621] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 3621] <... futex resumed>) = ? [pid 3621] +++ exited with 0 +++ [pid 3620] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3620, si_uid=0, si_status=0, si_utime=0, si_stime=26} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3622 attached [pid 3622] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3622 [pid 3622] setpgid(0, 0) = 0 [pid 3622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3622] write(3, "1000", 4) = 4 [pid 3622] close(3) = 0 [pid 3622] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3622] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3622] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3623], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3623 [pid 3622] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3623 attached [pid 3623] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3623] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3623] write(3, "2", 1) = 1 [pid 3623] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [ 51.237462][ T3621] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 51.245864][ T3621] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 51.253830][ T3621] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 51.261809][ T3621] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 51.269788][ T3621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.277762][ T3621] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 51.285736][ T3621] [pid 3623] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3622] <... futex resumed>) = 0 [pid 3623] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3622] exit_group(0) = ? [ 51.303835][ T3623] FAULT_INJECTION: forcing a failure. [ 51.303835][ T3623] name fail_futex, interval 1, probability 0, space 0, times 0 [ 51.316913][ T3623] CPU: 1 PID: 3623 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 51.328332][ T3623] syz-executor140[3623] cmdline: [ 51.333363][ T3623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 51.343412][ T3623] Call Trace: [ 51.346711][ T3623] [ 51.349644][ T3623] dump_stack_lvl+0xcd/0x134 [ 51.354267][ T3623] should_fail.cold+0x5/0xa [ 51.358779][ T3623] get_futex_key+0x5a8/0x1c30 [ 51.363479][ T3623] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 51.369494][ T3623] ? futex_setup_timer+0xf0/0xf0 [ 51.374473][ T3623] futex_wait_setup+0xa7/0x230 [ 51.379247][ T3623] ? futex_wait_multiple+0xc90/0xc90 [ 51.384540][ T3623] futex_wait+0x264/0x680 [ 51.388874][ T3623] ? futex_wait_setup+0x230/0x230 [ 51.393934][ T3623] ? do_raw_spin_lock+0x120/0x2a0 [ 51.398990][ T3623] ? rwlock_bug.part.0+0x90/0x90 [ 51.403944][ T3623] ? _raw_spin_lock_irq+0x41/0x50 [ 51.409020][ T3623] do_futex+0x1af/0x300 [ 51.413210][ T3623] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 51.419122][ T3623] ? find_held_lock+0x2d/0x110 [ 51.423907][ T3623] __x64_sys_futex+0x1b0/0x4a0 [ 51.428723][ T3623] ? do_futex+0x300/0x300 [ 51.433064][ T3623] ? _raw_spin_unlock_irq+0x1f/0x40 [ 51.438278][ T3623] ? lockdep_hardirqs_on+0x79/0x100 [ 51.443499][ T3623] ? _raw_spin_unlock_irq+0x2a/0x40 [ 51.448706][ T3623] ? ptrace_notify+0xfa/0x140 [ 51.453397][ T3623] do_syscall_64+0x35/0xb0 [ 51.458096][ T3623] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.464177][ T3623] RIP: 0033:0x7f59e63adb19 [ 51.468605][ T3623] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 51.488236][ T3623] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 51.496682][ T3623] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3623] <... futex resumed>) = ? [pid 3623] +++ exited with 0 +++ [pid 3622] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3622, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3624 ./strace-static-x86_64: Process 3624 attached [pid 3624] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3624] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3624] setpgid(0, 0) = 0 [pid 3624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3624] write(3, "1000", 4) = 4 [pid 3624] close(3) = 0 [pid 3624] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3624] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3624] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3624] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3625 attached , parent_tid=[3625], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3625 [pid 3625] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3625] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3624] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3624] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3625] <... futex resumed>) = 0 [pid 3625] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3625] write(3, "2", 1) = 1 [pid 3625] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3625] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3624] <... futex resumed>) = 0 [pid 3624] exit_group(0) = ? [pid 3625] <... futex resumed>) = ? [pid 3625] +++ exited with 0 +++ [pid 3624] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3624, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3626 ./strace-static-x86_64: Process 3626 attached [pid 3626] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3626] setpgid(0, 0) = 0 [pid 3626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3626] write(3, "1000", 4) = 4 [pid 3626] close(3) = 0 [pid 3626] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3626] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3626] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3626] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3627 attached , parent_tid=[3627], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3627 [pid 3626] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3626] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3627] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3627] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3627] write(3, "2", 1) = 1 [pid 3627] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3627] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3626] <... futex resumed>) = 0 [pid 3626] exit_group(0) = ? [pid 3627] +++ exited with 0 +++ [pid 3626] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3626, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3628 ./strace-static-x86_64: Process 3628 attached [pid 3628] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3628] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3628] setpgid(0, 0) = 0 [pid 3628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3628] write(3, "1000", 4) = 4 [pid 3628] close(3) = 0 [pid 3628] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3628] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [ 51.504676][ T3623] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 51.512654][ T3623] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 51.520629][ T3623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.528601][ T3623] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 51.536659][ T3623] [pid 3628] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3628] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3629], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3629 ./strace-static-x86_64: Process 3629 attached [pid 3629] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3629] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3628] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3629] <... futex resumed>) = 0 [pid 3629] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3628] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3629] write(3, "2", 1) = 1 [pid 3629] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3629] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3628] <... futex resumed>) = 0 [pid 3628] exit_group(0) = ? [pid 3629] +++ exited with 0 +++ [pid 3628] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3628, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3630 ./strace-static-x86_64: Process 3630 attached [pid 3630] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3630] setpgid(0, 0) = 0 [pid 3630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3630] write(3, "1000", 4) = 4 [pid 3630] close(3) = 0 [pid 3630] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3630] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3630] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3630] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3631], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3631 [pid 3630] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3630] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3631 attached [pid 3631] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3631] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3631] write(3, "2", 1) = 1 [pid 3631] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3631] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3630] <... futex resumed>) = 0 [pid 3631] <... futex resumed>) = 1 [pid 3630] exit_group(0 [pid 3631] ????( [pid 3630] <... exit_group resumed>) = ? [pid 3631] <... ???? resumed>) = ? [pid 3631] +++ exited with 0 +++ [pid 3630] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3630, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3632 ./strace-static-x86_64: Process 3632 attached [pid 3632] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3632] setpgid(0, 0) = 0 [pid 3632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3632] write(3, "1000", 4) = 4 [pid 3632] close(3) = 0 [pid 3632] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3632] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3632] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3632] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3633 attached [pid 3633] set_robust_list(0x7f59e635f9e0, 24 [pid 3632] <... clone resumed>, parent_tid=[3633], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3633 [pid 3633] <... set_robust_list resumed>) = 0 [pid 3632] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3633] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3632] <... futex resumed>) = 0 [pid 3632] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3633] <... openat resumed>) = 3 [pid 3633] write(3, "2", 1) = 1 [pid 3633] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3633] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3632] <... futex resumed>) = 0 [pid 3632] exit_group(0) = ? [pid 3633] +++ exited with 0 +++ [pid 3632] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3632, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3634 ./strace-static-x86_64: Process 3634 attached [pid 3634] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3634] setpgid(0, 0) = 0 [pid 3634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3634] write(3, "1000", 4) = 4 [pid 3634] close(3) = 0 [pid 3634] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3634] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3634] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3634] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3635 attached , parent_tid=[3635], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3635 [pid 3635] set_robust_list(0x7f59e635f9e0, 24 [pid 3634] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3635] <... set_robust_list resumed>) = 0 [pid 3634] <... futex resumed>) = 0 [pid 3635] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3634] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3635] <... openat resumed>) = 3 [pid 3635] write(3, "2", 1) = 1 [pid 3635] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3635] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3634] <... futex resumed>) = 0 [pid 3634] exit_group(0 [pid 3635] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3634] <... exit_group resumed>) = ? [pid 3635] +++ exited with 0 +++ [pid 3634] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3634, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3636 ./strace-static-x86_64: Process 3636 attached [pid 3636] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3636] setpgid(0, 0) = 0 [pid 3636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3636] write(3, "1000", 4) = 4 [pid 3636] close(3) = 0 [pid 3636] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3636] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3636] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3636] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3637], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3637 [pid 3636] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3636] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3637 attached [pid 3637] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3637] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3637] write(3, "2", 1) = 1 [pid 3637] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3637] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3636] <... futex resumed>) = 0 [pid 3637] <... futex resumed>) = 1 [pid 3637] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3636] exit_group(0) = ? [ 51.654229][ T3637] FAULT_INJECTION: forcing a failure. [ 51.654229][ T3637] name fail_futex, interval 1, probability 0, space 0, times 0 [ 51.667178][ T3637] CPU: 1 PID: 3637 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 51.678574][ T3637] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 51.687946][ T3637] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3637, name: syz-executor140 [ 51.697445][ T3637] preempt_count: 0, expected: 0 [ 51.702289][ T3637] RCU nest depth: 0, expected: 0 [ 51.707215][ T3637] no locks held by syz-executor140/3637. [ 51.712877][ T3637] irq event stamp: 440 [ 51.716968][ T3637] hardirqs last enabled at (439): [] __schedule+0x353e/0x52b0 [ 51.726167][ T3637] hardirqs last disabled at (440): [] dump_stack_lvl+0x2e/0x134 [ 51.735397][ T3637] softirqs last enabled at (432): [] __irq_exit_rcu+0x123/0x180 [ 51.744687][ T3637] softirqs last disabled at (423): [] __irq_exit_rcu+0x123/0x180 [ 51.753977][ T3637] CPU: 1 PID: 3637 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 51.765345][ T3637] syz-executor140[3637] cmdline: [ 51.770367][ T3637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 51.780425][ T3637] Call Trace: [ 51.783698][ T3637] [ 51.786623][ T3637] dump_stack_lvl+0xcd/0x134 [ 51.791225][ T3637] __might_resched.cold+0x222/0x26b [ 51.796442][ T3637] down_read_killable+0x75/0x490 [ 51.801415][ T3637] ? down_read+0x450/0x450 [ 51.805889][ T3637] __access_remote_vm+0xac/0x6f0 [ 51.810858][ T3637] ? follow_phys+0x2c0/0x2c0 [ 51.815444][ T3637] ? do_raw_spin_lock+0x120/0x2a0 [ 51.820476][ T3637] ? rwlock_bug.part.0+0x90/0x90 [ 51.825437][ T3637] ? __up_console_sem+0x47/0xc0 [ 51.830311][ T3637] get_mm_cmdline.part.0+0x217/0x620 [ 51.835623][ T3637] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 51.841343][ T3637] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 51.847172][ T3637] get_task_cmdline_kernel+0x1d9/0x220 [ 51.852638][ T3637] dump_stack_print_cmdline.part.0+0x82/0x150 [ 51.858723][ T3637] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 51.864853][ T3637] ? dump_stack_print_info+0xc6/0x190 [ 51.870242][ T3637] dump_stack_print_info+0x185/0x190 [ 51.875557][ T3637] dump_stack_lvl+0xc1/0x134 [ 51.880162][ T3637] should_fail.cold+0x5/0xa [ 51.884714][ T3637] get_futex_key+0x5a8/0x1c30 [ 51.889428][ T3637] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 51.895423][ T3637] ? futex_setup_timer+0xf0/0xf0 [ 51.900368][ T3637] futex_wait_setup+0xa7/0x230 [ 51.905161][ T3637] ? futex_wait_multiple+0xc90/0xc90 [ 51.910480][ T3637] futex_wait+0x264/0x680 [ 51.914896][ T3637] ? futex_wait_setup+0x230/0x230 [ 51.919957][ T3637] ? do_raw_spin_lock+0x120/0x2a0 [ 51.924986][ T3637] ? rwlock_bug.part.0+0x90/0x90 [ 51.929944][ T3637] ? _raw_spin_lock_irq+0x41/0x50 [ 51.934986][ T3637] do_futex+0x1af/0x300 [ 51.939149][ T3637] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 51.945060][ T3637] ? find_held_lock+0x2d/0x110 [ 51.949842][ T3637] __x64_sys_futex+0x1b0/0x4a0 [ 51.954642][ T3637] ? do_futex+0x300/0x300 [ 51.958973][ T3637] ? _raw_spin_unlock_irq+0x1f/0x40 [ 51.964177][ T3637] ? lockdep_hardirqs_on+0x79/0x100 [ 51.969518][ T3637] ? _raw_spin_unlock_irq+0x2a/0x40 [ 51.974719][ T3637] ? ptrace_notify+0xfa/0x140 [ 51.979394][ T3637] do_syscall_64+0x35/0xb0 [ 51.983812][ T3637] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.989724][ T3637] RIP: 0033:0x7f59e63adb19 [ 51.994156][ T3637] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.013803][ T3637] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 52.022213][ T3637] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 52.030971][ T3637] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 52.038971][ T3637] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 52.046961][ T3637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.054938][ T3637] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 52.062923][ T3637] [ 52.065968][ T3637] syz-executor140[3637] cmdline: [ 52.070983][ T3637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 52.081076][ T3637] Call Trace: [ 52.084358][ T3637] [ 52.087279][ T3637] dump_stack_lvl+0xcd/0x134 [ 52.091876][ T3637] should_fail.cold+0x5/0xa [ 52.096382][ T3637] get_futex_key+0x5a8/0x1c30 [ 52.101068][ T3637] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 52.107067][ T3637] ? futex_setup_timer+0xf0/0xf0 [ 52.112005][ T3637] futex_wait_setup+0xa7/0x230 [ 52.116788][ T3637] ? futex_wait_multiple+0xc90/0xc90 [ 52.122095][ T3637] futex_wait+0x264/0x680 [ 52.126421][ T3637] ? futex_wait_setup+0x230/0x230 [ 52.131452][ T3637] ? do_raw_spin_lock+0x120/0x2a0 [ 52.136472][ T3637] ? rwlock_bug.part.0+0x90/0x90 [ 52.141418][ T3637] ? _raw_spin_lock_irq+0x41/0x50 [ 52.146453][ T3637] do_futex+0x1af/0x300 [ 52.150609][ T3637] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 52.156503][ T3637] ? find_held_lock+0x2d/0x110 [ 52.161291][ T3637] __x64_sys_futex+0x1b0/0x4a0 [ 52.166054][ T3637] ? do_futex+0x300/0x300 [ 52.170374][ T3637] ? _raw_spin_unlock_irq+0x1f/0x40 [ 52.175564][ T3637] ? lockdep_hardirqs_on+0x79/0x100 [ 52.180771][ T3637] ? _raw_spin_unlock_irq+0x2a/0x40 [ 52.186006][ T3637] ? ptrace_notify+0xfa/0x140 [ 52.190704][ T3637] do_syscall_64+0x35/0xb0 [ 52.195126][ T3637] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.201044][ T3637] RIP: 0033:0x7f59e63adb19 [ 52.205469][ T3637] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.225079][ T3637] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 52.233509][ T3637] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 52.241658][ T3637] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [pid 3637] <... futex resumed>) = ? [pid 3637] +++ exited with 0 +++ [pid 3636] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3636, si_uid=0, si_status=0, si_utime=0, si_stime=63} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3638 ./strace-static-x86_64: Process 3638 attached [pid 3638] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3638] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3638] setpgid(0, 0) = 0 [pid 3638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3638] write(3, "1000", 4) = 4 [pid 3638] close(3) = 0 [pid 3638] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3638] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3638] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3638] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3639 attached , parent_tid=[3639], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3639 [pid 3638] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3638] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3639] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3639] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3639] write(3, "2", 1) = 1 [pid 3639] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3639] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 52.249632][ T3637] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 52.257611][ T3637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.265574][ T3637] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 52.273549][ T3637] [pid 3639] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3638] <... futex resumed>) = 0 [pid 3638] exit_group(0) = ? [ 52.302120][ T3639] FAULT_INJECTION: forcing a failure. [ 52.302120][ T3639] name fail_futex, interval 1, probability 0, space 0, times 0 [ 52.315541][ T3639] CPU: 0 PID: 3639 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 52.326969][ T3639] syz-executor140[3639] cmdline: [ 52.331985][ T3639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 52.342120][ T3639] Call Trace: [ 52.345391][ T3639] [ 52.348314][ T3639] dump_stack_lvl+0xcd/0x134 [ 52.352910][ T3639] should_fail.cold+0x5/0xa [ 52.357415][ T3639] get_futex_key+0x5a8/0x1c30 [ 52.362123][ T3639] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 52.368135][ T3639] ? futex_setup_timer+0xf0/0xf0 [ 52.373110][ T3639] ? irqentry_enter+0x28/0x50 [ 52.377825][ T3639] futex_wait_setup+0xa7/0x230 [ 52.382629][ T3639] ? futex_wait_multiple+0xc90/0xc90 [ 52.387925][ T3639] futex_wait+0x264/0x680 [ 52.392259][ T3639] ? futex_wait_setup+0x230/0x230 [ 52.397300][ T3639] ? do_raw_spin_lock+0x120/0x2a0 [ 52.402319][ T3639] ? rwlock_bug.part.0+0x90/0x90 [ 52.407250][ T3639] ? _raw_spin_lock_irq+0x41/0x50 [ 52.412270][ T3639] do_futex+0x1af/0x300 [ 52.416426][ T3639] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 52.422322][ T3639] ? find_held_lock+0x2d/0x110 [ 52.427085][ T3639] __x64_sys_futex+0x1b0/0x4a0 [ 52.431859][ T3639] ? do_futex+0x300/0x300 [ 52.436218][ T3639] ? _raw_spin_unlock_irq+0x1f/0x40 [ 52.441431][ T3639] ? lockdep_hardirqs_on+0x79/0x100 [ 52.446641][ T3639] ? _raw_spin_unlock_irq+0x2a/0x40 [ 52.451845][ T3639] ? ptrace_notify+0xfa/0x140 [ 52.456540][ T3639] do_syscall_64+0x35/0xb0 [ 52.460959][ T3639] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.466853][ T3639] RIP: 0033:0x7f59e63adb19 [ 52.471273][ T3639] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.490871][ T3639] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [pid 3639] <... futex resumed>) = ? [pid 3639] +++ exited with 0 +++ [pid 3638] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3638, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3640 attached , child_tidptr=0x555556fa55d0) = 3640 [pid 3640] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3640] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3640] setpgid(0, 0) = 0 [pid 3640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3640] write(3, "1000", 4) = 4 [pid 3640] close(3) = 0 [pid 3640] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3640] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3640] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3640] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3641], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3641 ./strace-static-x86_64: Process 3641 attached [pid 3641] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3641] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3640] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3640] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3641] <... futex resumed>) = 0 [pid 3641] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3641] write(3, "2", 1) = 1 [pid 3641] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3641] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3640] <... futex resumed>) = 0 [pid 3640] exit_group(0) = ? [pid 3641] +++ exited with 0 +++ [pid 3640] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3640, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3642 ./strace-static-x86_64: Process 3642 attached [pid 3642] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3642] setpgid(0, 0) = 0 [pid 3642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3642] write(3, "1000", 4) = 4 [pid 3642] close(3) = 0 [pid 3642] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3642] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3642] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3642] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3643 attached , parent_tid=[3643], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3643 [pid 3643] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3643] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3642] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3643] <... futex resumed>) = 0 [pid 3642] <... futex resumed>) = 1 [pid 3643] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3642] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3643] write(3, "2", 1) = 1 [pid 3643] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3643] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 52.499275][ T3639] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 52.507245][ T3639] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 52.515224][ T3639] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 52.523189][ T3639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.531156][ T3639] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 52.539145][ T3639] [pid 3643] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3642] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3642] exit_group(0) = ? [ 52.580046][ T3643] FAULT_INJECTION: forcing a failure. [ 52.580046][ T3643] name fail_futex, interval 1, probability 0, space 0, times 0 [ 52.593023][ T3643] CPU: 1 PID: 3643 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 52.604411][ T3643] syz-executor140[3643] cmdline: [ 52.609440][ T3643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 52.619502][ T3643] Call Trace: [ 52.622787][ T3643] [ 52.625712][ T3643] dump_stack_lvl+0xcd/0x134 [ 52.630311][ T3643] should_fail.cold+0x5/0xa [ 52.634827][ T3643] get_futex_key+0x5a8/0x1c30 [ 52.639508][ T3643] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 52.645527][ T3643] ? futex_setup_timer+0xf0/0xf0 [ 52.650496][ T3643] futex_wait_setup+0xa7/0x230 [ 52.655283][ T3643] ? futex_wait_multiple+0xc90/0xc90 [ 52.660588][ T3643] futex_wait+0x264/0x680 [ 52.664956][ T3643] ? futex_wait_setup+0x230/0x230 [ 52.670013][ T3643] ? do_raw_spin_lock+0x120/0x2a0 [ 52.675050][ T3643] ? rwlock_bug.part.0+0x90/0x90 [ 52.680013][ T3643] ? _raw_spin_lock_irq+0x41/0x50 [ 52.685059][ T3643] do_futex+0x1af/0x300 [ 52.689227][ T3643] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 52.695137][ T3643] ? find_held_lock+0x2d/0x110 [ 52.699914][ T3643] __x64_sys_futex+0x1b0/0x4a0 [ 52.704693][ T3643] ? do_futex+0x300/0x300 [ 52.709032][ T3643] ? _raw_spin_unlock_irq+0x1f/0x40 [ 52.714248][ T3643] ? lockdep_hardirqs_on+0x79/0x100 [ 52.719468][ T3643] ? _raw_spin_unlock_irq+0x2a/0x40 [ 52.724677][ T3643] ? ptrace_notify+0xfa/0x140 [ 52.729368][ T3643] do_syscall_64+0x35/0xb0 [ 52.733798][ T3643] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.739698][ T3643] RIP: 0033:0x7f59e63adb19 [ 52.744118][ T3643] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.763732][ T3643] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 52.772584][ T3643] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3643] <... futex resumed>) = ? [pid 3643] +++ exited with 0 +++ [pid 3642] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3642, si_uid=0, si_status=0, si_utime=0, si_stime=23} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3644 ./strace-static-x86_64: Process 3644 attached [pid 3644] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3644] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3644] setpgid(0, 0) = 0 [pid 3644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3644] write(3, "1000", 4) = 4 [pid 3644] close(3) = 0 [pid 3644] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3644] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3644] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3644] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3645 attached , parent_tid=[3645], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3645 [pid 3644] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3644] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3645] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3645] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3645] write(3, "2", 1) = 1 [pid 3645] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3645] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3644] <... futex resumed>) = 0 [pid 3645] <... futex resumed>) = 1 [pid 3644] exit_group(0) = ? [pid 3645] +++ exited with 0 +++ [pid 3644] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3644, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3646 ./strace-static-x86_64: Process 3646 attached [pid 3646] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3646] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3646] setpgid(0, 0) = 0 [pid 3646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3646] write(3, "1000", 4) = 4 [pid 3646] close(3) = 0 [pid 3646] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3646] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3646] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3646] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3647 attached [pid 3647] set_robust_list(0x7f59e635f9e0, 24 [pid 3646] <... clone resumed>, parent_tid=[3647], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3647 [pid 3647] <... set_robust_list resumed>) = 0 [pid 3646] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3647] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3646] <... futex resumed>) = 0 [pid 3646] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3647] <... openat resumed>) = 3 [pid 3647] write(3, "2", 1) = 1 [ 52.780559][ T3643] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 52.788533][ T3643] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 52.796521][ T3643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.804492][ T3643] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 52.812658][ T3643] [pid 3647] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3647] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3646] <... futex resumed>) = 0 [pid 3647] <... futex resumed>) = 1 [pid 3647] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3646] exit_group(0) = ? [ 52.861968][ T3647] FAULT_INJECTION: forcing a failure. [ 52.861968][ T3647] name fail_futex, interval 1, probability 0, space 0, times 0 [ 52.875002][ T3647] CPU: 1 PID: 3647 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 52.886392][ T3647] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 52.895746][ T3647] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3647, name: syz-executor140 [ 52.905198][ T3647] preempt_count: 0, expected: 0 [ 52.910045][ T3647] RCU nest depth: 0, expected: 0 [ 52.914974][ T3647] no locks held by syz-executor140/3647. [ 52.920589][ T3647] irq event stamp: 532 [ 52.924637][ T3647] hardirqs last enabled at (531): [] finish_task_switch.isra.0+0x2b5/0xc70 [ 52.934871][ T3647] hardirqs last disabled at (532): [] dump_stack_lvl+0x2e/0x134 [ 52.944078][ T3647] softirqs last enabled at (524): [] __irq_exit_rcu+0x123/0x180 [ 52.953380][ T3647] softirqs last disabled at (429): [] __irq_exit_rcu+0x123/0x180 [ 52.962663][ T3647] CPU: 1 PID: 3647 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 52.974028][ T3647] syz-executor140[3647] cmdline: [ 52.979044][ T3647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 52.989095][ T3647] Call Trace: [ 52.992373][ T3647] [ 52.995315][ T3647] dump_stack_lvl+0xcd/0x134 [ 52.999952][ T3647] __might_resched.cold+0x222/0x26b [ 53.005157][ T3647] down_read_killable+0x75/0x490 [ 53.010126][ T3647] ? down_read+0x450/0x450 [ 53.014546][ T3647] __access_remote_vm+0xac/0x6f0 [ 53.019501][ T3647] ? follow_phys+0x2c0/0x2c0 [ 53.024102][ T3647] ? do_raw_spin_lock+0x120/0x2a0 [ 53.029122][ T3647] ? rwlock_bug.part.0+0x90/0x90 [ 53.034055][ T3647] ? __up_console_sem+0x47/0xc0 [ 53.038898][ T3647] get_mm_cmdline.part.0+0x217/0x620 [ 53.044190][ T3647] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 53.049906][ T3647] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 53.055705][ T3647] get_task_cmdline_kernel+0x1d9/0x220 [ 53.061166][ T3647] dump_stack_print_cmdline.part.0+0x82/0x150 [ 53.067317][ T3647] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 53.073399][ T3647] ? dump_stack_print_info+0xc6/0x190 [ 53.078769][ T3647] dump_stack_print_info+0x185/0x190 [ 53.084076][ T3647] dump_stack_lvl+0xc1/0x134 [ 53.088704][ T3647] should_fail.cold+0x5/0xa [ 53.093213][ T3647] get_futex_key+0x5a8/0x1c30 [ 53.097905][ T3647] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 53.103911][ T3647] ? futex_setup_timer+0xf0/0xf0 [ 53.108882][ T3647] futex_wait_setup+0xa7/0x230 [ 53.113649][ T3647] ? futex_wait_multiple+0xc90/0xc90 [ 53.118938][ T3647] futex_wait+0x264/0x680 [ 53.123286][ T3647] ? futex_wait_setup+0x230/0x230 [ 53.128383][ T3647] ? do_raw_spin_lock+0x120/0x2a0 [ 53.133417][ T3647] ? rwlock_bug.part.0+0x90/0x90 [ 53.138366][ T3647] ? _raw_spin_lock_irq+0x41/0x50 [ 53.143397][ T3647] do_futex+0x1af/0x300 [ 53.147581][ T3647] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 53.153496][ T3647] ? find_held_lock+0x2d/0x110 [ 53.158264][ T3647] __x64_sys_futex+0x1b0/0x4a0 [ 53.163039][ T3647] ? do_futex+0x300/0x300 [ 53.167399][ T3647] ? _raw_spin_unlock_irq+0x1f/0x40 [ 53.172612][ T3647] ? lockdep_hardirqs_on+0x79/0x100 [ 53.177807][ T3647] ? _raw_spin_unlock_irq+0x2a/0x40 [ 53.183013][ T3647] ? ptrace_notify+0xfa/0x140 [ 53.187707][ T3647] do_syscall_64+0x35/0xb0 [ 53.192119][ T3647] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.198005][ T3647] RIP: 0033:0x7f59e63adb19 [ 53.202417][ T3647] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 53.222018][ T3647] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 53.230426][ T3647] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 53.238395][ T3647] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 53.246358][ T3647] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 53.254340][ T3647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.262327][ T3647] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 53.270326][ T3647] [ 53.273358][ T3647] syz-executor140[3647] cmdline: [ 53.278379][ T3647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 53.288428][ T3647] Call Trace: [ 53.291724][ T3647] [ 53.294658][ T3647] dump_stack_lvl+0xcd/0x134 [ 53.299254][ T3647] should_fail.cold+0x5/0xa [ 53.303759][ T3647] get_futex_key+0x5a8/0x1c30 [ 53.308433][ T3647] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 53.314449][ T3647] ? futex_setup_timer+0xf0/0xf0 [ 53.319412][ T3647] futex_wait_setup+0xa7/0x230 [ 53.324189][ T3647] ? futex_wait_multiple+0xc90/0xc90 [ 53.329510][ T3647] futex_wait+0x264/0x680 [ 53.333851][ T3647] ? futex_wait_setup+0x230/0x230 [ 53.338940][ T3647] ? do_raw_spin_lock+0x120/0x2a0 [ 53.343987][ T3647] ? rwlock_bug.part.0+0x90/0x90 [ 53.348930][ T3647] ? _raw_spin_lock_irq+0x41/0x50 [ 53.353973][ T3647] do_futex+0x1af/0x300 [ 53.358128][ T3647] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 53.364017][ T3647] ? find_held_lock+0x2d/0x110 [ 53.368789][ T3647] __x64_sys_futex+0x1b0/0x4a0 [ 53.373603][ T3647] ? do_futex+0x300/0x300 [ 53.377933][ T3647] ? _raw_spin_unlock_irq+0x1f/0x40 [ 53.383138][ T3647] ? lockdep_hardirqs_on+0x79/0x100 [ 53.388363][ T3647] ? _raw_spin_unlock_irq+0x2a/0x40 [ 53.393604][ T3647] ? ptrace_notify+0xfa/0x140 [ 53.398279][ T3647] do_syscall_64+0x35/0xb0 [ 53.402691][ T3647] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.408585][ T3647] RIP: 0033:0x7f59e63adb19 [ 53.413018][ T3647] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 53.432659][ T3647] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 53.441066][ T3647] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 53.449120][ T3647] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [pid 3647] <... futex resumed>) = ? [pid 3647] +++ exited with 0 +++ [pid 3646] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3646, si_uid=0, si_status=0, si_utime=0, si_stime=62} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3648 ./strace-static-x86_64: Process 3648 attached [pid 3648] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3648] setpgid(0, 0) = 0 [pid 3648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3648] write(3, "1000", 4) = 4 [pid 3648] close(3) = 0 [pid 3648] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3648] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3648] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3648] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3649 attached , parent_tid=[3649], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3649 [pid 3648] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3648] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3649] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3649] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3649] write(3, "2", 1) = 1 [pid 3649] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3649] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3648] <... futex resumed>) = 0 [pid 3649] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3648] exit_group(0 [pid 3649] <... futex resumed>) = ? [pid 3648] <... exit_group resumed>) = ? [pid 3649] +++ exited with 0 +++ [pid 3648] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3648, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3650 attached , child_tidptr=0x555556fa55d0) = 3650 [pid 3650] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3650] setpgid(0, 0) = 0 [ 53.457098][ T3647] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 53.465079][ T3647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.473051][ T3647] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 53.481042][ T3647] [pid 3650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3650] write(3, "1000", 4) = 4 [pid 3650] close(3) = 0 [pid 3650] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3650] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3650] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3650] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3651], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3651 ./strace-static-x86_64: Process 3651 attached [pid 3650] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3651] set_robust_list(0x7f59e635f9e0, 24 [pid 3650] <... futex resumed>) = 0 [pid 3650] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3651] <... set_robust_list resumed>) = 0 [pid 3651] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3651] write(3, "2", 1) = 1 [pid 3651] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3651] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3650] <... futex resumed>) = 0 [pid 3650] exit_group(0) = ? [pid 3651] +++ exited with 0 +++ [pid 3650] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3650, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3652 ./strace-static-x86_64: Process 3652 attached [pid 3652] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3652] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3652] setpgid(0, 0) = 0 [pid 3652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3652] write(3, "1000", 4) = 4 [pid 3652] close(3) = 0 [pid 3652] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3652] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3652] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3652] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3653], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3653 [pid 3652] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3652] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3653 attached [pid 3653] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3653] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3653] write(3, "2", 1) = 1 [pid 3653] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3653] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3652] <... futex resumed>) = 0 [pid 3653] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3652] exit_group(0) = ? [ 53.549622][ T3653] FAULT_INJECTION: forcing a failure. [ 53.549622][ T3653] name fail_futex, interval 1, probability 0, space 0, times 0 [ 53.562694][ T3653] CPU: 1 PID: 3653 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 53.574098][ T3653] syz-executor140[3653] cmdline: [ 53.579122][ T3653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 53.589192][ T3653] Call Trace: [ 53.592487][ T3653] [ 53.595433][ T3653] dump_stack_lvl+0xcd/0x134 [ 53.600050][ T3653] should_fail.cold+0x5/0xa [ 53.604641][ T3653] get_futex_key+0x5a8/0x1c30 [ 53.609316][ T3653] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 53.615306][ T3653] ? futex_setup_timer+0xf0/0xf0 [ 53.620281][ T3653] futex_wait_setup+0xa7/0x230 [ 53.625044][ T3653] ? futex_wait_multiple+0xc90/0xc90 [ 53.630364][ T3653] futex_wait+0x264/0x680 [ 53.634805][ T3653] ? futex_wait_setup+0x230/0x230 [ 53.639841][ T3653] ? __pv_queued_spin_lock_slowpath+0x264/0xb50 [ 53.646181][ T3653] ? trace_contention_end.constprop.0+0x1b0/0x1b0 [ 53.652613][ T3653] ? do_raw_spin_lock+0x200/0x2a0 [ 53.657655][ T3653] ? rwlock_bug.part.0+0x90/0x90 [ 53.662598][ T3653] ? _raw_spin_lock_irq+0x41/0x50 [ 53.667726][ T3653] do_futex+0x1af/0x300 [ 53.671883][ T3653] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 53.677774][ T3653] ? find_held_lock+0x2d/0x110 [ 53.682557][ T3653] __x64_sys_futex+0x1b0/0x4a0 [ 53.687342][ T3653] ? do_futex+0x300/0x300 [ 53.691662][ T3653] ? _raw_spin_unlock_irq+0x1f/0x40 [ 53.696851][ T3653] ? lockdep_hardirqs_on+0x79/0x100 [ 53.702048][ T3653] ? _raw_spin_unlock_irq+0x2a/0x40 [ 53.707238][ T3653] ? ptrace_notify+0xfa/0x140 [ 53.711914][ T3653] do_syscall_64+0x35/0xb0 [ 53.716418][ T3653] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.722319][ T3653] RIP: 0033:0x7f59e63adb19 [ 53.726749][ T3653] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 3653] <... futex resumed>) = ? [pid 3653] +++ exited with 0 +++ [pid 3652] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3652, si_uid=0, si_status=0, si_utime=0, si_stime=25} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3654 attached , child_tidptr=0x555556fa55d0) = 3654 [pid 3654] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3654] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3654] setpgid(0, 0) = 0 [pid 3654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3654] write(3, "1000", 4) = 4 [pid 3654] close(3) = 0 [pid 3654] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3654] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3654] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3655 attached , parent_tid=[3655], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3655 [pid 3655] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3655] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3654] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3655] <... futex resumed>) = 0 [pid 3654] <... futex resumed>) = 1 [pid 3655] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3654] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3655] write(3, "2", 1) = 1 [pid 3655] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3655] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 53.746374][ T3653] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 53.754785][ T3653] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 53.762748][ T3653] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 53.770716][ T3653] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 53.778689][ T3653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.786679][ T3653] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 53.794690][ T3653] [pid 3655] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3654] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3654] exit_group(0) = ? [ 53.820075][ T3655] FAULT_INJECTION: forcing a failure. [ 53.820075][ T3655] name fail_futex, interval 1, probability 0, space 0, times 0 [ 53.832981][ T3655] CPU: 1 PID: 3655 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 53.844380][ T3655] syz-executor140[3655] cmdline: [ 53.849410][ T3655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 53.859464][ T3655] Call Trace: [ 53.862746][ T3655] [ 53.865675][ T3655] dump_stack_lvl+0xcd/0x134 [ 53.870274][ T3655] should_fail.cold+0x5/0xa [ 53.874784][ T3655] get_futex_key+0x5a8/0x1c30 [ 53.879470][ T3655] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 53.885474][ T3655] ? futex_setup_timer+0xf0/0xf0 [ 53.890417][ T3655] futex_wait_setup+0xa7/0x230 [ 53.895192][ T3655] ? futex_wait_multiple+0xc90/0xc90 [ 53.900506][ T3655] futex_wait+0x264/0x680 [ 53.904834][ T3655] ? futex_wait_setup+0x230/0x230 [ 53.909886][ T3655] ? do_raw_spin_lock+0x120/0x2a0 [ 53.914922][ T3655] ? rwlock_bug.part.0+0x90/0x90 [ 53.919892][ T3655] ? _raw_spin_lock_irq+0x41/0x50 [ 53.924927][ T3655] do_futex+0x1af/0x300 [ 53.929097][ T3655] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 53.935025][ T3655] ? find_held_lock+0x2d/0x110 [ 53.939803][ T3655] __x64_sys_futex+0x1b0/0x4a0 [ 53.944585][ T3655] ? do_futex+0x300/0x300 [ 53.949100][ T3655] ? _raw_spin_unlock_irq+0x1f/0x40 [ 53.954307][ T3655] ? lockdep_hardirqs_on+0x79/0x100 [ 53.959530][ T3655] ? _raw_spin_unlock_irq+0x2a/0x40 [ 53.964736][ T3655] ? ptrace_notify+0xfa/0x140 [ 53.969434][ T3655] do_syscall_64+0x35/0xb0 [ 53.973875][ T3655] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.979777][ T3655] RIP: 0033:0x7f59e63adb19 [ 53.984206][ T3655] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.003814][ T3655] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 54.012246][ T3655] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3655] <... futex resumed>) = ? [pid 3655] +++ exited with 0 +++ [pid 3654] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3654, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3656 attached , child_tidptr=0x555556fa55d0) = 3656 [pid 3656] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3656] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3656] setpgid(0, 0) = 0 [pid 3656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3656] write(3, "1000", 4) = 4 [pid 3656] close(3) = 0 [pid 3656] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3656] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3656] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3656] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3657 attached , parent_tid=[3657], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3657 [pid 3657] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3657] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3656] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3657] <... futex resumed>) = 0 [pid 3656] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3657] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3657] write(3, "2", 1) = 1 [pid 3657] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3657] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3656] <... futex resumed>) = 0 [pid 3656] exit_group(0) = ? [pid 3657] +++ exited with 0 +++ [pid 3656] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3656, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3658 attached , child_tidptr=0x555556fa55d0) = 3658 [pid 3658] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3658] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3658] setpgid(0, 0) = 0 [pid 3658] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3658] write(3, "1000", 4) = 4 [pid 3658] close(3) = 0 [pid 3658] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3658] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3658] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3658] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3659], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3659 ./strace-static-x86_64: Process 3659 attached [pid 3658] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3659] set_robust_list(0x7f59e635f9e0, 24 [pid 3658] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3659] <... set_robust_list resumed>) = 0 [pid 3659] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3659] write(3, "2", 1) = 1 [pid 3659] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3659] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3658] <... futex resumed>) = 0 [pid 3658] exit_group(0) = ? [pid 3659] +++ exited with 0 +++ [pid 3658] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3658, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3660 ./strace-static-x86_64: Process 3660 attached [pid 3660] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3660] setpgid(0, 0) = 0 [pid 3660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3660] write(3, "1000", 4) = 4 [pid 3660] close(3) = 0 [ 54.020317][ T3655] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 54.028291][ T3655] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 54.036288][ T3655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.044280][ T3655] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 54.052280][ T3655] [pid 3660] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3660] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3660] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3660] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3661 attached , parent_tid=[3661], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3661 [pid 3660] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3660] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3661] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3661] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3661] write(3, "2", 1) = 1 [pid 3661] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3661] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3660] <... futex resumed>) = 0 [pid 3660] exit_group(0) = ? [pid 3661] <... futex resumed>) = ? [pid 3661] +++ exited with 0 +++ [pid 3660] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3660, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3662 ./strace-static-x86_64: Process 3662 attached [pid 3662] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3662] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3662] setpgid(0, 0) = 0 [pid 3662] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3662] write(3, "1000", 4) = 4 [pid 3662] close(3) = 0 [pid 3662] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3662] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3662] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3662] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3663 attached , parent_tid=[3663], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3663 [pid 3662] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3663] set_robust_list(0x7f59e635f9e0, 24 [pid 3662] <... futex resumed>) = 0 [pid 3662] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3663] <... set_robust_list resumed>) = 0 [pid 3663] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3663] write(3, "2", 1) = 1 [pid 3663] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3663] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3662] <... futex resumed>) = 0 [pid 3662] exit_group(0) = ? [pid 3663] +++ exited with 0 +++ [pid 3662] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3662, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3664 ./strace-static-x86_64: Process 3664 attached [pid 3664] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3664] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3664] setpgid(0, 0) = 0 [pid 3664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3664] write(3, "1000", 4) = 4 [pid 3664] close(3) = 0 [pid 3664] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3664] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3664] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3664] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3665], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3665 [pid 3664] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3664] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3665 attached [pid 3665] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3665] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3665] write(3, "2", 1) = 1 [pid 3665] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3665] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3664] <... futex resumed>) = 0 [pid 3664] exit_group(0) = ? [pid 3665] <... futex resumed>) = ? [pid 3665] +++ exited with 0 +++ [pid 3664] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3664, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3666 ./strace-static-x86_64: Process 3666 attached [pid 3666] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3666] setpgid(0, 0) = 0 [pid 3666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3666] write(3, "1000", 4) = 4 [pid 3666] close(3) = 0 [pid 3666] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3666] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3666] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3666] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3667 attached , parent_tid=[3667], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3667 [pid 3667] set_robust_list(0x7f59e635f9e0, 24 [pid 3666] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3667] <... set_robust_list resumed>) = 0 [pid 3667] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3666] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3667] <... openat resumed>) = 3 [pid 3667] write(3, "2", 1) = 1 [pid 3667] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3667] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3666] <... futex resumed>) = 0 [pid 3667] <... futex resumed>) = 1 [pid 3666] exit_group(0) = ? [pid 3667] +++ exited with 0 +++ [pid 3666] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3666, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3668 attached [pid 3668] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3668] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3668] setpgid(0, 0) = 0 [pid 3668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3668] write(3, "1000", 4) = 4 [pid 3668] close(3) = 0 [pid 3668] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3668] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3668] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3668] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3669], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3669 [pid 3668] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3668] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3669 attached [pid 3669] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3669] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3668 [pid 3669] write(3, "2", 1) = 1 [pid 3669] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3669] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3668] <... futex resumed>) = 0 [pid 3668] exit_group(0) = ? [pid 3669] <... futex resumed>) = ? [pid 3669] +++ exited with 0 +++ [pid 3668] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3668, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3670 ./strace-static-x86_64: Process 3670 attached [pid 3670] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3670] setpgid(0, 0) = 0 [pid 3670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3670] write(3, "1000", 4) = 4 [pid 3670] close(3) = 0 [pid 3670] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3670] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3670] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3670] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3671 attached , parent_tid=[3671], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3671 [pid 3670] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3671] set_robust_list(0x7f59e635f9e0, 24 [pid 3670] <... futex resumed>) = 0 [pid 3671] <... set_robust_list resumed>) = 0 [pid 3670] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3671] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3671] write(3, "2", 1) = 1 [pid 3671] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3671] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3670] <... futex resumed>) = 0 [pid 3671] <... futex resumed>) = 1 [pid 3671] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3670] exit_group(0) = ? [ 54.219883][ T3671] FAULT_INJECTION: forcing a failure. [ 54.219883][ T3671] name fail_futex, interval 1, probability 0, space 0, times 0 [ 54.232820][ T3671] CPU: 1 PID: 3671 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 54.244226][ T3671] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 54.253721][ T3671] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3671, name: syz-executor140 [ 54.263210][ T3671] preempt_count: 0, expected: 0 [ 54.268048][ T3671] RCU nest depth: 0, expected: 0 [ 54.272979][ T3671] no locks held by syz-executor140/3671. [ 54.278619][ T3671] irq event stamp: 396 [ 54.282689][ T3671] hardirqs last enabled at (395): [] finish_task_switch.isra.0+0x2b5/0xc70 [ 54.292928][ T3671] hardirqs last disabled at (396): [] dump_stack_lvl+0x2e/0x134 [ 54.302129][ T3671] softirqs last enabled at (388): [] __irq_exit_rcu+0x123/0x180 [ 54.311411][ T3671] softirqs last disabled at (375): [] __irq_exit_rcu+0x123/0x180 [ 54.320699][ T3671] CPU: 1 PID: 3671 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 54.332077][ T3671] syz-executor140[3671] cmdline: [ 54.337143][ T3671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 54.347193][ T3671] Call Trace: [ 54.350478][ T3671] [ 54.353442][ T3671] dump_stack_lvl+0xcd/0x134 [ 54.358065][ T3671] __might_resched.cold+0x222/0x26b [ 54.363281][ T3671] down_read_killable+0x75/0x490 [ 54.368249][ T3671] ? down_read+0x450/0x450 [ 54.372677][ T3671] __access_remote_vm+0xac/0x6f0 [ 54.377654][ T3671] ? follow_phys+0x2c0/0x2c0 [ 54.382266][ T3671] ? do_raw_spin_lock+0x120/0x2a0 [ 54.387289][ T3671] ? rwlock_bug.part.0+0x90/0x90 [ 54.392270][ T3671] ? __up_console_sem+0x47/0xc0 [ 54.397330][ T3671] get_mm_cmdline.part.0+0x217/0x620 [ 54.402624][ T3671] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 54.408347][ T3671] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 54.414156][ T3671] get_task_cmdline_kernel+0x1d9/0x220 [ 54.419626][ T3671] dump_stack_print_cmdline.part.0+0x82/0x150 [ 54.425700][ T3671] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 54.431814][ T3671] ? dump_stack_print_info+0xc6/0x190 [ 54.437220][ T3671] dump_stack_print_info+0x185/0x190 [ 54.442516][ T3671] dump_stack_lvl+0xc1/0x134 [ 54.447110][ T3671] should_fail.cold+0x5/0xa [ 54.451629][ T3671] get_futex_key+0x5a8/0x1c30 [ 54.456351][ T3671] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 54.462353][ T3671] ? futex_setup_timer+0xf0/0xf0 [ 54.467313][ T3671] futex_wait_setup+0xa7/0x230 [ 54.472102][ T3671] ? futex_wait_multiple+0xc90/0xc90 [ 54.477408][ T3671] futex_wait+0x264/0x680 [ 54.481775][ T3671] ? futex_wait_setup+0x230/0x230 [ 54.486834][ T3671] ? do_raw_spin_lock+0x120/0x2a0 [ 54.491857][ T3671] ? rwlock_bug.part.0+0x90/0x90 [ 54.496806][ T3671] ? _raw_spin_lock_irq+0x41/0x50 [ 54.501876][ T3671] do_futex+0x1af/0x300 [ 54.506071][ T3671] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 54.511998][ T3671] ? find_held_lock+0x2d/0x110 [ 54.516771][ T3671] __x64_sys_futex+0x1b0/0x4a0 [ 54.521537][ T3671] ? do_futex+0x300/0x300 [ 54.525892][ T3671] ? _raw_spin_unlock_irq+0x1f/0x40 [ 54.531125][ T3671] ? lockdep_hardirqs_on+0x79/0x100 [ 54.536329][ T3671] ? _raw_spin_unlock_irq+0x2a/0x40 [ 54.541532][ T3671] ? ptrace_notify+0xfa/0x140 [ 54.546261][ T3671] do_syscall_64+0x35/0xb0 [ 54.550906][ T3671] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 54.556843][ T3671] RIP: 0033:0x7f59e63adb19 [ 54.561257][ T3671] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.580966][ T3671] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 54.589400][ T3671] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 54.597365][ T3671] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 54.605381][ T3671] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 54.613365][ T3671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.621330][ T3671] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 54.629317][ T3671] [ 54.632361][ T3671] syz-executor140[3671] cmdline: [ 54.637410][ T3671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 54.647563][ T3671] Call Trace: [ 54.650852][ T3671] [ 54.653806][ T3671] dump_stack_lvl+0xcd/0x134 [ 54.658451][ T3671] should_fail.cold+0x5/0xa [ 54.662969][ T3671] get_futex_key+0x5a8/0x1c30 [ 54.667651][ T3671] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 54.673646][ T3671] ? futex_setup_timer+0xf0/0xf0 [ 54.678610][ T3671] futex_wait_setup+0xa7/0x230 [ 54.683373][ T3671] ? futex_wait_multiple+0xc90/0xc90 [ 54.688661][ T3671] futex_wait+0x264/0x680 [ 54.692992][ T3671] ? futex_wait_setup+0x230/0x230 [ 54.698049][ T3671] ? do_raw_spin_lock+0x120/0x2a0 [ 54.703096][ T3671] ? rwlock_bug.part.0+0x90/0x90 [ 54.708036][ T3671] ? _raw_spin_lock_irq+0x41/0x50 [ 54.713079][ T3671] do_futex+0x1af/0x300 [ 54.717268][ T3671] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 54.723159][ T3671] ? find_held_lock+0x2d/0x110 [ 54.727945][ T3671] __x64_sys_futex+0x1b0/0x4a0 [ 54.732763][ T3671] ? do_futex+0x300/0x300 [ 54.737087][ T3671] ? _raw_spin_unlock_irq+0x1f/0x40 [ 54.742293][ T3671] ? lockdep_hardirqs_on+0x79/0x100 [ 54.747518][ T3671] ? _raw_spin_unlock_irq+0x2a/0x40 [ 54.752711][ T3671] ? ptrace_notify+0xfa/0x140 [ 54.757399][ T3671] do_syscall_64+0x35/0xb0 [ 54.762859][ T3671] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 54.768760][ T3671] RIP: 0033:0x7f59e63adb19 [ 54.773179][ T3671] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.792803][ T3671] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 54.801212][ T3671] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 54.809180][ T3671] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [pid 3671] <... futex resumed>) = ? [pid 3671] +++ exited with 0 +++ [pid 3670] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3670, si_uid=0, si_status=0, si_utime=0, si_stime=63} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3672 ./strace-static-x86_64: Process 3672 attached [pid 3672] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3672] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3672] setpgid(0, 0) = 0 [pid 3672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3672] write(3, "1000", 4) = 4 [pid 3672] close(3) = 0 [pid 3672] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3672] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3672] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3672] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3673 attached , parent_tid=[3673], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3673 [pid 3672] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3673] set_robust_list(0x7f59e635f9e0, 24 [pid 3672] <... futex resumed>) = 0 [pid 3673] <... set_robust_list resumed>) = 0 [pid 3672] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3673] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3673] write(3, "2", 1) = 1 [pid 3673] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3673] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3672] <... futex resumed>) = 0 [pid 3672] exit_group(0) = ? [pid 3673] +++ exited with 0 +++ [pid 3672] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3672, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3674 attached , child_tidptr=0x555556fa55d0) = 3674 [pid 3674] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3674] setpgid(0, 0) = 0 [pid 3674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3674] write(3, "1000", 4) = 4 [pid 3674] close(3) = 0 [pid 3674] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3674] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3674] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3674] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3675], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3675 ./strace-static-x86_64: Process 3675 attached [pid 3675] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3675] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3674] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3675] <... futex resumed>) = 0 [pid 3675] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3674] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3675] write(3, "2", 1) = 1 [pid 3675] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3675] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3674] <... futex resumed>) = 0 [pid 3674] exit_group(0) = ? [ 54.817163][ T3671] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 54.825136][ T3671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.833118][ T3671] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 54.841097][ T3671] [pid 3675] +++ exited with 0 +++ [pid 3674] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3674, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3676 ./strace-static-x86_64: Process 3676 attached [pid 3676] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3676] setpgid(0, 0) = 0 [pid 3676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3676] write(3, "1000", 4) = 4 [pid 3676] close(3) = 0 [pid 3676] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3676] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3676] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3676] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3677], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3677 [pid 3676] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3676] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3677 attached [pid 3677] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3677] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3677] write(3, "2", 1) = 1 [pid 3677] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3677] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3676] <... futex resumed>) = 0 [pid 3676] exit_group(0) = ? [pid 3677] <... futex resumed>) = ? [pid 3677] +++ exited with 0 +++ [pid 3676] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3676, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3678 ./strace-static-x86_64: Process 3678 attached [pid 3678] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3678] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3678] setpgid(0, 0) = 0 [pid 3678] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3678] write(3, "1000", 4) = 4 [pid 3678] close(3) = 0 [pid 3678] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3678] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3678] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3678] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3679 attached , parent_tid=[3679], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3679 [pid 3679] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3679] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3678] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3679] <... futex resumed>) = 0 [pid 3678] <... futex resumed>) = 1 [pid 3679] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3678] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3679] <... openat resumed>) = 3 [pid 3679] write(3, "2", 1) = 1 [pid 3679] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3679] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3679] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3678] <... futex resumed>) = 0 [pid 3678] exit_group(0) = ? [ 54.920387][ T3679] FAULT_INJECTION: forcing a failure. [ 54.920387][ T3679] name fail_futex, interval 1, probability 0, space 0, times 0 [ 54.933441][ T3679] CPU: 1 PID: 3679 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 54.944867][ T3679] syz-executor140[3679] cmdline: [ 54.949902][ T3679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 54.959962][ T3679] Call Trace: [ 54.963241][ T3679] [ 54.966175][ T3679] dump_stack_lvl+0xcd/0x134 [ 54.970791][ T3679] should_fail.cold+0x5/0xa [ 54.975313][ T3679] get_futex_key+0x5a8/0x1c30 [ 54.980002][ T3679] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 54.985996][ T3679] ? futex_setup_timer+0xf0/0xf0 [ 54.990952][ T3679] futex_wait_setup+0xa7/0x230 [ 54.995742][ T3679] ? futex_wait_multiple+0xc90/0xc90 [ 55.001054][ T3679] futex_wait+0x264/0x680 [ 55.005405][ T3679] ? futex_wait_setup+0x230/0x230 [ 55.010463][ T3679] ? do_raw_spin_lock+0x120/0x2a0 [ 55.015501][ T3679] ? rwlock_bug.part.0+0x90/0x90 [ 55.020467][ T3679] ? _raw_spin_lock_irq+0x41/0x50 [ 55.025511][ T3679] do_futex+0x1af/0x300 [ 55.029682][ T3679] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 55.035591][ T3679] ? find_held_lock+0x2d/0x110 [ 55.040367][ T3679] __x64_sys_futex+0x1b0/0x4a0 [ 55.045163][ T3679] ? do_futex+0x300/0x300 [ 55.049505][ T3679] ? _raw_spin_unlock_irq+0x1f/0x40 [ 55.054712][ T3679] ? lockdep_hardirqs_on+0x79/0x100 [ 55.059934][ T3679] ? _raw_spin_unlock_irq+0x2a/0x40 [ 55.065142][ T3679] ? ptrace_notify+0xfa/0x140 [ 55.069832][ T3679] do_syscall_64+0x35/0xb0 [ 55.074260][ T3679] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 55.080182][ T3679] RIP: 0033:0x7f59e63adb19 [ 55.084626][ T3679] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 55.104237][ T3679] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 55.112656][ T3679] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3679] <... futex resumed>) = ? [pid 3679] +++ exited with 0 +++ [pid 3678] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3678, si_uid=0, si_status=0, si_utime=0, si_stime=23} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3680 attached , child_tidptr=0x555556fa55d0) = 3680 [pid 3680] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3680] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3680] setpgid(0, 0) = 0 [pid 3680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3680] write(3, "1000", 4) = 4 [pid 3680] close(3) = 0 [pid 3680] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3680] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3680] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3680] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3681 attached , parent_tid=[3681], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3681 [pid 3680] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3680] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3681] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3681] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3681] write(3, "2", 1) = 1 [pid 3681] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3681] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3680] <... futex resumed>) = 0 [ 55.120642][ T3679] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 55.128616][ T3679] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 55.136590][ T3679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.144562][ T3679] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 55.152550][ T3679] [pid 3681] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3680] exit_group(0) = ? [ 55.177511][ T3681] FAULT_INJECTION: forcing a failure. [ 55.177511][ T3681] name fail_futex, interval 1, probability 0, space 0, times 0 [ 55.191448][ T3681] CPU: 0 PID: 3681 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 55.202848][ T3681] syz-executor140[3681] cmdline: [ 55.207861][ T3681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 55.217916][ T3681] Call Trace: [ 55.221185][ T3681] [ 55.224113][ T3681] dump_stack_lvl+0xcd/0x134 [ 55.228706][ T3681] should_fail.cold+0x5/0xa [ 55.233210][ T3681] get_futex_key+0x5a8/0x1c30 [ 55.237893][ T3681] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 55.244739][ T3681] ? futex_setup_timer+0xf0/0xf0 [ 55.249674][ T3681] futex_wait_setup+0xa7/0x230 [ 55.254434][ T3681] ? futex_wait_multiple+0xc90/0xc90 [ 55.259720][ T3681] futex_wait+0x264/0x680 [ 55.264046][ T3681] ? futex_wait_setup+0x230/0x230 [ 55.269075][ T3681] ? do_raw_spin_lock+0x120/0x2a0 [ 55.274092][ T3681] ? rwlock_bug.part.0+0x90/0x90 [ 55.279020][ T3681] ? _raw_spin_lock_irq+0x41/0x50 [ 55.284039][ T3681] do_futex+0x1af/0x300 [ 55.288189][ T3681] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 55.294077][ T3681] ? find_held_lock+0x2d/0x110 [ 55.298837][ T3681] __x64_sys_futex+0x1b0/0x4a0 [ 55.303595][ T3681] ? do_futex+0x300/0x300 [ 55.307916][ T3681] ? _raw_spin_unlock_irq+0x1f/0x40 [ 55.313108][ T3681] ? lockdep_hardirqs_on+0x79/0x100 [ 55.318315][ T3681] ? _raw_spin_unlock_irq+0x2a/0x40 [ 55.323514][ T3681] ? ptrace_notify+0xfa/0x140 [ 55.328221][ T3681] do_syscall_64+0x35/0xb0 [ 55.332639][ T3681] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 55.338527][ T3681] RIP: 0033:0x7f59e63adb19 [ 55.342937][ T3681] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 55.362540][ T3681] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [pid 3681] <... futex resumed>) = ? [pid 3681] +++ exited with 0 +++ [pid 3680] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3680, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3682 attached , child_tidptr=0x555556fa55d0) = 3682 [pid 3682] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3682] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3682] setpgid(0, 0) = 0 [pid 3682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3682] write(3, "1000", 4) = 4 [pid 3682] close(3) = 0 [pid 3682] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3682] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3682] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3682] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3683 attached , parent_tid=[3683], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3683 [pid 3682] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3683] set_robust_list(0x7f59e635f9e0, 24 [pid 3682] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3683] <... set_robust_list resumed>) = 0 [pid 3683] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3683] write(3, "2", 1) = 1 [pid 3683] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3683] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3682] <... futex resumed>) = 0 [pid 3683] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3682] exit_group(0) = ? [pid 3683] <... futex resumed>) = ? [pid 3683] +++ exited with 0 +++ [pid 3682] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3682, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3684 attached [pid 3684] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3684 [pid 3684] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3684] setpgid(0, 0) = 0 [pid 3684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3684] write(3, "1000", 4) = 4 [pid 3684] close(3) = 0 [pid 3684] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3684] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3684] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3684] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3685], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3685 [pid 3684] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3684] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3685 attached [pid 3685] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3685] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3685] write(3, "2", 1) = 1 [pid 3685] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3685] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3684] <... futex resumed>) = 0 [pid 3684] exit_group(0) = ? [pid 3685] <... futex resumed>) = ? [pid 3685] +++ exited with 0 +++ [pid 3684] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3684, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3686 ./strace-static-x86_64: Process 3686 attached [pid 3686] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3686] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3686] setpgid(0, 0) = 0 [pid 3686] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3686] write(3, "1000", 4) = 4 [pid 3686] close(3) = 0 [pid 3686] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3686] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3686] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3686] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3687], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3687 [pid 3686] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3686] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3687 attached [pid 3687] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3687] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3687] write(3, "2", 1) = 1 [pid 3687] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [ 55.370949][ T3681] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 55.378918][ T3681] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 55.386881][ T3681] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 55.394867][ T3681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.402836][ T3681] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 55.410811][ T3681] [pid 3687] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3686] <... futex resumed>) = 0 [pid 3686] exit_group(0) = ? [pid 3687] <... futex resumed>) = ? [pid 3687] +++ exited with 0 +++ [pid 3686] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3686, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3688 ./strace-static-x86_64: Process 3688 attached [pid 3688] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3688] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3688] setpgid(0, 0) = 0 [pid 3688] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3688] write(3, "1000", 4) = 4 [pid 3688] close(3) = 0 [pid 3688] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3688] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3688] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3688] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3689], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3689 [pid 3688] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3688] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3689 attached [pid 3689] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3689] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3689] write(3, "2", 1) = 1 [pid 3689] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3689] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3688] <... futex resumed>) = 0 [pid 3689] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3688] exit_group(0) = ? [ 55.483297][ T3689] FAULT_INJECTION: forcing a failure. [ 55.483297][ T3689] name fail_futex, interval 1, probability 0, space 0, times 0 [ 55.496291][ T3689] CPU: 0 PID: 3689 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 55.507696][ T3689] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 55.517066][ T3689] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3689, name: syz-executor140 [ 55.526538][ T3689] preempt_count: 0, expected: 0 [ 55.531383][ T3689] RCU nest depth: 0, expected: 0 [ 55.536307][ T3689] no locks held by syz-executor140/3689. [ 55.541929][ T3689] irq event stamp: 512 [ 55.545992][ T3689] hardirqs last enabled at (511): [] finish_task_switch.isra.0+0x2b5/0xc70 [ 55.556247][ T3689] hardirqs last disabled at (512): [] dump_stack_lvl+0x2e/0x134 [ 55.565463][ T3689] softirqs last enabled at (500): [] __irq_exit_rcu+0x123/0x180 [ 55.574761][ T3689] softirqs last disabled at (489): [] __irq_exit_rcu+0x123/0x180 [ 55.584058][ T3689] CPU: 0 PID: 3689 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 55.595440][ T3689] syz-executor140[3689] cmdline: [ 55.600460][ T3689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 55.610512][ T3689] Call Trace: [ 55.613794][ T3689] [ 55.616728][ T3689] dump_stack_lvl+0xcd/0x134 [ 55.621338][ T3689] __might_resched.cold+0x222/0x26b [ 55.626547][ T3689] down_read_killable+0x75/0x490 [ 55.631522][ T3689] ? down_read+0x450/0x450 [ 55.635964][ T3689] __access_remote_vm+0xac/0x6f0 [ 55.640917][ T3689] ? follow_phys+0x2c0/0x2c0 [ 55.645516][ T3689] ? do_raw_spin_lock+0x120/0x2a0 [ 55.650552][ T3689] ? rwlock_bug.part.0+0x90/0x90 [ 55.655505][ T3689] ? __up_console_sem+0x47/0xc0 [ 55.660369][ T3689] get_mm_cmdline.part.0+0x217/0x620 [ 55.665675][ T3689] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 55.671415][ T3689] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 55.677244][ T3689] get_task_cmdline_kernel+0x1d9/0x220 [ 55.682721][ T3689] dump_stack_print_cmdline.part.0+0x82/0x150 [ 55.688805][ T3689] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 55.694916][ T3689] ? dump_stack_print_info+0xc6/0x190 [ 55.700307][ T3689] dump_stack_print_info+0x185/0x190 [ 55.705636][ T3689] dump_stack_lvl+0xc1/0x134 [ 55.710246][ T3689] should_fail.cold+0x5/0xa [ 55.714769][ T3689] get_futex_key+0x5a8/0x1c30 [ 55.719456][ T3689] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 55.725465][ T3689] ? futex_setup_timer+0xf0/0xf0 [ 55.730440][ T3689] futex_wait_setup+0xa7/0x230 [ 55.735220][ T3689] ? futex_wait_multiple+0xc90/0xc90 [ 55.740534][ T3689] futex_wait+0x264/0x680 [ 55.744896][ T3689] ? futex_wait_setup+0x230/0x230 [ 55.749955][ T3689] ? do_raw_spin_lock+0x120/0x2a0 [ 55.754989][ T3689] ? rwlock_bug.part.0+0x90/0x90 [ 55.759936][ T3689] ? _raw_spin_lock_irq+0x41/0x50 [ 55.764970][ T3689] do_futex+0x1af/0x300 [ 55.769179][ T3689] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 55.775082][ T3689] ? find_held_lock+0x2d/0x110 [ 55.779880][ T3689] __x64_sys_futex+0x1b0/0x4a0 [ 55.784660][ T3689] ? do_futex+0x300/0x300 [ 55.789001][ T3689] ? _raw_spin_unlock_irq+0x1f/0x40 [ 55.794227][ T3689] ? lockdep_hardirqs_on+0x79/0x100 [ 55.799454][ T3689] ? _raw_spin_unlock_irq+0x2a/0x40 [ 55.804660][ T3689] ? ptrace_notify+0xfa/0x140 [ 55.809353][ T3689] do_syscall_64+0x35/0xb0 [ 55.813783][ T3689] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 55.819697][ T3689] RIP: 0033:0x7f59e63adb19 [ 55.824221][ T3689] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 55.843835][ T3689] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 55.852342][ T3689] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 55.860363][ T3689] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 55.868339][ T3689] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 55.876314][ T3689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.884286][ T3689] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 55.892273][ T3689] [ 55.895300][ T3689] syz-executor140[3689] cmdline: [ 55.900339][ T3689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 55.910568][ T3689] Call Trace: [ 55.913940][ T3689] [ 55.916876][ T3689] dump_stack_lvl+0xcd/0x134 [ 55.921488][ T3689] should_fail.cold+0x5/0xa [ 55.926030][ T3689] get_futex_key+0x5a8/0x1c30 [ 55.930719][ T3689] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 55.936716][ T3689] ? futex_setup_timer+0xf0/0xf0 [ 55.941677][ T3689] futex_wait_setup+0xa7/0x230 [ 55.946459][ T3689] ? futex_wait_multiple+0xc90/0xc90 [ 55.951773][ T3689] futex_wait+0x264/0x680 [ 55.956126][ T3689] ? futex_wait_setup+0x230/0x230 [ 55.961186][ T3689] ? do_raw_spin_lock+0x120/0x2a0 [ 55.966224][ T3689] ? rwlock_bug.part.0+0x90/0x90 [ 55.971171][ T3689] ? _raw_spin_lock_irq+0x41/0x50 [ 55.976208][ T3689] do_futex+0x1af/0x300 [ 55.980379][ T3689] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 55.986287][ T3689] ? find_held_lock+0x2d/0x110 [ 55.991065][ T3689] __x64_sys_futex+0x1b0/0x4a0 [ 55.995846][ T3689] ? do_futex+0x300/0x300 [ 56.000188][ T3689] ? _raw_spin_unlock_irq+0x1f/0x40 [ 56.005395][ T3689] ? lockdep_hardirqs_on+0x79/0x100 [ 56.010613][ T3689] ? _raw_spin_unlock_irq+0x2a/0x40 [ 56.015819][ T3689] ? ptrace_notify+0xfa/0x140 [ 56.020511][ T3689] do_syscall_64+0x35/0xb0 [ 56.024971][ T3689] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.030874][ T3689] RIP: 0033:0x7f59e63adb19 [ 56.035295][ T3689] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.054914][ T3689] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 56.063334][ T3689] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 56.071309][ T3689] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [pid 3689] <... futex resumed>) = ? [pid 3689] +++ exited with 0 +++ [pid 3688] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3688, si_uid=0, si_status=0, si_utime=0, si_stime=63} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3690 ./strace-static-x86_64: Process 3690 attached [pid 3690] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3690] setpgid(0, 0) = 0 [pid 3690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3690] write(3, "1000", 4) = 4 [pid 3690] close(3) = 0 [pid 3690] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3690] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3690] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3690] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3691 attached , parent_tid=[3691], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3691 [pid 3691] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3691] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3690] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3691] <... futex resumed>) = 0 [pid 3691] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3691] write(3, "2", 1) = 1 [pid 3691] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3691] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 56.079285][ T3689] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 56.088531][ T3689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.096545][ T3689] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 56.104540][ T3689] [pid 3691] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3690] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 3690] exit_group(0) = ? [ 56.133276][ T3691] FAULT_INJECTION: forcing a failure. [ 56.133276][ T3691] name fail_futex, interval 1, probability 0, space 0, times 0 [ 56.146118][ T3691] CPU: 1 PID: 3691 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 56.157499][ T3691] syz-executor140[3691] cmdline: [ 56.162521][ T3691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 56.172589][ T3691] Call Trace: [ 56.175869][ T3691] [ 56.178824][ T3691] dump_stack_lvl+0xcd/0x134 [ 56.183449][ T3691] should_fail.cold+0x5/0xa [ 56.187960][ T3691] get_futex_key+0x5a8/0x1c30 [ 56.192634][ T3691] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.198622][ T3691] ? futex_setup_timer+0xf0/0xf0 [ 56.203602][ T3691] futex_wait_setup+0xa7/0x230 [ 56.208364][ T3691] ? futex_wait_multiple+0xc90/0xc90 [ 56.213650][ T3691] futex_wait+0x264/0x680 [ 56.217998][ T3691] ? futex_wait_setup+0x230/0x230 [ 56.223057][ T3691] ? do_raw_spin_lock+0x120/0x2a0 [ 56.228099][ T3691] ? rwlock_bug.part.0+0x90/0x90 [ 56.233041][ T3691] ? _raw_spin_lock_irq+0x41/0x50 [ 56.238085][ T3691] do_futex+0x1af/0x300 [ 56.242238][ T3691] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 56.248124][ T3691] ? find_held_lock+0x2d/0x110 [ 56.252899][ T3691] __x64_sys_futex+0x1b0/0x4a0 [ 56.257687][ T3691] ? do_futex+0x300/0x300 [ 56.262027][ T3691] ? _raw_spin_unlock_irq+0x1f/0x40 [ 56.267228][ T3691] ? lockdep_hardirqs_on+0x79/0x100 [ 56.272570][ T3691] ? _raw_spin_unlock_irq+0x2a/0x40 [ 56.277785][ T3691] ? ptrace_notify+0xfa/0x140 [ 56.282470][ T3691] do_syscall_64+0x35/0xb0 [ 56.286919][ T3691] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.292836][ T3691] RIP: 0033:0x7f59e63adb19 [ 56.297260][ T3691] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.316964][ T3691] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 56.325400][ T3691] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3691] <... futex resumed>) = ? [pid 3691] +++ exited with 0 +++ [pid 3690] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3690, si_uid=0, si_status=0, si_utime=0, si_stime=23} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3692 attached , child_tidptr=0x555556fa55d0) = 3692 [pid 3692] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3692] setpgid(0, 0) = 0 [pid 3692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3692] write(3, "1000", 4) = 4 [pid 3692] close(3) = 0 [pid 3692] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3692] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3692] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3692] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3693 attached [pid 3693] set_robust_list(0x7f59e635f9e0, 24 [pid 3692] <... clone resumed>, parent_tid=[3693], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3693 [pid 3693] <... set_robust_list resumed>) = 0 [pid 3692] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3693] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3692] <... futex resumed>) = 0 [pid 3692] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3693] <... openat resumed>) = 3 [pid 3693] write(3, "2", 1) = 1 [pid 3693] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3693] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3692] <... futex resumed>) = 0 [pid 3692] exit_group(0) = ? [pid 3693] +++ exited with 0 +++ [pid 3692] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3692, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3694 ./strace-static-x86_64: Process 3694 attached [pid 3694] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3694] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3694] setpgid(0, 0) = 0 [pid 3694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3694] write(3, "1000", 4) = 4 [pid 3694] close(3) = 0 [pid 3694] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3694] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3694] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3694] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3695 attached , parent_tid=[3695], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3695 [pid 3695] set_robust_list(0x7f59e635f9e0, 24 [pid 3694] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3695] <... set_robust_list resumed>) = 0 [pid 3694] <... futex resumed>) = 0 [pid 3695] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3694] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3695] <... openat resumed>) = 3 [pid 3695] write(3, "2", 1) = 1 [pid 3695] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3695] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3694] <... futex resumed>) = 0 [ 56.333381][ T3691] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 56.341361][ T3691] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 56.349328][ T3691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.357290][ T3691] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 56.365293][ T3691] [pid 3695] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3694] exit_group(0) = ? [ 56.415898][ T3695] FAULT_INJECTION: forcing a failure. [ 56.415898][ T3695] name fail_futex, interval 1, probability 0, space 0, times 0 [ 56.428822][ T3695] CPU: 1 PID: 3695 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 56.440391][ T3695] syz-executor140[3695] cmdline: [ 56.445522][ T3695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 56.455574][ T3695] Call Trace: [ 56.458945][ T3695] [ 56.461896][ T3695] dump_stack_lvl+0xcd/0x134 [ 56.466505][ T3695] should_fail.cold+0x5/0xa [ 56.471038][ T3695] get_futex_key+0x5a8/0x1c30 [ 56.475741][ T3695] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.481730][ T3695] ? futex_setup_timer+0xf0/0xf0 [ 56.486680][ T3695] futex_wait_setup+0xa7/0x230 [ 56.491465][ T3695] ? futex_wait_multiple+0xc90/0xc90 [ 56.496781][ T3695] futex_wait+0x264/0x680 [ 56.501111][ T3695] ? futex_wait_setup+0x230/0x230 [ 56.506146][ T3695] ? do_raw_spin_lock+0x120/0x2a0 [ 56.511173][ T3695] ? rwlock_bug.part.0+0x90/0x90 [ 56.516135][ T3695] ? _raw_spin_lock_irq+0x41/0x50 [ 56.521155][ T3695] do_futex+0x1af/0x300 [ 56.525322][ T3695] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 56.531235][ T3695] ? find_held_lock+0x2d/0x110 [ 56.536020][ T3695] __x64_sys_futex+0x1b0/0x4a0 [ 56.540828][ T3695] ? do_futex+0x300/0x300 [ 56.545152][ T3695] ? _raw_spin_unlock_irq+0x1f/0x40 [ 56.550355][ T3695] ? lockdep_hardirqs_on+0x79/0x100 [ 56.555584][ T3695] ? _raw_spin_unlock_irq+0x2a/0x40 [ 56.560784][ T3695] ? ptrace_notify+0xfa/0x140 [ 56.565467][ T3695] do_syscall_64+0x35/0xb0 [ 56.569889][ T3695] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.575780][ T3695] RIP: 0033:0x7f59e63adb19 [ 56.580192][ T3695] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.599807][ T3695] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 56.608224][ T3695] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3695] <... futex resumed>) = ? [pid 3695] +++ exited with 0 +++ [pid 3694] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3694, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3696 ./strace-static-x86_64: Process 3696 attached [pid 3696] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3696] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3696] setpgid(0, 0) = 0 [pid 3696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3696] write(3, "1000", 4) = 4 [pid 3696] close(3) = 0 [pid 3696] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3696] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3696] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3696] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3697 attached , parent_tid=[3697], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3697 [pid 3697] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3697] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3696] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3697] <... futex resumed>) = 0 [pid 3697] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3697] write(3, "2", 1) = 1 [pid 3697] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3697] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 56.616215][ T3695] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 56.624188][ T3695] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 56.632170][ T3695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.640147][ T3695] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 56.648143][ T3695] [pid 3697] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3696] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 3696] exit_group(0) = ? [ 56.673326][ T3697] FAULT_INJECTION: forcing a failure. [ 56.673326][ T3697] name fail_futex, interval 1, probability 0, space 0, times 0 [ 56.686173][ T3697] CPU: 1 PID: 3697 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 56.697569][ T3697] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 56.706930][ T3697] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3697, name: syz-executor140 [ 56.716404][ T3697] preempt_count: 0, expected: 0 [ 56.721360][ T3697] RCU nest depth: 0, expected: 0 [ 56.726282][ T3697] no locks held by syz-executor140/3697. [ 56.731916][ T3697] irq event stamp: 402 [ 56.735976][ T3697] hardirqs last enabled at (401): [] __schedule+0x353e/0x52b0 [ 56.745111][ T3697] hardirqs last disabled at (402): [] dump_stack_lvl+0x2e/0x134 [ 56.754315][ T3697] softirqs last enabled at (394): [] __irq_exit_rcu+0x123/0x180 [ 56.763622][ T3697] softirqs last disabled at (383): [] __irq_exit_rcu+0x123/0x180 [ 56.772912][ T3697] CPU: 1 PID: 3697 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 56.784310][ T3697] syz-executor140[3697] cmdline: [ 56.789335][ T3697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 56.799378][ T3697] Call Trace: [ 56.802656][ T3697] [ 56.805604][ T3697] dump_stack_lvl+0xcd/0x134 [ 56.810238][ T3697] __might_resched.cold+0x222/0x26b [ 56.815489][ T3697] down_read_killable+0x75/0x490 [ 56.820452][ T3697] ? down_read+0x450/0x450 [ 56.824886][ T3697] __access_remote_vm+0xac/0x6f0 [ 56.829838][ T3697] ? follow_phys+0x2c0/0x2c0 [ 56.834442][ T3697] ? do_raw_spin_lock+0x120/0x2a0 [ 56.839461][ T3697] ? rwlock_bug.part.0+0x90/0x90 [ 56.844394][ T3697] ? __up_console_sem+0x47/0xc0 [ 56.849241][ T3697] get_mm_cmdline.part.0+0x217/0x620 [ 56.854526][ T3697] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 56.860266][ T3697] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 56.866070][ T3697] get_task_cmdline_kernel+0x1d9/0x220 [ 56.871529][ T3697] dump_stack_print_cmdline.part.0+0x82/0x150 [ 56.877600][ T3697] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 56.883717][ T3697] ? dump_stack_print_info+0xc6/0x190 [ 56.889117][ T3697] dump_stack_print_info+0x185/0x190 [ 56.894422][ T3697] dump_stack_lvl+0xc1/0x134 [ 56.899058][ T3697] should_fail.cold+0x5/0xa [ 56.903561][ T3697] get_futex_key+0x5a8/0x1c30 [ 56.908253][ T3697] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.914246][ T3697] ? futex_setup_timer+0xf0/0xf0 [ 56.919183][ T3697] futex_wait_setup+0xa7/0x230 [ 56.923966][ T3697] ? futex_wait_multiple+0xc90/0xc90 [ 56.929259][ T3697] futex_wait+0x264/0x680 [ 56.933628][ T3697] ? futex_wait_setup+0x230/0x230 [ 56.938686][ T3697] ? do_raw_spin_lock+0x120/0x2a0 [ 56.943718][ T3697] ? rwlock_bug.part.0+0x90/0x90 [ 56.948671][ T3697] ? _raw_spin_lock_irq+0x41/0x50 [ 56.953704][ T3697] do_futex+0x1af/0x300 [ 56.957896][ T3697] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 56.963815][ T3697] ? find_held_lock+0x2d/0x110 [ 56.968597][ T3697] __x64_sys_futex+0x1b0/0x4a0 [ 56.973392][ T3697] ? do_futex+0x300/0x300 [ 56.977903][ T3697] ? _raw_spin_unlock_irq+0x1f/0x40 [ 56.983118][ T3697] ? lockdep_hardirqs_on+0x79/0x100 [ 56.988315][ T3697] ? _raw_spin_unlock_irq+0x2a/0x40 [ 56.993505][ T3697] ? ptrace_notify+0xfa/0x140 [ 56.998220][ T3697] do_syscall_64+0x35/0xb0 [ 57.002678][ T3697] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.008567][ T3697] RIP: 0033:0x7f59e63adb19 [ 57.012978][ T3697] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 57.032581][ T3697] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 57.041000][ T3697] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 57.048983][ T3697] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 57.057210][ T3697] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 57.065182][ T3697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.073162][ T3697] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 57.081146][ T3697] [ 57.084181][ T3697] syz-executor140[3697] cmdline: [ 57.089189][ T3697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 57.099234][ T3697] Call Trace: [ 57.102519][ T3697] [ 57.105455][ T3697] dump_stack_lvl+0xcd/0x134 [ 57.110050][ T3697] should_fail.cold+0x5/0xa [ 57.114552][ T3697] get_futex_key+0x5a8/0x1c30 [ 57.119228][ T3697] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 57.125219][ T3697] ? futex_setup_timer+0xf0/0xf0 [ 57.130183][ T3697] futex_wait_setup+0xa7/0x230 [ 57.135134][ T3697] ? futex_wait_multiple+0xc90/0xc90 [ 57.140458][ T3697] futex_wait+0x264/0x680 [ 57.144788][ T3697] ? futex_wait_setup+0x230/0x230 [ 57.149841][ T3697] ? do_raw_spin_lock+0x120/0x2a0 [ 57.154861][ T3697] ? rwlock_bug.part.0+0x90/0x90 [ 57.159812][ T3697] ? _raw_spin_lock_irq+0x41/0x50 [ 57.164832][ T3697] do_futex+0x1af/0x300 [ 57.168987][ T3697] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 57.174875][ T3697] ? find_held_lock+0x2d/0x110 [ 57.179653][ T3697] __x64_sys_futex+0x1b0/0x4a0 [ 57.184439][ T3697] ? do_futex+0x300/0x300 [ 57.188763][ T3697] ? _raw_spin_unlock_irq+0x1f/0x40 [ 57.193958][ T3697] ? lockdep_hardirqs_on+0x79/0x100 [ 57.199175][ T3697] ? _raw_spin_unlock_irq+0x2a/0x40 [ 57.204365][ T3697] ? ptrace_notify+0xfa/0x140 [ 57.209039][ T3697] do_syscall_64+0x35/0xb0 [ 57.213455][ T3697] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.219350][ T3697] RIP: 0033:0x7f59e63adb19 [ 57.223786][ T3697] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 57.243405][ T3697] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 57.251812][ T3697] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 57.259776][ T3697] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 57.267738][ T3697] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [pid 3697] <... futex resumed>) = ? [pid 3697] +++ exited with 0 +++ [pid 3696] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3696, si_uid=0, si_status=0, si_utime=0, si_stime=63} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3698 attached [pid 3698] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3698] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3698 [pid 3698] <... prctl resumed>) = 0 [pid 3698] setpgid(0, 0) = 0 [pid 3698] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3698] write(3, "1000", 4) = 4 [pid 3698] close(3) = 0 [pid 3698] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3698] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3698] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3698] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3699], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3699 [pid 3698] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3698] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3699 attached [pid 3699] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3699] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3699] write(3, "2", 1) = 1 [pid 3699] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3699] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3698] <... futex resumed>) = 0 [pid 3698] exit_group(0) = ? [pid 3699] <... futex resumed>) = ? [pid 3699] +++ exited with 0 +++ [pid 3698] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3698, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3700 ./strace-static-x86_64: Process 3700 attached [pid 3700] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3700] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3700] setpgid(0, 0) = 0 [pid 3700] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3700] write(3, "1000", 4) = 4 [pid 3700] close(3) = 0 [pid 3700] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3700] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3700] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3700] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3701], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3701 [pid 3700] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3700] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3701 attached [pid 3701] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3701] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3701] write(3, "2", 1) = 1 [pid 3701] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3701] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3700] <... futex resumed>) = 0 [pid 3700] exit_group(0) = ? [pid 3701] <... futex resumed>) = ? [pid 3701] +++ exited with 0 +++ [pid 3700] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3700, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3702 ./strace-static-x86_64: Process 3702 attached [pid 3702] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3702] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3702] setpgid(0, 0) = 0 [pid 3702] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3702] write(3, "1000", 4) = 4 [pid 3702] close(3) = 0 [pid 3702] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 57.275720][ T3697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.283692][ T3697] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 57.291684][ T3697] [pid 3702] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3702] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3702] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3703 attached , parent_tid=[3703], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3703 [pid 3703] set_robust_list(0x7f59e635f9e0, 24 [pid 3702] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3703] <... set_robust_list resumed>) = 0 [pid 3702] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3703] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3703] write(3, "2", 1) = 1 [pid 3703] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3703] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3702] <... futex resumed>) = 0 [pid 3702] exit_group(0) = ? [pid 3703] +++ exited with 0 +++ [pid 3702] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3702, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3704 attached [pid 3704] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3704] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3704] setpgid(0, 0) = 0 [pid 3704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3704] write(3, "1000", 4) = 4 [pid 3704] close(3) = 0 [pid 3704] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3704] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3704 [pid 3704] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3705], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3705 [pid 3704] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3704] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3705 attached [pid 3705] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3705] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3705] write(3, "2", 1) = 1 [pid 3705] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3705] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3704] <... futex resumed>) = 0 [pid 3704] exit_group(0) = ? [pid 3705] <... futex resumed>) = ? [pid 3705] +++ exited with 0 +++ [pid 3704] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3704, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3706 attached , child_tidptr=0x555556fa55d0) = 3706 [pid 3706] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3706] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3706] setpgid(0, 0) = 0 [pid 3706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3706] write(3, "1000", 4) = 4 [pid 3706] close(3) = 0 [pid 3706] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3706] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3706] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3706] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3707], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3707 [pid 3706] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3706] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3707 attached [pid 3707] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3707] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3707] write(3, "2", 1) = 1 [pid 3707] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3707] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3706] <... futex resumed>) = 0 [pid 3706] exit_group(0) = ? [pid 3707] <... futex resumed>) = ? [pid 3707] +++ exited with 0 +++ [pid 3706] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3706, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3708 ./strace-static-x86_64: Process 3708 attached [pid 3708] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3708] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3708] setpgid(0, 0) = 0 [pid 3708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3708] write(3, "1000", 4) = 4 [pid 3708] close(3) = 0 [pid 3708] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3708] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3708] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3708] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3709], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3709 [pid 3708] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3708] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3709 attached [pid 3709] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3709] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3709] write(3, "2", 1) = 1 [pid 3709] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3709] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3708] <... futex resumed>) = 0 [pid 3708] exit_group(0) = ? [pid 3709] <... futex resumed>) = ? [pid 3709] +++ exited with 0 +++ [pid 3708] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3708, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3710 ./strace-static-x86_64: Process 3710 attached [pid 3710] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3710] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3710] setpgid(0, 0) = 0 [pid 3710] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3710] write(3, "1000", 4) = 4 [pid 3710] close(3) = 0 [pid 3710] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3710] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3710] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3710] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3711], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3711 [pid 3710] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3710] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3711 attached [pid 3711] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3711] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3711] write(3, "2", 1) = 1 [pid 3711] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3711] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3710] <... futex resumed>) = 0 [pid 3710] exit_group(0) = ? [pid 3711] <... futex resumed>) = ? [pid 3711] +++ exited with 0 +++ [pid 3710] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3710, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3712 ./strace-static-x86_64: Process 3712 attached [pid 3712] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3712] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3712] setpgid(0, 0) = 0 [pid 3712] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3712] write(3, "1000", 4) = 4 [pid 3712] close(3) = 0 [pid 3712] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3712] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3712] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3712] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3713], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3713 [pid 3712] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 3713 attached ) = 0 [pid 3712] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3713] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3713] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3713] write(3, "2", 1) = 1 [pid 3713] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3713] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3712] <... futex resumed>) = 0 [pid 3712] exit_group(0) = ? [pid 3713] <... futex resumed>) = ? [pid 3713] +++ exited with 0 +++ [pid 3712] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3712, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3714 attached , child_tidptr=0x555556fa55d0) = 3714 [pid 3714] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3714] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3714] setpgid(0, 0) = 0 [pid 3714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3714] write(3, "1000", 4) = 4 [pid 3714] close(3) = 0 [pid 3714] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3714] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3714] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3714] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3715 attached , parent_tid=[3715], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3715 [pid 3715] set_robust_list(0x7f59e635f9e0, 24 [pid 3714] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3715] <... set_robust_list resumed>) = 0 [pid 3714] <... futex resumed>) = 0 [pid 3715] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3714] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3715] <... openat resumed>) = 3 [pid 3715] write(3, "2", 1) = 1 [pid 3715] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3715] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3714] <... futex resumed>) = 0 [pid 3715] <... futex resumed>) = 1 [pid 3714] exit_group(0 [pid 3715] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3714] <... exit_group resumed>) = ? [pid 3715] <... futex resumed>) = ? [pid 3715] +++ exited with 0 +++ [pid 3714] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3714, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3716 ./strace-static-x86_64: Process 3716 attached [pid 3716] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3716] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3716] setpgid(0, 0) = 0 [pid 3716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3716] write(3, "1000", 4) = 4 [pid 3716] close(3) = 0 [pid 3716] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3716] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3716] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3716] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3717 attached , parent_tid=[3717], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3717 [pid 3717] set_robust_list(0x7f59e635f9e0, 24 [pid 3716] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3717] <... set_robust_list resumed>) = 0 [pid 3716] <... futex resumed>) = 0 [pid 3717] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3716] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3717] <... openat resumed>) = 3 [pid 3717] write(3, "2", 1) = 1 [pid 3717] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3717] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3716] <... futex resumed>) = 0 [pid 3717] <... futex resumed>) = 1 [pid 3716] exit_group(0 [pid 3717] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 3716] <... exit_group resumed>) = ? [pid 3717] +++ exited with 0 +++ [pid 3716] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3716, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3718 ./strace-static-x86_64: Process 3718 attached [pid 3718] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3718] setpgid(0, 0) = 0 [pid 3718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3718] write(3, "1000", 4) = 4 [pid 3718] close(3) = 0 [pid 3718] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3718] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3718] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3718] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3719], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3719 [pid 3718] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3718] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3719 attached [pid 3719] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3719] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3719] write(3, "2", 1) = 1 [pid 3719] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3719] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3718] <... futex resumed>) = 0 [pid 3718] exit_group(0) = ? [pid 3719] <... futex resumed>) = ? [pid 3719] +++ exited with 0 +++ [pid 3718] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3718, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3720 ./strace-static-x86_64: Process 3720 attached [pid 3720] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3720] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3720] setpgid(0, 0) = 0 [pid 3720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3720] write(3, "1000", 4) = 4 [pid 3720] close(3) = 0 [pid 3720] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3720] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3720] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3720] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3721], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3721 [pid 3720] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3720] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3721 attached [pid 3721] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3721] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3721] write(3, "2", 1) = 1 [pid 3721] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3721] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3720] <... futex resumed>) = 0 [pid 3720] exit_group(0) = ? [pid 3721] <... futex resumed>) = ? [pid 3721] +++ exited with 0 +++ [pid 3720] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3720, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3722 ./strace-static-x86_64: Process 3722 attached [pid 3722] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3722] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3722] setpgid(0, 0) = 0 [pid 3722] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3722] write(3, "1000", 4) = 4 [pid 3722] close(3) = 0 [pid 3722] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3722] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3722] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3722] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3723], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3723 [pid 3722] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3722] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3723 attached [pid 3723] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3723] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3723] write(3, "2", 1) = 1 [pid 3723] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3723] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3722] <... futex resumed>) = 0 [pid 3722] exit_group(0) = ? [pid 3723] <... futex resumed>) = ? [pid 3723] +++ exited with 0 +++ [pid 3722] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3722, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3724 ./strace-static-x86_64: Process 3724 attached [pid 3724] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3724] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3724] setpgid(0, 0) = 0 [pid 3724] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3724] write(3, "1000", 4) = 4 [pid 3724] close(3) = 0 [pid 3724] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3724] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3724] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3724] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3725], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3725 [pid 3724] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3724] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3725 attached [pid 3725] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3725] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3725] write(3, "2", 1) = 1 [pid 3725] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3725] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3724] <... futex resumed>) = 0 [pid 3724] exit_group(0) = ? [pid 3725] <... futex resumed>) = ? [pid 3725] +++ exited with 0 +++ [pid 3724] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3724, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3726 ./strace-static-x86_64: Process 3726 attached [pid 3726] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3726] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3726] setpgid(0, 0) = 0 [pid 3726] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3726] write(3, "1000", 4) = 4 [pid 3726] close(3) = 0 [pid 3726] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3726] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3726] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3726] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3727 attached [pid 3727] set_robust_list(0x7f59e635f9e0, 24 [pid 3726] <... clone resumed>, parent_tid=[3727], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3727 [pid 3727] <... set_robust_list resumed>) = 0 [pid 3726] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3727] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3726] <... futex resumed>) = 0 [pid 3727] <... openat resumed>) = 3 [pid 3727] write(3, "2", 1) = 1 [pid 3726] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3727] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3727] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3727] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3726] <... futex resumed>) = 0 [pid 3726] exit_group(0) = ? [ 57.500739][ T3727] FAULT_INJECTION: forcing a failure. [ 57.500739][ T3727] name fail_futex, interval 1, probability 0, space 0, times 0 [ 57.514090][ T3727] CPU: 1 PID: 3727 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 57.525507][ T3727] syz-executor140[3727] cmdline: [ 57.534873][ T3727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 57.544930][ T3727] Call Trace: [ 57.548216][ T3727] [ 57.551152][ T3727] dump_stack_lvl+0xcd/0x134 [ 57.555786][ T3727] should_fail.cold+0x5/0xa [ 57.560325][ T3727] get_futex_key+0x5a8/0x1c30 [ 57.565045][ T3727] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 57.571049][ T3727] ? futex_setup_timer+0xf0/0xf0 [ 57.576016][ T3727] futex_wait_setup+0xa7/0x230 [ 57.580817][ T3727] ? futex_wait_multiple+0xc90/0xc90 [ 57.586130][ T3727] futex_wait+0x264/0x680 [ 57.590480][ T3727] ? futex_wait_setup+0x230/0x230 [ 57.595543][ T3727] ? do_raw_spin_lock+0x120/0x2a0 [ 57.600582][ T3727] ? rwlock_bug.part.0+0x90/0x90 [ 57.605529][ T3727] ? _raw_spin_lock_irq+0x41/0x50 [ 57.610569][ T3727] do_futex+0x1af/0x300 [ 57.614739][ T3727] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 57.620642][ T3727] ? find_held_lock+0x2d/0x110 [ 57.625420][ T3727] __x64_sys_futex+0x1b0/0x4a0 [ 57.630203][ T3727] ? do_futex+0x300/0x300 [ 57.634541][ T3727] ? _raw_spin_unlock_irq+0x1f/0x40 [ 57.640008][ T3727] ? lockdep_hardirqs_on+0x79/0x100 [ 57.645241][ T3727] ? _raw_spin_unlock_irq+0x2a/0x40 [ 57.650446][ T3727] ? ptrace_notify+0xfa/0x140 [ 57.655137][ T3727] do_syscall_64+0x35/0xb0 [ 57.659571][ T3727] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.665474][ T3727] RIP: 0033:0x7f59e63adb19 [ 57.669895][ T3727] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 57.689510][ T3727] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [pid 3727] <... futex resumed>) = ? [pid 3727] +++ exited with 0 +++ [pid 3726] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3726, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3728 attached , child_tidptr=0x555556fa55d0) = 3728 [pid 3728] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3728] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3728] setpgid(0, 0) = 0 [pid 3728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3728] write(3, "1000", 4) = 4 [pid 3728] close(3) = 0 [pid 3728] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3728] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3728] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3728] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3729 attached , parent_tid=[3729], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3729 [pid 3729] set_robust_list(0x7f59e635f9e0, 24 [pid 3728] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3729] <... set_robust_list resumed>) = 0 [pid 3728] <... futex resumed>) = 0 [pid 3729] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3728] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3729] <... openat resumed>) = 3 [pid 3729] write(3, "2", 1) = 1 [pid 3729] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3729] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3728] <... futex resumed>) = 0 [pid 3729] <... futex resumed>) = 1 [pid 3728] exit_group(0) = ? [pid 3729] +++ exited with 0 +++ [pid 3728] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3728, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3730 ./strace-static-x86_64: Process 3730 attached [pid 3730] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3730] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3730] setpgid(0, 0) = 0 [pid 3730] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3730] write(3, "1000", 4) = 4 [pid 3730] close(3) = 0 [pid 3730] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3730] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3730] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3730] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3731 attached [pid 3731] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3731] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3730] <... clone resumed>, parent_tid=[3731], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3731 [pid 3730] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3731] <... futex resumed>) = 0 [pid 3731] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3731] write(3, "2", 1) = 1 [pid 3731] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3731] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 57.697936][ T3727] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 57.705918][ T3727] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 57.713917][ T3727] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 57.721894][ T3727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.729889][ T3727] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 57.737888][ T3727] [pid 3731] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3730] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 3730] exit_group(0) = ? [ 57.773997][ T3731] FAULT_INJECTION: forcing a failure. [ 57.773997][ T3731] name fail_futex, interval 1, probability 0, space 0, times 0 [ 57.786923][ T3731] CPU: 1 PID: 3731 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 57.798311][ T3731] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 57.807662][ T3731] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3731, name: syz-executor140 [ 57.817115][ T3731] preempt_count: 0, expected: 0 [ 57.821965][ T3731] RCU nest depth: 0, expected: 0 [ 57.826901][ T3731] no locks held by syz-executor140/3731. [ 57.832539][ T3731] irq event stamp: 428 [ 57.836602][ T3731] hardirqs last enabled at (427): [] finish_task_switch.isra.0+0x2b5/0xc70 [ 57.846847][ T3731] hardirqs last disabled at (428): [] dump_stack_lvl+0x2e/0x134 [ 57.856078][ T3731] softirqs last enabled at (420): [] __irq_exit_rcu+0x123/0x180 [ 57.865366][ T3731] softirqs last disabled at (385): [] __irq_exit_rcu+0x123/0x180 [ 57.874670][ T3731] CPU: 1 PID: 3731 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 57.886034][ T3731] syz-executor140[3731] cmdline: [ 57.891051][ T3731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 57.901115][ T3731] Call Trace: [ 57.904388][ T3731] [ 57.907311][ T3731] dump_stack_lvl+0xcd/0x134 [ 57.911907][ T3731] __might_resched.cold+0x222/0x26b [ 57.917108][ T3731] down_read_killable+0x75/0x490 [ 57.922051][ T3731] ? down_read+0x450/0x450 [ 57.926483][ T3731] __access_remote_vm+0xac/0x6f0 [ 57.931447][ T3731] ? follow_phys+0x2c0/0x2c0 [ 57.936032][ T3731] ? do_raw_spin_lock+0x120/0x2a0 [ 57.941065][ T3731] ? rwlock_bug.part.0+0x90/0x90 [ 57.946023][ T3731] ? __up_console_sem+0x47/0xc0 [ 57.950900][ T3731] get_mm_cmdline.part.0+0x217/0x620 [ 57.956210][ T3731] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 57.961927][ T3731] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 57.967731][ T3731] get_task_cmdline_kernel+0x1d9/0x220 [ 57.973201][ T3731] dump_stack_print_cmdline.part.0+0x82/0x150 [ 57.979288][ T3731] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 57.985403][ T3731] ? dump_stack_print_info+0xc6/0x190 [ 57.990785][ T3731] dump_stack_print_info+0x185/0x190 [ 57.996099][ T3731] dump_stack_lvl+0xc1/0x134 [ 58.000698][ T3731] should_fail.cold+0x5/0xa [ 58.005237][ T3731] get_futex_key+0x5a8/0x1c30 [ 58.009931][ T3731] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 58.015911][ T3731] ? futex_setup_timer+0xf0/0xf0 [ 58.020865][ T3731] futex_wait_setup+0xa7/0x230 [ 58.025663][ T3731] ? futex_wait_multiple+0xc90/0xc90 [ 58.030973][ T3731] futex_wait+0x264/0x680 [ 58.035305][ T3731] ? futex_wait_setup+0x230/0x230 [ 58.040377][ T3731] ? do_raw_spin_lock+0x120/0x2a0 [ 58.045426][ T3731] ? rwlock_bug.part.0+0x90/0x90 [ 58.050365][ T3731] ? _raw_spin_lock_irq+0x41/0x50 [ 58.055422][ T3731] do_futex+0x1af/0x300 [ 58.059583][ T3731] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 58.065472][ T3731] ? find_held_lock+0x2d/0x110 [ 58.070255][ T3731] __x64_sys_futex+0x1b0/0x4a0 [ 58.075043][ T3731] ? do_futex+0x300/0x300 [ 58.079390][ T3731] ? _raw_spin_unlock_irq+0x1f/0x40 [ 58.084586][ T3731] ? lockdep_hardirqs_on+0x79/0x100 [ 58.089783][ T3731] ? _raw_spin_unlock_irq+0x2a/0x40 [ 58.094980][ T3731] ? ptrace_notify+0xfa/0x140 [ 58.099664][ T3731] do_syscall_64+0x35/0xb0 [ 58.104087][ T3731] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.110009][ T3731] RIP: 0033:0x7f59e63adb19 [ 58.114444][ T3731] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.134672][ T3731] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 58.144368][ T3731] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 58.152351][ T3731] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 58.160319][ T3731] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 58.168298][ T3731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.176348][ T3731] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 58.184351][ T3731] [ 58.187391][ T3731] syz-executor140[3731] cmdline: [ 58.192403][ T3731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 58.202462][ T3731] Call Trace: [ 58.205745][ T3731] [ 58.208671][ T3731] dump_stack_lvl+0xcd/0x134 [ 58.213284][ T3731] should_fail.cold+0x5/0xa [ 58.217790][ T3731] get_futex_key+0x5a8/0x1c30 [ 58.222474][ T3731] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 58.228477][ T3731] ? futex_setup_timer+0xf0/0xf0 [ 58.233437][ T3731] futex_wait_setup+0xa7/0x230 [ 58.238217][ T3731] ? futex_wait_multiple+0xc90/0xc90 [ 58.243533][ T3731] futex_wait+0x264/0x680 [ 58.247872][ T3731] ? futex_wait_setup+0x230/0x230 [ 58.252930][ T3731] ? do_raw_spin_lock+0x120/0x2a0 [ 58.258048][ T3731] ? rwlock_bug.part.0+0x90/0x90 [ 58.263004][ T3731] ? _raw_spin_lock_irq+0x41/0x50 [ 58.268056][ T3731] do_futex+0x1af/0x300 [ 58.272243][ T3731] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 58.278182][ T3731] ? find_held_lock+0x2d/0x110 [ 58.282963][ T3731] __x64_sys_futex+0x1b0/0x4a0 [ 58.287724][ T3731] ? do_futex+0x300/0x300 [ 58.292046][ T3731] ? _raw_spin_unlock_irq+0x1f/0x40 [ 58.297237][ T3731] ? lockdep_hardirqs_on+0x79/0x100 [ 58.302443][ T3731] ? _raw_spin_unlock_irq+0x2a/0x40 [ 58.307657][ T3731] ? ptrace_notify+0xfa/0x140 [ 58.312353][ T3731] do_syscall_64+0x35/0xb0 [ 58.316803][ T3731] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.322722][ T3731] RIP: 0033:0x7f59e63adb19 [ 58.327144][ T3731] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.346755][ T3731] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 58.355372][ T3731] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 58.363354][ T3731] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [pid 3731] <... futex resumed>) = ? [pid 3731] +++ exited with 0 +++ [pid 3730] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3730, si_uid=0, si_status=0, si_utime=0, si_stime=62} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3732 attached [pid 3732] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3732] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3732 [pid 3732] <... prctl resumed>) = 0 [pid 3732] setpgid(0, 0) = 0 [pid 3732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3732] write(3, "1000", 4) = 4 [pid 3732] close(3) = 0 [pid 3732] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3732] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3732] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3732] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3733], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3733 [pid 3732] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3732] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3733 attached [pid 3733] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3733] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3733] write(3, "2", 1) = 1 [pid 3733] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3733] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3732] <... futex resumed>) = 0 [pid 3732] exit_group(0) = ? [pid 3733] <... futex resumed>) = ? [pid 3733] +++ exited with 0 +++ [pid 3732] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3732, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3734 ./strace-static-x86_64: Process 3734 attached [pid 3734] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3734] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3734] setpgid(0, 0) = 0 [pid 3734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3734] write(3, "1000", 4) = 4 [pid 3734] close(3) = 0 [pid 3734] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3734] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3734] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3734] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3735], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3735 [pid 3734] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3734] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3735 attached [pid 3735] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3735] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3735] write(3, "2", 1) = 1 [pid 3735] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3735] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3734] <... futex resumed>) = 0 [pid 3734] exit_group(0) = ? [pid 3735] <... futex resumed>) = ? [pid 3735] +++ exited with 0 +++ [pid 3734] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3734, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3736 ./strace-static-x86_64: Process 3736 attached [pid 3736] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3736] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3736] setpgid(0, 0) = 0 [pid 3736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3736] write(3, "1000", 4) = 4 [pid 3736] close(3) = 0 [pid 3736] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3736] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3736] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3736] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3737], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3737 [ 58.371316][ T3731] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 58.379280][ T3731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.387262][ T3731] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 58.395259][ T3731] [pid 3736] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3736] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3737 attached [pid 3737] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3737] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3737] write(3, "2", 1) = 1 [pid 3737] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3737] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3736] <... futex resumed>) = 0 [pid 3736] exit_group(0) = ? [pid 3737] <... futex resumed>) = ? [pid 3737] +++ exited with 0 +++ [pid 3736] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3736, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3738 ./strace-static-x86_64: Process 3738 attached [pid 3738] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3738] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3738] setpgid(0, 0) = 0 [pid 3738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3738] write(3, "1000", 4) = 4 [pid 3738] close(3) = 0 [pid 3738] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3738] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3738] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3738] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3739], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3739 [pid 3738] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3738] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3739 attached [pid 3739] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3739] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3739] write(3, "2", 1) = 1 [pid 3739] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3739] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3738] <... futex resumed>) = 0 [pid 3738] exit_group(0) = ? [pid 3739] <... futex resumed>) = ? [pid 3739] +++ exited with 0 +++ [pid 3738] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3738, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3740 ./strace-static-x86_64: Process 3740 attached [pid 3740] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3740] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3740] setpgid(0, 0) = 0 [pid 3740] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3740] write(3, "1000", 4) = 4 [pid 3740] close(3) = 0 [pid 3740] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3740] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3740] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3740] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3741], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3741 [pid 3740] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3740] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3741 attached [pid 3741] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3741] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3741] write(3, "2", 1) = 1 [pid 3741] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3741] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3740] <... futex resumed>) = 0 [pid 3740] exit_group(0) = ? [pid 3741] <... futex resumed>) = ? [pid 3741] +++ exited with 0 +++ [pid 3740] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3740, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3742 ./strace-static-x86_64: Process 3742 attached [pid 3742] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3742] setpgid(0, 0) = 0 [pid 3742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3742] write(3, "1000", 4) = 4 [pid 3742] close(3) = 0 [pid 3742] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3742] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3742] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3742] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3743], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3743 [pid 3742] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3742] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3743 attached [pid 3743] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3743] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3743] write(3, "2", 1) = 1 [pid 3743] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3743] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3742] <... futex resumed>) = 0 [pid 3742] exit_group(0) = ? [pid 3743] <... futex resumed>) = ? [pid 3743] +++ exited with 0 +++ [pid 3742] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3742, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3744 attached , child_tidptr=0x555556fa55d0) = 3744 [pid 3744] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3744] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3744] setpgid(0, 0) = 0 [pid 3744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3744] write(3, "1000", 4) = 4 [pid 3744] close(3) = 0 [pid 3744] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3744] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3744] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3744] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3745 attached , parent_tid=[3745], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3745 [pid 3745] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3745] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3744] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3745] <... futex resumed>) = 0 [pid 3745] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3744] <... futex resumed>) = 1 [pid 3745] write(3, "2", 1) = 1 [pid 3745] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3745] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3745] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3744] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 3744] exit_group(0) = ? [ 58.503729][ T3745] FAULT_INJECTION: forcing a failure. [ 58.503729][ T3745] name fail_futex, interval 1, probability 0, space 0, times 0 [ 58.516628][ T3745] CPU: 1 PID: 3745 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 58.528025][ T3745] syz-executor140[3745] cmdline: [ 58.533045][ T3745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 58.543140][ T3745] Call Trace: [ 58.546417][ T3745] [ 58.549376][ T3745] dump_stack_lvl+0xcd/0x134 [ 58.553989][ T3745] should_fail.cold+0x5/0xa [ 58.558523][ T3745] get_futex_key+0x5a8/0x1c30 [ 58.563220][ T3745] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 58.569213][ T3745] ? futex_setup_timer+0xf0/0xf0 [ 58.574169][ T3745] futex_wait_setup+0xa7/0x230 [ 58.578982][ T3745] ? futex_wait_multiple+0xc90/0xc90 [ 58.584286][ T3745] futex_wait+0x264/0x680 [ 58.588656][ T3745] ? futex_wait_setup+0x230/0x230 [ 58.593714][ T3745] ? do_raw_spin_lock+0x120/0x2a0 [ 58.598749][ T3745] ? rwlock_bug.part.0+0x90/0x90 [ 58.603699][ T3745] ? _raw_spin_lock_irq+0x41/0x50 [ 58.608758][ T3745] do_futex+0x1af/0x300 [ 58.612929][ T3745] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 58.618855][ T3745] ? find_held_lock+0x2d/0x110 [ 58.623632][ T3745] __x64_sys_futex+0x1b0/0x4a0 [ 58.628418][ T3745] ? do_futex+0x300/0x300 [ 58.632759][ T3745] ? _raw_spin_unlock_irq+0x1f/0x40 [ 58.637968][ T3745] ? lockdep_hardirqs_on+0x79/0x100 [ 58.643184][ T3745] ? _raw_spin_unlock_irq+0x2a/0x40 [ 58.648391][ T3745] ? ptrace_notify+0xfa/0x140 [ 58.653084][ T3745] do_syscall_64+0x35/0xb0 [ 58.657514][ T3745] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.663418][ T3745] RIP: 0033:0x7f59e63adb19 [ 58.667838][ T3745] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.687455][ T3745] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 58.695891][ T3745] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3745] <... futex resumed>) = ? [pid 3745] +++ exited with 0 +++ [pid 3744] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3744, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3746 attached , child_tidptr=0x555556fa55d0) = 3746 [pid 3746] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3746] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3746] setpgid(0, 0) = 0 [pid 3746] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3746] write(3, "1000", 4) = 4 [pid 3746] close(3) = 0 [pid 3746] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3746] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3746] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3746] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3747 attached , parent_tid=[3747], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3747 [pid 3746] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3746] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3747] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3747] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3747] write(3, "2", 1) = 1 [pid 3747] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3747] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3746] <... futex resumed>) = 0 [pid 3747] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3746] exit_group(0 [pid 3747] <... futex resumed>) = ? [pid 3746] <... exit_group resumed>) = ? [pid 3747] +++ exited with 0 +++ [pid 3746] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3746, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3748 attached , child_tidptr=0x555556fa55d0) = 3748 [pid 3748] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3748] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3748] setpgid(0, 0) = 0 [pid 3748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3748] write(3, "1000", 4) = 4 [pid 3748] close(3) = 0 [pid 3748] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3748] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3748] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3748] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3749 attached , parent_tid=[3749], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3749 [pid 3748] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3748] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3749] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3749] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3749] write(3, "2", 1) = 1 [pid 3749] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3749] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3748] <... futex resumed>) = 0 [pid 3749] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3748] exit_group(0 [pid 3749] <... futex resumed>) = ? [pid 3748] <... exit_group resumed>) = ? [pid 3749] +++ exited with 0 +++ [pid 3748] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3748, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3750 ./strace-static-x86_64: Process 3750 attached [pid 3750] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3750] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3750] setpgid(0, 0) = 0 [pid 3750] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3750] write(3, "1000", 4) = 4 [pid 3750] close(3) = 0 [pid 3750] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3750] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3750] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3750] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3751 attached [ 58.703866][ T3745] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 58.711848][ T3745] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 58.719838][ T3745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.727829][ T3745] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 58.735839][ T3745] , parent_tid=[3751], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3751 [pid 3751] set_robust_list(0x7f59e635f9e0, 24 [pid 3750] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3751] <... set_robust_list resumed>) = 0 [pid 3751] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3750] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3751] <... openat resumed>) = 3 [pid 3751] write(3, "2", 1) = 1 [pid 3751] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3751] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3750] <... futex resumed>) = 0 [pid 3751] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3750] exit_group(0 [pid 3751] <... futex resumed>) = ? [pid 3750] <... exit_group resumed>) = ? [pid 3751] +++ exited with 0 +++ [pid 3750] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3750, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3752 attached [pid 3752] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3752] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3752] setpgid(0, 0 [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3752 [pid 3752] <... setpgid resumed>) = 0 [pid 3752] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3752] write(3, "1000", 4) = 4 [pid 3752] close(3) = 0 [pid 3752] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3752] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3752] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3752] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3753], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3753 [pid 3752] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3752] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3753 attached [pid 3753] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3753] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3753] write(3, "2", 1) = 1 [pid 3753] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3753] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3752] <... futex resumed>) = 0 [pid 3752] exit_group(0) = ? [pid 3753] <... futex resumed>) = ? [pid 3753] +++ exited with 0 +++ [pid 3752] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3752, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3754 ./strace-static-x86_64: Process 3754 attached [pid 3754] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3754] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3754] setpgid(0, 0) = 0 [pid 3754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3754] write(3, "1000", 4) = 4 [pid 3754] close(3) = 0 [pid 3754] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3754] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3754] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3754] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3755], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3755 ./strace-static-x86_64: Process 3755 attached [pid 3754] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3755] set_robust_list(0x7f59e635f9e0, 24 [pid 3754] <... futex resumed>) = 0 [pid 3755] <... set_robust_list resumed>) = 0 [pid 3754] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3755] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3755] write(3, "2", 1) = 1 [pid 3755] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3755] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3754] <... futex resumed>) = 0 [pid 3755] <... futex resumed>) = 1 [pid 3754] exit_group(0 [pid 3755] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3754] <... exit_group resumed>) = ? [pid 3755] <... futex resumed>) = ? [pid 3755] +++ exited with 0 +++ [pid 3754] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3754, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3756 attached , child_tidptr=0x555556fa55d0) = 3756 [pid 3756] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3756] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3756] setpgid(0, 0) = 0 [pid 3756] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3756] write(3, "1000", 4) = 4 [pid 3756] close(3) = 0 [pid 3756] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3756] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3756] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3756] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3757 attached [pid 3757] set_robust_list(0x7f59e635f9e0, 24 [pid 3756] <... clone resumed>, parent_tid=[3757], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3757 [pid 3757] <... set_robust_list resumed>) = 0 [pid 3756] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3756] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3757] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3757] write(3, "2", 1) = 1 [pid 3757] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3757] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3756] <... futex resumed>) = 0 [pid 3756] exit_group(0 [pid 3757] <... futex resumed>) = 1 [pid 3756] <... exit_group resumed>) = ? [pid 3757] +++ exited with 0 +++ [pid 3756] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3756, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3758 attached [pid 3758] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3758] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3758] setpgid(0, 0) = 0 [pid 3758] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3758] write(3, "1000", 4) = 4 [pid 3758] close(3) = 0 [pid 3758] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3758] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3758] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3758] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3759], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3759 [pid 3758] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3758] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3759 attached [pid 3759] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3759] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3759] write(3, "2", 1) = 1 [pid 3759] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3759] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3758] <... futex resumed>) = 0 [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3758 [pid 3758] exit_group(0) = ? [pid 3759] <... futex resumed>) = ? [pid 3759] +++ exited with 0 +++ [pid 3758] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3758, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3760 ./strace-static-x86_64: Process 3760 attached [pid 3760] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3760] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3760] setpgid(0, 0) = 0 [pid 3760] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3760] write(3, "1000", 4) = 4 [pid 3760] close(3) = 0 [pid 3760] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3760] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3760] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3760] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3761], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3761 [pid 3760] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3760] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3761 attached [pid 3761] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3761] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3761] write(3, "2", 1) = 1 [pid 3761] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3761] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3760] <... futex resumed>) = 0 [pid 3760] exit_group(0) = ? [pid 3761] <... futex resumed>) = ? [pid 3761] +++ exited with 0 +++ [pid 3760] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3760, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3762 ./strace-static-x86_64: Process 3762 attached [pid 3762] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3762] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3762] setpgid(0, 0) = 0 [pid 3762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3762] write(3, "1000", 4) = 4 [pid 3762] close(3) = 0 [pid 3762] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3762] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3762] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3762] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3763], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3763 [pid 3762] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3762] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3763 attached [pid 3763] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3763] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3763] write(3, "2", 1) = 1 [pid 3763] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3763] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3762] <... futex resumed>) = 0 [pid 3762] exit_group(0) = ? [pid 3763] <... futex resumed>) = ? [pid 3763] +++ exited with 0 +++ [pid 3762] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3762, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3764 ./strace-static-x86_64: Process 3764 attached [pid 3764] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3764] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3764] setpgid(0, 0) = 0 [pid 3764] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3764] write(3, "1000", 4) = 4 [pid 3764] close(3) = 0 [pid 3764] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3764] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3764] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3764] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3765], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3765 [pid 3764] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3764] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3765 attached [pid 3765] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3765] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3765] write(3, "2", 1) = 1 [pid 3765] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3765] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3764] <... futex resumed>) = 0 [pid 3764] exit_group(0) = ? [pid 3765] <... futex resumed>) = ? [pid 3765] +++ exited with 0 +++ [pid 3764] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3764, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3766 attached , child_tidptr=0x555556fa55d0) = 3766 [pid 3766] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3766] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3766] setpgid(0, 0) = 0 [pid 3766] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3766] write(3, "1000", 4) = 4 [pid 3766] close(3) = 0 [pid 3766] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3766] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3766] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3766] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3767], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3767 [pid 3766] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3766] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3767 attached [pid 3767] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3767] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3767] write(3, "2", 1) = 1 [pid 3767] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3767] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3766] <... futex resumed>) = 0 [pid 3766] exit_group(0) = ? [pid 3767] <... futex resumed>) = ? [pid 3767] +++ exited with 0 +++ [pid 3766] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3766, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3768 ./strace-static-x86_64: Process 3768 attached [pid 3768] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3768] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3768] setpgid(0, 0) = 0 [pid 3768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3768] write(3, "1000", 4) = 4 [pid 3768] close(3) = 0 [pid 3768] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3768] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3768] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3768] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3769 attached , parent_tid=[3769], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3769 [pid 3769] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3768] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3769] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3769] write(3, "2", 1 [pid 3768] <... futex resumed>) = 0 [pid 3768] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3769] <... write resumed>) = 1 [pid 3769] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3769] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3769] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3768] <... futex resumed>) = 0 [pid 3768] exit_group(0) = ? [ 58.921189][ T3769] FAULT_INJECTION: forcing a failure. [ 58.921189][ T3769] name fail_futex, interval 1, probability 0, space 0, times 0 [ 58.934165][ T3769] CPU: 1 PID: 3769 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 58.945559][ T3769] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 58.954928][ T3769] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3769, name: syz-executor140 [ 58.964371][ T3769] preempt_count: 0, expected: 0 [ 58.969206][ T3769] RCU nest depth: 0, expected: 0 [ 58.974127][ T3769] no locks held by syz-executor140/3769. [ 58.979766][ T3769] irq event stamp: 426 [ 58.983815][ T3769] hardirqs last enabled at (425): [] __schedule+0x353e/0x52b0 [ 58.992933][ T3769] hardirqs last disabled at (426): [] dump_stack_lvl+0x2e/0x134 [ 59.002242][ T3769] softirqs last enabled at (418): [] __irq_exit_rcu+0x123/0x180 [ 59.011554][ T3769] softirqs last disabled at (361): [] __irq_exit_rcu+0x123/0x180 [ 59.020860][ T3769] CPU: 1 PID: 3769 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 59.032232][ T3769] syz-executor140[3769] cmdline: [ 59.037255][ T3769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 59.047327][ T3769] Call Trace: [ 59.050610][ T3769] [ 59.053534][ T3769] dump_stack_lvl+0xcd/0x134 [ 59.058129][ T3769] __might_resched.cold+0x222/0x26b [ 59.063325][ T3769] down_read_killable+0x75/0x490 [ 59.068276][ T3769] ? down_read+0x450/0x450 [ 59.072755][ T3769] __access_remote_vm+0xac/0x6f0 [ 59.077741][ T3769] ? follow_phys+0x2c0/0x2c0 [ 59.082326][ T3769] ? do_raw_spin_lock+0x120/0x2a0 [ 59.087357][ T3769] ? rwlock_bug.part.0+0x90/0x90 [ 59.092313][ T3769] ? __up_console_sem+0x47/0xc0 [ 59.097176][ T3769] get_mm_cmdline.part.0+0x217/0x620 [ 59.102497][ T3769] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 59.108221][ T3769] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 59.114034][ T3769] get_task_cmdline_kernel+0x1d9/0x220 [ 59.119498][ T3769] dump_stack_print_cmdline.part.0+0x82/0x150 [ 59.125570][ T3769] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 59.131688][ T3769] ? dump_stack_print_info+0xc6/0x190 [ 59.137091][ T3769] dump_stack_print_info+0x185/0x190 [ 59.142383][ T3769] dump_stack_lvl+0xc1/0x134 [ 59.146975][ T3769] should_fail.cold+0x5/0xa [ 59.151478][ T3769] get_futex_key+0x5a8/0x1c30 [ 59.156164][ T3769] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 59.162165][ T3769] ? futex_setup_timer+0xf0/0xf0 [ 59.167106][ T3769] futex_wait_setup+0xa7/0x230 [ 59.171889][ T3769] ? futex_wait_multiple+0xc90/0xc90 [ 59.177205][ T3769] futex_wait+0x264/0x680 [ 59.181573][ T3769] ? futex_wait_setup+0x230/0x230 [ 59.186636][ T3769] ? do_raw_spin_lock+0x120/0x2a0 [ 59.191668][ T3769] ? rwlock_bug.part.0+0x90/0x90 [ 59.196643][ T3769] ? _raw_spin_lock_irq+0x41/0x50 [ 59.201677][ T3769] do_futex+0x1af/0x300 [ 59.205868][ T3769] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 59.211810][ T3769] ? find_held_lock+0x2d/0x110 [ 59.216614][ T3769] __x64_sys_futex+0x1b0/0x4a0 [ 59.221407][ T3769] ? do_futex+0x300/0x300 [ 59.225763][ T3769] ? _raw_spin_unlock_irq+0x1f/0x40 [ 59.230982][ T3769] ? lockdep_hardirqs_on+0x79/0x100 [ 59.236201][ T3769] ? _raw_spin_unlock_irq+0x2a/0x40 [ 59.241405][ T3769] ? ptrace_notify+0xfa/0x140 [ 59.246102][ T3769] do_syscall_64+0x35/0xb0 [ 59.250564][ T3769] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.256461][ T3769] RIP: 0033:0x7f59e63adb19 [ 59.260868][ T3769] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 59.280473][ T3769] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 59.288881][ T3769] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 59.296856][ T3769] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 59.304846][ T3769] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 59.312811][ T3769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.320793][ T3769] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 59.328814][ T3769] [ 59.331850][ T3769] syz-executor140[3769] cmdline: [ 59.336879][ T3769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 59.346927][ T3769] Call Trace: [ 59.350207][ T3769] [ 59.353153][ T3769] dump_stack_lvl+0xcd/0x134 [ 59.357754][ T3769] should_fail.cold+0x5/0xa [ 59.362265][ T3769] get_futex_key+0x5a8/0x1c30 [ 59.366939][ T3769] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 59.372944][ T3769] ? futex_setup_timer+0xf0/0xf0 [ 59.377919][ T3769] futex_wait_setup+0xa7/0x230 [ 59.382700][ T3769] ? futex_wait_multiple+0xc90/0xc90 [ 59.388035][ T3769] futex_wait+0x264/0x680 [ 59.392365][ T3769] ? futex_wait_setup+0x230/0x230 [ 59.397422][ T3769] ? do_raw_spin_lock+0x120/0x2a0 [ 59.402442][ T3769] ? rwlock_bug.part.0+0x90/0x90 [ 59.407374][ T3769] ? _raw_spin_lock_irq+0x41/0x50 [ 59.412397][ T3769] do_futex+0x1af/0x300 [ 59.416564][ T3769] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 59.422473][ T3769] ? find_held_lock+0x2d/0x110 [ 59.427248][ T3769] __x64_sys_futex+0x1b0/0x4a0 [ 59.432021][ T3769] ? do_futex+0x300/0x300 [ 59.436364][ T3769] ? _raw_spin_unlock_irq+0x1f/0x40 [ 59.441571][ T3769] ? lockdep_hardirqs_on+0x79/0x100 [ 59.446796][ T3769] ? _raw_spin_unlock_irq+0x2a/0x40 [ 59.451990][ T3769] ? ptrace_notify+0xfa/0x140 [ 59.456670][ T3769] do_syscall_64+0x35/0xb0 [ 59.461088][ T3769] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.466987][ T3769] RIP: 0033:0x7f59e63adb19 [ 59.471435][ T3769] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 59.491071][ T3769] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 59.499481][ T3769] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [ 59.507456][ T3769] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 59.515437][ T3769] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [pid 3769] <... futex resumed>) = ? [pid 3769] +++ exited with 0 +++ [pid 3768] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3768, si_uid=0, si_status=0, si_utime=0, si_stime=62} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3770 attached , child_tidptr=0x555556fa55d0) = 3770 [pid 3770] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3770] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3770] setpgid(0, 0) = 0 [pid 3770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3770] write(3, "1000", 4) = 4 [pid 3770] close(3) = 0 [pid 3770] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3770] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3770] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3770] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3771 attached , parent_tid=[3771], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3771 [pid 3770] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3770] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3771] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3771] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3771] write(3, "2", 1) = 1 [pid 3771] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3771] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 59.523422][ T3769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.531389][ T3769] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 59.539369][ T3769] [pid 3771] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3770] <... futex resumed>) = 0 [pid 3770] exit_group(0) = ? [ 59.569601][ T3771] FAULT_INJECTION: forcing a failure. [ 59.569601][ T3771] name fail_futex, interval 1, probability 0, space 0, times 0 [ 59.583215][ T3771] CPU: 0 PID: 3771 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 59.594657][ T3771] syz-executor140[3771] cmdline: [ 59.599679][ T3771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 59.609752][ T3771] Call Trace: [ 59.613057][ T3771] [ 59.615999][ T3771] dump_stack_lvl+0xcd/0x134 [ 59.620595][ T3771] should_fail.cold+0x5/0xa [ 59.625100][ T3771] get_futex_key+0x5a8/0x1c30 [ 59.629772][ T3771] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 59.635750][ T3771] ? futex_setup_timer+0xf0/0xf0 [ 59.640691][ T3771] futex_wait_setup+0xa7/0x230 [ 59.645459][ T3771] ? futex_wait_multiple+0xc90/0xc90 [ 59.650750][ T3771] futex_wait+0x264/0x680 [ 59.655101][ T3771] ? futex_wait_setup+0x230/0x230 [ 59.660136][ T3771] ? do_raw_spin_lock+0x120/0x2a0 [ 59.665193][ T3771] ? rwlock_bug.part.0+0x90/0x90 [ 59.670134][ T3771] ? _raw_spin_lock_irq+0x41/0x50 [ 59.675175][ T3771] do_futex+0x1af/0x300 [ 59.679331][ T3771] ? __ia32_sys_get_robust_list+0x3b0/0x3b0 [ 59.685219][ T3771] ? find_held_lock+0x2d/0x110 [ 59.689984][ T3771] __x64_sys_futex+0x1b0/0x4a0 [ 59.694765][ T3771] ? do_futex+0x300/0x300 [ 59.699106][ T3771] ? _raw_spin_unlock_irq+0x1f/0x40 [ 59.704309][ T3771] ? lockdep_hardirqs_on+0x79/0x100 [ 59.709534][ T3771] ? _raw_spin_unlock_irq+0x2a/0x40 [ 59.714724][ T3771] ? ptrace_notify+0xfa/0x140 [ 59.719396][ T3771] do_syscall_64+0x35/0xb0 [ 59.723809][ T3771] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.729699][ T3771] RIP: 0033:0x7f59e63adb19 [ 59.734124][ T3771] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 59.753764][ T3771] RSP: 002b:00007f59e635f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 59.762187][ T3771] RAX: ffffffffffffffda RBX: 00007f59e64364a8 RCX: 00007f59e63adb19 [pid 3771] <... futex resumed>) = ? [pid 3771] +++ exited with 0 +++ [pid 3770] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3770, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3772 ./strace-static-x86_64: Process 3772 attached [pid 3772] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3772] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3772] setpgid(0, 0) = 0 [pid 3772] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3772] write(3, "1000", 4) = 4 [pid 3772] close(3) = 0 [pid 3772] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3772] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3772] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3772] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3773], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3773 [pid 3772] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3772] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3773 attached [pid 3773] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3773] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3773] write(3, "2", 1) = 1 [pid 3773] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3773] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3772] <... futex resumed>) = 0 [pid 3772] exit_group(0) = ? [pid 3773] <... futex resumed>) = ? [pid 3773] +++ exited with 0 +++ [pid 3772] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3772, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3774 ./strace-static-x86_64: Process 3774 attached [pid 3774] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3774] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3774] setpgid(0, 0) = 0 [pid 3774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3774] write(3, "1000", 4) = 4 [pid 3774] close(3) = 0 [pid 3774] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3774] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3774] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3774] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3775 attached , parent_tid=[3775], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3775 [pid 3774] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3775] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3774] <... futex resumed>) = 0 [pid 3775] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3774] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3775] <... openat resumed>) = 3 [pid 3775] write(3, "2", 1) = 1 [pid 3775] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3775] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3774] <... futex resumed>) = 0 [pid 3774] exit_group(0) = ? [pid 3775] +++ exited with 0 +++ [pid 3774] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3774, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3776 attached [pid 3776] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3776] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3776] setpgid(0, 0) = 0 [pid 3776] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3776 [pid 3776] <... openat resumed>) = 3 [pid 3776] write(3, "1000", 4) = 4 [pid 3776] close(3) = 0 [ 59.770172][ T3771] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59e64364a8 [ 59.778142][ T3771] RBP: 00007f59e64364a0 R08: 0000000000000032 R09: 0000000000000032 [ 59.786123][ T3771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.794096][ T3771] R13: 00007f59e635f300 R14: 00007f59e635f400 R15: 0000000000022000 [ 59.802110][ T3771] [pid 3776] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3776] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3776] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3776] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3777], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3777 [pid 3776] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3776] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3777 attached [pid 3777] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3777] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3777] write(3, "2", 1) = 1 [pid 3777] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3777] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3776] <... futex resumed>) = 0 [pid 3776] exit_group(0) = ? [pid 3777] <... futex resumed>) = ? [pid 3777] +++ exited with 0 +++ [pid 3776] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3776, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3778 ./strace-static-x86_64: Process 3778 attached [pid 3778] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3778] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3778] setpgid(0, 0) = 0 [pid 3778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3778] write(3, "1000", 4) = 4 [pid 3778] close(3) = 0 [pid 3778] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3778] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3778] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3778] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3779], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3779 [pid 3778] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3778] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3779 attached [pid 3779] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3779] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3779] write(3, "2", 1) = 1 [pid 3779] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3779] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3778] <... futex resumed>) = 0 [pid 3778] exit_group(0) = ? [pid 3779] <... futex resumed>) = ? [pid 3779] +++ exited with 0 +++ [pid 3778] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3778, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3780 ./strace-static-x86_64: Process 3780 attached [pid 3780] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3780] setpgid(0, 0) = 0 [pid 3780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3780] write(3, "1000", 4) = 4 [pid 3780] close(3) = 0 [pid 3780] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3780] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3780] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3780] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3781], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3781 [pid 3780] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3780] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3781 attached [pid 3781] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3781] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3781] write(3, "2", 1) = 1 [pid 3781] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3781] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3780] <... futex resumed>) = 0 [pid 3780] exit_group(0) = ? [pid 3781] <... futex resumed>) = ? [pid 3781] +++ exited with 0 +++ [pid 3780] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3780, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3782 attached , child_tidptr=0x555556fa55d0) = 3782 [pid 3782] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3782] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3782] setpgid(0, 0) = 0 [pid 3782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3782] write(3, "1000", 4) = 4 [pid 3782] close(3) = 0 [pid 3782] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3782] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3782] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3782] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3783 attached , parent_tid=[3783], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3783 [pid 3783] set_robust_list(0x7f59e635f9e0, 24 [pid 3782] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3783] <... set_robust_list resumed>) = 0 [pid 3783] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3782] <... futex resumed>) = 0 [pid 3783] <... openat resumed>) = 3 [pid 3782] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3783] write(3, "2", 1) = 1 [pid 3783] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3783] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3783] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3782] <... futex resumed>) = 0 [pid 3782] exit_group(0) = ? [pid 3783] <... futex resumed>) = ? [pid 3783] +++ exited with 0 +++ [pid 3782] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3782, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3784 ./strace-static-x86_64: Process 3784 attached [pid 3784] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3784] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3784] setpgid(0, 0) = 0 [pid 3784] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3784] write(3, "1000", 4) = 4 [pid 3784] close(3) = 0 [pid 3784] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3784] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3784] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3784] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3785], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3785 [pid 3784] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3784] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3785 attached [pid 3785] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3785] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3785] write(3, "2", 1) = 1 [pid 3785] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3785] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3784] <... futex resumed>) = 0 [pid 3784] exit_group(0 [pid 3785] <... futex resumed>) = 1 [pid 3784] <... exit_group resumed>) = ? [pid 3785] +++ exited with 0 +++ [pid 3784] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3784, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3786 attached , child_tidptr=0x555556fa55d0) = 3786 [pid 3786] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3786] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3786] setpgid(0, 0) = 0 [pid 3786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3786] write(3, "1000", 4) = 4 [pid 3786] close(3) = 0 [pid 3786] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3786] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3786] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3786] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3787], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3787 ./strace-static-x86_64: Process 3787 attached [pid 3786] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3786] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3787] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3787] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3787] write(3, "2", 1) = 1 [pid 3787] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3787] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3786] <... futex resumed>) = 0 [pid 3786] exit_group(0) = ? [pid 3787] +++ exited with 0 +++ [pid 3786] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3786, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3788 attached [pid 3788] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3788] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3788] setpgid(0, 0) = 0 [pid 3788] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3788] write(3, "1000", 4) = 4 [pid 3788] close(3) = 0 [pid 3611] <... clone resumed>, child_tidptr=0x555556fa55d0) = 3788 [pid 3788] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3788] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3788] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3788] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3789], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3789 [pid 3788] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3788] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3789 attached [pid 3789] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3789] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3789] write(3, "2", 1) = 1 [pid 3789] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3789] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3788] <... futex resumed>) = 0 [pid 3788] exit_group(0) = ? [pid 3789] <... futex resumed>) = ? [pid 3789] +++ exited with 0 +++ [pid 3788] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3788, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3790 ./strace-static-x86_64: Process 3790 attached [pid 3790] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3790] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3790] setpgid(0, 0) = 0 [pid 3790] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3790] write(3, "1000", 4) = 4 [pid 3790] close(3) = 0 [pid 3790] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3790] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3790] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3790] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3791], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3791 [pid 3790] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3790] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3791 attached [pid 3791] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3791] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3791] write(3, "2", 1) = 1 [pid 3791] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3791] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3790] <... futex resumed>) = 0 [pid 3790] exit_group(0) = ? [pid 3791] <... futex resumed>) = ? [pid 3791] +++ exited with 0 +++ [pid 3790] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3790, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3792 ./strace-static-x86_64: Process 3792 attached [pid 3792] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3792] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3792] setpgid(0, 0) = 0 [pid 3792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3792] write(3, "1000", 4) = 4 [pid 3792] close(3) = 0 [pid 3792] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3792] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3792] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3792] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3793], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3793 [pid 3792] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3792] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3793 attached [pid 3793] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3793] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3793] write(3, "2", 1) = 1 [pid 3793] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3793] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3792] <... futex resumed>) = 0 [pid 3792] exit_group(0) = ? [pid 3793] <... futex resumed>) = ? [pid 3793] +++ exited with 0 +++ [pid 3792] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3792, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3794 ./strace-static-x86_64: Process 3794 attached [pid 3794] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3794] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3794] setpgid(0, 0) = 0 [pid 3794] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3794] write(3, "1000", 4) = 4 [pid 3794] close(3) = 0 [pid 3794] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3794] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3794] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3794] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3795], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3795 [pid 3794] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3794] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3795 attached [pid 3795] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3795] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3795] write(3, "2", 1) = 1 [pid 3795] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3795] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3794] <... futex resumed>) = 0 [pid 3794] exit_group(0) = ? [pid 3795] <... futex resumed>) = ? [pid 3795] +++ exited with 0 +++ [pid 3794] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3794, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3796 ./strace-static-x86_64: Process 3796 attached [pid 3796] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3796] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3796] setpgid(0, 0) = 0 [pid 3796] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3796] write(3, "1000", 4) = 4 [pid 3796] close(3) = 0 [pid 3796] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3796] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3796] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3796] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3797], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3797 [pid 3796] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3796] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3797 attached [pid 3797] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3797] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3797] write(3, "2", 1) = 1 [pid 3797] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3797] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3796] <... futex resumed>) = 0 [pid 3796] exit_group(0) = ? [pid 3797] <... futex resumed>) = ? [pid 3797] +++ exited with 0 +++ [pid 3796] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3796, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3798 ./strace-static-x86_64: Process 3798 attached [pid 3798] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3798] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3798] setpgid(0, 0) = 0 [pid 3798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3798] write(3, "1000", 4) = 4 [pid 3798] close(3) = 0 [pid 3798] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3798] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3798] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3798] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3799], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3799 [pid 3798] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3798] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3799 attached [pid 3799] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3799] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3799] write(3, "2", 1) = 1 [pid 3799] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3799] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3798] <... futex resumed>) = 0 [pid 3798] exit_group(0) = ? [pid 3799] <... futex resumed>) = ? [pid 3799] +++ exited with 0 +++ [pid 3798] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3798, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3800 ./strace-static-x86_64: Process 3800 attached [pid 3800] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3800] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3800] setpgid(0, 0) = 0 [pid 3800] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3800] write(3, "1000", 4) = 4 [pid 3800] close(3) = 0 [pid 3800] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3800] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3800] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3800] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3801], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3801 [pid 3800] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3800] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3801 attached [pid 3801] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3801] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3801] write(3, "2", 1) = 1 [pid 3801] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3801] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3800] <... futex resumed>) = 0 [pid 3800] exit_group(0) = ? [pid 3801] <... futex resumed>) = ? [pid 3801] +++ exited with 0 +++ [pid 3800] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3800, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3802 ./strace-static-x86_64: Process 3802 attached [pid 3802] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3802] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3802] setpgid(0, 0) = 0 [pid 3802] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3802] write(3, "1000", 4) = 4 [pid 3802] close(3) = 0 [pid 3802] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3802] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3802] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3802] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3803], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3803 [pid 3802] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3802] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3803 attached [pid 3803] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3803] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3803] write(3, "2", 1) = 1 [pid 3803] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3803] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3802] <... futex resumed>) = 0 [pid 3802] exit_group(0) = ? [pid 3803] <... futex resumed>) = ? [pid 3803] +++ exited with 0 +++ [pid 3802] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3802, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3804 ./strace-static-x86_64: Process 3804 attached [pid 3804] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3804] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3804] setpgid(0, 0) = 0 [pid 3804] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3804] write(3, "1000", 4) = 4 [pid 3804] close(3) = 0 [pid 3804] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3804] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3804] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3804] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3805], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3805 [pid 3804] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3804] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3805 attached [pid 3805] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3805] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3805] write(3, "2", 1) = 1 [pid 3805] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3805] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3804] <... futex resumed>) = 0 [pid 3804] exit_group(0) = ? [pid 3805] <... futex resumed>) = ? [pid 3805] +++ exited with 0 +++ [pid 3804] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3804, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3806 ./strace-static-x86_64: Process 3806 attached [pid 3806] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3806] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3806] setpgid(0, 0) = 0 [pid 3806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3806] write(3, "1000", 4) = 4 [pid 3806] close(3) = 0 [pid 3806] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3806] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3806] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3806] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3807 attached , parent_tid=[3807], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3807 [pid 3807] set_robust_list(0x7f59e635f9e0, 24 [pid 3806] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3806] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3807] <... set_robust_list resumed>) = 0 [pid 3807] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3807] write(3, "2", 1) = 1 [pid 3807] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3807] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3806] <... futex resumed>) = 0 [pid 3806] exit_group(0) = ? [pid 3807] <... futex resumed>) = ? [pid 3807] +++ exited with 0 +++ [pid 3806] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3806, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3808 ./strace-static-x86_64: Process 3808 attached [pid 3808] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3808] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3808] setpgid(0, 0) = 0 [pid 3808] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3808] write(3, "1000", 4) = 4 [pid 3808] close(3) = 0 [pid 3808] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3808] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3808] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3808] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3809], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3809 [pid 3808] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3808] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3809 attached [pid 3809] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3809] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3809] write(3, "2", 1) = 1 [pid 3809] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3809] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3808] <... futex resumed>) = 0 [pid 3808] exit_group(0) = ? [pid 3809] <... futex resumed>) = ? [pid 3809] +++ exited with 0 +++ [pid 3808] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3808, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556fa55d0) = 3810 ./strace-static-x86_64: Process 3810 attached [pid 3810] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3810] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3810] setpgid(0, 0) = 0 [pid 3810] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3810] write(3, "1000", 4) = 4 [pid 3810] close(3) = 0 [pid 3810] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3810] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3810] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3810] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3811], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3811 [pid 3810] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 3811 attached ) = 0 [pid 3810] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3811] set_robust_list(0x7f59e635f9e0, 24) = 0 [pid 3811] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 3811] write(3, "2", 1) = 1 [pid 3811] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3811] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3810] <... futex resumed>) = 0 [pid 3811] <... futex resumed>) = 1 [pid 3810] exit_group(0) = ? [pid 3811] +++ exited with 0 +++ [pid 3810] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3810, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3812 attached , child_tidptr=0x555556fa55d0) = 3812 [pid 3812] set_robust_list(0x555556fa55e0, 24) = 0 [pid 3812] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3812] setpgid(0, 0) = 0 [pid 3812] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3812] write(3, "1000", 4) = 4 [pid 3812] close(3) = 0 [pid 3812] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3812] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f59e633f000 [pid 3812] mprotect(0x7f59e6340000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3812] clone(child_stack=0x7f59e635f3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3813 attached [pid 3813] set_robust_list(0x7f59e635f9e0, 24 [pid 3812] <... clone resumed>, parent_tid=[3813], tls=0x7f59e635f700, child_tidptr=0x7f59e635f9d0) = 3813 [pid 3813] <... set_robust_list resumed>) = 0 [pid 3812] futex(0x7f59e64364a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3813] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3812] <... futex resumed>) = 0 [pid 3812] futex(0x7f59e64364ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3813] <... openat resumed>) = 3 [pid 3813] write(3, "2", 1) = 1 [pid 3813] write(-1, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 3813] futex(0x7f59e64364ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3812] <... futex resumed>) = 0 [pid 3813] futex(0x7f59e64364a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3812] exit_group(0) = ? [ 60.116518][ T3813] FAULT_INJECTION: forcing a failure. [ 60.116518][ T3813] name fail_futex, interval 1, probability 0, space 0, times 0 [ 60.129649][ T3813] CPU: 0 PID: 3813 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 60.141044][ T3813] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 [ 60.150395][ T3813] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 3813, name: syz-executor140 [ 60.159836][ T3813] preempt_count: 0, expected: 0 [ 60.164668][ T3813] RCU nest depth: 0, expected: 0 [ 60.169589][ T3813] no locks held by syz-executor140/3813. [ 60.175207][ T3813] irq event stamp: 498 [ 60.180285][ T3813] hardirqs last enabled at (497): [] finish_task_switch.isra.0+0x2b5/0xc70 [ 60.190517][ T3813] hardirqs last disabled at (498): [] dump_stack_lvl+0x2e/0x134 [ 60.199735][ T3813] softirqs last enabled at (490): [] __irq_exit_rcu+0x123/0x180 [ 60.209007][ T3813] softirqs last disabled at (369): [] __irq_exit_rcu+0x123/0x180 [ 60.218302][ T3813] CPU: 0 PID: 3813 Comm: syz-executor140 Tainted: G W 6.0.0-rc1-next-20220819-syzkaller #0 [ 60.229672][ T3813] syz-executor140[3813] cmdline: [ 60.234678][ T3813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 60.244724][ T3813] Call Trace: [ 60.248003][ T3813] [ 60.250927][ T3813] dump_stack_lvl+0xcd/0x134 [ 60.255520][ T3813] __might_resched.cold+0x222/0x26b [ 60.260715][ T3813] down_read_killable+0x75/0x490 [ 60.265679][ T3813] ? down_read+0x450/0x450 [ 60.270131][ T3813] __access_remote_vm+0xac/0x6f0 [ 60.275089][ T3813] ? follow_phys+0x2c0/0x2c0 [ 60.279675][ T3813] ? do_raw_spin_lock+0x120/0x2a0 [ 60.284703][ T3813] ? rwlock_bug.part.0+0x90/0x90 [ 60.289657][ T3813] ? __up_console_sem+0x47/0xc0 [ 60.294510][ T3813] get_mm_cmdline.part.0+0x217/0x620 [ 60.299795][ T3813] ? dname_to_vma_addr.isra.0+0x360/0x360 [ 60.305532][ T3813] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 60.311403][ T3813] get_task_cmdline_kernel+0x1d9/0x220 [ 60.316868][ T3813] dump_stack_print_cmdline.part.0+0x82/0x150 [ 60.322956][ T3813] ? _atomic_dec_and_lock_irqsave+0x150/0x150 [ 60.329041][ T3813] ? dump_stack_print_info+0xc6/0x190 [ 60.334418][ T3813] dump_stack_print_info+0x185/0x190 [ 60.339706][ T3813] dump_stack_lvl+0xc1/0x134 [ 60.344303][ T3813] should_fail.cold+0x5/0xa [ 60.348807][ T3813] get_futex_key+0x5a8/0x1c30 [ 60.353480][ T3813] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 60.359454][ T3813] ? futex_setup_timer+0xf0/0xf0