./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor240401221 <...> forked to background, child pid 3188 no interfaces have a carrier [ 21.176926][ T3189] 8021q: adding VLAN 0 to HW filter on device bond0 [ 21.180463][ T3189] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.186' (ECDSA) to the list of known hosts. execve("./syz-executor240401221", ["./syz-executor240401221"], 0x7ffc06ceba30 /* 10 vars */) = 0 brk(NULL) = 0x5555564a9000 brk(0x5555564a9c40) = 0x5555564a9c40 arch_prctl(ARCH_SET_FS, 0x5555564a9300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x5555564a95d0) = 3616 set_robust_list(0x5555564a95e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7fec4915c900, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fec4915cfd0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7fec4915c9a0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fec4915cfd0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor240401221", 4096) = 27 brk(0x5555564cac40) = 0x5555564cac40 brk(0x5555564cb000) = 0x5555564cb000 mprotect(0x7fec4921e000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3 socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4 sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=680, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3616}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x25\x00\x00\x00\x48\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 680 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3616}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 access("/proc/net", R_OK) = 0 access("/proc/net/unix", R_OK) = 0 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3616}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3616}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3616}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3616}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3616}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 close(3) = 0 close(4) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3619 attached , child_tidptr=0x5555564a95d0) = 3619 [pid 3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3619] set_robust_list(0x5555564a95e0, 24./strace-static-x86_64: Process 3620 attached [pid 3616] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3620 [pid 3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3620] set_robust_list(0x5555564a95e0, 24 [pid 3619] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 3621 attached [pid 3616] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3621 [pid 3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3622 attached [pid 3621] set_robust_list(0x5555564a95e0, 24 [pid 3620] <... set_robust_list resumed>) = 0 [pid 3619] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3616] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3622 [pid 3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3621] <... set_robust_list resumed>) = 0 [pid 3620] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3616] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3623 [pid 3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3619] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3624 [pid 3616] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3625 [pid 3621] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3620] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3626 ./strace-static-x86_64: Process 3625 attached ./strace-static-x86_64: Process 3626 attached [pid 3626] set_robust_list(0x5555564a95e0, 24) = 0 ./strace-static-x86_64: Process 3624 attached ./strace-static-x86_64: Process 3627 attached [pid 3622] set_robust_list(0x5555564a95e0, 24 [pid 3621] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3627 [pid 3622] <... set_robust_list resumed>) = 0 [pid 3625] set_robust_list(0x5555564a95e0, 24) = 0 [pid 3625] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3622] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3627] set_robust_list(0x5555564a95e0, 24./strace-static-x86_64: Process 3628 attached ) = 0 [pid 3626] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3624] set_robust_list(0x5555564a95e0, 24 [pid 3626] <... prctl resumed>) = 0 [pid 3626] setpgid(0, 0 [pid 3622] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3628 [pid 3627] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3624] <... set_robust_list resumed>) = 0 [pid 3628] set_robust_list(0x5555564a95e0, 24 [pid 3627] <... prctl resumed>) = 0 [pid 3624] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3626] <... setpgid resumed>) = 0 [pid 3626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3624] <... prctl resumed>) = 0 [pid 3628] <... set_robust_list resumed>) = 0 [pid 3627] setpgid(0, 0 [pid 3626] <... openat resumed>) = 3 [pid 3627] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 3623 attached [pid 3627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3626] write(3, "1000", 4 [pid 3625] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3629 [pid 3624] setpgid(0, 0 [pid 3627] <... openat resumed>) = 3 [pid 3626] <... write resumed>) = 4 [pid 3624] <... setpgid resumed>) = 0 [pid 3623] set_robust_list(0x5555564a95e0, 24 [pid 3627] write(3, "1000", 4 [pid 3626] close(3 [pid 3624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3623] <... set_robust_list resumed>) = 0 [pid 3628] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3627] <... write resumed>) = 4 [pid 3627] close(3./strace-static-x86_64: Process 3629 attached [pid 3628] <... prctl resumed>) = 0 [pid 3627] <... close resumed>) = 0 [pid 3626] <... close resumed>) = 0 [pid 3624] <... openat resumed>) = 3 [pid 3623] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3627] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3627] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 3630 attached [pid 3629] set_robust_list(0x5555564a95e0, 24 [pid 3628] setpgid(0, 0 [pid 3627] <... mmap resumed>) = 0x7fec4912c000 [pid 3626] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3624] write(3, "1000", 4 [pid 3629] <... set_robust_list resumed>) = 0 [pid 3627] mprotect(0x7fec4912d000, 131072, PROT_READ|PROT_WRITE [pid 3626] <... futex resumed>) = 0 [pid 3624] <... write resumed>) = 4 [pid 3623] <... clone resumed>, child_tidptr=0x5555564a95d0) = 3630 [pid 3630] set_robust_list(0x5555564a95e0, 24 [pid 3629] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3628] <... setpgid resumed>) = 0 [pid 3627] <... mprotect resumed>) = 0 [pid 3626] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 3624] close(3 [pid 3630] <... set_robust_list resumed>) = 0 [pid 3629] <... prctl resumed>) = 0 [pid 3628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3627] clone(child_stack=0x7fec4914c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 3626] <... mmap resumed>) = 0x7fec4912c000 [pid 3624] <... close resumed>) = 0 [pid 3630] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3629] setpgid(0, 0 [pid 3626] mprotect(0x7fec4912d000, 131072, PROT_READ|PROT_WRITE [pid 3624] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3629] <... setpgid resumed>) = 0 [pid 3628] <... openat resumed>) = 3 [pid 3627] <... clone resumed>, parent_tid=[3631], tls=0x7fec4914c700, child_tidptr=0x7fec4914c9d0) = 3631 [pid 3626] <... mprotect resumed>) = 0 [pid 3624] <... futex resumed>) = 0 ./strace-static-x86_64: Process 3631 attached [pid 3630] <... prctl resumed>) = 0 [pid 3629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3628] write(3, "1000", 4 [pid 3627] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3626] clone(child_stack=0x7fec4914c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 3624] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 3632 attached [pid 3631] set_robust_list(0x7fec4914c9e0, 24 [pid 3630] setpgid(0, 0 [pid 3629] <... openat resumed>) = 3 [pid 3628] <... write resumed>) = 4 [pid 3627] <... futex resumed>) = 0 [pid 3624] <... mmap resumed>) = 0x7fec4912c000 [pid 3632] set_robust_list(0x7fec4914c9e0, 24 [pid 3630] <... setpgid resumed>) = 0 [pid 3629] write(3, "1000", 4 [pid 3628] close(3 [pid 3627] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3626] <... clone resumed>, parent_tid=[3632], tls=0x7fec4914c700, child_tidptr=0x7fec4914c9d0) = 3632 [pid 3624] mprotect(0x7fec4912d000, 131072, PROT_READ|PROT_WRITE [pid 3631] <... set_robust_list resumed>) = 0 [pid 3630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3629] <... write resumed>) = 4 [pid 3628] <... close resumed>) = 0 [pid 3626] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3624] <... mprotect resumed>) = 0 [pid 3630] <... openat resumed>) = 3 [pid 3629] close(3 [pid 3628] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3626] <... futex resumed>) = 0 [pid 3624] clone(child_stack=0x7fec4914c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3633 attached [pid 3632] <... set_robust_list resumed>) = 0 [pid 3631] openat(AT_FDCWD, "/dev/sg0", O_RDONLY [pid 3630] write(3, "1000", 4 [pid 3629] <... close resumed>) = 0 [pid 3628] <... futex resumed>) = 0 [pid 3626] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3629] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3624] <... clone resumed>, parent_tid=[3633], tls=0x7fec4914c700, child_tidptr=0x7fec4914c9d0) = 3633 [pid 3629] <... futex resumed>) = 0 [pid 3624] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3631] <... openat resumed>) = 3 [pid 3630] <... write resumed>) = 4 [pid 3629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 3628] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 3624] <... futex resumed>) = 0 [pid 3631] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3630] close(3 [pid 3629] <... mmap resumed>) = 0x7fec4912c000 [pid 3628] <... mmap resumed>) = 0x7fec4912c000 [pid 3624] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3633] set_robust_list(0x7fec4914c9e0, 24 [pid 3632] openat(AT_FDCWD, "/dev/sg0", O_RDONLY [pid 3631] <... futex resumed>) = 1 [pid 3630] <... close resumed>) = 0 [pid 3629] mprotect(0x7fec4912d000, 131072, PROT_READ|PROT_WRITE [pid 3628] mprotect(0x7fec4912d000, 131072, PROT_READ|PROT_WRITE [pid 3627] <... futex resumed>) = 0 [pid 3632] <... openat resumed>) = 3 [pid 3631] futex(0x7fec492244a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3630] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3629] <... mprotect resumed>) = 0 [pid 3628] <... mprotect resumed>) = 0 [pid 3627] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3633] <... set_robust_list resumed>) = 0 [pid 3632] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3631] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3630] <... futex resumed>) = 0 [pid 3629] clone(child_stack=0x7fec4914c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 3628] clone(child_stack=0x7fec4914c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 3627] <... futex resumed>) = 0 [pid 3632] <... futex resumed>) = 1 [pid 3631] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3630] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 3627] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3626] <... futex resumed>) = 0 [pid 3629] <... clone resumed>, parent_tid=[3634], tls=0x7fec4914c700, child_tidptr=0x7fec4914c9d0) = 3634 [pid 3626] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3631] <... openat resumed>) = 4 [pid 3629] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3626] <... futex resumed>) = 0 [pid 3630] <... mmap resumed>) = 0x7fec4912c000 [pid 3629] <... futex resumed>) = 0 [pid 3628] <... clone resumed>, parent_tid=[3635], tls=0x7fec4914c700, child_tidptr=0x7fec4914c9d0) = 3635 [pid 3626] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3632] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3631] write(4, "40", 2 [pid 3630] mprotect(0x7fec4912d000, 131072, PROT_READ|PROT_WRITE [pid 3629] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3628] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3631] <... write resumed>) = 2 [pid 3630] <... mprotect resumed>) = 0 [pid 3628] <... futex resumed>) = 0 [pid 3630] clone(child_stack=0x7fec4914c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3635 attached [pid 3635] set_robust_list(0x7fec4914c9e0, 24) = 0 [pid 3630] <... clone resumed>, parent_tid=[3636], tls=0x7fec4914c700, child_tidptr=0x7fec4914c9d0) = 3636 [pid 3628] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3632] <... openat resumed>) = 4 [pid 3631] ioctl(3, BLKTRACESETUP, {act_mask=0, buf_size=204, buf_nr=43, start_lba=0, end_lba=0, pid=0 [pid 3630] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 3634 attached [pid 3635] openat(AT_FDCWD, "/dev/sg0", O_RDONLY [pid 3630] <... futex resumed>) = 0 [pid 3635] <... openat resumed>) = 3 [pid 3634] set_robust_list(0x7fec4914c9e0, 24 [pid 3635] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3634] <... set_robust_list resumed>) = 0 [pid 3635] <... futex resumed>) = 1 [pid 3634] openat(AT_FDCWD, "/dev/sg0", O_RDONLY [pid 3635] futex(0x7fec492244a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3634] <... openat resumed>) = 3 [pid 3634] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3629] <... futex resumed>) = 0 [pid 3634] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3629] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3634] <... openat resumed>) = 4 [pid 3631] <... ioctl resumed>}) = -1 EIO (Input/output error) [pid 3629] <... futex resumed>) = 0 [pid 3628] <... futex resumed>) = 0 [pid 3630] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3632] write(4, "40", 2./strace-static-x86_64: Process 3636 attached [pid 3634] write(4, "40", 2 [pid 3632] <... write resumed>) = 2 [pid 3631] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3629] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3628] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3636] set_robust_list(0x7fec4914c9e0, 24 [pid 3635] <... futex resumed>) = 0 [pid 3634] <... write resumed>) = 2 [pid 3632] ioctl(3, BLKTRACESETUP, {act_mask=0, buf_size=204, buf_nr=43, start_lba=0, end_lba=0, pid=0 [pid 3631] <... futex resumed>) = 1 [pid 3628] <... futex resumed>) = 1 [pid 3627] <... futex resumed>) = 0 [pid 3636] <... set_robust_list resumed>) = 0 [pid 3635] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3634] ioctl(3, BLKTRACESETUP, {act_mask=0, buf_size=204, buf_nr=43, start_lba=0, end_lba=0, pid=0 [pid 3628] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3627] exit_group(0 [pid 3636] openat(AT_FDCWD, "/dev/sg0", O_RDONLY [pid 3635] <... openat resumed>) = 4 [pid 3634] <... ioctl resumed>}) = -1 EIO (Input/output error) [pid 3633] openat(AT_FDCWD, "/dev/sg0", O_RDONLY [pid 3632] <... ioctl resumed>}) = -1 EIO (Input/output error) [pid 3627] <... exit_group resumed>) = ? [pid 3636] <... openat resumed>) = 3 [pid 3635] write(4, "40", 2 [pid 3634] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3636] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3635] <... write resumed>) = 2 [pid 3634] <... futex resumed>) = 1 [pid 3632] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3629] <... futex resumed>) = 0 [pid 3636] <... futex resumed>) = 1 [pid 3635] ioctl(3, BLKTRACESETUP, {act_mask=0, buf_size=204, buf_nr=43, start_lba=0, end_lba=0, pid=0 [pid 3634] futex(0x7fec492244a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3633] <... openat resumed>) = 3 [pid 3632] <... futex resumed>) = 1 [pid 3631] +++ exited with 0 +++ [pid 3630] <... futex resumed>) = 0 [pid 3629] exit_group(0 [pid 3627] +++ exited with 0 +++ [pid 3633] futex(0x7fec492244ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 3632] futex(0x7fec492244a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3630] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3621] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3627, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 3633] <... futex resumed>) = 1 [pid 3630] <... futex resumed>) = 0 [pid 3633] futex(0x7fec492244a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3630] futex(0x7fec492244ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3626] <... futex resumed>) = 0 [pid 3624] <... futex resumed>) = 0 [pid 3629] <... exit_group resumed>) = ? [pid 3626] exit_group(0 [pid 3624] futex(0x7fec492244a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 3621] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3636] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 3634] <... futex resumed>) = ? [pid 3633] <... futex resumed>) = 0 [pid 3632] <... futex resumed>) = ? [pid 3626] <... exit_group resumed>) = ? [pid 3624] <... futex resumed>) = 1 syzkaller login: [ 38.647434][ T3632] debugfs: out of free dentries, can not create file 'trace1' [ 38.648694][ T3634] debugfs: out of free dentries, can not create file 'trace1' [ 38.648694][ T3634] debugfs: out of free dentries, can not create file 'trace1' [ 38.669330][ T3635] ------------[ cut here ]------------ [ 38.669339][ T3635] WARNING: CPU: 0 PID: 3635 at kernel/trace/blktrace.c:1102 blk_register_tracepoints+0x2dc/0x3a0 [ 38.669420][ T3635] Modules linked in: [ 38.669599][ T3635] CPU: 0 PID: 3635 Comm: syz-executor240 Not tainted 5.18.0-syzkaller-13842-g952923ddc011 #0 [ 38.669624][ T3635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.669638][ T3635] RIP: 0010:blk_register_tracepoints+0x2dc/0x3a0 [ 38.669667][ T3635] Code: 48 c7 c7 60 ce a9 8d e8 62 59 fb ff 31 ff 89 c3 89 c6 e8 d7 98 f9 ff 85 db 0f 85 ba 00 00 00 5b e9 89 9c f9 ff e8 84 9c f9 ff <0f> 0b e9 4b fd ff ff e8 78 9c f9 ff 0f 0b e9 6c fd ff ff e8 6c 9c [ 38.669687][ T3635] RSP: 0018:ffffc9000340fbd0 EFLAGS: 00010293 [ 38.669709][ T3635] RAX: 0000000000000000 RBX: 00000000fffffff4 RCX: 0000000000000000 [ 38.669724][ T3635] RDX: ffff888021319d80 RSI: ffffffff8180ea5c RDI: 0000000000000005 [ 38.669740][ T3635] RBP: ffff88802420ae80 R08: 0000000000000005 R09: 0000000000000000 [ 38.669755][ T3635] R10: 00000000fffffff4 R11: 00000000000000d3 R12: ffffc9000340fc70 [ 38.669768][ T3635] R13: ffff88802420aea8 R14: ffff8881469fb9d0 R15: ffff88802420aeb0 [ 38.669786][ T3635] FS: 00007fec4914c700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 38.669807][ T3635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.669823][ T3635] CR2: 00007fec491f0448 CR3: 000000007220a000 CR4: 0000000000350ef0 [ 38.669839][ T3635] Call Trace: [ 38.669847][ T3635] [ 38.669857][ T3635] do_blk_trace_setup+0x940/0xb60 [ 38.669896][ T3635] __blk_trace_setup+0xca/0x180 [ 38.670015][ T3635] ? do_blk_trace_setup+0xb60/0xb60 [ 38.670056][ T3635] ? __sanitizer_cov_trace_switch+0x50/0x90 [ 38.670085][ T3635] blk_trace_setup+0x43/0x60 [ 38.670112][ T3635] sg_ioctl+0x251/0x2760 [ 38.670158][ T3635] ? sg_write+0x110/0x110 [ 38.670180][ T3635] ? name_to_dev_t+0x987/0x990 [ 38.670210][ T3635] ? __fget_files+0x26a/0x440 [ 38.670239][ T3635] ? bpf_lsm_file_ioctl+0x5/0x10 [ 38.670264][ T3635] ? sg_write+0x110/0x110 [ 38.670286][ T3635] __x64_sys_ioctl+0x193/0x200 [ 38.670313][ T3635] do_syscall_64+0x35/0xb0 [ 38.670339][ T3635] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 38.670452][ T3635] RIP: 0033:0x7fec4919f899 [ 38.670472][ T3635] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 38.670491][ T3635] RSP: 002b:00007fec4914c2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 38.670516][ T3635] RAX: ffffffffffffffda RBX: 00007fec492244a8 RCX: 00007fec4919f899 [ 38.670532][ T3635] RDX: 0000000020000140 RSI: 00000000c0481273 RDI: 0000000000000003 [ 38.670546][ T3635] RBP: 00007fec492244a0 R08: 0000000000000002 R09: 0000000000003034 [ 38.670560][ T3635] R10: 0000000000000000 R11: 0000000000000246 R12: 2367732f7665642f [ 38.670574][ T3635] R13: 00007fec4914c300 R14: 0000000000000002 R15: 0000000000022000 [ 38.670603][ T3635] [ 38.670613][ T3635] Kernel panic - not syncing: panic_on_warn set ... [ 38.670623][ T3635] CPU: 0 PID: 3635 Comm: syz-executor240 Not tainted 5.18.0-syzkaller-13842-g952923ddc011 #0 [ 38.670644][ T3635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.670654][ T3635] Call Trace: [ 38.670660][ T3635] [ 38.670667][ T3635] dump_stack_lvl+0xcd/0x134 [ 38.670690][ T3635] panic+0x2d7/0x636 [ 38.670709][ T3635] ? panic_print_sys_info.part.0+0x10b/0x10b [ 38.670738][ T3635] ? __warn.cold+0x1d9/0x2cd [ 38.670762][ T3635] ? blk_register_tracepoints+0x2dc/0x3a0 [ 38.670787][ T3635] __warn.cold+0x1ea/0x2cd [ 38.670809][ T3635] ? blk_register_tracepoints+0x2dc/0x3a0 [ 38.670834][ T3635] report_bug+0x1bc/0x210 [ 38.670871][ T3635] handle_bug+0x3c/0x60 [ 38.670893][ T3635] exc_invalid_op+0x14/0x40 [ 38.670916][ T3635] asm_exc_invalid_op+0x1b/0x20 [ 38.670936][ T3635] RIP: 0010:blk_register_tracepoints+0x2dc/0x3a0 [ 38.670961][ T3635] Code: 48 c7 c7 60 ce a9 8d e8 62 59 fb ff 31 ff 89 c3 89 c6 e8 d7 98 f9 ff 85 db 0f 85 ba 00 00 00 5b e9 89 9c f9 ff e8 84 9c f9 ff <0f> 0b e9 4b fd ff ff e8 78 9c f9 ff 0f 0b e9 6c fd ff ff e8 6c 9c [ 38.670980][ T3635] RSP: 0018:ffffc9000340fbd0 EFLAGS: 00010293 [ 38.670997][ T3635] RAX: 0000000000000000 RBX: 00000000fffffff4 RCX: 0000000000000000 [ 38.671009][ T3635] RDX: ffff888021319d80 RSI: ffffffff8180ea5c RDI: 0000000000000005 [ 38.671022][ T3635] RBP: ffff88802420ae80 R08: 0000000000000005 R09: 0000000000000000 [ 38.671035][ T3635] R10: 00000000fffffff4 R11: 00000000000000d3 R12: ffffc9000340fc70 [ 38.671048][ T3635] R13: ffff88802420aea8 R14: ffff8881469fb9d0 R15: ffff88802420aeb0 [ 38.671070][ T3635] ? blk_register_tracepoints+0x2dc/0x3a0 [ 38.671099][ T3635] do_blk_trace_setup+0x940/0xb60 [ 38.671128][ T3635] __blk_trace_setup+0xca/0x180 [ 38.671152][ T3635] ? do_blk_trace_setup+0xb60/0xb60 [ 38.671191][ T3635] ? __sanitizer_cov_trace_switch+0x50/0x90 [ 38.671219][ T3635] blk_trace_setup+0x43/0x60 [ 38.671248][ T3635] sg_ioctl+0x251/0x2760 [ 38.671271][ T3635] ? sg_write+0x110/0x110 [ 38.671291][ T3635] ? name_to_dev_t+0x987/0x990 [ 38.671316][ T3635] ? __fget_files+0x26a/0x440 [ 38.671342][ T3635] ? bpf_lsm_file_ioctl+0x5/0x10 [ 38.671365][ T3635] ? sg_write+0x110/0x110 [ 38.671384][ T3635] __x64_sys_ioctl+0x193/0x200 [ 38.671407][ T3635] do_syscall_64+0x35/0xb0 [ 38.671428][ T3635] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 38.671451][ T3635] RIP: 0033:0x7fec4919f899 [ 38.671467][ T3635] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 38.671486][ T3635] RSP: 002b:00007fec4914c2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 38.671507][ T3635] RAX: ffffffffffffffda RBX: 00007fec492244a8 RCX: 00007fec4919f899 [ 38.671521][ T3635] RDX: 0000000020000140 RSI: 00000000c0481273 RDI: 0000000000000003 [ 38.671534][ T3635] RBP: 00007fec492244a0 R08: 0000000000000002 R09: 0000000000003034 [ 38.671545][ T3635] R10: 0000000000000000 R11: 0000000000000246 R12: 2367732f7665642f [ 38.671557][ T3635] R13: 00007fec4914c300 R14: 0000000000000002 R15: 0000000000022000 [ 38.671584][ T3635] [ 38.672442][ T3635] Kernel Offset: disabled