./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3320091375 <...> [ 2.869300][ T30] audit: type=1400 audit(1694617002.288:10): avc: denied { getattr } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2.982548][ T99] udevd[99]: starting version 3.2.11 [ 3.001452][ T100] udevd[100]: starting eudev-3.2.11 [ 4.008813][ T185] sshd (185) used greatest stack depth: 22096 bytes left [ 13.003335][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 13.003348][ T30] audit: type=1400 audit(1694617012.438:61): avc: denied { transition } for pid=225 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 13.007164][ T30] audit: type=1400 audit(1694617012.438:62): avc: denied { noatsecure } for pid=225 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 13.009679][ T30] audit: type=1400 audit(1694617012.438:63): avc: denied { write } for pid=225 comm="sh" path="pipe:[158]" dev="pipefs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 13.012699][ T30] audit: type=1400 audit(1694617012.438:64): avc: denied { rlimitinh } for pid=225 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 13.015203][ T30] audit: type=1400 audit(1694617012.438:65): avc: denied { siginh } for pid=225 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.1.130' (ED25519) to the list of known hosts. execve("./syz-executor3320091375", ["./syz-executor3320091375"], 0x7fff3278ead0 /* 10 vars */) = 0 brk(NULL) = 0x555556b21000 brk(0x555556b21d40) = 0x555556b21d40 arch_prctl(ARCH_SET_FS, 0x555556b213c0) = 0 set_tid_address(0x555556b21690) = 294 set_robust_list(0x555556b216a0, 24) = 0 rseq(0x555556b21ce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3320091375", 4096) = 28 getrandom("\xdf\x91\x7a\xfd\x4e\xe7\x9e\x77", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556b21d40 brk(0x555556b42d40) = 0x555556b42d40 brk(0x555556b43000) = 0x555556b43000 mprotect(0x7fd75c3f6000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 295 attached , child_tidptr=0x555556b21690) = 295 [pid 295] set_robust_list(0x555556b216a0, 24) = 0 [pid 295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 295] setpgid(0, 0) = 0 [pid 295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 295] write(3, "1000", 4) = 4 [pid 295] close(3) = 0 [pid 295] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] rt_sigaction(SIGRT_1, {sa_handler=0x7fd75c393ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd75c385560}, NULL, 8) = 0 [pid 295] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 295] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c30e000 [pid 295] mprotect(0x7fd75c30f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 295] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 295] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c32e990, parent_tid=0x7fd75c32e990, exit_signal=0, stack=0x7fd75c30e000, stack_size=0x20300, tls=0x7fd75c32e6c0} => {parent_tid=[296]}, 88) = 296 [pid 295] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 295] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 296 attached [pid 296] set_robust_list(0x7fd75c32e9a0, 24) = 0 [pid 296] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 296] mkdirat(AT_FDCWD, "./file0", 000) = 0 [pid 296] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] openat(AT_FDCWD, "/dev/fuse", O_RDWR|O_CREAT, 000 [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 296] <... openat resumed>) = 3 [pid 296] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 296] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 296] <... futex resumed>) = 0 [pid 296] mount(NULL, "./file0", "fuse", 0, "fd=0x0000000000000003,rootmode=00000000000000000040000,user_id=00000000000000000000,group_id=0000000"...) = 0 [pid 296] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 296] <... futex resumed>) = 1 [pid 296] read(3, "\x68\x00\x00\x00\x1a\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x24\x00\x00\x00\x00\x00\x02\x00\xfb\xff\xff\xf3\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 104 [pid 296] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 296] <... futex resumed>) = 1 [pid 296] read(3, [pid 295] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 295] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2ed000 [pid 295] mprotect(0x7fd75c2ee000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 295] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 295] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c30d990, parent_tid=0x7fd75c30d990, exit_signal=0, stack=0x7fd75c2ed000, stack_size=0x20300, tls=0x7fd75c30d6c0}./strace-static-x86_64: Process 298 attached [pid 298] set_robust_list(0x7fd75c30d9a0, 24) = 0 [pid 298] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 298] futex(0x7fd75c3fc3f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] <... clone3 resumed> => {parent_tid=[298]}, 88) = 298 [pid 295] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 295] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 0 [pid 298] write(3, "\x50\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x27\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 80) = 80 [pid 298] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [ 21.831379][ T30] audit: type=1400 audit(1694617021.268:66): avc: denied { execmem } for pid=294 comm="syz-executor332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 21.834054][ T30] audit: type=1400 audit(1694617021.268:67): avc: denied { integrity } for pid=294 comm="syz-executor332" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 21.842083][ T30] audit: type=1400 audit(1694617021.278:68): avc: denied { read write } for pid=295 comm="syz-executor332" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 21.845382][ T30] audit: type=1400 audit(1694617021.278:69): avc: denied { open } for pid=295 comm="syz-executor332" path="/dev/fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 21.849159][ T30] audit: type=1400 audit(1694617021.288:70): avc: denied { mounton } for pid=295 comm="syz-executor332" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 21.852445][ T30] audit: type=1400 audit(1694617021.288:71): avc: denied { mount } for pid=295 comm="syz-executor332" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [pid 298] read(3, [pid 295] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 295] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 295] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 295] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 295] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 295] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2cc000 [pid 295] mprotect(0x7fd75c2cd000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 295] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 295] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c2ec990, parent_tid=0x7fd75c2ec990, exit_signal=0, stack=0x7fd75c2cc000, stack_size=0x20300, tls=0x7fd75c2ec6c0} => {parent_tid=[299]}, 88) = 299 [pid 295] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 295] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 299 attached [pid 299] set_robust_list(0x7fd75c2ec9a0, 24) = 0 [pid 299] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 299] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] <... futex resumed>) = 0 [pid 299] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 295] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... openat resumed>) = 4 [pid 295] <... futex resumed>) = 0 [pid 299] write(4, "13", 2 [pid 295] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] <... write resumed>) = 2 [pid 299] openat(AT_FDCWD, "./file0/file0", O_WRONLY|O_CREAT|O_APPEND|O_NONBLOCK, 000 [pid 296] <... read resumed>"\x2e\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2b\x01\x00\x00\x00\x00\x00\x00\x66\x69\x6c\x65\x30\x00", 8192) = 46 [pid 296] write(3, "\x90\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 144) = 144 [pid 296] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 21.966465][ T299] FAULT_INJECTION: forcing a failure. [ 21.966465][ T299] name failslab, interval 1, probability 0, space 0, times 1 [ 21.978887][ T299] CPU: 1 PID: 299 Comm: syz-executor332 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 21.988938][ T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 21.998832][ T299] Call Trace: [ 22.001959][ T299] [ 22.004732][ T299] dump_stack_lvl+0x151/0x1b7 [ 22.009247][ T299] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.014719][ T299] ? __kasan_slab_alloc+0xc3/0xe0 [ 22.019572][ T299] ? __kasan_slab_alloc+0xb1/0xe0 [ 22.024434][ T299] ? slab_post_alloc_hook+0x53/0x2c0 [ 22.029562][ T299] ? avc_alloc_node+0x8f/0x500 [ 22.034155][ T299] ? avc_compute_av+0x146/0x830 [ 22.038841][ T299] ? avc_has_perm_noaudit+0x299/0x430 [ 22.044051][ T299] dump_stack+0x15/0x17 [ 22.048041][ T299] should_fail+0x3c6/0x510 [ 22.052295][ T299] __should_failslab+0xa4/0xe0 [ 22.056899][ T299] should_failslab+0x9/0x20 [ 22.061235][ T299] slab_pre_alloc_hook+0x37/0xd0 [ 22.066014][ T299] kmem_cache_alloc_trace+0x48/0x210 [ 22.071128][ T299] ? fuse_alloc_forget+0x46/0x50 [ 22.075905][ T299] fuse_alloc_forget+0x46/0x50 [ 22.080503][ T299] fuse_atomic_open+0x601/0x3750 [ 22.085278][ T299] ? slab_post_alloc_hook+0x72/0x2c0 [ 22.090398][ T299] ? fuse_rename2+0x4470/0x4470 [ 22.095086][ T299] ? _raw_spin_lock+0x1b0/0x1b0 [ 22.099772][ T299] ? avc_xperms_populate+0x4c7/0x590 [ 22.104892][ T299] ? avc_has_perm_noaudit+0x2dd/0x430 [ 22.110103][ T299] ? may_create+0x3d3/0x540 [ 22.114442][ T299] ? selinux_determine_inode_label+0x3b0/0x3b0 [ 22.120436][ T299] ? make_kgid+0x6f0/0x6f0 [ 22.124683][ T299] ? selinux_inode_create+0x22/0x30 [ 22.129718][ T299] ? security_inode_create+0xbc/0x100 [ 22.134922][ T299] ? fuse_rename2+0x4470/0x4470 [ 22.139610][ T299] path_openat+0xfde/0x2f40 [ 22.143955][ T299] ? do_filp_open+0x460/0x460 [ 22.148463][ T299] do_filp_open+0x21c/0x460 [ 22.152803][ T299] ? vfs_tmpfile+0x2c0/0x2c0 [ 22.157230][ T299] do_sys_openat2+0x13f/0x830 [ 22.161742][ T299] ? cgroup_leave_frozen+0x164/0x2c0 [ 22.166866][ T299] ? do_sys_open+0x220/0x220 [ 22.171289][ T299] ? ptrace_notify+0x24c/0x350 [ 22.175891][ T299] __x64_sys_openat+0x243/0x290 [ 22.180578][ T299] ? __ia32_sys_open+0x270/0x270 [ 22.185348][ T299] ? __kasan_check_read+0x11/0x20 [ 22.190212][ T299] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 22.196031][ T299] do_syscall_64+0x3d/0xb0 [ 22.200279][ T299] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.206008][ T299] RIP: 0033:0x7fd75c36dfa9 [ 22.210262][ T299] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 22.229703][ T299] RSP: 002b:00007fd75c2ec208 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 22.237953][ T299] RAX: ffffffffffffffda RBX: 00007fd75c3fc408 RCX: 00007fd75c36dfa9 [ 22.245763][ T299] RDX: 0000000000000c41 RSI: 0000000020002000 RDI: ffffffffffffff9c [ 22.253571][ T299] RBP: 00007fd75c3fc400 R08: 00007fd75c2ebfa6 R09: 0000000000003331 [pid 296] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 299] <... openat resumed>) = -1 ENOMEM (Cannot allocate memory) [pid 295] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 299] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 22.261386][ T299] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd75c3c922c [ 22.269192][ T299] R13: 00007fd75c2ec210 R14: 0000000000000002 R15: 2f30656c69662f2e [ 22.277006][ T299] [pid 299] futex(0x7fd75c3fc408, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] exit_group(0 [pid 299] <... futex resumed>) = ? [pid 298] <... read resumed> ) = ? [pid 296] <... futex resumed>) = ? [pid 295] <... exit_group resumed>) = ? [pid 299] +++ exited with 0 +++ [pid 298] +++ exited with 0 +++ [pid 296] +++ exited with 0 +++ [pid 295] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=295, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556b21690) = 301 ./strace-static-x86_64: Process 301 attached [pid 301] set_robust_list(0x555556b216a0, 24) = 0 [pid 301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 301] setpgid(0, 0) = 0 [pid 301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 301] write(3, "1000", 4) = 4 [pid 301] close(3) = 0 [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] rt_sigaction(SIGRT_1, {sa_handler=0x7fd75c393ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd75c385560}, NULL, 8) = 0 [pid 301] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c30e000 [pid 301] mprotect(0x7fd75c30f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 301] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 301] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c32e990, parent_tid=0x7fd75c32e990, exit_signal=0, stack=0x7fd75c30e000, stack_size=0x20300, tls=0x7fd75c32e6c0}./strace-static-x86_64: Process 302 attached => {parent_tid=[302]}, 88) = 302 [pid 301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 301] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] set_robust_list(0x7fd75c32e9a0, 24) = 0 [pid 302] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 302] mkdirat(AT_FDCWD, "./file0", 000) = -1 EEXIST (File exists) [pid 302] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 301] <... futex resumed>) = 0 [pid 301] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] openat(AT_FDCWD, "/dev/fuse", O_RDWR|O_CREAT, 000) = 3 [pid 302] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = 0 [pid 302] <... futex resumed>) = 1 [pid 301] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] mount(NULL, "./file0", "fuse", 0, "fd=0x0000000000000003,rootmode=00000000000000000040000,user_id=00000000000000000000,group_id=0000000"...) = 0 [pid 302] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = 0 [pid 301] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] <... futex resumed>) = 1 [pid 302] read(3, "\x68\x00\x00\x00\x1a\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x24\x00\x00\x00\x00\x00\x02\x00\xfb\xff\xff\xf3\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 104 [pid 302] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = 0 [pid 301] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] <... futex resumed>) = 1 [pid 302] read(3, [pid 301] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 301] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 301] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2ed000 [pid 301] mprotect(0x7fd75c2ee000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 301] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 301] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c30d990, parent_tid=0x7fd75c30d990, exit_signal=0, stack=0x7fd75c2ed000, stack_size=0x20300, tls=0x7fd75c30d6c0}./strace-static-x86_64: Process 303 attached => {parent_tid=[303]}, 88) = 303 [pid 301] rt_sigprocmask(SIG_SETMASK, [], [pid 303] set_robust_list(0x7fd75c30d9a0, 24 [pid 301] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 301] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... set_robust_list resumed>) = 0 [pid 303] rt_sigprocmask(SIG_SETMASK, [], [pid 301] <... futex resumed>) = 0 [pid 303] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 301] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] write(3, "\x50\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x27\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 80) = 80 [pid 303] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 301] <... futex resumed>) = 0 [pid 303] futex(0x7fd75c3fc3f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 301] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 301] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] <... futex resumed>) = 0 [ 22.410509][ T30] audit: type=1400 audit(1694617021.848:72): avc: denied { mounton } for pid=301 comm="syz-executor332" path="/root/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [pid 303] read(3, [pid 301] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 301] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2cc000 [pid 301] mprotect(0x7fd75c2cd000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 301] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 301] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c2ec990, parent_tid=0x7fd75c2ec990, exit_signal=0, stack=0x7fd75c2cc000, stack_size=0x20300, tls=0x7fd75c2ec6c0}./strace-static-x86_64: Process 304 attached => {parent_tid=[304]}, 88) = 304 [pid 304] set_robust_list(0x7fd75c2ec9a0, 24 [pid 301] rt_sigprocmask(SIG_SETMASK, [], [pid 304] <... set_robust_list resumed>) = 0 [pid 301] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 304] rt_sigprocmask(SIG_SETMASK, [], [pid 301] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 301] <... futex resumed>) = 0 [pid 304] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 304] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 301] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] <... openat resumed>) = 4 [pid 304] write(4, "13", 2) = 2 [pid 304] openat(AT_FDCWD, "./file0/file0", O_WRONLY|O_CREAT|O_APPEND|O_NONBLOCK, 000 [pid 302] <... read resumed>"\x2e\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x30\x01\x00\x00\x00\x00\x00\x00\x66\x69\x6c\x65\x30\x00", 8192) = 46 [pid 302] write(3, "\x90\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 144) = 144 [pid 302] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 301] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 22.532698][ T304] FAULT_INJECTION: forcing a failure. [ 22.532698][ T304] name failslab, interval 1, probability 0, space 0, times 0 [ 22.545177][ T304] CPU: 0 PID: 304 Comm: syz-executor332 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 22.555169][ T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 22.565065][ T304] Call Trace: [ 22.568192][ T304] [ 22.570966][ T304] dump_stack_lvl+0x151/0x1b7 [ 22.575479][ T304] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.580949][ T304] ? stack_trace_save+0x1c0/0x1c0 [ 22.585812][ T304] ? __kernel_text_address+0x9b/0x110 [ 22.591017][ T304] dump_stack+0x15/0x17 [ 22.595011][ T304] should_fail+0x3c6/0x510 [ 22.599261][ T304] __should_failslab+0xa4/0xe0 [ 22.603863][ T304] ? fuse_get_req+0x3d2/0xae0 [ 22.608374][ T304] should_failslab+0x9/0x20 [ 22.612716][ T304] slab_pre_alloc_hook+0x37/0xd0 [ 22.617489][ T304] ? fuse_get_req+0x3d2/0xae0 [ 22.622003][ T304] kmem_cache_alloc+0x44/0x200 [ 22.626600][ T304] fuse_get_req+0x3d2/0xae0 [ 22.630947][ T304] ? ____kasan_kmalloc+0xed/0x110 [ 22.635805][ T304] ? fuse_simple_request+0x1a20/0x1a20 [ 22.641094][ T304] ? fuse_file_alloc+0xb1/0x250 [ 22.645784][ T304] ? fuse_atomic_open+0x615/0x3750 [ 22.650732][ T304] ? path_openat+0xfde/0x2f40 [ 22.655241][ T304] ? do_filp_open+0x21c/0x460 [ 22.659758][ T304] ? do_sys_openat2+0x13f/0x830 [ 22.664444][ T304] ? __x64_sys_openat+0x243/0x290 [ 22.669305][ T304] ? do_syscall_64+0x3d/0xb0 [ 22.673734][ T304] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [pid 301] exit_group(0 [pid 303] <... read resumed> ) = ? [pid 302] <... futex resumed>) = ? [pid 301] <... exit_group resumed>) = ? [pid 303] +++ exited with 0 +++ [pid 302] +++ exited with 0 +++ [ 22.679634][ T304] fuse_simple_request+0x124/0x1a20 [ 22.684668][ T304] ? fuse_put_request+0x2d0/0x2d0 [ 22.689529][ T304] fuse_atomic_open+0x10b0/0x3750 [ 22.694387][ T304] ? policydb_context_isvalid+0x1c3/0x430 [ 22.699942][ T304] ? policydb_context_isvalid+0x1de/0x430 [ 22.705498][ T304] ? fuse_rename2+0x4470/0x4470 [ 22.710186][ T304] ? avc_has_perm_noaudit+0x2dd/0x430 [ 22.715394][ T304] ? may_create+0x3d3/0x540 [ 22.719732][ T304] ? selinux_determine_inode_label+0x3b0/0x3b0 [ 22.725720][ T304] ? make_kgid+0x6f0/0x6f0 [ 22.729975][ T304] ? selinux_inode_create+0x22/0x30 [ 22.735008][ T304] ? security_inode_create+0xbc/0x100 [ 22.740215][ T304] ? fuse_rename2+0x4470/0x4470 [ 22.744900][ T304] path_openat+0xfde/0x2f40 [ 22.749243][ T304] ? do_filp_open+0x460/0x460 [ 22.753762][ T304] do_filp_open+0x21c/0x460 [ 22.758095][ T304] ? vfs_tmpfile+0x2c0/0x2c0 [ 22.762522][ T304] do_sys_openat2+0x13f/0x830 [ 22.767034][ T304] ? cgroup_leave_frozen+0x164/0x2c0 [ 22.772156][ T304] ? do_sys_open+0x220/0x220 [ 22.776581][ T304] ? ptrace_notify+0x24c/0x350 [ 22.781180][ T304] __x64_sys_openat+0x243/0x290 [ 22.785870][ T304] ? __ia32_sys_open+0x270/0x270 [ 22.790642][ T304] ? __kasan_check_read+0x11/0x20 [ 22.795504][ T304] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 22.801316][ T304] do_syscall_64+0x3d/0xb0 [ 22.805571][ T304] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.811300][ T304] RIP: 0033:0x7fd75c36dfa9 [ 22.815552][ T304] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 22.834992][ T304] RSP: 002b:00007fd75c2ec208 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 22.843238][ T304] RAX: ffffffffffffffda RBX: 00007fd75c3fc408 RCX: 00007fd75c36dfa9 [ 22.851049][ T304] RDX: 0000000000000c41 RSI: 0000000020002000 RDI: ffffffffffffff9c [ 22.858861][ T304] RBP: 00007fd75c3fc400 R08: 00007fd75c2ebfa6 R09: 0000000000003331 [ 22.866677][ T304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd75c3c922c [ 22.874482][ T304] R13: 00007fd75c2ec210 R14: 0000000000000002 R15: 2f30656c69662f2e [pid 304] <... openat resumed>) = ? [pid 304] +++ exited with 0 +++ [pid 301] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=301, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 305 attached , child_tidptr=0x555556b21690) = 305 [pid 305] set_robust_list(0x555556b216a0, 24) = 0 [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 305] setpgid(0, 0) = 0 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 305] write(3, "1000", 4) = 4 [pid 305] close(3) = 0 [pid 305] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] rt_sigaction(SIGRT_1, {sa_handler=0x7fd75c393ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd75c385560}, NULL, 8) = 0 [pid 305] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c30e000 [pid 305] mprotect(0x7fd75c30f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c32e990, parent_tid=0x7fd75c32e990, exit_signal=0, stack=0x7fd75c30e000, stack_size=0x20300, tls=0x7fd75c32e6c0} => {parent_tid=[306]}, 88) = 306 [pid 305] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 305] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 306 attached [pid 306] set_robust_list(0x7fd75c32e9a0, 24) = 0 [pid 306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 306] mkdirat(AT_FDCWD, "./file0", 000) = -1 EEXIST (File exists) [pid 306] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] <... futex resumed>) = 0 [pid 306] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 305] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] openat(AT_FDCWD, "/dev/fuse", O_RDWR|O_CREAT, 000 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... openat resumed>) = 3 [pid 306] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] mount(NULL, "./file0", "fuse", 0, "fd=0x0000000000000003,rootmode=00000000000000000040000,user_id=00000000000000000000,group_id=0000000"... [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... mount resumed>) = 0 [pid 306] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] <... futex resumed>) = 0 [pid 306] read(3, "\x68\x00\x00\x00\x1a\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x24\x00\x00\x00\x00\x00\x02\x00\xfb\xff\xff\xf3\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 104 [pid 306] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 306] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 305] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] <... futex resumed>) = 0 [pid 306] read(3, [ 22.882296][ T304] [pid 305] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 305] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2ed000 [pid 305] mprotect(0x7fd75c2ee000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c30d990, parent_tid=0x7fd75c30d990, exit_signal=0, stack=0x7fd75c2ed000, stack_size=0x20300, tls=0x7fd75c30d6c0}./strace-static-x86_64: Process 307 attached => {parent_tid=[307]}, 88) = 307 [pid 307] set_robust_list(0x7fd75c30d9a0, 24 [pid 305] rt_sigprocmask(SIG_SETMASK, [], [pid 307] <... set_robust_list resumed>) = 0 [pid 305] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 307] rt_sigprocmask(SIG_SETMASK, [], [pid 305] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 305] <... futex resumed>) = 0 [pid 307] write(3, "\x50\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x27\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 80 [pid 305] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... write resumed>) = 80 [pid 307] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] read(3, [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 305] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 305] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 305] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 305] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 305] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2cc000 [pid 305] mprotect(0x7fd75c2cd000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c2ec990, parent_tid=0x7fd75c2ec990, exit_signal=0, stack=0x7fd75c2cc000, stack_size=0x20300, tls=0x7fd75c2ec6c0}./strace-static-x86_64: Process 308 attached [pid 308] set_robust_list(0x7fd75c2ec9a0, 24 [pid 305] <... clone3 resumed> => {parent_tid=[308]}, 88) = 308 [pid 308] <... set_robust_list resumed>) = 0 [pid 305] rt_sigprocmask(SIG_SETMASK, [], [pid 308] rt_sigprocmask(SIG_SETMASK, [], [pid 305] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 308] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 305] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 308] <... futex resumed>) = 0 [pid 305] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] futex(0x7fd75c3fc408, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 305] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... futex resumed>) = 0 [pid 305] <... futex resumed>) = 1 [pid 305] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 308] write(4, "13", 2) = 2 [pid 308] openat(AT_FDCWD, "./file0/file0", O_WRONLY|O_CREAT|O_APPEND|O_NONBLOCK, 000 [pid 306] <... read resumed>"\x2e\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x34\x01\x00\x00\x00\x00\x00\x00\x66\x69\x6c\x65\x30\x00", 8192) = 46 [pid 306] write(3, "\x90\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 144) = 144 [pid 306] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 306] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 305] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 23.007301][ T308] FAULT_INJECTION: forcing a failure. [ 23.007301][ T308] name failslab, interval 1, probability 0, space 0, times 0 [ 23.019915][ T308] CPU: 0 PID: 308 Comm: syz-executor332 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.029968][ T308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 23.039862][ T308] Call Trace: [ 23.042988][ T308] [ 23.045765][ T308] dump_stack_lvl+0x151/0x1b7 [ 23.050278][ T308] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.055751][ T308] ? stack_trace_save+0x1c0/0x1c0 [ 23.060610][ T308] ? __kernel_text_address+0x9b/0x110 [ 23.065819][ T308] dump_stack+0x15/0x17 [ 23.069806][ T308] should_fail+0x3c6/0x510 [ 23.074056][ T308] __should_failslab+0xa4/0xe0 [ 23.078659][ T308] ? fuse_get_req+0x3d2/0xae0 [ 23.083171][ T308] should_failslab+0x9/0x20 [ 23.087510][ T308] slab_pre_alloc_hook+0x37/0xd0 [ 23.092285][ T308] ? fuse_get_req+0x3d2/0xae0 [ 23.096797][ T308] kmem_cache_alloc+0x44/0x200 [ 23.101398][ T308] fuse_get_req+0x3d2/0xae0 [ 23.105736][ T308] ? ____kasan_kmalloc+0xed/0x110 [ 23.110600][ T308] ? fuse_simple_request+0x1a20/0x1a20 [ 23.115895][ T308] ? fuse_file_alloc+0xb1/0x250 [ 23.120578][ T308] ? fuse_atomic_open+0x615/0x3750 [ 23.125526][ T308] ? path_openat+0xfde/0x2f40 [ 23.130044][ T308] ? do_filp_open+0x21c/0x460 [ 23.134553][ T308] ? do_sys_openat2+0x13f/0x830 [ 23.139238][ T308] ? __x64_sys_openat+0x243/0x290 [ 23.144100][ T308] ? do_syscall_64+0x3d/0xb0 [ 23.148527][ T308] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [pid 305] exit_group(0 [pid 306] <... futex resumed>) = ? [pid 305] <... exit_group resumed>) = ? [pid 306] +++ exited with 0 +++ [pid 307] <... read resumed> ) = ? [pid 307] +++ exited with 0 +++ [ 23.154433][ T308] fuse_simple_request+0x124/0x1a20 [ 23.159464][ T308] ? fuse_put_request+0x2d0/0x2d0 [ 23.164327][ T308] fuse_atomic_open+0x10b0/0x3750 [ 23.169184][ T308] ? policydb_context_isvalid+0x1c3/0x430 [ 23.174742][ T308] ? policydb_context_isvalid+0x1de/0x430 [ 23.180296][ T308] ? fuse_rename2+0x4470/0x4470 [ 23.184984][ T308] ? avc_has_perm_noaudit+0x2dd/0x430 [ 23.190191][ T308] ? may_create+0x3d3/0x540 [ 23.194528][ T308] ? selinux_determine_inode_label+0x3b0/0x3b0 [ 23.200520][ T308] ? make_kgid+0x6f0/0x6f0 [ 23.204769][ T308] ? selinux_inode_create+0x22/0x30 [ 23.209807][ T308] ? security_inode_create+0xbc/0x100 [ 23.215015][ T308] ? fuse_rename2+0x4470/0x4470 [ 23.219698][ T308] path_openat+0xfde/0x2f40 [ 23.224039][ T308] ? do_filp_open+0x460/0x460 [ 23.228551][ T308] do_filp_open+0x21c/0x460 [ 23.232892][ T308] ? vfs_tmpfile+0x2c0/0x2c0 [ 23.237319][ T308] do_sys_openat2+0x13f/0x830 [ 23.241829][ T308] ? cgroup_leave_frozen+0x164/0x2c0 [ 23.246955][ T308] ? do_sys_open+0x220/0x220 [ 23.251377][ T308] ? ptrace_notify+0x24c/0x350 [ 23.255976][ T308] __x64_sys_openat+0x243/0x290 [ 23.260664][ T308] ? __ia32_sys_open+0x270/0x270 [ 23.265437][ T308] ? __kasan_check_read+0x11/0x20 [ 23.270306][ T308] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 23.276116][ T308] do_syscall_64+0x3d/0xb0 [ 23.280368][ T308] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.286098][ T308] RIP: 0033:0x7fd75c36dfa9 [ 23.290347][ T308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 23.309791][ T308] RSP: 002b:00007fd75c2ec208 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 23.318035][ T308] RAX: ffffffffffffffda RBX: 00007fd75c3fc408 RCX: 00007fd75c36dfa9 [ 23.325848][ T308] RDX: 0000000000000c41 RSI: 0000000020002000 RDI: ffffffffffffff9c [ 23.333658][ T308] RBP: 00007fd75c3fc400 R08: 00007fd75c2ebfa6 R09: 0000000000003331 [ 23.341469][ T308] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd75c3c922c [ 23.349279][ T308] R13: 00007fd75c2ec210 R14: 0000000000000002 R15: 2f30656c69662f2e [pid 308] <... openat resumed>) = ? [pid 308] +++ exited with 0 +++ [pid 305] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 310 attached , child_tidptr=0x555556b21690) = 310 [pid 310] set_robust_list(0x555556b216a0, 24) = 0 [pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 310] setpgid(0, 0) = 0 [pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 310] write(3, "1000", 4) = 4 [pid 310] close(3) = 0 [pid 310] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 310] rt_sigaction(SIGRT_1, {sa_handler=0x7fd75c393ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd75c385560}, NULL, 8) = 0 [pid 310] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 310] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c30e000 [pid 310] mprotect(0x7fd75c30f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 310] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 310] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c32e990, parent_tid=0x7fd75c32e990, exit_signal=0, stack=0x7fd75c30e000, stack_size=0x20300, tls=0x7fd75c32e6c0}./strace-static-x86_64: Process 311 attached => {parent_tid=[311]}, 88) = 311 [pid 311] set_robust_list(0x7fd75c32e9a0, 24) = 0 [pid 311] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 311] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 310] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 311] <... futex resumed>) = 0 [pid 311] mkdirat(AT_FDCWD, "./file0", 000) = -1 EEXIST (File exists) [pid 311] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 311] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 311] <... futex resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/fuse", O_RDWR|O_CREAT, 000) = 3 [pid 311] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 311] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 311] <... futex resumed>) = 0 [pid 311] mount(NULL, "./file0", "fuse", 0, "fd=0x0000000000000003,rootmode=00000000000000000040000,user_id=00000000000000000000,group_id=0000000"... [pid 310] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... mount resumed>) = 0 [pid 311] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 311] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] <... futex resumed>) = 0 [pid 310] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 311] <... futex resumed>) = 0 [pid 311] read(3, "\x68\x00\x00\x00\x1a\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x24\x00\x00\x00\x00\x00\x02\x00\xfb\xff\xff\xf3\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 104 [pid 311] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 311] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] futex(0x7fd75c3fc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 311] <... futex resumed>) = 0 [pid 311] read(3, [ 23.357092][ T308] [pid 310] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 310] futex(0x7fd75c3fc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 310] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 310] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2ed000 [pid 310] mprotect(0x7fd75c2ee000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 310] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 310] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c30d990, parent_tid=0x7fd75c30d990, exit_signal=0, stack=0x7fd75c2ed000, stack_size=0x20300, tls=0x7fd75c30d6c0}./strace-static-x86_64: Process 312 attached [pid 312] set_robust_list(0x7fd75c30d9a0, 24) = 0 [pid 312] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 312] futex(0x7fd75c3fc3f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] <... clone3 resumed> => {parent_tid=[312]}, 88) = 312 [pid 310] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 310] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 312] <... futex resumed>) = 0 [pid 312] write(3, "\x50\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x27\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 80) = 80 [pid 312] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 312] futex(0x7fd75c3fc3f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] futex(0x7fd75c3fc3f8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 312] <... futex resumed>) = 0 [pid 312] read(3, [pid 310] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 310] futex(0x7fd75c3fc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 310] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 310] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd75c2cc000 [pid 310] mprotect(0x7fd75c2cd000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 310] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 310] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd75c2ec990, parent_tid=0x7fd75c2ec990, exit_signal=0, stack=0x7fd75c2cc000, stack_size=0x20300, tls=0x7fd75c2ec6c0}./strace-static-x86_64: Process 313 attached => {parent_tid=[313]}, 88) = 313 [pid 313] set_robust_list(0x7fd75c2ec9a0, 24 [pid 310] rt_sigprocmask(SIG_SETMASK, [], [pid 313] <... set_robust_list resumed>) = 0 [pid 310] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 313] rt_sigprocmask(SIG_SETMASK, [], [pid 310] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000 [pid 313] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 310] <... futex resumed>) = 0 [pid 313] futex(0x7fd75c3fc40c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 310] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 313] futex(0x7fd75c3fc408, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] futex(0x7fd75c3fc408, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 313] <... futex resumed>) = 0 [pid 310] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 313] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 313] write(4, "13", 2) = 2 [pid 313] openat(AT_FDCWD, "./file0/file0", O_WRONLY|O_CREAT|O_APPEND|O_NONBLOCK, 000 [pid 311] <... read resumed>"\x2e\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x01\x00\x00\x00\x00\x00\x00\x66\x69\x6c\x65\x30\x00", 8192) = 46 [pid 311] write(3, "\x90\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 144) = 144 [pid 311] futex(0x7fd75c3fc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 311] futex(0x7fd75c3fc3e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 312] <... read resumed>"\x3e\x00\x00\x00\x23\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x01\x00\x00\x00\x00\x00\x00\x41\x8c\x00\x00\x00\x80\x00\x00\x3f\x00\x00\x00\x00\x00\x00\x00\x66\x69\x6c\x65\x30\x00", 8192) = 62 [pid 312] write(3, "\xa0\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 160) = 160 [pid 312] futex(0x7fd75c3fc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 312] futex(0x7fd75c3fc3f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 310] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 310] futex(0x7fd75c3fc40c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 23.484359][ T313] FAULT_INJECTION: forcing a failure. [ 23.484359][ T313] name failslab, interval 1, probability 0, space 0, times 0 [ 23.496854][ T313] CPU: 0 PID: 313 Comm: syz-executor332 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.506833][ T313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 23.516728][ T313] Call Trace: [ 23.519853][ T313] [ 23.522630][ T313] dump_stack_lvl+0x151/0x1b7 [ 23.527141][ T313] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.532612][ T313] ? slab_free_freelist_hook+0xbd/0x190 [ 23.537991][ T313] dump_stack+0x15/0x17 [ 23.541984][ T313] should_fail+0x3c6/0x510 [ 23.546235][ T313] ? fuse_iget+0x7c0/0x7c0 [ 23.550491][ T313] __should_failslab+0xa4/0xe0 [ 23.555094][ T313] ? fuse_alloc_inode+0x23/0x1f0 [ 23.559871][ T313] should_failslab+0x9/0x20 [ 23.564202][ T313] slab_pre_alloc_hook+0x37/0xd0 [ 23.568977][ T313] ? fuse_iget+0x7c0/0x7c0 [ 23.573230][ T313] ? fuse_alloc_inode+0x23/0x1f0 [ 23.578005][ T313] kmem_cache_alloc+0x44/0x200 [ 23.582602][ T313] ? fuse_get_tree_submount+0x10e0/0x10e0 [ 23.588159][ T313] ? fuse_iget+0x7c0/0x7c0 [ 23.592412][ T313] ? fuse_inode_eq+0x80/0x80 [ 23.596835][ T313] fuse_alloc_inode+0x23/0x1f0 [ 23.601440][ T313] ? fuse_get_tree_submount+0x10e0/0x10e0 [ 23.606992][ T313] ? fuse_iget+0x7c0/0x7c0 [ 23.611247][ T313] ? fuse_inode_eq+0x80/0x80 [ 23.615678][ T313] iget5_locked+0xba/0x280 [ 23.619925][ T313] ? fuse_inode_eq+0x80/0x80 [ 23.624350][ T313] fuse_iget+0x293/0x7c0 [ 23.628433][ T313] ? fuse_init_inode+0x310/0x310 [pid 310] exit_group(0 [pid 312] <... futex resumed>) = ? [pid 311] <... futex resumed>) = ? [pid 310] <... exit_group resumed>) = ? [pid 312] +++ exited with 0 +++ [pid 311] +++ exited with 0 +++ [ 23.633203][ T313] ? fuse_passthrough_setup+0x9c/0x190 [ 23.638500][ T313] fuse_atomic_open+0x1379/0x3750 [ 23.643359][ T313] ? policydb_context_isvalid+0x1c3/0x430 [ 23.648914][ T313] ? policydb_context_isvalid+0x1de/0x430 [ 23.654471][ T313] ? fuse_rename2+0x4470/0x4470 [ 23.659157][ T313] ? avc_has_perm_noaudit+0x2dd/0x430 [ 23.664367][ T313] ? may_create+0x3d3/0x540 [ 23.668703][ T313] ? selinux_determine_inode_label+0x3b0/0x3b0 [ 23.674698][ T313] ? make_kgid+0x6f0/0x6f0 [ 23.678946][ T313] ? selinux_inode_create+0x22/0x30 [ 23.683979][ T313] ? security_inode_create+0xbc/0x100 [ 23.689184][ T313] ? fuse_rename2+0x4470/0x4470 [ 23.693873][ T313] path_openat+0xfde/0x2f40 [ 23.698217][ T313] ? do_filp_open+0x460/0x460 [ 23.702726][ T313] do_filp_open+0x21c/0x460 [ 23.707068][ T313] ? vfs_tmpfile+0x2c0/0x2c0 [ 23.711495][ T313] do_sys_openat2+0x13f/0x830 [ 23.716005][ T313] ? cgroup_leave_frozen+0x164/0x2c0 [ 23.721127][ T313] ? do_sys_open+0x220/0x220 [ 23.725556][ T313] ? ptrace_notify+0x24c/0x350 [ 23.730160][ T313] __x64_sys_openat+0x243/0x290 [ 23.734842][ T313] ? __ia32_sys_open+0x270/0x270 [ 23.739613][ T313] ? __kasan_check_read+0x11/0x20 [ 23.744472][ T313] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 23.750287][ T313] do_syscall_64+0x3d/0xb0 [ 23.754545][ T313] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.760274][ T313] RIP: 0033:0x7fd75c36dfa9 [ 23.764534][ T313] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 23.783964][ T313] RSP: 002b:00007fd75c2ec208 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 23.792210][ T313] RAX: ffffffffffffffda RBX: 00007fd75c3fc408 RCX: 00007fd75c36dfa9 [ 23.800020][ T313] RDX: 0000000000000c41 RSI: 0000000020002000 RDI: ffffffffffffff9c [ 23.807836][ T313] RBP: 00007fd75c3fc400 R08: 00007fd75c2ebfa6 R09: 0000000000003331 [ 23.815644][ T313] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd75c3c922c [ 23.823456][ T313] R13: 00007fd75c2ec210 R14: 0000000000000002 R15: 2f30656c69662f2e [ 23.831269][ T313] [ 23.834518][ T313] general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN [ 23.846037][ T313] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 23.854282][ T313] CPU: 1 PID: 313 Comm: syz-executor332 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.864350][ T313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 23.874244][ T313] RIP: 0010:fuse_file_put+0x11d/0x2420 [ 23.879540][ T313] Code: 01 00 00 00 89 de e8 e2 5b 66 ff 83 fb 01 0f 85 ee 00 00 00 4d 8d 6c 24 28 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ef e8 a5 43 a8 ff 4c 8d bc 24 c0 00 00 00 [ 23.898982][ T313] RSP: 0018:ffffc90000956ea0 EFLAGS: 00010206 [ 23.904880][ T313] RAX: 0000000000000005 RBX: 0000000000000001 RCX: dffffc0000000000 [ 23.912693][ T313] RDX: ffff88811dd42780 RSI: 0000000000000001 RDI: 0000000000000001 [ 23.920505][ T313] RBP: ffffc90000957240 R08: ffffffff82099d4e R09: ffffed1023571e46 [ 23.928317][ T313] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 23.936128][ T313] R13: 0000000000000028 R14: ffff88811ab8f200 R15: ffff88811ab8f228 [ 23.943939][ T313] FS: 00007fd75c2ec6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 23.952706][ T313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.959127][ T313] CR2: 00007fd75c3c4638 CR3: 000000011db85000 CR4: 00000000003506a0 [ 23.966943][ T313] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.974750][ T313] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.982567][ T313] Call Trace: [ 23.985690][ T313] [ 23.988467][ T313] ? __die_body+0x62/0xb0 [ 23.992633][ T313] ? die_addr+0x9f/0xd0 [ 23.996625][ T313] ? exc_general_protection+0x311/0x4b0 [ 24.002007][ T313] ? asm_exc_general_protection+0x27/0x30 [ 24.007560][ T313] ? fuse_file_put+0xfe/0x2420 [ 24.012160][ T313] ? fuse_file_put+0x11d/0x2420 [ 24.016847][ T313] ? dump_stack_lvl+0x167/0x1b7 [ 24.021533][ T313] ? dump_stack_lvl+0x17c/0x1b7 [ 24.026222][ T313] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.031696][ T313] ? fuse_lock_owner_id+0x160/0x160 [ 24.036722][ T313] ? slab_free_freelist_hook+0xbd/0x190 [ 24.042104][ T313] ? __kasan_check_write+0x14/0x20 [ 24.047058][ T313] ? should_fail+0x291/0x510 [ 24.051479][ T313] ? __kasan_check_write+0x14/0x20 [ 24.056426][ T313] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 24.061720][ T313] ? __should_failslab+0xa4/0xe0 [ 24.066504][ T313] ? _raw_spin_lock+0x1b0/0x1b0 [ 24.071181][ T313] ? slab_pre_alloc_hook+0x37/0xd0 [ 24.076128][ T313] ? fuse_iget+0x7c0/0x7c0 [ 24.080380][ T313] ? fuse_alloc_inode+0x23/0x1f0 [ 24.085153][ T313] ? kmem_cache_alloc+0x44/0x200 [ 24.089929][ T313] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 24.095568][ T313] ? __wake_up+0x120/0x1c0 [ 24.099821][ T313] ? fuse_iget+0x7c0/0x7c0 [ 24.104075][ T313] ? remove_wait_queue+0x140/0x140 [ 24.109025][ T313] ? _raw_spin_trylock_bh+0x190/0x190 [ 24.114230][ T313] ? fuse_iget+0x48f/0x7c0 [ 24.118484][ T313] ? fuse_prepare_release+0x222/0x400 [ 24.123691][ T313] fuse_sync_release+0x81/0xb0 [ 24.128293][ T313] fuse_atomic_open+0x2a5c/0x3750 [ 24.133151][ T313] ? policydb_context_isvalid+0x1c3/0x430 [ 24.138705][ T313] ? policydb_context_isvalid+0x1de/0x430 [ 24.144260][ T313] ? fuse_rename2+0x4470/0x4470 [ 24.148953][ T313] ? avc_has_perm_noaudit+0x2dd/0x430 [ 24.154161][ T313] ? may_create+0x3d3/0x540 [ 24.158494][ T313] ? selinux_determine_inode_label+0x3b0/0x3b0 [ 24.164483][ T313] ? make_kgid+0x6f0/0x6f0 [ 24.168740][ T313] ? selinux_inode_create+0x22/0x30 [ 24.173769][ T313] ? security_inode_create+0xbc/0x100 [ 24.178982][ T313] ? fuse_rename2+0x4470/0x4470 [ 24.183666][ T313] path_openat+0xfde/0x2f40 [ 24.188008][ T313] ? do_filp_open+0x460/0x460 [ 24.192520][ T313] do_filp_open+0x21c/0x460 [ 24.196857][ T313] ? vfs_tmpfile+0x2c0/0x2c0 [ 24.201287][ T313] do_sys_openat2+0x13f/0x830 [ 24.205796][ T313] ? cgroup_leave_frozen+0x164/0x2c0 [ 24.210916][ T313] ? do_sys_open+0x220/0x220 [ 24.215344][ T313] ? ptrace_notify+0x24c/0x350 [ 24.219944][ T313] __x64_sys_openat+0x243/0x290 [ 24.224631][ T313] ? __ia32_sys_open+0x270/0x270 [ 24.229404][ T313] ? __kasan_check_read+0x11/0x20 [ 24.234265][ T313] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 24.240082][ T313] do_syscall_64+0x3d/0xb0 [ 24.244339][ T313] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.250061][ T313] RIP: 0033:0x7fd75c36dfa9 [ 24.254317][ T313] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 24.273756][ T313] RSP: 002b:00007fd75c2ec208 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 24.282003][ T313] RAX: ffffffffffffffda RBX: 00007fd75c3fc408 RCX: 00007fd75c36dfa9 [ 24.289812][ T313] RDX: 0000000000000c41 RSI: 0000000020002000 RDI: ffffffffffffff9c [ 24.297624][ T313] RBP: 00007fd75c3fc400 R08: 00007fd75c2ebfa6 R09: 0000000000003331 [ 24.305442][ T313] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd75c3c922c [ 24.313247][ T313] R13: 00007fd75c2ec210 R14: 0000000000000002 R15: 2f30656c69662f2e [ 24.321061][ T313] [ 24.323922][ T313] Modules linked in: [ 24.328050][ T313] ---[ end trace 397894a245fe9706 ]--- [ 24.333458][ T313] RIP: 0010:fuse_file_put+0x11d/0x2420 [ 24.338878][ T313] Code: 01 00 00 00 89 de e8 e2 5b 66 ff 83 fb 01 0f 85 ee 00 00 00 4d 8d 6c 24 28 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ef e8 a5 43 a8 ff 4c 8d bc 24 c0 00 00 00 [ 24.358368][ T313] RSP: 0018:ffffc90000956ea0 EFLAGS: 00010206 [ 24.364295][ T313] RAX: 0000000000000005 RBX: 0000000000000001 RCX: dffffc0000000000 [ 24.372160][ T313] RDX: ffff88811dd42780 RSI: 0000000000000001 RDI: 0000000000000001 [ 24.380069][ T313] RBP: ffffc90000957240 R08: ffffffff82099d4e R09: ffffed1023571e46 [ 24.387891][ T313] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 24.395669][ T313] R13: 0000000000000028 R14: ffff88811ab8f200 R15: ffff88811ab8f228 [ 24.403490][ T313] FS: 00007fd75c2ec6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 24.412267][ T313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.418674][ T313] CR2: 00007fd75c3c4638 CR3: 000000011db85000 CR4: 00000000003506a0 [ 24.426482][ T313] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.434278][ T313] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.442117][ T313] Kernel panic - not syncing: Fatal exception [ 24.448148][ T313] Kernel Offset: disabled [ 24.452269][ T313] Rebooting in 86400 seconds..