./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor466504146 <...> Warning: Permanently added '10.128.0.201' (ECDSA) to the list of known hosts. execve("./syz-executor466504146", ["./syz-executor466504146"], 0x7ffeb9cfcec0 /* 10 vars */) = 0 brk(NULL) = 0x555555823000 brk(0x555555823c40) = 0x555555823c40 arch_prctl(ARCH_SET_FS, 0x555555823300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x5555558235d0) = 4998 set_robust_list(0x5555558235e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f12a2ea2220, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f12a2ea28f0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f12a2ea22c0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a2ea28f0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor466504146", 4096) = 27 brk(0x555555844c40) = 0x555555844c40 brk(0x555555845000) = 0x555555845000 mprotect(0x7f12a2f63000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555558235d0) = 4999 ./strace-static-x86_64: Process 4999 attached [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] set_robust_list(0x5555558235e0, 24./strace-static-x86_64: Process 5000 attached [pid 4998] <... clone resumed>, child_tidptr=0x5555558235d0) = 5000 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5001 attached [pid 4998] <... clone resumed>, child_tidptr=0x5555558235d0) = 5001 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] set_robust_list(0x5555558235e0, 24 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5002 attached [pid 4998] <... clone resumed>, child_tidptr=0x5555558235d0) = 5002 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555558235d0) = 5003 [pid 4998] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] <... set_robust_list resumed>) = 0 [pid 5002] set_robust_list(0x5555558235e0, 24 [pid 4998] <... clone resumed>, child_tidptr=0x5555558235d0) = 5005 [pid 5000] set_robust_list(0x5555558235e0, 24) = 0 [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] <... clone resumed>, child_tidptr=0x5555558235d0) = 5004 ./strace-static-x86_64: Process 5004 attached [pid 5002] <... set_robust_list resumed>) = 0 [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] <... clone resumed>, child_tidptr=0x5555558235d0) = 5006 ./strace-static-x86_64: Process 5005 attached [pid 5005] set_robust_list(0x5555558235e0, 24) = 0 [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5003 attached [pid 5003] set_robust_list(0x5555558235e0, 24 [pid 5001] <... clone resumed>, child_tidptr=0x5555558235d0) = 5007 [pid 5003] <... set_robust_list resumed>) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5005] <... clone resumed>, child_tidptr=0x5555558235d0) = 5008 [pid 5002] <... clone resumed>, child_tidptr=0x5555558235d0) = 5009 [pid 5004] set_robust_list(0x5555558235e0, 24./strace-static-x86_64: Process 5006 attached ) = 0 [pid 5003] <... clone resumed>, child_tidptr=0x5555558235d0) = 5010 [pid 5004] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5006] set_robust_list(0x5555558235e0, 24./strace-static-x86_64: Process 5007 attached [pid 5007] set_robust_list(0x5555558235e0, 24) = 0 [pid 5007] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5007] setpgid(0, 0) = 0 [pid 5007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5004] setpgid(0, 0 [pid 5006] <... set_robust_list resumed>) = 0 [pid 5007] <... openat resumed>) = 3 [pid 5004] <... setpgid resumed>) = 0 [pid 5007] write(3, "1000", 4 [pid 5004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5006] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5007] <... write resumed>) = 4 [pid 5007] close(3) = 0 [pid 5007] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5007] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5004] <... openat resumed>) = 3 [pid 5007] <... mmap resumed>) = 0x7f12a2e72000 [pid 5004] write(3, "1000", 4./strace-static-x86_64: Process 5008 attached ./strace-static-x86_64: Process 5010 attached [pid 5007] mprotect(0x7f12a2e73000, 131072, PROT_READ|PROT_WRITE [pid 5004] <... write resumed>) = 4 [pid 5008] set_robust_list(0x5555558235e0, 24 [pid 5007] <... mprotect resumed>) = 0 [pid 5006] <... prctl resumed>) = 0 [pid 5004] close(3 [pid 5008] <... set_robust_list resumed>) = 0 [pid 5007] clone(child_stack=0x7f12a2e923f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5011 attached ./strace-static-x86_64: Process 5009 attached [pid 5010] set_robust_list(0x5555558235e0, 24 [pid 5008] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5006] setpgid(0, 0 [pid 5004] <... close resumed>) = 0 [pid 5010] <... set_robust_list resumed>) = 0 [pid 5008] <... prctl resumed>) = 0 [pid 5007] <... clone resumed>, parent_tid=[5011], tls=0x7f12a2e92700, child_tidptr=0x7f12a2e929d0) = 5011 [pid 5010] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] setpgid(0, 0 [pid 5007] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5004] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5010] <... prctl resumed>) = 0 [pid 5008] <... setpgid resumed>) = 0 [pid 5007] <... futex resumed>) = 0 [pid 5006] <... setpgid resumed>) = 0 [pid 5004] <... futex resumed>) = 0 [pid 5010] setpgid(0, 0 [pid 5008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5010] <... setpgid resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5004] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5010] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5009] set_robust_list(0x5555558235e0, 24 [pid 5008] write(3, "1000", 4 [pid 5004] <... mmap resumed>) = 0x7f12a2e72000 [pid 5010] <... openat resumed>) = 3 [pid 5009] <... set_robust_list resumed>) = 0 [pid 5008] <... write resumed>) = 4 [pid 5006] <... openat resumed>) = 3 [pid 5004] mprotect(0x7f12a2e73000, 131072, PROT_READ|PROT_WRITE [pid 5010] write(3, "1000", 4 [pid 5008] close(3 [pid 5010] <... write resumed>) = 4 [pid 5008] <... close resumed>) = 0 [pid 5006] write(3, "1000", 4 [pid 5004] <... mprotect resumed>) = 0 [pid 5010] close(3 [pid 5009] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5006] <... write resumed>) = 4 [pid 5004] clone(child_stack=0x7f12a2e923f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5010] <... close resumed>) = 0 [pid 5008] <... futex resumed>) = 0 [pid 5010] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5008] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5006] close(3 [pid 5009] <... prctl resumed>) = 0 [pid 5010] <... futex resumed>) = 0 [pid 5008] <... mmap resumed>) = 0x7f12a2e72000 [pid 5006] <... close resumed>) = 0 [pid 5004] <... clone resumed>, parent_tid=[5012], tls=0x7f12a2e92700, child_tidptr=0x7f12a2e929d0) = 5012 [pid 5010] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5009] setpgid(0, 0 [pid 5008] mprotect(0x7f12a2e73000, 131072, PROT_READ|PROT_WRITE [pid 5006] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5004] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5011] set_robust_list(0x7f12a2e929e0, 24 [pid 5010] <... mmap resumed>) = 0x7f12a2e72000 [pid 5009] <... setpgid resumed>) = 0 [pid 5008] <... mprotect resumed>) = 0 [pid 5006] <... futex resumed>) = 0 [pid 5004] <... futex resumed>) = 0 [pid 5010] mprotect(0x7f12a2e73000, 131072, PROT_READ|PROT_WRITE [pid 5008] clone(child_stack=0x7f12a2e923f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5006] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5004] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5012 attached [pid 5010] <... mprotect resumed>) = 0 [pid 5009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5012] set_robust_list(0x7f12a2e929e0, 24 [pid 5010] clone(child_stack=0x7f12a2e923f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5008] <... clone resumed>, parent_tid=[5013], tls=0x7f12a2e92700, child_tidptr=0x7f12a2e929d0) = 5013 [pid 5006] <... mmap resumed>) = 0x7f12a2e72000 [pid 5012] <... set_robust_list resumed>) = 0 [pid 5009] <... openat resumed>) = 3 [pid 5008] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5006] mprotect(0x7f12a2e73000, 131072, PROT_READ|PROT_WRITE [pid 5012] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 5011] <... set_robust_list resumed>) = 0 [pid 5010] <... clone resumed>, parent_tid=[5014], tls=0x7f12a2e92700, child_tidptr=0x7f12a2e929d0) = 5014 [pid 5009] write(3, "1000", 4 [pid 5008] <... futex resumed>) = 0 [pid 5012] <... openat resumed>) = 3 [pid 5011] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 5010] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5009] <... write resumed>) = 4 [pid 5008] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5006] <... mprotect resumed>) = 0 [pid 5012] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5010] <... futex resumed>) = 0 [pid 5012] <... futex resumed>) = 1 [pid 5011] <... openat resumed>) = 3 [pid 5010] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5009] close(3 [pid 5006] clone(child_stack=0x7f12a2e923f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5004] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5013 attached [pid 5012] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5004] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] set_robust_list(0x7f12a2e929e0, 24 [pid 5012] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5011] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5009] <... close resumed>) = 0 [pid 5004] <... futex resumed>) = 0 [pid 5013] <... set_robust_list resumed>) = 0 [pid 5012] ioctl(3, FBIO_WAITFORVSYNC [pid 5011] <... futex resumed>) = 1 [pid 5009] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5007] <... futex resumed>) = 0 [pid 5006] <... clone resumed>, parent_tid=[5015], tls=0x7f12a2e92700, child_tidptr=0x7f12a2e929d0) = 5015 [pid 5004] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5014 attached [pid 5013] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 5011] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5009] <... futex resumed>) = 0 [pid 5007] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5006] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5011] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5009] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5007] <... futex resumed>) = 0 [pid 5006] <... futex resumed>) = 0 [pid 5007] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5015 attached [pid 5011] ioctl(3, FBIO_WAITFORVSYNC [pid 5009] <... mmap resumed>) = 0x7f12a2e72000 [pid 5006] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5015] set_robust_list(0x7f12a2e929e0, 24 [pid 5009] mprotect(0x7f12a2e73000, 131072, PROT_READ|PROT_WRITE [pid 5015] <... set_robust_list resumed>) = 0 [pid 5015] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 5009] <... mprotect resumed>) = 0 [pid 5014] set_robust_list(0x7f12a2e929e0, 24 [pid 5009] clone(child_stack=0x7f12a2e923f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5014] <... set_robust_list resumed>) = 0 [pid 5009] <... clone resumed>, parent_tid=[5016], tls=0x7f12a2e92700, child_tidptr=0x7f12a2e929d0) = 5016 [pid 5014] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 5009] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5009] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5016 attached [pid 5016] set_robust_list(0x7f12a2e929e0, 24) = 0 [pid 5016] openat(AT_FDCWD, "/dev/fb0", O_RDONLY [pid 5012] <... ioctl resumed>, 0) = 0 [pid 5013] <... openat resumed>) = 3 [pid 5013] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5012] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] <... futex resumed>) = 1 [pid 5012] <... futex resumed>) = 1 [pid 5008] <... futex resumed>) = 0 [pid 5004] <... futex resumed>) = 0 [pid 5013] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5012] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5008] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5012] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5008] <... futex resumed>) = 0 [pid 5004] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] ioctl(3, FBIO_WAITFORVSYNC [pid 5012] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5008] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5004] <... futex resumed>) = 0 [pid 5004] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5012] <... openat resumed>) = 4 [pid 5012] write(4, "2", 1) = 1 [pid 5012] ioctl(-1, SNDCTL_TMR_START or TCSETS, NULL) = -1 EBADF (Bad file descriptor) [pid 5012] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5004] <... futex resumed>) = 0 [pid 5012] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5004] exit_group(0) = ? [pid 5016] <... openat resumed>) = 3 [pid 5015] <... openat resumed>) = 3 [pid 5014] <... openat resumed>) = 3 [pid 5011] <... ioctl resumed>, 0) = 0 [pid 5014] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5014] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5016] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5009] <... futex resumed>) = 0 [pid 5016] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5009] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5016] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5009] <... futex resumed>) = 0 [pid 5016] ioctl(3, FBIO_WAITFORVSYNC [pid 5009] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5015] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5006] <... futex resumed>) = 0 [pid 5015] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5006] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5006] <... futex resumed>) = 0 [pid 5015] ioctl(3, FBIO_WAITFORVSYNC [pid 5006] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5011] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5011] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5010] <... futex resumed>) = 0 [pid 5010] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5014] <... futex resumed>) = 0 [pid 5010] <... futex resumed>) = 1 [pid 5014] ioctl(3, FBIO_WAITFORVSYNC [pid 5010] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5007] <... futex resumed>) = 0 [pid 5007] futex(0x7f12a2f694a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5011] <... futex resumed>) = 0 [pid 5007] <... futex resumed>) = 1 [pid 5011] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5007] futex(0x7f12a2f694ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5011] <... openat resumed>) = 4 [pid 5011] write(4, "2", 1) = 1 [pid 5011] ioctl(-1, SNDCTL_TMR_START or TCSETS, NULL) = -1 EBADF (Bad file descriptor) [pid 5011] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5007] <... futex resumed>) = 0 syzkaller login: [ 41.420882][ T5012] FAULT_INJECTION: forcing a failure. [ 41.420882][ T5012] name fail_futex, interval 1, probability 0, space 0, times 1 [ 41.434093][ T5012] CPU: 1 PID: 5012 Comm: syz-executor466 Not tainted 6.4.0-rc5-syzkaller-00313-g4c605260bc60 #0 [ 41.444513][ T5012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 41.454662][ T5012] Call Trace: [ 41.457940][ T5012] [ 41.460871][ T5012] dump_stack_lvl+0x136/0x150 [ 41.461274][ T5011] FAULT_INJECTION: forcing a failure. [pid 5011] futex(0x7f12a2f694a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5007] exit_group(0) = ? [pid 5009] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5009] futex(0x7f12a2f694bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5009] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a2e51000 [ 41.461274][ T5011] name fail_futex, interval 1, probability 0, space 0, times 1 [ 41.465559][ T5012] should_fail_ex+0x4a3/0x5b0 [ 41.483223][ T5012] ? print_usage_bug.part.0+0x660/0x660 [ 41.488784][ T5012] get_futex_key+0x76b/0x1c10 [ 41.493473][ T5012] ? futex_setup_timer+0xf0/0xf0 [ 41.498499][ T5012] ? finish_task_switch.isra.0+0x2b0/0xc80 [ 41.504305][ T5012] futex_wait_setup+0xab/0x230 [ 41.509149][ T5012] ? futex_wait_multiple+0xae0/0xae0 [ 41.514429][ T5012] futex_wait+0x268/0x680 [ 41.518836][ T5012] ? futex_wait_setup+0x230/0x230 [ 41.523856][ T5012] ? do_raw_spin_lock+0x124/0x2b0 [ 41.528874][ T5012] ? spin_bug+0x1c0/0x1c0 [ 41.533200][ T5012] do_futex+0x2e8/0x360 [ 41.537345][ T5012] ? __ia32_sys_get_robust_list+0x400/0x400 [ 41.543319][ T5012] ? find_held_lock+0x2d/0x110 [ 41.548083][ T5012] __x64_sys_futex+0x1ca/0x4d0 [ 41.552839][ T5012] ? do_futex+0x360/0x360 [ 41.557158][ T5012] ? _raw_spin_unlock_irq+0x23/0x50 [ 41.562453][ T5012] ? lockdep_hardirqs_on+0x7d/0x100 [ 41.567642][ T5012] ? _raw_spin_unlock_irq+0x2e/0x50 [ 41.572915][ T5012] ? ptrace_notify+0xfe/0x140 [ 41.577585][ T5012] do_syscall_64+0x39/0xb0 [ 41.581996][ T5012] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 41.587882][ T5012] RIP: 0033:0x7f12a2ee0c49 [ 41.592281][ T5012] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 41.611890][ T5012] RSP: 002b:00007f12a2e922f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [pid 5009] mprotect(0x7f12a2e52000, 131072, PROT_READ|PROT_WRITE [pid 5010] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5009] <... mprotect resumed>) = 0 [pid 5006] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5009] clone(child_stack=0x7f12a2e713f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5006] futex(0x7f12a2f694bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5009] <... clone resumed>, parent_tid=[5017], tls=0x7f12a2e71700, child_tidptr=0x7f12a2e719d0) = 5017 [pid 5006] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5009] futex(0x7f12a2f694b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5006] <... mmap resumed>) = 0x7f12a2e51000 [pid 5009] <... futex resumed>) = 0 [pid 5006] mprotect(0x7f12a2e52000, 131072, PROT_READ|PROT_WRITE [pid 5009] futex(0x7f12a2f694bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5006] <... mprotect resumed>) = 0 [pid 5006] clone(child_stack=0x7f12a2e713f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5018], tls=0x7f12a2e71700, child_tidptr=0x7f12a2e719d0) = 5018 [pid 5006] futex(0x7f12a2f694b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5013] <... ioctl resumed>, 0) = 0 [pid 5008] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5006] futex(0x7f12a2f694bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5010] futex(0x7f12a2f694bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 41.620291][ T5012] RAX: ffffffffffffffda RBX: 00007f12a2f694a8 RCX: 00007f12a2ee0c49 [ 41.628260][ T5012] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f12a2f694a8 [ 41.636214][ T5012] RBP: 00007f12a2f694a0 R08: 0000000000000032 R09: 0000000000000032 [ 41.644169][ T5012] R10: 0000000000000000 R11: 0000000000000246 R12: 3062662f7665642f [ 41.652299][ T5012] R13: 00007f12a2e92300 R14: 0000000000000001 R15: 0000000000022000 [ 41.660262][ T5012] [ 41.663306][ C1] vkms_vblank_simulate: vblank timer overrun [pid 5010] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a2e51000 [pid 5010] mprotect(0x7f12a2e52000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5010] clone(child_stack=0x7f12a2e713f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5019], tls=0x7f12a2e71700, child_tidptr=0x7f12a2e719d0) = 5019 [pid 5010] futex(0x7f12a2f694b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5010] futex(0x7f12a2f694bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5019 attached [pid 5019] set_robust_list(0x7f12a2e719e0, 24) = 0 [pid 5019] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4 [pid 5019] write(4, "2", 1) = 1 [pid 5019] ioctl(-1, SNDCTL_TMR_START or TCSETS, NULL) = -1 EBADF (Bad file descriptor) [pid 5019] futex(0x7f12a2f694bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5010] <... futex resumed>) = 0 [pid 5019] <... futex resumed>) = 1 [pid 5019] futex(0x7f12a2f694b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5009] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5006] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 41.670012][ T5011] CPU: 1 PID: 5011 Comm: syz-executor466 Not tainted 6.4.0-rc5-syzkaller-00313-g4c605260bc60 #0 [ 41.680427][ T5011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 41.690655][ T5011] Call Trace: [ 41.691750][ T5019] FAULT_INJECTION: forcing a failure. [ 41.691750][ T5019] name fail_futex, interval 1, probability 0, space 0, times 1 [ 41.693915][ T5011] [ 41.693923][ T5011] dump_stack_lvl+0x136/0x150 [ 41.693943][ T5011] should_fail_ex+0x4a3/0x5b0 [ 41.693970][ T5011] ? print_usage_bug.part.0+0x660/0x660 [ 41.724646][ T5011] get_futex_key+0x76b/0x1c10 [ 41.729420][ T5011] ? futex_setup_timer+0xf0/0xf0 [ 41.734361][ T5011] ? finish_task_switch.isra.0+0x2b0/0xc80 [ 41.740169][ T5011] futex_wait_setup+0xab/0x230 [ 41.744939][ T5011] ? futex_wait_multiple+0xae0/0xae0 [ 41.750405][ T5011] futex_wait+0x268/0x680 [ 41.754729][ T5011] ? futex_wait_setup+0x230/0x230 [ 41.759860][ T5011] ? do_raw_spin_lock+0x124/0x2b0 [ 41.764895][ T5011] ? spin_bug+0x1c0/0x1c0 [ 41.769317][ T5011] do_futex+0x2e8/0x360 [ 41.773475][ T5011] ? __ia32_sys_get_robust_list+0x400/0x400 [ 41.779371][ T5011] ? find_held_lock+0x2d/0x110 [ 41.784147][ T5011] __x64_sys_futex+0x1ca/0x4d0 [ 41.785726][ T5016] ------------[ cut here ]------------ [ 41.788906][ T5011] ? do_futex+0x360/0x360 [ 41.794388][ T5016] platform vkms: vblank wait timed out on crtc 0 [ 41.798681][ T5011] ? _raw_spin_unlock_irq+0x23/0x50 [ 41.798710][ T5011] ? lockdep_hardirqs_on+0x7d/0x100 [ 41.815528][ T5011] ? _raw_spin_unlock_irq+0x2e/0x50 [ 41.820739][ T5011] ? ptrace_notify+0xfe/0x140 [ 41.825432][ T5011] do_syscall_64+0x39/0xb0 [ 41.829866][ T5011] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 41.835775][ T5011] RIP: 0033:0x7f12a2ee0c49 [ 41.840193][ T5011] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 41.851589][ T5016] WARNING: CPU: 0 PID: 5016 at drivers/gpu/drm/drm_vblank.c:1310 drm_wait_one_vblank+0x2c0/0x510 [ 41.859784][ T5011] RSP: 002b:00007f12a2e922f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 41.859804][ T5011] RAX: ffffffffffffffda RBX: 00007f12a2f694a8 RCX: 00007f12a2ee0c49 [ 41.859817][ T5011] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f12a2f694a8 [ 41.859829][ T5011] RBP: 00007f12a2f694a0 R08: 0000000000000032 R09: 0000000000000032 [ 41.870316][ T5016] Modules linked in: [ 41.878674][ T5011] R10: 0000000000000000 R11: 0000000000000246 R12: 3062662f7665642f [ 41.878687][ T5011] R13: 00007f12a2e92300 R14: 0000000000000001 R15: 0000000000022000 ./strace-static-x86_64: Process 5018 attached ./strace-static-x86_64: Process 5017 attached [pid 5013] futex(0x7f12a2f694ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5012] <... futex resumed>) = ? [pid 5011] <... futex resumed>) = ? [ 41.878709][ T5011] [ 41.886690][ T5016] [ 41.894626][ C1] vkms_vblank_simulate: vblank timer overrun [ 41.902549][ T5016] CPU: 0 PID: 5016 Comm: syz-executor466 Not tainted 6.4.0-rc5-syzkaller-00313-g4c605260bc60 #0 [ 41.944116][ T5016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 41.954241][ T5016] RIP: 0010:drm_wait_one_vblank+0x2c0/0x510 [ 41.960268][ T5016] Code: 85 f6 0f 84 a3 01 00 00 e8 8d 41 e0 fc 4c 89 ef e8 c5 7f 74 00 44 89 e1 4c 89 f2 48 c7 c7 00 b3 bb 8a 48 89 c6 e8 c0 fc a7 fc <0f> 0b e9 87 fe ff ff e8 64 41 e0 fc 31 ff 4c 89 ee e8 9a 3d e0 fc [ 41.979983][ T5016] RSP: 0018:ffffc90003b6fb40 EFLAGS: 00010282 [ 41.986097][ T5016] RAX: 0000000000000000 RBX: 000000000000088c RCX: 0000000000000000 [ 41.994076][ T5016] RDX: ffff888077af5940 RSI: ffffffff814c03b7 RDI: 0000000000000001 [ 41.994144][ T5019] CPU: 1 PID: 5019 Comm: syz-executor466 Not tainted 6.4.0-rc5-syzkaller-00313-g4c605260bc60 #0 [ 42.002142][ T5016] RBP: ffff88801e524000 R08: 0000000000000001 R09: 0000000000000000 [ 42.012494][ T5019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 42.012510][ T5019] Call Trace: [ 42.012516][ T5019] [ 42.012522][ T5019] dump_stack_lvl+0x136/0x150 [ 42.020478][ T5016] R10: 0000000000000001 R11: 205d363130355420 R12: 0000000000000000 [ 42.030571][ T5019] should_fail_ex+0x4a3/0x5b0 [ 42.033842][ T5016] R13: ffff888146a9e010 R14: ffff88801eacc168 R15: ffff888015fc3830 [ 42.036751][ T5019] ? print_usage_bug.part.0+0x660/0x660 [ 42.036786][ T5019] get_futex_key+0x76b/0x1c10 [ 42.041433][ T5016] FS: 00007f12a2e92700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 42.049377][ T5019] ? futex_setup_timer+0xf0/0xf0 [ 42.049402][ T5019] ? finish_task_switch.isra.0+0x2b0/0xc80 [ 42.054039][ T5016] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.061984][ T5019] futex_wait_setup+0xab/0x230 [ 42.062009][ T5019] ? futex_wait_multiple+0xae0/0xae0 [ 42.067536][ T5016] CR2: 00007f12a2f131f0 CR3: 000000007a4aa000 CR4: 0000000000350ef0 [ 42.072169][ T5019] futex_wait+0x268/0x680 [ 42.081083][ T5016] Call Trace: [ 42.085969][ T5019] ? futex_wait_setup+0x230/0x230 [ 42.086005][ T5019] ? do_raw_spin_lock+0x124/0x2b0 [ 42.091852][ T5016] [ 42.098401][ T5019] ? spin_bug+0x1c0/0x1c0 [ 42.098431][ T5019] do_futex+0x2e8/0x360 [ 42.103153][ T5016] ? __warn+0xe6/0x390 [ 42.108407][ T5019] ? __ia32_sys_get_robust_list+0x400/0x400 [ 42.108428][ T5019] ? find_held_lock+0x2d/0x110 [ 42.116389][ T5016] ? drm_wait_one_vblank+0x2c0/0x510 [ 42.120671][ T5019] __x64_sys_futex+0x1ca/0x4d0 [ 42.123923][ T5016] ? report_bug+0x2da/0x500 [ 42.128911][ T5019] ? do_futex+0x360/0x360 [ 42.128930][ T5019] ? _raw_spin_unlock_irq+0x23/0x50 [ 42.133924][ T5016] ? handle_bug+0x3c/0x70 [ 42.136827][ T5019] ? lockdep_hardirqs_on+0x7d/0x100 [ 42.136849][ T5019] ? _raw_spin_unlock_irq+0x2e/0x50 [ 42.141145][ T5016] ? exc_invalid_op+0x18/0x50 [ 42.145266][ T5019] ? ptrace_notify+0xfe/0x140 [ 42.149322][ T5016] ? asm_exc_invalid_op+0x1a/0x20 [ 42.155163][ T5019] do_syscall_64+0x39/0xb0 [ 42.159915][ T5016] ? __warn_printk+0x187/0x310 [ 42.165140][ T5019] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.169975][ T5016] ? drm_wait_one_vblank+0x2c0/0x510 [ 42.174424][ T5019] RIP: 0033:0x7f12a2ee0c49 [ 42.178741][ T5016] ? drm_crtc_vblank_put+0x80/0x80 [ 42.183885][ T5019] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 42.188206][ T5016] ? mark_held_locks+0x9f/0xe0 [ 42.193347][ T5019] RSP: 002b:00007f12a2e712f8 EFLAGS: 00000246 [ 42.198528][ T5016] ? prepare_to_swait_exclusive+0x240/0x240 [ 42.203149][ T5019] ORIG_RAX: 00000000000000ca [ 42.203157][ T5019] RAX: ffffffffffffffda RBX: 00007f12a2f694b8 RCX: 00007f12a2ee0c49 [ 42.207814][ T5016] ? lockdep_hardirqs_on+0x7d/0x100 [ 42.212878][ T5019] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f12a2f694b8 [ 42.217282][ T5016] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 42.222076][ T5019] RBP: 00007f12a2f694b0 R08: 0000000000000032 R09: 0000000000000032 [ 42.227950][ T5016] ? drm_vblank_get+0x150/0x290 [ 42.233176][ T5019] R10: 0000000000000000 R11: 0000000000000246 R12: 3062662f7665642f [ 42.237581][ T5016] drm_fb_helper_ioctl+0x15d/0x1a0 [ 42.242632][ T5019] R13: 00007f12a2e71300 R14: 0000000000000001 R15: 0000000000022000 [ 42.262229][ T5016] do_fb_ioctl+0x32a/0x750 [ 42.266942][ T5019] [ 42.266970][ C1] vkms_vblank_simulate: vblank timer overrun [ 42.273071][ T5016] ? drm_fb_helper_sys_read+0x2a0/0x2a0 [ 42.321871][ T5013] FAULT_INJECTION: forcing a failure. [ 42.321871][ T5013] name fail_futex, interval 1, probability 0, space 0, times 0 [ 42.323434][ T5016] ? fb_getput_cmap+0x270/0x270 [ 42.332170][ T5018] FAULT_INJECTION: forcing a failure. [ 42.332170][ T5018] name fail_futex, interval 1, probability 0, space 0, times 0 [ 42.336531][ T5016] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 42.336562][ T5016] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 42.336590][ T5016] ? do_vfs_ioctl+0x132/0x1670 [ 42.348907][ T5018] CPU: 1 PID: 5018 Comm: syz-executor466 Not tainted 6.4.0-rc5-syzkaller-00313-g4c605260bc60 #0 [ 42.349039][ T5016] ? vfs_fileattr_set+0xc40/0xc40 [ 42.352026][ T5018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 42.358014][ T5016] ? find_held_lock+0x2d/0x110 [ 42.363481][ T5018] Call Trace: [ 42.363487][ T5018] [ 42.376220][ T5016] ? do_one_initcall+0x172/0x540 [ 42.381012][ T5018] dump_stack_lvl+0x136/0x150 [ 42.393751][ T5016] ? __fget_files+0x26a/0x480 [ 42.399502][ T5018] should_fail_ex+0x4a3/0x5b0 [ 42.405382][ T5016] fb_ioctl+0xeb/0x150 [ 42.410118][ T5018] ? print_usage_bug.part.0+0x660/0x660 [ 42.410147][ T5018] get_futex_key+0x76b/0x1c10 [ 42.420623][ T5016] ? do_fb_ioctl+0x750/0x750 [ 42.425599][ T5018] ? futex_setup_timer+0xf0/0xf0 [ 42.435651][ T5016] __x64_sys_ioctl+0x197/0x210 [ 42.440361][ T5018] ? finish_task_switch.isra.0+0x2b0/0xc80 [ 42.443611][ T5016] do_syscall_64+0x39/0xb0 [ 42.446515][ T5018] futex_wait_setup+0xab/0x230 [ 42.446539][ T5018] ? futex_wait_multiple+0xae0/0xae0 [ 42.451436][ T5016] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.456081][ T5018] futex_wait+0x268/0x680 [ 42.456105][ T5018] ? futex_wait_setup+0x230/0x230 [ 42.460737][ T5016] RIP: 0033:0x7f12a2ee0c49 [ 42.465393][ T5018] ? do_raw_spin_lock+0x124/0x2b0 [ 42.469439][ T5016] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 42.474927][ T5018] ? spin_bug+0x1c0/0x1c0 [ 42.479585][ T5016] RSP: 002b:00007f12a2e922f8 EFLAGS: 00000246 [ 42.484124][ T5018] do_futex+0x2e8/0x360 [ 42.489040][ T5016] ORIG_RAX: 0000000000000010 [ 42.493749][ T5018] ? __ia32_sys_get_robust_list+0x400/0x400 [ 42.499535][ T5016] RAX: ffffffffffffffda RBX: 00007f12a2f694a8 RCX: 00007f12a2ee0c49 [ 42.503895][ T5018] ? find_held_lock+0x2d/0x110 [ 42.508664][ T5016] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 42.513894][ T5018] __x64_sys_futex+0x1ca/0x4d0 [ 42.519863][ T5016] RBP: 00007f12a2f694a0 R08: 0000000000000000 R09: 0000000000000000 [ 42.524140][ T5018] ? do_futex+0x360/0x360 [ 42.529148][ T5016] R10: 0000000000000000 R11: 0000000000000246 R12: 3062662f7665642f [ 42.533529][ T5018] ? _raw_spin_unlock_irq+0x23/0x50 [ 42.538541][ T5016] R13: 00007ffc3d09a2df R14: 00007f12a2e92400 R15: 0000000000022000 [ 42.558096][ T5018] ? lockdep_hardirqs_on+0x7d/0x100 [ 42.558121][ T5018] ? _raw_spin_unlock_irq+0x2e/0x50 [ 42.562429][ T5016] [ 42.568537][ T5018] ? ptrace_notify+0xfe/0x140 [ 42.568563][ T5018] do_syscall_64+0x39/0xb0 [ 42.572683][ T5016] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 42.577328][ T5018] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.583295][ T5018] RIP: 0033:0x7f12a2ee0c49 [ 42.591337][ T5018] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 42.596079][ T5018] RSP: 002b:00007f12a2e712f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 42.608849][ T5018] RAX: ffffffffffffffda RBX: 00007f12a2f694b8 RCX: 00007f12a2ee0c49 [ 42.616798][ T5018] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f12a2f694b8 [ 42.621103][ T5018] RBP: 00007f12a2f694b0 R08: 0000000000000032 R09: 0000000000000032 [ 42.629141][ T5018] R10: 0000000000000000 R11: 0000000000000246 R12: 3062662f7665642f [ 42.634309][ T5018] R13: 00007f12a2e71300 R14: 0000000000000001 R15: 0000000000022000 [ 42.642351][ T5018] [ 42.647518][ T5016] CPU: 0 PID: 5016 Comm: syz-executor466 Not tainted 6.4.0-rc5-syzkaller-00313-g4c605260bc60 #0 [ 42.647552][ C1] vkms_vblank_simulate: vblank timer overrun [ 42.648016][ T5017] FAULT_INJECTION: forcing a failure. [ 42.648016][ T5017] name fail_futex, interval 1, probability 0, space 0, times 0 [ 42.783015][ T5016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 42.793057][ T5016] Call Trace: [ 42.796325][ T5016] [ 42.799328][ T5016] dump_stack_lvl+0xd9/0x150 [ 42.803906][ T5016] panic+0x686/0x730 [ 42.807820][ T5016] ? panic_smp_self_stop+0xa0/0xa0 [ 42.813013][ T5016] ? show_trace_log_lvl+0x284/0x390 [ 42.818212][ T5016] ? drm_wait_one_vblank+0x2c0/0x510 [ 42.823497][ T5016] check_panic_on_warn+0xb1/0xc0 [ 42.828444][ T5016] __warn+0xf2/0x390 [ 42.832337][ T5016] ? drm_wait_one_vblank+0x2c0/0x510 [ 42.837617][ T5016] report_bug+0x2da/0x500 [ 42.841944][ T5016] handle_bug+0x3c/0x70 [ 42.846088][ T5016] exc_invalid_op+0x18/0x50 [ 42.850581][ T5016] asm_exc_invalid_op+0x1a/0x20 [ 42.855436][ T5016] RIP: 0010:drm_wait_one_vblank+0x2c0/0x510 [ 42.861406][ T5016] Code: 85 f6 0f 84 a3 01 00 00 e8 8d 41 e0 fc 4c 89 ef e8 c5 7f 74 00 44 89 e1 4c 89 f2 48 c7 c7 00 b3 bb 8a 48 89 c6 e8 c0 fc a7 fc <0f> 0b e9 87 fe ff ff e8 64 41 e0 fc 31 ff 4c 89 ee e8 9a 3d e0 fc [ 42.880998][ T5016] RSP: 0018:ffffc90003b6fb40 EFLAGS: 00010282 [ 42.887058][ T5016] RAX: 0000000000000000 RBX: 000000000000088c RCX: 0000000000000000 [ 42.895018][ T5016] RDX: ffff888077af5940 RSI: ffffffff814c03b7 RDI: 0000000000000001 [ 42.902975][ T5016] RBP: ffff88801e524000 R08: 0000000000000001 R09: 0000000000000000 [ 42.910935][ T5016] R10: 0000000000000001 R11: 205d363130355420 R12: 0000000000000000 [ 42.918892][ T5016] R13: ffff888146a9e010 R14: ffff88801eacc168 R15: ffff888015fc3830 [ 42.926854][ T5016] ? __warn_printk+0x187/0x310 [ 42.931705][ T5016] ? drm_crtc_vblank_put+0x80/0x80 [ 42.936810][ T5016] ? mark_held_locks+0x9f/0xe0 [ 42.941565][ T5016] ? prepare_to_swait_exclusive+0x240/0x240 [ 42.947451][ T5016] ? lockdep_hardirqs_on+0x7d/0x100 [ 42.952639][ T5016] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 42.958438][ T5016] ? drm_vblank_get+0x150/0x290 [ 42.963277][ T5016] drm_fb_helper_ioctl+0x15d/0x1a0 [ 42.968381][ T5016] do_fb_ioctl+0x32a/0x750 [ 42.972791][ T5016] ? drm_fb_helper_sys_read+0x2a0/0x2a0 [ 42.978326][ T5016] ? fb_getput_cmap+0x270/0x270 [ 42.983169][ T5016] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 42.988967][ T5016] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 42.994855][ T5016] ? do_vfs_ioctl+0x132/0x1670 [ 42.999616][ T5016] ? vfs_fileattr_set+0xc40/0xc40 [ 43.004640][ T5016] ? find_held_lock+0x2d/0x110 [ 43.009396][ T5016] ? do_one_initcall+0x172/0x540 [ 43.014331][ T5016] ? __fget_files+0x26a/0x480 [ 43.019009][ T5016] fb_ioctl+0xeb/0x150 [ 43.023070][ T5016] ? do_fb_ioctl+0x750/0x750 [ 43.027651][ T5016] __x64_sys_ioctl+0x197/0x210 [ 43.032413][ T5016] do_syscall_64+0x39/0xb0 [ 43.036828][ T5016] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.042716][ T5016] RIP: 0033:0x7f12a2ee0c49 [ 43.047117][ T5016] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 43.066796][ T5016] RSP: 002b:00007f12a2e922f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 43.075193][ T5016] RAX: ffffffffffffffda RBX: 00007f12a2f694a8 RCX: 00007f12a2ee0c49 [ 43.083241][ T5016] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000003 [ 43.091289][ T5016] RBP: 00007f12a2f694a0 R08: 0000000000000000 R09: 0000000000000000 [ 43.099354][ T5016] R10: 0000000000000000 R11: 0000000000000246 R12: 3062662f7665642f [ 43.107320][ T5016] R13: 00007ffc3d09a2df R14: 00007f12a2e92400 R15: 0000000000022000 [ 43.115287][ T5016] [ 43.119300][ T5016] Kernel Offset: disabled [ 43.123671][ T5016] Rebooting in 86400 seconds..