./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3105655514 <...> Warning: Permanently added '10.128.10.4' (ECDSA) to the list of known hosts. execve("./syz-executor3105655514", ["./syz-executor3105655514"], 0x7ffca50dead0 /* 10 vars */) = 0 brk(NULL) = 0x555555a84000 brk(0x555555a84c40) = 0x555555a84c40 arch_prctl(ARCH_SET_FS, 0x555555a84300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555555a845d0) = 5057 set_robust_list(0x555555a845e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7fab4e573370, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fab4e573a40}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7fab4e573410, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fab4e573a40}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3105655514", 4096) = 28 brk(0x555555aa5c40) = 0x555555aa5c40 brk(0x555555aa6000) = 0x555555aa6000 mprotect(0x7fab4e634000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5058 attached , child_tidptr=0x555555a845d0) = 5058 [pid 5058] set_robust_list(0x555555a845e0, 24) = 0 [pid 5058] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5058] setpgid(0, 0) = 0 [pid 5058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5058] write(3, "1000", 4) = 4 [pid 5058] close(3) = 0 [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5058] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5058] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5058] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5059 attached [pid 5059] set_robust_list(0x7fab4e5639e0, 24 [pid 5058] <... clone resumed>, parent_tid=[5059], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5059 [pid 5059] <... set_robust_list resumed>) = 0 [pid 5059] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5059] <... futex resumed>) = 0 [pid 5059] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5059] <... openat resumed>) = 3 [pid 5059] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5059] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5058] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5059] <... futex resumed>) = 0 [pid 5059] fcntl(3, F_DUPFD, 3) = 4 [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5059] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5058] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5059] <... futex resumed>) = 0 [pid 5059] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5059] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5058] <... futex resumed>) = 0 [pid 5059] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5059] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5058] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5058] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5059] <... futex resumed>) = 1 [pid 5058] <... futex resumed>) = 0 [pid 5059] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 5059] <... socketpair resumed>[5, 6]) = 0 [pid 5059] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5058] <... futex resumed>) = 0 [pid 5058] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5059] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5059] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5058] <... futex resumed>) = 0 [pid 5059] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5059] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5059] ioctl(3, NBD_SET_SOCK, 5 [pid 5058] <... futex resumed>) = 0 [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5059] <... ioctl resumed>) = 0 [pid 5059] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5058] <... futex resumed>) = 0 [pid 5059] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5059] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5058] <... futex resumed>) = 0 [pid 5059] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5058] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5059] <... openat resumed>) = 7 [pid 5059] write(7, "16", 2) = 2 [pid 5059] ioctl(3, NBD_DO_IT [pid 5058] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 52.038850][ T5059] FAULT_INJECTION: forcing a failure. [ 52.038850][ T5059] name failslab, interval 1, probability 0, space 0, times 1 [ 52.052018][ T5059] CPU: 1 PID: 5059 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 52.062126][ T5059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 52.072213][ T5059] Call Trace: [ 52.076213][ T5059] [ 52.079251][ T5059] dump_stack_lvl+0x1e3/0x2d0 [ 52.083963][ T5059] ? nf_tcp_handle_invalid+0x630/0x630 [ 52.089512][ T5059] ? panic+0x770/0x770 [ 52.093584][ T5059] ? __might_sleep+0xc0/0xc0 [ 52.098171][ T5059] ? pcpu_memcg_post_alloc_hook+0x106/0x440 [ 52.104254][ T5059] should_fail_ex+0x3aa/0x4e0 [ 52.108941][ T5059] ? kvmalloc_node+0x6e/0x180 [ 52.113618][ T5059] should_failslab+0x5/0x20 [ 52.118122][ T5059] __kmem_cache_alloc_node+0x68/0x340 [ 52.123585][ T5059] ? pcpu_alloc+0x10c2/0x14e0 [ 52.128269][ T5059] ? kvmalloc_node+0x6e/0x180 [ 52.132944][ T5059] __kmalloc_node+0x9e/0x190 [ 52.137535][ T5059] kvmalloc_node+0x6e/0x180 [ 52.142039][ T5059] sbitmap_init_node+0x2b5/0x580 [ 52.146982][ T5059] sbitmap_queue_init_node+0x37/0x4b0 [ 52.152357][ T5059] blk_mq_init_tags+0x103/0x270 [ 52.157298][ T5059] blk_mq_alloc_map_and_rqs+0xb6/0x990 [ 52.162854][ T5059] ? mutex_unlock+0x10/0x10 [ 52.167358][ T5059] ? _find_next_bit+0x116/0x140 [ 52.172216][ T5059] blk_mq_map_swqueue+0x63f/0x15f0 [ 52.177344][ T5059] ? blk_mq_requeue_work+0x7c0/0x7c0 [ 52.182626][ T5059] ? blk_mq_map_queues+0x683/0x6b0 [ 52.187745][ T5059] blk_mq_update_nr_hw_queues+0x9a1/0x13a0 [ 52.193667][ T5059] ? blk_mq_update_nr_requests+0x680/0x680 [ 52.199520][ T5059] ? trace_raw_output_contention_end+0xd0/0xd0 [ 52.205702][ T5059] ? blkdev_common_ioctl+0x688/0x21c0 [ 52.211103][ T5059] nbd_start_device+0x15d/0xb70 [ 52.215975][ T5059] nbd_start_device_ioctl+0xa7/0x5c0 [ 52.221262][ T5059] ? nbd_ioctl+0xd7/0x5b0 [ 52.225595][ T5059] ? nbd_set_size+0x490/0x490 [ 52.230271][ T5059] ? safesetid_security_capable+0xab/0x1b0 [ 52.236084][ T5059] ? bpf_lsm_capable+0x5/0x10 [ 52.240857][ T5059] nbd_ioctl+0x28c/0x5b0 [ 52.245097][ T5059] ? nbd_release+0x130/0x130 [ 52.249730][ T5059] blkdev_ioctl+0x3c9/0x7c0 [ 52.254255][ T5059] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 52.259734][ T5059] ? bpf_lsm_file_ioctl+0x5/0x10 [ 52.264678][ T5059] ? security_file_ioctl+0x9d/0xb0 [ 52.269795][ T5059] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 52.275360][ T5059] __se_sys_ioctl+0xfb/0x170 [ 52.279978][ T5059] do_syscall_64+0x2b/0x70 [ 52.284405][ T5059] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.290305][ T5059] RIP: 0033:0x7fab4e5b6259 [ 52.294722][ T5059] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.314335][ T5059] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 52.322751][ T5059] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 52.330722][ T5059] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 52.338692][ T5059] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 52.346664][ T5059] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 52.354631][ T5059] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 52.362619][ T5059] [pid 5058] exit_group(0) = ? [pid 5059] <... ioctl resumed>) = ? [pid 5059] +++ exited with 0 +++ [pid 5058] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5058, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached , child_tidptr=0x555555a845d0) = 5062 [pid 5062] set_robust_list(0x555555a845e0, 24) = 0 [pid 5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5062] setpgid(0, 0) = 0 [pid 5062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5062] write(3, "1000", 4) = 4 [ 52.471410][ T5059] block nbd0: shutting down sockets [pid 5062] close(3) = 0 [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5062] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5062] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5062] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5063 attached , parent_tid=[5063], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5063 [pid 5062] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5063] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5063] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5062] <... futex resumed>) = 0 [pid 5063] fcntl(3, F_DUPFD, 3 [pid 5062] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5063] <... fcntl resumed>) = 4 [pid 5062] <... futex resumed>) = 0 [pid 5063] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] <... futex resumed>) = 0 [pid 5062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5063] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5062] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5063] <... ioctl resumed>) = 0 [pid 5062] <... futex resumed>) = 0 [pid 5063] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] <... futex resumed>) = 0 [pid 5062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5063] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5062] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5063] <... socketpair resumed>[5, 6]) = 0 [pid 5062] <... futex resumed>) = 0 [pid 5063] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] <... futex resumed>) = 0 [pid 5062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5063] ioctl(3, NBD_SET_SOCK, 5 [pid 5062] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] <... ioctl resumed>) = 0 [pid 5063] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5062] <... futex resumed>) = 0 [pid 5063] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5062] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5063] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5062] <... futex resumed>) = 0 [pid 5063] ioctl(3, NBD_SET_SOCK, 5 [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] <... ioctl resumed>) = 0 [pid 5063] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5062] <... futex resumed>) = 0 [pid 5063] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5062] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5063] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5062] <... futex resumed>) = 0 [pid 5063] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5062] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] <... openat resumed>) = 7 [pid 5063] write(7, "16", 2) = 2 [ 52.597993][ T5063] FAULT_INJECTION: forcing a failure. [ 52.597993][ T5063] name failslab, interval 1, probability 0, space 0, times 0 [ 52.610802][ T5063] CPU: 0 PID: 5063 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 52.620863][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 52.630947][ T5063] Call Trace: [ 52.634232][ T5063] [ 52.637155][ T5063] dump_stack_lvl+0x1e3/0x2d0 [ 52.641833][ T5063] ? nf_tcp_handle_invalid+0x630/0x630 [ 52.647465][ T5063] ? panic+0x770/0x770 [ 52.651531][ T5063] ? __might_sleep+0xc0/0xc0 [ 52.656121][ T5063] ? lockdep_init_map_type+0x9d/0x8d0 [ 52.661612][ T5063] should_fail_ex+0x3aa/0x4e0 [ 52.666300][ T5063] ? security_inode_alloc+0x24/0x130 [ 52.671587][ T5063] should_failslab+0x5/0x20 [ 52.676080][ T5063] kmem_cache_alloc+0x69/0x350 [ 52.680843][ T5063] security_inode_alloc+0x24/0x130 [ 52.685948][ T5063] inode_init_always+0x887/0xb80 [ 52.690901][ T5063] new_inode_pseudo+0x94/0x1d0 [ 52.695690][ T5063] new_inode+0x25/0x1d0 [ 52.699850][ T5063] ? start_creating+0x22a/0x330 [ 52.704700][ T5063] __debugfs_create_file+0x146/0x500 [ 52.709986][ T5063] nbd_start_device+0x42c/0xb70 [ 52.714869][ T5063] nbd_start_device_ioctl+0xa7/0x5c0 [ 52.720261][ T5063] ? nbd_ioctl+0xd7/0x5b0 [ 52.724598][ T5063] ? nbd_set_size+0x490/0x490 [ 52.729274][ T5063] ? safesetid_security_capable+0xab/0x1b0 [ 52.735085][ T5063] ? bpf_lsm_capable+0x5/0x10 [ 52.739768][ T5063] nbd_ioctl+0x28c/0x5b0 [ 52.744010][ T5063] ? nbd_release+0x130/0x130 [ 52.748607][ T5063] blkdev_ioctl+0x3c9/0x7c0 [ 52.753113][ T5063] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 52.758581][ T5063] ? bpf_lsm_file_ioctl+0x5/0x10 [ 52.763521][ T5063] ? security_file_ioctl+0x9d/0xb0 [ 52.768631][ T5063] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 52.774085][ T5063] __se_sys_ioctl+0xfb/0x170 [ 52.778677][ T5063] do_syscall_64+0x2b/0x70 [ 52.783089][ T5063] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.788984][ T5063] RIP: 0033:0x7fab4e5b6259 [ 52.793394][ T5063] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.813004][ T5063] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 52.821880][ T5063] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 52.829857][ T5063] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 52.837829][ T5063] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5063] ioctl(3, NBD_DO_IT [pid 5062] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 52.845797][ T5063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 52.853764][ T5063] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 52.861750][ T5063] [ 52.868006][ T5063] debugfs: out of free dentries, can not create file 'timeout' [pid 5062] exit_group(0) = ? [pid 5063] <... ioctl resumed>) = ? [pid 5063] +++ exited with 0 +++ [pid 5062] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5062, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5064 attached , child_tidptr=0x555555a845d0) = 5064 [pid 5064] set_robust_list(0x555555a845e0, 24) = 0 [pid 5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] setpgid(0, 0) = 0 [pid 5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] write(3, "1000", 4) = 4 [pid 5064] close(3) = 0 [pid 5064] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5064] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5064] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5065 attached , parent_tid=[5065], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5065 [pid 5064] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5065] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5065] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5065] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5065] <... futex resumed>) = 0 [pid 5064] <... futex resumed>) = 1 [pid 5065] fcntl(3, F_DUPFD, 3) = 4 [pid 5065] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5064] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5065] <... futex resumed>) = 0 [pid 5064] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5065] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5065] socketpair(AF_UNIX, SOCK_STREAM, 0, [ 53.024794][ T5063] block nbd0: shutting down sockets [pid 5064] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5065] <... socketpair resumed>[5, 6]) = 0 [pid 5064] <... futex resumed>) = 0 [pid 5065] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5064] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] <... futex resumed>) = 0 [pid 5064] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5065] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5065] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5065] ioctl(3, NBD_SET_SOCK, 5 [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5064] futex(0x7fab4e63a4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e522000 [pid 5064] mprotect(0x7fab4e523000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5064] clone(child_stack=0x7fab4e5423f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5066 attached , parent_tid=[5066], tls=0x7fab4e542700, child_tidptr=0x7fab4e5429d0) = 5066 [pid 5066] set_robust_list(0x7fab4e5429e0, 24 [pid 5064] futex(0x7fab4e63a4d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... set_robust_list resumed>) = 0 [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7fab4e63a4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5066] ioctl(3, NBD_SET_SOCK, 5 [pid 5065] <... ioctl resumed>) = 0 [pid 5065] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5065] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5064] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5065] <... futex resumed>) = 0 [pid 5064] <... futex resumed>) = 1 [pid 5065] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5064] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] <... openat resumed>) = 7 [pid 5065] write(7, "16", 2) = 2 [pid 5065] ioctl(3, NBD_DO_IT [pid 5066] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5066] futex(0x7fab4e63a4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 53.184156][ T5066] block nbd0: Device being setup by another task [pid 5066] futex(0x7fab4e63a4d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 53.228214][ T5065] FAULT_INJECTION: forcing a failure. [ 53.228214][ T5065] name failslab, interval 1, probability 0, space 0, times 0 [ 53.241014][ T5065] CPU: 1 PID: 5065 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 53.251108][ T5065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 53.261163][ T5065] Call Trace: [ 53.264459][ T5065] [ 53.267407][ T5065] dump_stack_lvl+0x1e3/0x2d0 [ 53.272098][ T5065] ? nf_tcp_handle_invalid+0x630/0x630 [ 53.277557][ T5065] ? panic+0x770/0x770 [ 53.281640][ T5065] ? __might_sleep+0xc0/0xc0 [ 53.286258][ T5065] should_fail_ex+0x3aa/0x4e0 [ 53.290932][ T5065] ? __d_alloc+0x31/0x700 [ 53.295281][ T5065] should_failslab+0x5/0x20 [ 53.299819][ T5065] kmem_cache_alloc_lru+0x75/0x320 [ 53.305029][ T5065] ? mark_lock+0x9a/0x350 [ 53.309378][ T5065] __d_alloc+0x31/0x700 [ 53.313555][ T5065] d_alloc_parallel+0xcb/0x12c0 [ 53.318418][ T5065] ? lockdep_init_map_type+0x9d/0x8d0 [pid 5064] exit_group(0) = ? [pid 5066] <... futex resumed>) = ? [pid 5066] +++ exited with 0 +++ [ 53.323809][ T5065] ? lockdep_softirqs_off+0x420/0x420 [ 53.329180][ T5065] ? d_hash_and_lookup+0x1c0/0x1c0 [ 53.334303][ T5065] ? __init_waitqueue_head+0xa6/0x140 [ 53.339705][ T5065] __lookup_slow+0x112/0x3e0 [ 53.344321][ T5065] ? lookup_one_len+0x690/0x690 [ 53.349235][ T5065] lookup_one_len+0x430/0x690 [ 53.353939][ T5065] ? try_lookup_one_len+0x670/0x670 [ 53.359141][ T5065] ? mntput+0x60/0xb0 [ 53.363133][ T5065] start_creating+0x183/0x330 [ 53.367814][ T5065] debugfs_create_dir+0x24/0x480 [ 53.372762][ T5065] blk_mq_debugfs_register_hctx+0x12e/0x6d0 [ 53.378677][ T5065] ? xa_find+0x33d/0x410 [ 53.382962][ T5065] ? blk_mq_debugfs_register_sched+0x290/0x290 [ 53.389145][ T5065] ? xa_clear_mark+0x2d0/0x2d0 [ 53.393920][ T5065] blk_mq_debugfs_register_hctxs+0xbb/0x130 [ 53.399828][ T5065] ? blk_mq_debugfs_unregister_hctx+0xb0/0xb0 [ 53.405919][ T5065] ? blk_mq_map_queues+0x683/0x6b0 [ 53.411050][ T5065] blk_mq_update_nr_hw_queues+0xdc7/0x13a0 [ 53.416898][ T5065] ? blk_mq_update_nr_requests+0x680/0x680 [ 53.422722][ T5065] ? do_raw_spin_unlock+0x134/0x8a0 [ 53.427946][ T5065] nbd_start_device+0x15d/0xb70 [ 53.432828][ T5065] nbd_start_device_ioctl+0xa7/0x5c0 [ 53.438114][ T5065] ? nbd_ioctl+0xd7/0x5b0 [ 53.442436][ T5065] ? nbd_set_size+0x490/0x490 [ 53.447110][ T5065] ? safesetid_security_capable+0xab/0x1b0 [ 53.453703][ T5065] ? bpf_lsm_capable+0x5/0x10 [ 53.458386][ T5065] nbd_ioctl+0x28c/0x5b0 [ 53.462633][ T5065] ? nbd_release+0x130/0x130 [ 53.467244][ T5065] blkdev_ioctl+0x3c9/0x7c0 [ 53.471751][ T5065] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 53.477213][ T5065] ? bpf_lsm_file_ioctl+0x5/0x10 [ 53.482164][ T5065] ? security_file_ioctl+0x9d/0xb0 [ 53.487308][ T5065] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 53.492844][ T5065] __se_sys_ioctl+0xfb/0x170 [ 53.497466][ T5065] do_syscall_64+0x2b/0x70 [ 53.501883][ T5065] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.507798][ T5065] RIP: 0033:0x7fab4e5b6259 [ 53.512219][ T5065] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 53.531827][ T5065] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.540241][ T5065] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 53.548222][ T5065] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 53.556204][ T5065] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 53.564172][ T5065] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [pid 5065] <... ioctl resumed>) = ? [pid 5065] +++ exited with 0 +++ [pid 5064] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5064, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached , child_tidptr=0x555555a845d0) = 5067 [pid 5067] set_robust_list(0x555555a845e0, 24) = 0 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5067] setpgid(0, 0) = 0 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1000", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5067] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5067] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5067] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5068 attached , parent_tid=[5068], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5068 [pid 5068] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5068] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5067] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5068] <... futex resumed>) = 0 [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5068] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5067] <... futex resumed>) = 0 [pid 5067] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] fcntl(3, F_DUPFD, 3) = 4 [ 53.572136][ T5065] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 53.580132][ T5065] [ 53.594681][ T5065] block nbd0: shutting down sockets [pid 5068] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5067] <... futex resumed>) = 0 [pid 5067] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5068] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5067] <... futex resumed>) = 0 [pid 5067] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5068] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5067] <... futex resumed>) = 0 [pid 5068] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5067] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] ioctl(3, NBD_SET_SOCK, 5 [pid 5067] <... futex resumed>) = 0 [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... ioctl resumed>) = 0 [pid 5068] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5067] <... futex resumed>) = 0 [pid 5068] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5067] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5067] <... futex resumed>) = 0 [pid 5068] ioctl(3, NBD_SET_SOCK, 5 [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... ioctl resumed>) = 0 [pid 5068] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5067] <... futex resumed>) = 0 [pid 5068] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5067] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5067] <... futex resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5067] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... openat resumed>) = 7 [pid 5068] write(7, "16", 2) = 2 [pid 5068] ioctl(3, NBD_DO_IT [pid 5067] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 53.756242][ T5068] FAULT_INJECTION: forcing a failure. [ 53.756242][ T5068] name failslab, interval 1, probability 0, space 0, times 0 [ 53.769089][ T5068] CPU: 1 PID: 5068 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 53.779169][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 53.789265][ T5068] Call Trace: [ 53.792563][ T5068] [ 53.795495][ T5068] dump_stack_lvl+0x1e3/0x2d0 [ 53.800190][ T5068] ? nf_tcp_handle_invalid+0x630/0x630 [ 53.805671][ T5068] ? panic+0x770/0x770 [ 53.809806][ T5068] ? __might_sleep+0xc0/0xc0 [ 53.814441][ T5068] should_fail_ex+0x3aa/0x4e0 [ 53.819137][ T5068] ? __kernfs_new_node+0xdb/0x730 [ 53.824173][ T5068] should_failslab+0x5/0x20 [ 53.828714][ T5068] kmem_cache_alloc+0x69/0x350 [ 53.833600][ T5068] __kernfs_new_node+0xdb/0x730 [ 53.838463][ T5068] ? __might_sleep+0xc0/0xc0 [ 53.843091][ T5068] ? kernfs_new_node+0x160/0x160 [ 53.848066][ T5068] ? __lock_acquire+0x1f60/0x1f60 [pid 5067] exit_group(0) = ? [ 53.853125][ T5068] ? do_raw_spin_unlock+0x134/0x8a0 [ 53.858344][ T5068] ? __radix_tree_preload+0x444/0x4c0 [ 53.863717][ T5068] ? down_write+0x1a5/0x270 [ 53.868219][ T5068] kernfs_new_node+0x95/0x160 [ 53.872904][ T5068] __kernfs_create_file+0x45/0x2e0 [ 53.878016][ T5068] sysfs_add_file_mode_ns+0x21d/0x330 [ 53.883407][ T5068] internal_create_group+0x55c/0xf50 [ 53.888729][ T5068] ? sysfs_create_group+0x20/0x20 [ 53.893760][ T5068] ? sysfs_create_dir_ns+0x1c7/0x390 [ 53.899073][ T5068] ? sysfs_warn_dup+0xa0/0xa0 [ 53.903774][ T5068] sysfs_create_groups+0x5d/0x130 [ 53.908819][ T5068] kobject_add_internal+0x723/0xd10 [ 53.914024][ T5068] kobject_add+0x14c/0x210 [ 53.918449][ T5068] ? blk_mq_register_hctx+0x4f/0x3b0 [ 53.923732][ T5068] ? kobject_init+0x1d0/0x1d0 [ 53.928406][ T5068] ? xa_clear_mark+0x2d0/0x2d0 [ 53.933181][ T5068] blk_mq_register_hctx+0xd5/0x3b0 [ 53.938313][ T5068] blk_mq_sysfs_register_hctxs+0x128/0x1f0 [ 53.944129][ T5068] ? blk_mq_sysfs_unregister_hctxs+0x320/0x320 [ 53.950296][ T5068] ? blk_mq_map_queues+0x683/0x6b0 [ 53.955431][ T5068] blk_mq_update_nr_hw_queues+0xdbf/0x13a0 [ 53.961260][ T5068] ? blk_mq_update_nr_requests+0x680/0x680 [ 53.967060][ T5068] ? trace_raw_output_contention_end+0xd0/0xd0 [ 53.973209][ T5068] ? blkdev_common_ioctl+0x688/0x21c0 [ 53.978585][ T5068] nbd_start_device+0x15d/0xb70 [ 53.983461][ T5068] nbd_start_device_ioctl+0xa7/0x5c0 [ 53.988763][ T5068] ? nbd_ioctl+0xd7/0x5b0 [ 53.993114][ T5068] ? nbd_set_size+0x490/0x490 [ 53.997802][ T5068] ? safesetid_security_capable+0xab/0x1b0 [ 54.003604][ T5068] ? bpf_lsm_capable+0x5/0x10 [ 54.008294][ T5068] nbd_ioctl+0x28c/0x5b0 [ 54.012564][ T5068] ? nbd_release+0x130/0x130 [ 54.017177][ T5068] blkdev_ioctl+0x3c9/0x7c0 [ 54.021679][ T5068] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 54.027138][ T5068] ? bpf_lsm_file_ioctl+0x5/0x10 [ 54.032081][ T5068] ? security_file_ioctl+0x9d/0xb0 [ 54.037225][ T5068] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 54.042680][ T5068] __se_sys_ioctl+0xfb/0x170 [ 54.047268][ T5068] do_syscall_64+0x2b/0x70 [ 54.051693][ T5068] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 54.057604][ T5068] RIP: 0033:0x7fab4e5b6259 [ 54.062012][ T5068] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.081612][ T5068] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 54.090198][ T5068] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 54.098169][ T5068] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 54.106145][ T5068] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 54.114132][ T5068] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 54.122103][ T5068] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 54.130178][ T5068] [ 54.134455][ T5068] kobject_add_internal failed for 0 (error: -12 parent: mq) [pid 5068] <... ioctl resumed>) = ? [pid 5068] +++ exited with 0 +++ [pid 5067] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5069 attached [pid 5069] set_robust_list(0x555555a845e0, 24) = 0 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] setpgid(0, 0) = 0 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] write(3, "1000", 4) = 4 [pid 5069] close(3) = 0 [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5069] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5069] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5070], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5070 [pid 5057] <... clone resumed>, child_tidptr=0x555555a845d0) = 5069 [pid 5069] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5070 attached [pid 5070] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5070] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5070] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] <... futex resumed>) = 0 [pid 5069] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... futex resumed>) = 1 [pid 5070] fcntl(3, F_DUPFD, 3) = 4 [pid 5070] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] <... futex resumed>) = 0 [pid 5069] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... futex resumed>) = 1 [pid 5070] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5070] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] <... futex resumed>) = 0 [pid 5069] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... futex resumed>) = 1 [pid 5070] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5070] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] <... futex resumed>) = 0 [pid 5069] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... futex resumed>) = 1 [ 54.160426][ T5068] block nbd0: shutting down sockets [pid 5070] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5070] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5069] <... futex resumed>) = 0 [pid 5070] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5069] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5069] <... futex resumed>) = 0 [pid 5070] ioctl(3, NBD_SET_SOCK, 5 [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... ioctl resumed>) = 0 [pid 5070] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5069] <... futex resumed>) = 0 [pid 5070] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5069] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5069] <... futex resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... openat resumed>) = 7 [pid 5070] write(7, "16", 2) = 2 [ 54.286825][ T5070] FAULT_INJECTION: forcing a failure. [ 54.286825][ T5070] name failslab, interval 1, probability 0, space 0, times 0 [ 54.300544][ T5070] CPU: 0 PID: 5070 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 54.310628][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 54.320679][ T5070] Call Trace: [ 54.323955][ T5070] [ 54.326877][ T5070] dump_stack_lvl+0x1e3/0x2d0 [ 54.331552][ T5070] ? nf_tcp_handle_invalid+0x630/0x630 [pid 5070] ioctl(3, NBD_DO_IT [pid 5069] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5069] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 54.337009][ T5070] ? panic+0x770/0x770 [ 54.341095][ T5070] ? __might_sleep+0xc0/0xc0 [ 54.345705][ T5070] ? lockdep_init_map_type+0x9d/0x8d0 [ 54.351079][ T5070] should_fail_ex+0x3aa/0x4e0 [ 54.355759][ T5070] ? security_inode_alloc+0x24/0x130 [ 54.361070][ T5070] should_failslab+0x5/0x20 [ 54.365600][ T5070] kmem_cache_alloc+0x69/0x350 [ 54.370398][ T5070] security_inode_alloc+0x24/0x130 [ 54.375526][ T5070] inode_init_always+0x887/0xb80 [ 54.380483][ T5070] new_inode_pseudo+0x94/0x1d0 [ 54.385701][ T5070] new_inode+0x25/0x1d0 [ 54.389852][ T5070] ? start_creating+0x22a/0x330 [ 54.394723][ T5070] __debugfs_create_file+0x146/0x500 [ 54.400026][ T5070] nbd_start_device+0x42c/0xb70 [ 54.404899][ T5070] nbd_start_device_ioctl+0xa7/0x5c0 [ 54.410292][ T5070] ? nbd_ioctl+0xd7/0x5b0 [ 54.414644][ T5070] ? nbd_set_size+0x490/0x490 [ 54.419338][ T5070] ? safesetid_security_capable+0xab/0x1b0 [ 54.425142][ T5070] ? bpf_lsm_capable+0x5/0x10 [ 54.429840][ T5070] nbd_ioctl+0x28c/0x5b0 [pid 5069] exit_group(0) = ? [ 54.434105][ T5070] ? nbd_release+0x130/0x130 [ 54.438699][ T5070] blkdev_ioctl+0x3c9/0x7c0 [ 54.443212][ T5070] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 54.448693][ T5070] ? bpf_lsm_file_ioctl+0x5/0x10 [ 54.453638][ T5070] ? security_file_ioctl+0x9d/0xb0 [ 54.458753][ T5070] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 54.464231][ T5070] __se_sys_ioctl+0xfb/0x170 [ 54.468842][ T5070] do_syscall_64+0x2b/0x70 [ 54.473273][ T5070] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 54.479164][ T5070] RIP: 0033:0x7fab4e5b6259 [ 54.483574][ T5070] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.503179][ T5070] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 54.511598][ T5070] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 54.519569][ T5070] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 54.527550][ T5070] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5070] <... ioctl resumed>) = ? [pid 5070] +++ exited with 0 +++ [pid 5069] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5069, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5071 ./strace-static-x86_64: Process 5071 attached [pid 5071] set_robust_list(0x555555a845e0, 24) = 0 [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5071] setpgid(0, 0) = 0 [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5071] write(3, "1000", 4) = 4 [pid 5071] close(3) = 0 [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5071] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5071] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5071] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5072 attached , parent_tid=[5072], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5072 [pid 5071] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] set_robust_list(0x7fab4e5639e0, 24) = 0 [ 54.535550][ T5070] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 54.543513][ T5070] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 54.551488][ T5070] [ 54.556272][ T5070] debugfs: out of free dentries, can not create file 'timeout' [ 54.568066][ T5070] block nbd0: shutting down sockets [pid 5072] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5072] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5071] <... futex resumed>) = 0 [pid 5072] fcntl(3, F_DUPFD, 3 [pid 5071] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] <... fcntl resumed>) = 4 [pid 5071] <... futex resumed>) = 0 [pid 5072] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5072] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5071] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] <... ioctl resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5072] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5072] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5071] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5071] <... futex resumed>) = 0 [pid 5072] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] <... socketpair resumed>[5, 6]) = 0 [pid 5072] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5071] <... futex resumed>) = 0 [pid 5072] ioctl(3, NBD_SET_SOCK, 5 [pid 5071] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] <... ioctl resumed>) = 0 [pid 5072] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5071] <... futex resumed>) = 0 [pid 5072] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5071] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5071] <... futex resumed>) = 0 [pid 5072] ioctl(3, NBD_SET_SOCK, 5 [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] <... ioctl resumed>) = 0 [pid 5072] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5071] <... futex resumed>) = 0 [pid 5072] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5071] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5071] <... futex resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5071] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] <... openat resumed>) = 7 [pid 5072] write(7, "16", 2) = 2 [ 54.711381][ T5072] FAULT_INJECTION: forcing a failure. [ 54.711381][ T5072] name failslab, interval 1, probability 0, space 0, times 0 [ 54.724191][ T5072] CPU: 1 PID: 5072 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 54.734280][ T5072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 54.744351][ T5072] Call Trace: [ 54.747622][ T5072] [ 54.750545][ T5072] dump_stack_lvl+0x1e3/0x2d0 [ 54.755240][ T5072] ? nf_tcp_handle_invalid+0x630/0x630 [ 54.760727][ T5072] ? panic+0x770/0x770 [ 54.764831][ T5072] ? __might_sleep+0xc0/0xc0 [ 54.769447][ T5072] ? lockdep_init_map_type+0x9d/0x8d0 [ 54.774838][ T5072] should_fail_ex+0x3aa/0x4e0 [ 54.779526][ T5072] ? security_inode_alloc+0x24/0x130 [ 54.784804][ T5072] should_failslab+0x5/0x20 [ 54.789334][ T5072] kmem_cache_alloc+0x69/0x350 [ 54.794110][ T5072] security_inode_alloc+0x24/0x130 [ 54.799240][ T5072] inode_init_always+0x887/0xb80 [ 54.804208][ T5072] new_inode_pseudo+0x94/0x1d0 [ 54.808996][ T5072] new_inode+0x25/0x1d0 [ 54.813144][ T5072] ? start_creating+0x22a/0x330 [ 54.817999][ T5072] __debugfs_create_file+0x146/0x500 [ 54.823380][ T5072] nbd_start_device+0x42c/0xb70 [ 54.828248][ T5072] nbd_start_device_ioctl+0xa7/0x5c0 [ 54.833616][ T5072] ? nbd_ioctl+0xd7/0x5b0 [ 54.837941][ T5072] ? nbd_set_size+0x490/0x490 [ 54.842614][ T5072] ? safesetid_security_capable+0xab/0x1b0 [ 54.848424][ T5072] ? bpf_lsm_capable+0x5/0x10 [ 54.853114][ T5072] nbd_ioctl+0x28c/0x5b0 [ 54.857353][ T5072] ? nbd_release+0x130/0x130 [ 54.861947][ T5072] blkdev_ioctl+0x3c9/0x7c0 [ 54.866633][ T5072] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 54.872095][ T5072] ? bpf_lsm_file_ioctl+0x5/0x10 [ 54.877030][ T5072] ? security_file_ioctl+0x9d/0xb0 [ 54.882143][ T5072] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 54.887598][ T5072] __se_sys_ioctl+0xfb/0x170 [ 54.892190][ T5072] do_syscall_64+0x2b/0x70 [ 54.896610][ T5072] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 54.902504][ T5072] RIP: 0033:0x7fab4e5b6259 [ 54.906913][ T5072] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.926513][ T5072] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 54.934932][ T5072] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 54.942902][ T5072] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 54.951652][ T5072] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5072] ioctl(3, NBD_DO_IT [pid 5071] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 54.959618][ T5072] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 54.967590][ T5072] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 54.975570][ T5072] [ 54.979021][ T5072] debugfs: out of free dentries, can not create file 'timeout' [pid 5071] exit_group(0 [pid 5072] <... ioctl resumed>) = ? [pid 5071] <... exit_group resumed>) = ? [pid 5072] +++ exited with 0 +++ [pid 5071] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5071, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5073 attached , child_tidptr=0x555555a845d0) = 5073 [pid 5073] set_robust_list(0x555555a845e0, 24) = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] setpgid(0, 0) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5073] write(3, "1000", 4) = 4 [pid 5073] close(3) = 0 [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5073] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [ 55.123409][ T5072] block nbd0: shutting down sockets [pid 5073] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5074], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5074 [pid 5073] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5074 attached [pid 5074] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5074] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5074] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] <... futex resumed>) = 0 [pid 5073] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... futex resumed>) = 1 [pid 5074] fcntl(3, F_DUPFD, 3) = 4 [pid 5074] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] <... futex resumed>) = 0 [pid 5073] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... futex resumed>) = 1 [pid 5074] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5074] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] <... futex resumed>) = 0 [pid 5073] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... futex resumed>) = 1 [pid 5074] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5074] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] <... futex resumed>) = 0 [pid 5073] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... futex resumed>) = 1 [pid 5074] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5073] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5074] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] <... futex resumed>) = 0 [pid 5073] <... futex resumed>) = 0 [pid 5074] ioctl(3, NBD_SET_SOCK, 5 [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... ioctl resumed>) = 0 [pid 5074] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5073] <... futex resumed>) = 0 [pid 5074] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5073] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5073] <... futex resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5073] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... openat resumed>) = 7 [pid 5074] write(7, "16", 2) = 2 [ 55.268121][ T5074] FAULT_INJECTION: forcing a failure. [ 55.268121][ T5074] name failslab, interval 1, probability 0, space 0, times 0 [ 55.280807][ T5074] CPU: 0 PID: 5074 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 55.290862][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 55.300913][ T5074] Call Trace: [ 55.304195][ T5074] [ 55.307142][ T5074] dump_stack_lvl+0x1e3/0x2d0 [ 55.311839][ T5074] ? nf_tcp_handle_invalid+0x630/0x630 [ 55.317300][ T5074] ? panic+0x770/0x770 [ 55.321373][ T5074] ? __might_sleep+0xc0/0xc0 [ 55.325961][ T5074] should_fail_ex+0x3aa/0x4e0 [ 55.330634][ T5074] ? __d_alloc+0x31/0x700 [ 55.334968][ T5074] should_failslab+0x5/0x20 [ 55.339484][ T5074] kmem_cache_alloc_lru+0x75/0x320 [ 55.344596][ T5074] ? mark_lock+0x9a/0x350 [ 55.348930][ T5074] __d_alloc+0x31/0x700 [ 55.353096][ T5074] d_alloc_parallel+0xcb/0x12c0 [ 55.357954][ T5074] ? lockdep_init_map_type+0x9d/0x8d0 [ 55.363350][ T5074] ? lockdep_softirqs_off+0x420/0x420 [ 55.368749][ T5074] ? d_hash_and_lookup+0x1c0/0x1c0 [ 55.373874][ T5074] ? __init_waitqueue_head+0xa6/0x140 [ 55.379825][ T5074] __lookup_slow+0x112/0x3e0 [ 55.384435][ T5074] ? lookup_one_len+0x690/0x690 [ 55.389304][ T5074] lookup_one_len+0x430/0x690 [ 55.393988][ T5074] ? try_lookup_one_len+0x670/0x670 [ 55.399193][ T5074] ? mntput+0x60/0xb0 [ 55.403183][ T5074] start_creating+0x183/0x330 [ 55.407862][ T5074] __debugfs_create_file+0x74/0x500 [ 55.413062][ T5074] nbd_start_device+0x44a/0xb70 [ 55.417931][ T5074] nbd_start_device_ioctl+0xa7/0x5c0 [ 55.423210][ T5074] ? nbd_ioctl+0xd7/0x5b0 [ 55.427543][ T5074] ? nbd_set_size+0x490/0x490 [ 55.432392][ T5074] ? safesetid_security_capable+0xab/0x1b0 [ 55.438200][ T5074] ? bpf_lsm_capable+0x5/0x10 [ 55.442882][ T5074] nbd_ioctl+0x28c/0x5b0 [ 55.447118][ T5074] ? nbd_release+0x130/0x130 [ 55.451712][ T5074] blkdev_ioctl+0x3c9/0x7c0 [ 55.456221][ T5074] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 55.461686][ T5074] ? bpf_lsm_file_ioctl+0x5/0x10 [ 55.466630][ T5074] ? security_file_ioctl+0x9d/0xb0 [ 55.472523][ T5074] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 55.477980][ T5074] __se_sys_ioctl+0xfb/0x170 [ 55.483440][ T5074] do_syscall_64+0x2b/0x70 [ 55.487854][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 55.493764][ T5074] RIP: 0033:0x7fab4e5b6259 [ 55.498176][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5074] ioctl(3, NBD_DO_IT [pid 5073] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 55.518043][ T5074] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 55.526459][ T5074] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 55.534428][ T5074] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 55.542482][ T5074] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 55.550449][ T5074] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 55.558415][ T5074] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 55.566396][ T5074] [pid 5073] exit_group(0) = ? [pid 5074] <... ioctl resumed>) = ? [pid 5074] +++ exited with 0 +++ [pid 5073] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5075 ./strace-static-x86_64: Process 5075 attached [pid 5075] set_robust_list(0x555555a845e0, 24) = 0 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] setpgid(0, 0) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5075] write(3, "1000", 4) = 4 [pid 5075] close(3) = 0 [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5075] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [ 55.715431][ T5074] block nbd0: shutting down sockets [pid 5075] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5076], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5076 ./strace-static-x86_64: Process 5076 attached [pid 5075] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] set_robust_list(0x7fab4e5639e0, 24 [pid 5075] <... futex resumed>) = 0 [pid 5076] <... set_robust_list resumed>) = 0 [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5076] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] fcntl(3, F_DUPFD, 3 [pid 5075] <... futex resumed>) = 0 [pid 5076] <... fcntl resumed>) = 4 [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5076] <... futex resumed>) = 0 [pid 5075] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] <... ioctl resumed>) = 0 [pid 5076] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] <... socketpair resumed>[5, 6]) = 0 [pid 5076] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] ioctl(3, NBD_SET_SOCK, 5 [pid 5075] <... futex resumed>) = 0 [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] <... ioctl resumed>) = 0 [pid 5076] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5075] <... futex resumed>) = 0 [pid 5076] ioctl(3, NBD_SET_SOCK, 5 [pid 5075] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] <... ioctl resumed>) = 0 [pid 5076] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5075] <... futex resumed>) = 0 [pid 5076] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5075] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5075] <... futex resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5075] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] <... openat resumed>) = 7 [pid 5076] write(7, "16", 2) = 2 [ 55.828719][ T5076] FAULT_INJECTION: forcing a failure. [ 55.828719][ T5076] name failslab, interval 1, probability 0, space 0, times 0 [ 55.842121][ T5076] CPU: 0 PID: 5076 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 55.852213][ T5076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 55.862271][ T5076] Call Trace: [ 55.865545][ T5076] [ 55.868467][ T5076] dump_stack_lvl+0x1e3/0x2d0 [ 55.873136][ T5076] ? nf_tcp_handle_invalid+0x630/0x630 [ 55.878585][ T5076] ? panic+0x770/0x770 [ 55.882994][ T5076] ? __might_sleep+0xc0/0xc0 [ 55.887577][ T5076] ? lockdep_init_map_type+0x9d/0x8d0 [ 55.892966][ T5076] should_fail_ex+0x3aa/0x4e0 [ 55.897642][ T5076] ? security_inode_alloc+0x24/0x130 [ 55.902985][ T5076] should_failslab+0x5/0x20 [ 55.907515][ T5076] kmem_cache_alloc+0x69/0x350 [ 55.912283][ T5076] security_inode_alloc+0x24/0x130 [ 55.917386][ T5076] inode_init_always+0x887/0xb80 [ 55.922344][ T5076] new_inode_pseudo+0x94/0x1d0 [ 55.927116][ T5076] new_inode+0x25/0x1d0 [ 55.931269][ T5076] ? start_creating+0x22a/0x330 [ 55.936117][ T5076] __debugfs_create_file+0x146/0x500 [ 55.941397][ T5076] nbd_start_device+0x42c/0xb70 [ 55.946249][ T5076] nbd_start_device_ioctl+0xa7/0x5c0 [ 55.951534][ T5076] ? nbd_ioctl+0xd7/0x5b0 [ 55.955862][ T5076] ? nbd_set_size+0x490/0x490 [ 55.960539][ T5076] ? safesetid_security_capable+0xab/0x1b0 [ 55.966346][ T5076] ? bpf_lsm_capable+0x5/0x10 [ 55.971044][ T5076] nbd_ioctl+0x28c/0x5b0 [ 55.975313][ T5076] ? nbd_release+0x130/0x130 [ 55.979923][ T5076] blkdev_ioctl+0x3c9/0x7c0 [ 55.984426][ T5076] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 55.989898][ T5076] ? bpf_lsm_file_ioctl+0x5/0x10 [ 55.994927][ T5076] ? security_file_ioctl+0x9d/0xb0 [ 56.000065][ T5076] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 56.005546][ T5076] __se_sys_ioctl+0xfb/0x170 [ 56.010157][ T5076] do_syscall_64+0x2b/0x70 [ 56.014569][ T5076] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.020457][ T5076] RIP: 0033:0x7fab4e5b6259 [ 56.024873][ T5076] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.044477][ T5076] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 56.052909][ T5076] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 56.060897][ T5076] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 56.068874][ T5076] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5076] ioctl(3, NBD_DO_IT [pid 5075] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 56.076853][ T5076] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 56.084840][ T5076] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 56.092854][ T5076] [ 56.096127][ T5076] debugfs: out of free dentries, can not create file 'timeout' [pid 5075] exit_group(0) = ? [pid 5076] <... ioctl resumed>) = ? [pid 5076] +++ exited with 0 +++ [pid 5075] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5077 attached , child_tidptr=0x555555a845d0) = 5077 [pid 5077] set_robust_list(0x555555a845e0, 24) = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] setpgid(0, 0) = 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] write(3, "1000", 4) = 4 [pid 5077] close(3) = 0 [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5077] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5077] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5078], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5078 [pid 5077] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5078 attached [pid 5078] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5078] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5078] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] fcntl(3, F_DUPFD, 3) = 4 [pid 5078] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5078] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5078] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [ 56.285405][ T5076] block nbd0: shutting down sockets [pid 5078] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5078] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5077] <... futex resumed>) = 0 [pid 5078] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5077] <... futex resumed>) = 0 [pid 5078] ioctl(3, NBD_SET_SOCK, 5 [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... ioctl resumed>) = 0 [pid 5078] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5077] <... futex resumed>) = 0 [pid 5078] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5077] <... futex resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5077] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... openat resumed>) = 7 [pid 5078] write(7, "16", 2) = 2 [ 56.417851][ T5078] FAULT_INJECTION: forcing a failure. [ 56.417851][ T5078] name failslab, interval 1, probability 0, space 0, times 0 [ 56.430514][ T5078] CPU: 0 PID: 5078 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 56.440575][ T5078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 56.450628][ T5078] Call Trace: [ 56.453919][ T5078] [ 56.456857][ T5078] dump_stack_lvl+0x1e3/0x2d0 [ 56.461553][ T5078] ? nf_tcp_handle_invalid+0x630/0x630 [ 56.467012][ T5078] ? panic+0x770/0x770 [ 56.471080][ T5078] ? __might_sleep+0xc0/0xc0 [ 56.475668][ T5078] should_fail_ex+0x3aa/0x4e0 [ 56.480351][ T5078] ? __d_alloc+0x31/0x700 [ 56.484704][ T5078] should_failslab+0x5/0x20 [ 56.489199][ T5078] kmem_cache_alloc_lru+0x75/0x320 [ 56.494312][ T5078] ? mark_lock+0x9a/0x350 [ 56.498657][ T5078] __d_alloc+0x31/0x700 [ 56.502815][ T5078] d_alloc_parallel+0xcb/0x12c0 [ 56.507661][ T5078] ? lockdep_init_map_type+0x9d/0x8d0 [ 56.513041][ T5078] ? lockdep_softirqs_off+0x420/0x420 [ 56.518410][ T5078] ? d_hash_and_lookup+0x1c0/0x1c0 [ 56.523537][ T5078] ? __init_waitqueue_head+0xa6/0x140 [ 56.528941][ T5078] __lookup_slow+0x112/0x3e0 [ 56.533656][ T5078] ? lookup_one_len+0x690/0x690 [ 56.538541][ T5078] lookup_one_len+0x430/0x690 [ 56.543235][ T5078] ? try_lookup_one_len+0x670/0x670 [ 56.548462][ T5078] ? mntput+0x60/0xb0 [ 56.552457][ T5078] start_creating+0x183/0x330 [ 56.557142][ T5078] __debugfs_create_file+0x74/0x500 [ 56.562353][ T5078] nbd_start_device+0x44a/0xb70 [ 56.567219][ T5078] nbd_start_device_ioctl+0xa7/0x5c0 [ 56.572501][ T5078] ? nbd_ioctl+0xd7/0x5b0 [ 56.576827][ T5078] ? nbd_set_size+0x490/0x490 [ 56.581503][ T5078] ? safesetid_security_capable+0xab/0x1b0 [ 56.587332][ T5078] ? bpf_lsm_capable+0x5/0x10 [ 56.592026][ T5078] nbd_ioctl+0x28c/0x5b0 [ 56.596267][ T5078] ? nbd_release+0x130/0x130 [ 56.600861][ T5078] blkdev_ioctl+0x3c9/0x7c0 [ 56.605371][ T5078] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 56.610835][ T5078] ? bpf_lsm_file_ioctl+0x5/0x10 [ 56.615788][ T5078] ? security_file_ioctl+0x9d/0xb0 [ 56.620904][ T5078] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 56.626364][ T5078] __se_sys_ioctl+0xfb/0x170 [ 56.630959][ T5078] do_syscall_64+0x2b/0x70 [ 56.635374][ T5078] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.641267][ T5078] RIP: 0033:0x7fab4e5b6259 [ 56.645680][ T5078] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5078] ioctl(3, NBD_DO_IT [pid 5077] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 56.665735][ T5078] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 56.674155][ T5078] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 56.682126][ T5078] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 56.690093][ T5078] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 56.698060][ T5078] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 56.706029][ T5078] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 56.714013][ T5078] [pid 5077] exit_group(0) = ? [pid 5078] <... ioctl resumed>) = ? [pid 5078] +++ exited with 0 +++ [pid 5077] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached , child_tidptr=0x555555a845d0) = 5079 [pid 5079] set_robust_list(0x555555a845e0, 24) = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] setpgid(0, 0) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5079] write(3, "1000", 4) = 4 [pid 5079] close(3) = 0 [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5079] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5079] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5080], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5080 ./strace-static-x86_64: Process 5080 attached [pid 5079] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5080] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5080] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] <... futex resumed>) = 0 [pid 5079] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... futex resumed>) = 1 [pid 5080] fcntl(3, F_DUPFD, 3) = 4 [pid 5080] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5080] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5079] <... futex resumed>) = 0 [pid 5080] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... ioctl resumed>) = 0 [pid 5080] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5080] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5079] <... futex resumed>) = 0 [pid 5080] socketpair(AF_UNIX, SOCK_STREAM, 0, [ 56.932154][ T5078] block nbd0: shutting down sockets [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... socketpair resumed>[5, 6]) = 0 [pid 5080] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] <... futex resumed>) = 0 [pid 5080] <... futex resumed>) = 1 [pid 5079] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] ioctl(3, NBD_SET_SOCK, 5 [pid 5079] <... futex resumed>) = 0 [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... ioctl resumed>) = 0 [pid 5080] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5080] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5079] <... futex resumed>) = 0 [pid 5080] ioctl(3, NBD_SET_SOCK, 5 [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... ioctl resumed>) = 0 [pid 5080] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5079] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5079] <... futex resumed>) = 0 [pid 5079] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... openat resumed>) = 7 [pid 5080] write(7, "16", 2) = 2 [ 57.089194][ T5080] FAULT_INJECTION: forcing a failure. [ 57.089194][ T5080] name failslab, interval 1, probability 0, space 0, times 0 [ 57.101897][ T5080] CPU: 0 PID: 5080 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 57.111995][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 57.122082][ T5080] Call Trace: [ 57.125381][ T5080] [ 57.128307][ T5080] dump_stack_lvl+0x1e3/0x2d0 [ 57.133021][ T5080] ? nf_tcp_handle_invalid+0x630/0x630 [ 57.138480][ T5080] ? panic+0x770/0x770 [ 57.142549][ T5080] ? __might_sleep+0xc0/0xc0 [ 57.147135][ T5080] ? lockdep_init_map_type+0x9d/0x8d0 [ 57.152510][ T5080] should_fail_ex+0x3aa/0x4e0 [ 57.157186][ T5080] ? security_inode_alloc+0x24/0x130 [ 57.162469][ T5080] should_failslab+0x5/0x20 [ 57.166971][ T5080] kmem_cache_alloc+0x69/0x350 [ 57.171751][ T5080] security_inode_alloc+0x24/0x130 [ 57.176861][ T5080] inode_init_always+0x887/0xb80 [ 57.181802][ T5080] new_inode_pseudo+0x94/0x1d0 [ 57.186560][ T5080] new_inode+0x25/0x1d0 [ 57.190707][ T5080] ? start_creating+0x22a/0x330 [ 57.195554][ T5080] __debugfs_create_file+0x146/0x500 [ 57.200865][ T5080] nbd_start_device+0x42c/0xb70 [ 57.205760][ T5080] nbd_start_device_ioctl+0xa7/0x5c0 [ 57.211049][ T5080] ? nbd_ioctl+0xd7/0x5b0 [ 57.215374][ T5080] ? nbd_set_size+0x490/0x490 [ 57.220051][ T5080] ? safesetid_security_capable+0xab/0x1b0 [ 57.225860][ T5080] ? bpf_lsm_capable+0x5/0x10 [ 57.230544][ T5080] nbd_ioctl+0x28c/0x5b0 [ 57.234784][ T5080] ? nbd_release+0x130/0x130 [ 57.239381][ T5080] blkdev_ioctl+0x3c9/0x7c0 [ 57.243893][ T5080] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 57.249357][ T5080] ? bpf_lsm_file_ioctl+0x5/0x10 [ 57.254294][ T5080] ? security_file_ioctl+0x9d/0xb0 [ 57.259408][ T5080] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 57.264867][ T5080] __se_sys_ioctl+0xfb/0x170 [ 57.269460][ T5080] do_syscall_64+0x2b/0x70 [ 57.273873][ T5080] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.279767][ T5080] RIP: 0033:0x7fab4e5b6259 [ 57.284181][ T5080] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 57.303788][ T5080] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 57.312208][ T5080] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 57.320877][ T5080] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 57.328850][ T5080] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5080] ioctl(3, NBD_DO_IT [pid 5079] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 57.336817][ T5080] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 57.344786][ T5080] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 57.352765][ T5080] [ 57.356327][ T5080] debugfs: out of free dentries, can not create file 'timeout' [pid 5079] exit_group(0) = ? [pid 5080] <... ioctl resumed>) = ? [pid 5080] +++ exited with 0 +++ [pid 5079] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5081 attached , child_tidptr=0x555555a845d0) = 5081 [pid 5081] set_robust_list(0x555555a845e0, 24) = 0 [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5081] setpgid(0, 0) = 0 [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 57.553048][ T5080] block nbd0: shutting down sockets [pid 5081] write(3, "1000", 4) = 4 [pid 5081] close(3) = 0 [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5081] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5081] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5081] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5082 attached , parent_tid=[5082], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5082 [pid 5082] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5082] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5082] <... futex resumed>) = 0 [pid 5081] <... futex resumed>) = 1 [pid 5082] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5082] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5082] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5081] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5082] <... futex resumed>) = 0 [pid 5082] fcntl(3, F_DUPFD, 3 [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] <... fcntl resumed>) = 4 [pid 5082] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5081] <... futex resumed>) = 0 [pid 5081] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5082] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] <... ioctl resumed>) = 0 [pid 5082] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5081] <... futex resumed>) = 0 [pid 5081] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5082] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5081] <... futex resumed>) = 0 [pid 5081] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5082] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5081] <... futex resumed>) = 0 [pid 5081] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5082] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5081] <... futex resumed>) = 0 [pid 5081] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5082] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5081] <... futex resumed>) = 0 [pid 5081] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] <... openat resumed>) = 7 [pid 5082] write(7, "16", 2) = 2 [ 57.698235][ T5082] FAULT_INJECTION: forcing a failure. [ 57.698235][ T5082] name failslab, interval 1, probability 0, space 0, times 0 [ 57.710973][ T5082] CPU: 0 PID: 5082 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 57.721144][ T5082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 57.731210][ T5082] Call Trace: [ 57.734484][ T5082] [ 57.737408][ T5082] dump_stack_lvl+0x1e3/0x2d0 [ 57.742096][ T5082] ? nf_tcp_handle_invalid+0x630/0x630 [pid 5082] ioctl(3, NBD_DO_IT [pid 5081] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 57.747584][ T5082] ? panic+0x770/0x770 [ 57.751675][ T5082] ? __might_sleep+0xc0/0xc0 [ 57.756297][ T5082] ? lockdep_init_map_type+0x9d/0x8d0 [ 57.761697][ T5082] should_fail_ex+0x3aa/0x4e0 [ 57.766403][ T5082] ? security_inode_alloc+0x24/0x130 [ 57.771740][ T5082] should_failslab+0x5/0x20 [ 57.776296][ T5082] kmem_cache_alloc+0x69/0x350 [ 57.781097][ T5082] security_inode_alloc+0x24/0x130 [ 57.786236][ T5082] inode_init_always+0x887/0xb80 [ 57.791224][ T5082] new_inode_pseudo+0x94/0x1d0 [ 57.796007][ T5082] new_inode+0x25/0x1d0 [ 57.800191][ T5082] ? start_creating+0x22a/0x330 [ 57.805063][ T5082] __debugfs_create_file+0x146/0x500 [ 57.810447][ T5082] nbd_start_device+0x42c/0xb70 [ 57.815335][ T5082] nbd_start_device_ioctl+0xa7/0x5c0 [ 57.820895][ T5082] ? nbd_ioctl+0xd7/0x5b0 [ 57.825231][ T5082] ? nbd_set_size+0x490/0x490 [ 57.829907][ T5082] ? safesetid_security_capable+0xab/0x1b0 [ 57.835732][ T5082] ? bpf_lsm_capable+0x5/0x10 [ 57.840453][ T5082] nbd_ioctl+0x28c/0x5b0 [pid 5081] exit_group(0) = ? [ 57.844719][ T5082] ? nbd_release+0x130/0x130 [ 57.849350][ T5082] blkdev_ioctl+0x3c9/0x7c0 [ 57.853866][ T5082] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 57.859348][ T5082] ? bpf_lsm_file_ioctl+0x5/0x10 [ 57.864327][ T5082] ? security_file_ioctl+0x9d/0xb0 [ 57.869456][ T5082] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 57.874945][ T5082] __se_sys_ioctl+0xfb/0x170 [ 57.879568][ T5082] do_syscall_64+0x2b/0x70 [ 57.883995][ T5082] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.889930][ T5082] RIP: 0033:0x7fab4e5b6259 [ 57.894369][ T5082] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 57.913974][ T5082] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 57.922392][ T5082] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 57.930377][ T5082] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 57.938373][ T5082] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5082] <... ioctl resumed>) = ? [pid 5082] +++ exited with 0 +++ [pid 5081] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5083 ./strace-static-x86_64: Process 5083 attached [pid 5083] set_robust_list(0x555555a845e0, 24) = 0 [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5083] setpgid(0, 0) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1000", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5083] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5083] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5084], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5084 [pid 5083] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5084 attached [pid 5084] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5084] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5084] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5083] <... futex resumed>) = 0 [pid 5083] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5084] <... futex resumed>) = 1 [pid 5084] fcntl(3, F_DUPFD, 3) = 4 [pid 5084] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5083] <... futex resumed>) = 0 [pid 5083] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5084] <... futex resumed>) = 1 [pid 5084] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5084] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5083] <... futex resumed>) = 0 [pid 5083] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5084] <... futex resumed>) = 1 [pid 5084] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5084] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5083] <... futex resumed>) = 0 [pid 5083] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5084] <... futex resumed>) = 1 [ 57.946350][ T5082] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 57.954334][ T5082] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 57.962402][ T5082] [ 57.966179][ T5082] debugfs: out of free dentries, can not create file 'timeout' [ 57.979800][ T5082] block nbd0: shutting down sockets [pid 5084] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5084] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5083] <... futex resumed>) = 0 [pid 5083] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5084] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5084] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5083] <... futex resumed>) = 0 [pid 5083] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5083] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5084] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5084] write(7, "16", 2) = 2 [ 58.088206][ T5084] FAULT_INJECTION: forcing a failure. [ 58.088206][ T5084] name failslab, interval 1, probability 0, space 0, times 0 [ 58.101697][ T5084] CPU: 0 PID: 5084 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 58.112142][ T5084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 58.122222][ T5084] Call Trace: [ 58.125507][ T5084] [ 58.128454][ T5084] dump_stack_lvl+0x1e3/0x2d0 [ 58.133146][ T5084] ? nf_tcp_handle_invalid+0x630/0x630 [ 58.138620][ T5084] ? panic+0x770/0x770 [ 58.142735][ T5084] ? __might_sleep+0xc0/0xc0 [ 58.147344][ T5084] ? lockdep_init_map_type+0x9d/0x8d0 [ 58.152735][ T5084] should_fail_ex+0x3aa/0x4e0 [ 58.157456][ T5084] ? security_inode_alloc+0x24/0x130 [ 58.162763][ T5084] should_failslab+0x5/0x20 [ 58.167303][ T5084] kmem_cache_alloc+0x69/0x350 [ 58.172103][ T5084] security_inode_alloc+0x24/0x130 [ 58.177240][ T5084] inode_init_always+0x887/0xb80 [ 58.182216][ T5084] new_inode_pseudo+0x94/0x1d0 [ 58.186990][ T5084] new_inode+0x25/0x1d0 [ 58.191162][ T5084] ? start_creating+0x22a/0x330 [ 58.196104][ T5084] __debugfs_create_file+0x146/0x500 [ 58.201409][ T5084] nbd_start_device+0x42c/0xb70 [ 58.206295][ T5084] nbd_start_device_ioctl+0xa7/0x5c0 [ 58.211589][ T5084] ? nbd_ioctl+0xd7/0x5b0 [ 58.215914][ T5084] ? nbd_set_size+0x490/0x490 [ 58.220588][ T5084] ? safesetid_security_capable+0xab/0x1b0 [ 58.226395][ T5084] ? bpf_lsm_capable+0x5/0x10 [ 58.231076][ T5084] nbd_ioctl+0x28c/0x5b0 [ 58.235320][ T5084] ? nbd_release+0x130/0x130 [ 58.239913][ T5084] blkdev_ioctl+0x3c9/0x7c0 [ 58.244423][ T5084] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 58.249886][ T5084] ? bpf_lsm_file_ioctl+0x5/0x10 [ 58.254821][ T5084] ? security_file_ioctl+0x9d/0xb0 [ 58.259938][ T5084] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 58.266356][ T5084] __se_sys_ioctl+0xfb/0x170 [ 58.270951][ T5084] do_syscall_64+0x2b/0x70 [ 58.275365][ T5084] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.281344][ T5084] RIP: 0033:0x7fab4e5b6259 [ 58.285779][ T5084] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.306182][ T5084] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.314618][ T5084] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 58.322615][ T5084] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 58.330594][ T5084] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5084] ioctl(3, NBD_DO_IT [pid 5083] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 58.338569][ T5084] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 58.346537][ T5084] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 58.354520][ T5084] [ 58.358506][ T5084] debugfs: out of free dentries, can not create file 'timeout' [pid 5083] exit_group(0) = ? [pid 5084] <... ioctl resumed>) = ? [pid 5084] +++ exited with 0 +++ [pid 5083] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached , child_tidptr=0x555555a845d0) = 5085 [pid 5085] set_robust_list(0x555555a845e0, 24) = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] setpgid(0, 0) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] write(3, "1000", 4) = 4 [pid 5085] close(3) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5085] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5085] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5086 attached , parent_tid=[5086], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5086 [pid 5086] set_robust_list(0x7fab4e5639e0, 24 [pid 5085] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5086] <... set_robust_list resumed>) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5086] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] <... futex resumed>) = 0 [pid 5086] fcntl(3, F_DUPFD, 3 [pid 5085] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... fcntl resumed>) = 4 [pid 5085] <... futex resumed>) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5085] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5085] <... futex resumed>) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] <... ioctl resumed>) = 0 [ 58.431743][ T5084] block nbd0: shutting down sockets [pid 5086] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] <... futex resumed>) = 0 [pid 5085] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5085] <... futex resumed>) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] <... socketpair resumed>[5, 6]) = 0 [pid 5086] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] <... futex resumed>) = 0 [pid 5085] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5086] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] <... futex resumed>) = 0 [pid 5085] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5086] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] <... futex resumed>) = 0 [pid 5085] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5086] write(7, "16", 2) = 2 [ 58.577760][ T5086] FAULT_INJECTION: forcing a failure. [ 58.577760][ T5086] name failslab, interval 1, probability 0, space 0, times 0 [ 58.590973][ T5086] CPU: 0 PID: 5086 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 58.601065][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 58.611118][ T5086] Call Trace: [ 58.614397][ T5086] [ 58.617323][ T5086] dump_stack_lvl+0x1e3/0x2d0 [ 58.622018][ T5086] ? nf_tcp_handle_invalid+0x630/0x630 [ 58.627473][ T5086] ? panic+0x770/0x770 [ 58.631548][ T5086] ? __might_sleep+0xc0/0xc0 [ 58.636143][ T5086] should_fail_ex+0x3aa/0x4e0 [ 58.640841][ T5086] ? __d_alloc+0x31/0x700 [ 58.645196][ T5086] should_failslab+0x5/0x20 [ 58.649713][ T5086] kmem_cache_alloc_lru+0x75/0x320 [ 58.654824][ T5086] ? mark_lock+0x9a/0x350 [ 58.659163][ T5086] __d_alloc+0x31/0x700 [ 58.663323][ T5086] d_alloc_parallel+0xcb/0x12c0 [ 58.668180][ T5086] ? lockdep_init_map_type+0x9d/0x8d0 [ 58.673553][ T5086] ? lockdep_softirqs_off+0x420/0x420 [ 58.679031][ T5086] ? d_hash_and_lookup+0x1c0/0x1c0 [ 58.684145][ T5086] ? __init_waitqueue_head+0xa6/0x140 [ 58.689520][ T5086] __lookup_slow+0x112/0x3e0 [ 58.694116][ T5086] ? lookup_one_len+0x690/0x690 [ 58.698982][ T5086] lookup_one_len+0x430/0x690 [ 58.703685][ T5086] ? try_lookup_one_len+0x670/0x670 [ 58.708904][ T5086] ? mntput+0x60/0xb0 [ 58.712904][ T5086] start_creating+0x183/0x330 [ 58.717602][ T5086] __debugfs_create_file+0x74/0x500 [ 58.722807][ T5086] nbd_start_device+0x44a/0xb70 [ 58.727670][ T5086] nbd_start_device_ioctl+0xa7/0x5c0 [ 58.732951][ T5086] ? nbd_ioctl+0xd7/0x5b0 [ 58.737288][ T5086] ? nbd_set_size+0x490/0x490 [ 58.741964][ T5086] ? safesetid_security_capable+0xab/0x1b0 [ 58.747777][ T5086] ? bpf_lsm_capable+0x5/0x10 [ 58.752464][ T5086] nbd_ioctl+0x28c/0x5b0 [ 58.756707][ T5086] ? nbd_release+0x130/0x130 [ 58.761302][ T5086] blkdev_ioctl+0x3c9/0x7c0 [ 58.765806][ T5086] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 58.771293][ T5086] ? bpf_lsm_file_ioctl+0x5/0x10 [ 58.776252][ T5086] ? security_file_ioctl+0x9d/0xb0 [ 58.781382][ T5086] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 58.786866][ T5086] __se_sys_ioctl+0xfb/0x170 [ 58.791475][ T5086] do_syscall_64+0x2b/0x70 [ 58.795893][ T5086] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.801813][ T5086] RIP: 0033:0x7fab4e5b6259 [ 58.806257][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5086] ioctl(3, NBD_DO_IT [pid 5085] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 58.825883][ T5086] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 58.834326][ T5086] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 58.842327][ T5086] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 58.850372][ T5086] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 58.858365][ T5086] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 58.866338][ T5086] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 58.874321][ T5086] [pid 5085] exit_group(0) = ? [pid 5086] <... ioctl resumed>) = ? [pid 5086] +++ exited with 0 +++ [pid 5085] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5087 ./strace-static-x86_64: Process 5087 attached [pid 5087] set_robust_list(0x555555a845e0, 24) = 0 [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5087] setpgid(0, 0) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5087] write(3, "1000", 4) = 4 [pid 5087] close(3) = 0 [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5087] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5087] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5087] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5088 attached , parent_tid=[5088], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5088 [pid 5088] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5088] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] <... futex resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... openat resumed>) = 3 [pid 5088] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 59.027193][ T5086] block nbd0: shutting down sockets [pid 5087] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] <... futex resumed>) = 0 [pid 5088] fcntl(3, F_DUPFD, 3) = 4 [pid 5088] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5087] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] <... futex resumed>) = 0 [pid 5088] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5088] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5087] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] <... futex resumed>) = 0 [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5088] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] <... futex resumed>) = 0 [pid 5088] ioctl(3, NBD_SET_SOCK, 5 [pid 5087] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... ioctl resumed>) = 0 [pid 5088] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] <... futex resumed>) = 0 [pid 5088] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5088] ioctl(3, NBD_SET_SOCK, 5 [pid 5087] <... futex resumed>) = 0 [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... ioctl resumed>) = 0 [pid 5088] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] <... futex resumed>) = 0 [pid 5088] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5087] <... futex resumed>) = 0 [pid 5087] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5088] write(7, "16", 2) = 2 [pid 5088] ioctl(3, NBD_DO_IT [pid 5087] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 59.156917][ T5088] FAULT_INJECTION: forcing a failure. [ 59.156917][ T5088] name failslab, interval 1, probability 0, space 0, times 0 [ 59.169903][ T5088] CPU: 0 PID: 5088 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 59.180084][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 59.190136][ T5088] Call Trace: [ 59.193410][ T5088] [ 59.196346][ T5088] dump_stack_lvl+0x1e3/0x2d0 [ 59.201041][ T5088] ? nf_tcp_handle_invalid+0x630/0x630 [ 59.206527][ T5088] ? panic+0x770/0x770 [ 59.210633][ T5088] ? __might_sleep+0xc0/0xc0 [ 59.215239][ T5088] ? lockdep_init_map_type+0x9d/0x8d0 [ 59.220721][ T5088] should_fail_ex+0x3aa/0x4e0 [ 59.225427][ T5088] ? security_inode_alloc+0x24/0x130 [ 59.230727][ T5088] should_failslab+0x5/0x20 [ 59.235229][ T5088] kmem_cache_alloc+0x69/0x350 [ 59.239995][ T5088] security_inode_alloc+0x24/0x130 [ 59.245104][ T5088] inode_init_always+0x887/0xb80 [ 59.250066][ T5088] new_inode_pseudo+0x94/0x1d0 [ 59.254860][ T5088] new_inode+0x25/0x1d0 [ 59.259021][ T5088] ? start_creating+0x22a/0x330 [ 59.263888][ T5088] __debugfs_create_file+0x146/0x500 [ 59.269196][ T5088] nbd_start_device+0x42c/0xb70 [ 59.274087][ T5088] nbd_start_device_ioctl+0xa7/0x5c0 [ 59.279387][ T5088] ? nbd_ioctl+0xd7/0x5b0 [ 59.283719][ T5088] ? nbd_set_size+0x490/0x490 [ 59.288396][ T5088] ? safesetid_security_capable+0xab/0x1b0 [ 59.294207][ T5088] ? bpf_lsm_capable+0x5/0x10 [ 59.300021][ T5088] nbd_ioctl+0x28c/0x5b0 [ 59.304278][ T5088] ? nbd_release+0x130/0x130 [ 59.308873][ T5088] blkdev_ioctl+0x3c9/0x7c0 [ 59.313381][ T5088] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 59.318844][ T5088] ? bpf_lsm_file_ioctl+0x5/0x10 [ 59.323785][ T5088] ? security_file_ioctl+0x9d/0xb0 [ 59.328898][ T5088] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 59.334356][ T5088] __se_sys_ioctl+0xfb/0x170 [ 59.338954][ T5088] do_syscall_64+0x2b/0x70 [ 59.343370][ T5088] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.349271][ T5088] RIP: 0033:0x7fab4e5b6259 [ 59.353687][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 59.373312][ T5088] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 59.381906][ T5088] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 59.389878][ T5088] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 59.397858][ T5088] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 59.405930][ T5088] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 59.413910][ T5088] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 59.421982][ T5088] [ 59.425641][ T5088] debugfs: out of free dentries, can not create file 'timeout' [pid 5087] exit_group(0) = ? [pid 5088] <... ioctl resumed>) = ? [pid 5088] +++ exited with 0 +++ [pid 5087] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5089 ./strace-static-x86_64: Process 5089 attached [pid 5089] set_robust_list(0x555555a845e0, 24) = 0 [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] setpgid(0, 0) = 0 [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] write(3, "1000", 4) = 4 [pid 5089] close(3) = 0 [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5089] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5090], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5090 [pid 5089] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5090 attached [pid 5090] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5090] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5090] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = 0 [pid 5089] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5090] <... futex resumed>) = 1 [pid 5090] fcntl(3, F_DUPFD, 3) = 4 [pid 5090] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = 0 [pid 5089] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5090] <... futex resumed>) = 1 [pid 5090] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5090] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = 0 [pid 5089] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5090] <... futex resumed>) = 1 [pid 5090] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5090] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = 0 [pid 5089] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5090] <... futex resumed>) = 1 [ 59.501587][ T5088] block nbd0: shutting down sockets [pid 5090] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5090] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5089] <... futex resumed>) = 0 [pid 5090] ioctl(3, NBD_SET_SOCK, 5 [pid 5089] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5090] <... ioctl resumed>) = 0 [pid 5090] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5089] <... futex resumed>) = 0 [pid 5090] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5090] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5089] <... futex resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5089] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5090] <... openat resumed>) = 7 [pid 5090] write(7, "16", 2) = 2 [pid 5090] ioctl(3, NBD_DO_IT [pid 5089] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 59.616797][ T5090] FAULT_INJECTION: forcing a failure. [ 59.616797][ T5090] name failslab, interval 1, probability 0, space 0, times 0 [ 59.630408][ T5090] CPU: 0 PID: 5090 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 59.640528][ T5090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 59.650602][ T5090] Call Trace: [ 59.653886][ T5090] [ 59.656827][ T5090] dump_stack_lvl+0x1e3/0x2d0 [ 59.661505][ T5090] ? nf_tcp_handle_invalid+0x630/0x630 [ 59.666978][ T5090] ? panic+0x770/0x770 [ 59.671074][ T5090] ? __might_sleep+0xc0/0xc0 [ 59.675691][ T5090] should_fail_ex+0x3aa/0x4e0 [ 59.680369][ T5090] ? __d_alloc+0x31/0x700 [ 59.684789][ T5090] should_failslab+0x5/0x20 [ 59.689304][ T5090] kmem_cache_alloc_lru+0x75/0x320 [ 59.694429][ T5090] ? mark_lock+0x9a/0x350 [ 59.698761][ T5090] __d_alloc+0x31/0x700 [ 59.702922][ T5090] d_alloc_parallel+0xcb/0x12c0 [ 59.707797][ T5090] ? lockdep_init_map_type+0x9d/0x8d0 [ 59.713226][ T5090] ? lockdep_softirqs_off+0x420/0x420 [ 59.718639][ T5090] ? d_hash_and_lookup+0x1c0/0x1c0 [ 59.723866][ T5090] ? __init_waitqueue_head+0xa6/0x140 [ 59.729244][ T5090] __lookup_slow+0x112/0x3e0 [ 59.733856][ T5090] ? lookup_one_len+0x690/0x690 [ 59.738750][ T5090] lookup_one_len+0x430/0x690 [ 59.743433][ T5090] ? try_lookup_one_len+0x670/0x670 [ 59.748648][ T5090] ? mntput+0x60/0xb0 [ 59.752664][ T5090] start_creating+0x183/0x330 [ 59.757385][ T5090] __debugfs_create_file+0x74/0x500 [ 59.762611][ T5090] nbd_start_device+0x44a/0xb70 [pid 5089] exit_group(0) = ? [ 59.767490][ T5090] nbd_start_device_ioctl+0xa7/0x5c0 [ 59.772797][ T5090] ? nbd_ioctl+0xd7/0x5b0 [ 59.777121][ T5090] ? nbd_set_size+0x490/0x490 [ 59.781813][ T5090] ? safesetid_security_capable+0xab/0x1b0 [ 59.787641][ T5090] ? bpf_lsm_capable+0x5/0x10 [ 59.792324][ T5090] nbd_ioctl+0x28c/0x5b0 [ 59.796584][ T5090] ? nbd_release+0x130/0x130 [ 59.801217][ T5090] blkdev_ioctl+0x3c9/0x7c0 [ 59.805738][ T5090] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 59.811237][ T5090] ? bpf_lsm_file_ioctl+0x5/0x10 [ 59.816207][ T5090] ? security_file_ioctl+0x9d/0xb0 [ 59.821335][ T5090] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 59.826819][ T5090] __se_sys_ioctl+0xfb/0x170 [ 59.831775][ T5090] do_syscall_64+0x2b/0x70 [ 59.836189][ T5090] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.842080][ T5090] RIP: 0033:0x7fab4e5b6259 [ 59.847271][ T5090] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 59.866885][ T5090] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 59.875416][ T5090] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 59.883503][ T5090] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 59.891492][ T5090] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 59.899562][ T5090] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 59.907528][ T5090] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [pid 5090] <... ioctl resumed>) = ? [pid 5090] +++ exited with 0 +++ [pid 5089] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached [pid 5091] set_robust_list(0x555555a845e0, 24) = 0 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5091] setpgid(0, 0) = 0 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5091] write(3, "1000", 4 [pid 5057] <... clone resumed>, child_tidptr=0x555555a845d0) = 5091 [pid 5091] <... write resumed>) = 4 [pid 5091] close(3) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5091] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5091] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5092], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5092 [pid 5091] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5092 attached [pid 5092] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5092] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5092] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] <... futex resumed>) = 0 [pid 5092] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5091] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5092] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5092] fcntl(3, F_DUPFD, 3) = 4 [pid 5092] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] <... futex resumed>) = 0 [pid 5091] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5092] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5092] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] <... futex resumed>) = 0 [pid 5091] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5092] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5092] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] <... futex resumed>) = 0 [pid 5091] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 59.915538][ T5090] [ 59.919933][ T5090] block nbd0: shutting down sockets [pid 5092] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5092] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] <... futex resumed>) = 0 [pid 5091] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5092] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5092] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] <... futex resumed>) = 0 [pid 5091] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5092] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5092] write(7, "16", 2) = 2 [ 60.049133][ T5092] FAULT_INJECTION: forcing a failure. [ 60.049133][ T5092] name failslab, interval 1, probability 0, space 0, times 0 [ 60.062161][ T5092] CPU: 0 PID: 5092 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 60.072246][ T5092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 60.082308][ T5092] Call Trace: [ 60.085597][ T5092] [ 60.088520][ T5092] dump_stack_lvl+0x1e3/0x2d0 [ 60.093196][ T5092] ? nf_tcp_handle_invalid+0x630/0x630 [ 60.098651][ T5092] ? panic+0x770/0x770 [ 60.102729][ T5092] ? __might_sleep+0xc0/0xc0 [ 60.107315][ T5092] ? lockdep_init_map_type+0x9d/0x8d0 [ 60.112702][ T5092] should_fail_ex+0x3aa/0x4e0 [ 60.117423][ T5092] ? security_inode_alloc+0x24/0x130 [ 60.122744][ T5092] should_failslab+0x5/0x20 [ 60.127282][ T5092] kmem_cache_alloc+0x69/0x350 [ 60.132083][ T5092] security_inode_alloc+0x24/0x130 [ 60.137230][ T5092] inode_init_always+0x887/0xb80 [ 60.142192][ T5092] new_inode_pseudo+0x94/0x1d0 [pid 5092] ioctl(3, NBD_DO_IT [pid 5091] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5091] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 60.146956][ T5092] new_inode+0x25/0x1d0 [ 60.151125][ T5092] ? start_creating+0x22a/0x330 [ 60.155984][ T5092] __debugfs_create_file+0x146/0x500 [ 60.161302][ T5092] nbd_start_device+0x42c/0xb70 [ 60.166205][ T5092] nbd_start_device_ioctl+0xa7/0x5c0 [ 60.171506][ T5092] ? nbd_ioctl+0xd7/0x5b0 [ 60.175828][ T5092] ? nbd_set_size+0x490/0x490 [ 60.180509][ T5092] ? safesetid_security_capable+0xab/0x1b0 [ 60.186608][ T5092] ? bpf_lsm_capable+0x5/0x10 [ 60.191313][ T5092] nbd_ioctl+0x28c/0x5b0 [pid 5091] exit_group(0) = ? [ 60.195558][ T5092] ? nbd_release+0x130/0x130 [ 60.200180][ T5092] blkdev_ioctl+0x3c9/0x7c0 [ 60.204721][ T5092] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 60.210196][ T5092] ? bpf_lsm_file_ioctl+0x5/0x10 [ 60.215150][ T5092] ? security_file_ioctl+0x9d/0xb0 [ 60.220265][ T5092] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 60.225739][ T5092] __se_sys_ioctl+0xfb/0x170 [ 60.231120][ T5092] do_syscall_64+0x2b/0x70 [ 60.235804][ T5092] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 60.241710][ T5092] RIP: 0033:0x7fab4e5b6259 [ 60.246121][ T5092] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 60.265724][ T5092] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.274134][ T5092] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 60.282146][ T5092] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 60.290135][ T5092] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5092] <... ioctl resumed>) = ? [pid 5092] +++ exited with 0 +++ [pid 5091] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5093 attached [pid 5093] set_robust_list(0x555555a845e0, 24) = 0 [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] setpgid(0, 0) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5057] <... clone resumed>, child_tidptr=0x555555a845d0) = 5093 [pid 5093] <... openat resumed>) = 3 [pid 5093] write(3, "1000", 4) = 4 [pid 5093] close(3) = 0 [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5093] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5093] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5094], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5094 [pid 5093] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5094 attached [pid 5094] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5094] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5094] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5093] <... futex resumed>) = 0 [pid 5093] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5094] <... futex resumed>) = 1 [pid 5094] fcntl(3, F_DUPFD, 3) = 4 [pid 5094] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5093] <... futex resumed>) = 0 [pid 5093] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5094] <... futex resumed>) = 1 [pid 5094] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5094] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5093] <... futex resumed>) = 0 [pid 5093] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5094] <... futex resumed>) = 1 [pid 5094] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5094] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5093] <... futex resumed>) = 0 [pid 5093] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5094] <... futex resumed>) = 1 [ 60.298153][ T5092] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 60.306125][ T5092] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 60.314121][ T5092] [ 60.318035][ T5092] debugfs: out of free dentries, can not create file 'timeout' [ 60.326058][ T5092] block nbd0: shutting down sockets [pid 5094] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5094] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5093] <... futex resumed>) = 0 [pid 5094] ioctl(3, NBD_SET_SOCK, 5 [pid 5093] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5094] <... ioctl resumed>) = 0 [pid 5094] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5093] <... futex resumed>) = 0 [pid 5094] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5093] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5094] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5093] <... futex resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5093] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5094] <... openat resumed>) = 7 [pid 5094] write(7, "16", 2) = 2 [ 60.447147][ T5094] FAULT_INJECTION: forcing a failure. [ 60.447147][ T5094] name failslab, interval 1, probability 0, space 0, times 0 [ 60.459825][ T5094] CPU: 1 PID: 5094 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 60.469906][ T5094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 60.479970][ T5094] Call Trace: [ 60.483255][ T5094] [ 60.486185][ T5094] dump_stack_lvl+0x1e3/0x2d0 [ 60.490874][ T5094] ? nf_tcp_handle_invalid+0x630/0x630 [ 60.496347][ T5094] ? panic+0x770/0x770 [ 60.500413][ T5094] ? __might_sleep+0xc0/0xc0 [ 60.505015][ T5094] should_fail_ex+0x3aa/0x4e0 [ 60.509719][ T5094] ? __d_alloc+0x31/0x700 [ 60.514082][ T5094] should_failslab+0x5/0x20 [ 60.518595][ T5094] kmem_cache_alloc_lru+0x75/0x320 [ 60.523699][ T5094] ? mark_lock+0x9a/0x350 [ 60.528057][ T5094] __d_alloc+0x31/0x700 [ 60.532270][ T5094] d_alloc_parallel+0xcb/0x12c0 [ 60.537161][ T5094] ? lockdep_init_map_type+0x9d/0x8d0 [ 60.542533][ T5094] ? lockdep_softirqs_off+0x420/0x420 [ 60.547920][ T5094] ? d_hash_and_lookup+0x1c0/0x1c0 [ 60.553050][ T5094] ? __init_waitqueue_head+0xa6/0x140 [ 60.558428][ T5094] __lookup_slow+0x112/0x3e0 [ 60.563030][ T5094] ? lookup_one_len+0x690/0x690 [ 60.567899][ T5094] lookup_one_len+0x430/0x690 [ 60.572583][ T5094] ? try_lookup_one_len+0x670/0x670 [ 60.577783][ T5094] ? mntput+0x60/0xb0 [ 60.581770][ T5094] start_creating+0x183/0x330 [ 60.586817][ T5094] __debugfs_create_file+0x74/0x500 [ 60.592027][ T5094] nbd_start_device+0x44a/0xb70 [ 60.596897][ T5094] nbd_start_device_ioctl+0xa7/0x5c0 [ 60.602266][ T5094] ? nbd_ioctl+0xd7/0x5b0 [ 60.606593][ T5094] ? nbd_set_size+0x490/0x490 [ 60.611275][ T5094] ? safesetid_security_capable+0xab/0x1b0 [ 60.617090][ T5094] ? bpf_lsm_capable+0x5/0x10 [ 60.621776][ T5094] nbd_ioctl+0x28c/0x5b0 [ 60.626017][ T5094] ? nbd_release+0x130/0x130 [ 60.630609][ T5094] blkdev_ioctl+0x3c9/0x7c0 [ 60.635114][ T5094] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 60.640578][ T5094] ? bpf_lsm_file_ioctl+0x5/0x10 [ 60.645514][ T5094] ? security_file_ioctl+0x9d/0xb0 [ 60.650638][ T5094] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 60.656101][ T5094] __se_sys_ioctl+0xfb/0x170 [ 60.660690][ T5094] do_syscall_64+0x2b/0x70 [ 60.665106][ T5094] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 60.670998][ T5094] RIP: 0033:0x7fab4e5b6259 [ 60.675409][ T5094] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5094] ioctl(3, NBD_DO_IT [pid 5093] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 60.696333][ T5094] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.704758][ T5094] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 60.712727][ T5094] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 60.720702][ T5094] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 60.728685][ T5094] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 60.736650][ T5094] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 60.744634][ T5094] [pid 5093] exit_group(0) = ? [pid 5094] <... ioctl resumed>) = ? [pid 5094] +++ exited with 0 +++ [pid 5093] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5095 ./strace-static-x86_64: Process 5095 attached [pid 5095] set_robust_list(0x555555a845e0, 24) = 0 [pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5095] setpgid(0, 0) = 0 [pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] write(3, "1000", 4) = 4 [pid 5095] close(3) = 0 [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5095] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5095] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5095] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5096], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5096 [pid 5095] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5096 attached [pid 5096] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5096] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5096] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5095] <... futex resumed>) = 0 [pid 5096] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5095] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5095] <... futex resumed>) = 0 [pid 5096] fcntl(3, F_DUPFD, 3 [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... fcntl resumed>) = 4 [pid 5096] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5095] <... futex resumed>) = 0 [pid 5096] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5095] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5095] <... futex resumed>) = 0 [pid 5096] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... ioctl resumed>) = 0 [pid 5096] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5095] <... futex resumed>) = 0 [pid 5096] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5095] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5095] <... futex resumed>) = 0 [pid 5096] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... socketpair resumed>[5, 6]) = 0 [pid 5096] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5095] <... futex resumed>) = 0 [pid 5096] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5095] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5095] <... futex resumed>) = 0 [pid 5096] ioctl(3, NBD_SET_SOCK, 5 [ 60.892969][ T5094] block nbd0: shutting down sockets [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... ioctl resumed>) = 0 [pid 5096] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5095] <... futex resumed>) = 0 [pid 5096] ioctl(3, NBD_SET_SOCK, 5 [pid 5095] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... ioctl resumed>) = 0 [pid 5096] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5096] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5095] <... futex resumed>) = 0 [pid 5095] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = 0 [pid 5095] <... futex resumed>) = 1 [pid 5096] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5095] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] write(7, "16", 2) = 2 [pid 5096] ioctl(3, NBD_DO_IT [pid 5095] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 61.008986][ T5096] FAULT_INJECTION: forcing a failure. [ 61.008986][ T5096] name failslab, interval 1, probability 0, space 0, times 0 [ 61.021663][ T5096] CPU: 0 PID: 5096 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 61.031719][ T5096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 61.041788][ T5096] Call Trace: [ 61.045074][ T5096] [ 61.048000][ T5096] dump_stack_lvl+0x1e3/0x2d0 [ 61.052678][ T5096] ? nf_tcp_handle_invalid+0x630/0x630 [ 61.058131][ T5096] ? panic+0x770/0x770 [ 61.062218][ T5096] ? __might_sleep+0xc0/0xc0 [ 61.066848][ T5096] should_fail_ex+0x3aa/0x4e0 [ 61.071527][ T5096] ? __d_alloc+0x31/0x700 [ 61.075868][ T5096] should_failslab+0x5/0x20 [ 61.080389][ T5096] kmem_cache_alloc_lru+0x75/0x320 [ 61.085588][ T5096] ? mark_lock+0x9a/0x350 [ 61.089924][ T5096] __d_alloc+0x31/0x700 [ 61.094098][ T5096] d_alloc_parallel+0xcb/0x12c0 [ 61.098988][ T5096] ? lockdep_init_map_type+0x9d/0x8d0 [ 61.104376][ T5096] ? lockdep_softirqs_off+0x420/0x420 [ 61.109777][ T5096] ? d_hash_and_lookup+0x1c0/0x1c0 [ 61.114918][ T5096] ? __init_waitqueue_head+0xa6/0x140 [ 61.120302][ T5096] __lookup_slow+0x112/0x3e0 [ 61.124893][ T5096] ? lookup_one_len+0x690/0x690 [ 61.129773][ T5096] lookup_one_len+0x430/0x690 [ 61.134498][ T5096] ? try_lookup_one_len+0x670/0x670 [ 61.139728][ T5096] ? mntput+0x60/0xb0 [ 61.143732][ T5096] start_creating+0x183/0x330 [ 61.148422][ T5096] __debugfs_create_file+0x74/0x500 [ 61.153637][ T5096] nbd_start_device+0x44a/0xb70 [pid 5095] exit_group(0) = ? [ 61.158509][ T5096] nbd_start_device_ioctl+0xa7/0x5c0 [ 61.163804][ T5096] ? nbd_ioctl+0xd7/0x5b0 [ 61.168133][ T5096] ? nbd_set_size+0x490/0x490 [ 61.172814][ T5096] ? safesetid_security_capable+0xab/0x1b0 [ 61.178648][ T5096] ? bpf_lsm_capable+0x5/0x10 [ 61.183355][ T5096] nbd_ioctl+0x28c/0x5b0 [ 61.187606][ T5096] ? nbd_release+0x130/0x130 [ 61.192197][ T5096] blkdev_ioctl+0x3c9/0x7c0 [ 61.196715][ T5096] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 61.202205][ T5096] ? bpf_lsm_file_ioctl+0x5/0x10 [ 61.207159][ T5096] ? security_file_ioctl+0x9d/0xb0 [ 61.212282][ T5096] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 61.217746][ T5096] __se_sys_ioctl+0xfb/0x170 [ 61.222348][ T5096] do_syscall_64+0x2b/0x70 [ 61.226772][ T5096] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.232673][ T5096] RIP: 0033:0x7fab4e5b6259 [ 61.237103][ T5096] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 61.256724][ T5096] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 61.265134][ T5096] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 61.273100][ T5096] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 61.281424][ T5096] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 61.289411][ T5096] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 61.297384][ T5096] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 61.305398][ T5096] [pid 5096] <... ioctl resumed>) = ? [pid 5096] +++ exited with 0 +++ [pid 5095] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5097 ./strace-static-x86_64: Process 5097 attached [pid 5097] set_robust_list(0x555555a845e0, 24) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5097] close(3) = 0 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5097] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5097] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5098], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5098 [pid 5097] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5098 attached [pid 5098] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5098] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [ 61.309644][ T5096] block nbd0: shutting down sockets [pid 5098] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5098] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5097] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5098] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5097] <... futex resumed>) = 0 [pid 5098] fcntl(3, F_DUPFD, 3 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... fcntl resumed>) = 4 [pid 5098] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5098] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5097] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... ioctl resumed>) = 0 [pid 5098] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5098] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5097] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5098] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5098] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5097] <... futex resumed>) = 0 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... socketpair resumed>[5, 6]) = 0 [pid 5098] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5098] ioctl(3, NBD_SET_SOCK, 5 [pid 5097] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... ioctl resumed>) = 0 [pid 5098] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5098] ioctl(3, NBD_SET_SOCK, 5 [pid 5097] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] <... ioctl resumed>) = 0 [pid 5098] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5098] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5097] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5098] <... openat resumed>) = 7 [pid 5097] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5098] write(7, "16", 2) = 2 [ 61.468858][ T5098] FAULT_INJECTION: forcing a failure. [ 61.468858][ T5098] name failslab, interval 1, probability 0, space 0, times 0 [ 61.482172][ T5098] CPU: 0 PID: 5098 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 61.492259][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 61.502322][ T5098] Call Trace: [ 61.505598][ T5098] [ 61.508692][ T5098] dump_stack_lvl+0x1e3/0x2d0 [ 61.513388][ T5098] ? nf_tcp_handle_invalid+0x630/0x630 [ 61.518848][ T5098] ? panic+0x770/0x770 [ 61.522912][ T5098] ? __might_sleep+0xc0/0xc0 [ 61.527492][ T5098] ? lockdep_init_map_type+0x9d/0x8d0 [ 61.532866][ T5098] should_fail_ex+0x3aa/0x4e0 [ 61.538324][ T5098] ? security_inode_alloc+0x24/0x130 [ 61.543609][ T5098] should_failslab+0x5/0x20 [ 61.548114][ T5098] kmem_cache_alloc+0x69/0x350 [ 61.552884][ T5098] security_inode_alloc+0x24/0x130 [ 61.557998][ T5098] inode_init_always+0x887/0xb80 [ 61.562944][ T5098] new_inode_pseudo+0x94/0x1d0 [ 61.567707][ T5098] new_inode+0x25/0x1d0 [ 61.571859][ T5098] ? start_creating+0x22a/0x330 [ 61.576710][ T5098] __debugfs_create_file+0x146/0x500 [ 61.582001][ T5098] nbd_start_device+0x42c/0xb70 [ 61.586864][ T5098] nbd_start_device_ioctl+0xa7/0x5c0 [ 61.592198][ T5098] ? nbd_ioctl+0xd7/0x5b0 [ 61.596528][ T5098] ? nbd_set_size+0x490/0x490 [ 61.601208][ T5098] ? safesetid_security_capable+0xab/0x1b0 [ 61.607018][ T5098] ? bpf_lsm_capable+0x5/0x10 [ 61.611701][ T5098] nbd_ioctl+0x28c/0x5b0 [ 61.615941][ T5098] ? nbd_release+0x130/0x130 [ 61.620531][ T5098] blkdev_ioctl+0x3c9/0x7c0 [ 61.625041][ T5098] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 61.630501][ T5098] ? bpf_lsm_file_ioctl+0x5/0x10 [ 61.635437][ T5098] ? security_file_ioctl+0x9d/0xb0 [ 61.640550][ T5098] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 61.646006][ T5098] __se_sys_ioctl+0xfb/0x170 [ 61.650629][ T5098] do_syscall_64+0x2b/0x70 [ 61.655055][ T5098] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.660972][ T5098] RIP: 0033:0x7fab4e5b6259 [ 61.665394][ T5098] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 61.685007][ T5098] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 61.693420][ T5098] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 61.701392][ T5098] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 61.709354][ T5098] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5098] ioctl(3, NBD_DO_IT [pid 5097] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 61.717320][ T5098] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 61.725286][ T5098] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 61.733266][ T5098] [ 61.736624][ T5098] debugfs: out of free dentries, can not create file 'timeout' [pid 5097] exit_group(0) = ? [pid 5098] <... ioctl resumed>) = ? [pid 5098] +++ exited with 0 +++ [pid 5097] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5099 ./strace-static-x86_64: Process 5099 attached [pid 5099] set_robust_list(0x555555a845e0, 24) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5099] setpgid(0, 0) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5099] write(3, "1000", 4) = 4 [pid 5099] close(3) = 0 [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5099] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5099] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5100 attached , parent_tid=[5100], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5100 [pid 5099] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5100] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 5099] <... futex resumed>) = 0 [pid 5100] <... openat resumed>) = 3 [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5100] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5099] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5100] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5099] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5100] <... futex resumed>) = 0 [pid 5100] fcntl(3, F_DUPFD, 3) = 4 [pid 5100] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5100] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5099] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5100] <... futex resumed>) = 0 [pid 5100] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5100] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5100] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5099] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5100] <... futex resumed>) = 0 [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5100] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5100] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5100] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5099] <... futex resumed>) = 0 [pid 5099] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5100] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 61.914851][ T5098] block nbd0: shutting down sockets [pid 5100] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5100] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5099] <... futex resumed>) = 0 [pid 5100] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5099] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... futex resumed>) = 0 [pid 5099] <... futex resumed>) = 1 [pid 5100] ioctl(3, NBD_SET_SOCK, 5 [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5100] <... ioctl resumed>) = 0 [pid 5100] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5099] <... futex resumed>) = 0 [pid 5100] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5099] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5099] <... futex resumed>) = 0 [pid 5100] <... openat resumed>) = 7 [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5100] write(7, "16", 2) = 2 [pid 5100] ioctl(3, NBD_DO_IT [pid 5099] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5099] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 62.028505][ T5100] FAULT_INJECTION: forcing a failure. [ 62.028505][ T5100] name failslab, interval 1, probability 0, space 0, times 0 [ 62.041306][ T5100] CPU: 0 PID: 5100 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 62.051406][ T5100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 62.061481][ T5100] Call Trace: [ 62.064767][ T5100] [ 62.067705][ T5100] dump_stack_lvl+0x1e3/0x2d0 [ 62.072388][ T5100] ? nf_tcp_handle_invalid+0x630/0x630 [ 62.077865][ T5100] ? panic+0x770/0x770 [ 62.082053][ T5100] ? __might_sleep+0xc0/0xc0 [ 62.086663][ T5100] should_fail_ex+0x3aa/0x4e0 [ 62.091341][ T5100] ? __d_alloc+0x31/0x700 [ 62.095673][ T5100] should_failslab+0x5/0x20 [ 62.100176][ T5100] kmem_cache_alloc_lru+0x75/0x320 [ 62.105284][ T5100] ? mark_lock+0x9a/0x350 [ 62.109615][ T5100] __d_alloc+0x31/0x700 [ 62.113776][ T5100] d_alloc_parallel+0xcb/0x12c0 [ 62.118631][ T5100] ? lockdep_init_map_type+0x9d/0x8d0 [ 62.124002][ T5100] ? lockdep_softirqs_off+0x420/0x420 [ 62.129374][ T5100] ? d_hash_and_lookup+0x1c0/0x1c0 [ 62.134835][ T5100] ? __init_waitqueue_head+0xa6/0x140 [ 62.140206][ T5100] __lookup_slow+0x112/0x3e0 [ 62.144799][ T5100] ? lookup_one_len+0x690/0x690 [ 62.149685][ T5100] lookup_one_len+0x430/0x690 [ 62.154366][ T5100] ? try_lookup_one_len+0x670/0x670 [ 62.159562][ T5100] ? mntput+0x60/0xb0 [ 62.163552][ T5100] start_creating+0x183/0x330 [ 62.168251][ T5100] __debugfs_create_file+0x74/0x500 [ 62.173489][ T5100] nbd_start_device+0x44a/0xb70 [ 62.178393][ T5100] nbd_start_device_ioctl+0xa7/0x5c0 [ 62.183711][ T5100] ? nbd_ioctl+0xd7/0x5b0 [ 62.188059][ T5100] ? nbd_set_size+0x490/0x490 [ 62.192836][ T5100] ? safesetid_security_capable+0xab/0x1b0 [ 62.198659][ T5100] ? bpf_lsm_capable+0x5/0x10 [ 62.203341][ T5100] nbd_ioctl+0x28c/0x5b0 [ 62.207584][ T5100] ? nbd_release+0x130/0x130 [ 62.212185][ T5100] blkdev_ioctl+0x3c9/0x7c0 [ 62.216690][ T5100] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 62.222153][ T5100] ? bpf_lsm_file_ioctl+0x5/0x10 [ 62.227088][ T5100] ? security_file_ioctl+0x9d/0xb0 [ 62.232205][ T5100] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 62.237657][ T5100] __se_sys_ioctl+0xfb/0x170 [ 62.242247][ T5100] do_syscall_64+0x2b/0x70 [ 62.246657][ T5100] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 62.252548][ T5100] RIP: 0033:0x7fab4e5b6259 [ 62.256963][ T5100] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 62.276565][ T5100] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.284979][ T5100] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 62.292948][ T5100] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 62.300920][ T5100] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 62.308889][ T5100] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 62.316859][ T5100] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 62.324841][ T5100] [pid 5099] exit_group(0) = ? [pid 5100] <... ioctl resumed>) = ? [pid 5100] +++ exited with 0 +++ [pid 5099] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5101 ./strace-static-x86_64: Process 5101 attached [pid 5101] set_robust_list(0x555555a845e0, 24) = 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5101] setpgid(0, 0) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5101] write(3, "1000", 4) = 4 [pid 5101] close(3) = 0 [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5101] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5101] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5101] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5102], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5102 [pid 5101] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5102 attached [pid 5102] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5102] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5102] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... futex resumed>) = 0 [pid 5101] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] <... futex resumed>) = 1 [pid 5102] fcntl(3, F_DUPFD, 3) = 4 [pid 5102] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... futex resumed>) = 0 [pid 5101] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] <... futex resumed>) = 1 [pid 5102] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5102] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... futex resumed>) = 0 [pid 5101] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] <... futex resumed>) = 1 [pid 5102] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5102] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... futex resumed>) = 0 [pid 5101] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] <... futex resumed>) = 1 [ 62.532276][ T5100] block nbd0: shutting down sockets [pid 5102] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5102] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] <... futex resumed>) = 0 [pid 5102] <... futex resumed>) = 1 [pid 5101] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5102] ioctl(3, NBD_SET_SOCK, 5 [pid 5101] <... futex resumed>) = 0 [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] <... ioctl resumed>) = 0 [pid 5102] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5101] <... futex resumed>) = 0 [pid 5102] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5101] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5102] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5101] <... futex resumed>) = 0 [pid 5102] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5101] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] <... openat resumed>) = 7 [pid 5102] write(7, "16", 2) = 2 [ 62.637480][ T5102] FAULT_INJECTION: forcing a failure. [ 62.637480][ T5102] name failslab, interval 1, probability 0, space 0, times 0 [ 62.650262][ T5102] CPU: 1 PID: 5102 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 62.660356][ T5102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 62.672337][ T5102] Call Trace: [ 62.675625][ T5102] [ 62.678553][ T5102] dump_stack_lvl+0x1e3/0x2d0 [ 62.683231][ T5102] ? nf_tcp_handle_invalid+0x630/0x630 [ 62.688687][ T5102] ? panic+0x770/0x770 [ 62.692754][ T5102] ? __might_sleep+0xc0/0xc0 [ 62.697344][ T5102] should_fail_ex+0x3aa/0x4e0 [ 62.702027][ T5102] ? __d_alloc+0x31/0x700 [ 62.706383][ T5102] should_failslab+0x5/0x20 [ 62.710897][ T5102] kmem_cache_alloc_lru+0x75/0x320 [ 62.716013][ T5102] ? mark_lock+0x9a/0x350 [ 62.720374][ T5102] __d_alloc+0x31/0x700 [ 62.724565][ T5102] d_alloc_parallel+0xcb/0x12c0 [ 62.729434][ T5102] ? lockdep_init_map_type+0x9d/0x8d0 [ 62.734804][ T5102] ? lockdep_softirqs_off+0x420/0x420 [ 62.740181][ T5102] ? d_hash_and_lookup+0x1c0/0x1c0 [ 62.745296][ T5102] ? __init_waitqueue_head+0xa6/0x140 [ 62.750675][ T5102] __lookup_slow+0x112/0x3e0 [ 62.755272][ T5102] ? lookup_one_len+0x690/0x690 [ 62.760141][ T5102] lookup_one_len+0x430/0x690 [ 62.764829][ T5102] ? try_lookup_one_len+0x670/0x670 [ 62.770031][ T5102] ? mntput+0x60/0xb0 [ 62.774023][ T5102] start_creating+0x183/0x330 [ 62.778704][ T5102] __debugfs_create_file+0x74/0x500 [ 62.783906][ T5102] nbd_start_device+0x44a/0xb70 [ 62.788768][ T5102] nbd_start_device_ioctl+0xa7/0x5c0 [ 62.794049][ T5102] ? nbd_ioctl+0xd7/0x5b0 [ 62.798385][ T5102] ? nbd_set_size+0x490/0x490 [ 62.803075][ T5102] ? safesetid_security_capable+0xab/0x1b0 [ 62.808886][ T5102] ? bpf_lsm_capable+0x5/0x10 [ 62.813569][ T5102] nbd_ioctl+0x28c/0x5b0 [ 62.817812][ T5102] ? nbd_release+0x130/0x130 [ 62.822405][ T5102] blkdev_ioctl+0x3c9/0x7c0 [ 62.826911][ T5102] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 62.832370][ T5102] ? bpf_lsm_file_ioctl+0x5/0x10 [ 62.837305][ T5102] ? security_file_ioctl+0x9d/0xb0 [ 62.842421][ T5102] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 62.847878][ T5102] __se_sys_ioctl+0xfb/0x170 [ 62.852504][ T5102] do_syscall_64+0x2b/0x70 [ 62.856924][ T5102] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 62.862836][ T5102] RIP: 0033:0x7fab4e5b6259 [ 62.867270][ T5102] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5102] ioctl(3, NBD_DO_IT [pid 5101] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 62.886892][ T5102] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.895315][ T5102] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 62.903288][ T5102] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 62.911260][ T5102] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 62.919226][ T5102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 62.927190][ T5102] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 62.935173][ T5102] [pid 5101] exit_group(0) = ? [pid 5102] <... ioctl resumed>) = ? [pid 5102] +++ exited with 0 +++ [pid 5101] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5103 ./strace-static-x86_64: Process 5103 attached [pid 5103] set_robust_list(0x555555a845e0, 24) = 0 [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5103] setpgid(0, 0) = 0 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5103] write(3, "1000", 4) = 4 [pid 5103] close(3) = 0 [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5103] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [ 63.074395][ T5102] block nbd0: shutting down sockets [pid 5103] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5104 attached , parent_tid=[5104], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5104 [pid 5104] set_robust_list(0x7fab4e5639e0, 24 [pid 5103] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] <... set_robust_list resumed>) = 0 [pid 5104] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5104] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5103] <... futex resumed>) = 0 [pid 5103] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] fcntl(3, F_DUPFD, 3) = 4 [pid 5104] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5103] <... futex resumed>) = 0 [pid 5104] <... futex resumed>) = 1 [pid 5103] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5104] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5103] <... futex resumed>) = 0 [pid 5104] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5103] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5104] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5104] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5103] <... futex resumed>) = 0 [pid 5104] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5103] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5104] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5104] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5103] <... futex resumed>) = 0 [pid 5104] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5103] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5104] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5104] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5103] <... futex resumed>) = 0 [pid 5103] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5104] write(7, "16", 2) = 2 [ 63.208900][ T5104] FAULT_INJECTION: forcing a failure. [ 63.208900][ T5104] name failslab, interval 1, probability 0, space 0, times 0 [ 63.221660][ T5104] CPU: 0 PID: 5104 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 63.231828][ T5104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 63.241908][ T5104] Call Trace: [ 63.245190][ T5104] [ 63.248143][ T5104] dump_stack_lvl+0x1e3/0x2d0 [ 63.252846][ T5104] ? nf_tcp_handle_invalid+0x630/0x630 [ 63.258313][ T5104] ? panic+0x770/0x770 [ 63.262403][ T5104] ? __might_sleep+0xc0/0xc0 [ 63.267036][ T5104] should_fail_ex+0x3aa/0x4e0 [ 63.271716][ T5104] ? __d_alloc+0x31/0x700 [ 63.276050][ T5104] should_failslab+0x5/0x20 [ 63.280563][ T5104] kmem_cache_alloc_lru+0x75/0x320 [ 63.285705][ T5104] ? mark_lock+0x9a/0x350 [ 63.290076][ T5104] __d_alloc+0x31/0x700 [ 63.294267][ T5104] d_alloc_parallel+0xcb/0x12c0 [ 63.299153][ T5104] ? lockdep_init_map_type+0x9d/0x8d0 [ 63.304547][ T5104] ? lockdep_softirqs_off+0x420/0x420 [ 63.309965][ T5104] ? d_hash_and_lookup+0x1c0/0x1c0 [ 63.315103][ T5104] ? __init_waitqueue_head+0xa6/0x140 [ 63.320476][ T5104] __lookup_slow+0x112/0x3e0 [ 63.325076][ T5104] ? lookup_one_len+0x690/0x690 [ 63.329977][ T5104] lookup_one_len+0x430/0x690 [ 63.334674][ T5104] ? try_lookup_one_len+0x670/0x670 [ 63.339893][ T5104] ? mntput+0x60/0xb0 [ 63.343889][ T5104] start_creating+0x183/0x330 [ 63.348569][ T5104] __debugfs_create_file+0x74/0x500 [ 63.353775][ T5104] nbd_start_device+0x44a/0xb70 [ 63.358644][ T5104] nbd_start_device_ioctl+0xa7/0x5c0 [ 63.363927][ T5104] ? nbd_ioctl+0xd7/0x5b0 [ 63.368256][ T5104] ? nbd_set_size+0x490/0x490 [ 63.372934][ T5104] ? safesetid_security_capable+0xab/0x1b0 [ 63.378748][ T5104] ? bpf_lsm_capable+0x5/0x10 [ 63.383438][ T5104] nbd_ioctl+0x28c/0x5b0 [ 63.387678][ T5104] ? nbd_release+0x130/0x130 [ 63.392290][ T5104] blkdev_ioctl+0x3c9/0x7c0 [ 63.396800][ T5104] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 63.402268][ T5104] ? bpf_lsm_file_ioctl+0x5/0x10 [ 63.407815][ T5104] ? security_file_ioctl+0x9d/0xb0 [ 63.412937][ T5104] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 63.418395][ T5104] __se_sys_ioctl+0xfb/0x170 [ 63.423423][ T5104] do_syscall_64+0x2b/0x70 [ 63.427841][ T5104] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 63.433744][ T5104] RIP: 0033:0x7fab4e5b6259 [ 63.438159][ T5104] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5104] ioctl(3, NBD_DO_IT [pid 5103] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 63.457765][ T5104] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 63.466181][ T5104] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 63.474243][ T5104] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 63.482213][ T5104] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 63.490181][ T5104] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 63.498323][ T5104] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 63.506307][ T5104] [pid 5103] exit_group(0) = ? [pid 5104] <... ioctl resumed>) = ? [pid 5104] +++ exited with 0 +++ [pid 5103] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5105 attached , child_tidptr=0x555555a845d0) = 5105 [pid 5105] set_robust_list(0x555555a845e0, 24) = 0 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5105] setpgid(0, 0) = 0 [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5105] write(3, "1000", 4) = 4 [pid 5105] close(3) = 0 [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5105] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5105] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5105] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5106 attached , parent_tid=[5106], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5106 [pid 5105] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5106] set_robust_list(0x7fab4e5639e0, 24 [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... set_robust_list resumed>) = 0 [ 63.575719][ T5104] block nbd0: shutting down sockets [pid 5106] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5106] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5105] <... futex resumed>) = 0 [pid 5106] fcntl(3, F_DUPFD, 3 [pid 5105] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] <... fcntl resumed>) = 4 [pid 5105] <... futex resumed>) = 0 [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5106] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5105] <... futex resumed>) = 0 [pid 5106] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5105] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5106] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5105] <... futex resumed>) = 0 [pid 5106] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5105] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] <... socketpair resumed>[5, 6]) = 0 [pid 5105] <... futex resumed>) = 0 [pid 5106] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... futex resumed>) = 0 [pid 5105] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5106] ioctl(3, NBD_SET_SOCK, 5 [pid 5105] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... ioctl resumed>) = 0 [pid 5106] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5105] <... futex resumed>) = 0 [pid 5106] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5105] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5105] <... futex resumed>) = 0 [pid 5106] ioctl(3, NBD_SET_SOCK, 5 [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... ioctl resumed>) = 0 [pid 5106] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5105] <... futex resumed>) = 0 [pid 5106] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5105] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5105] <... futex resumed>) = 0 [pid 5106] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5105] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... openat resumed>) = 7 [pid 5106] write(7, "16", 2) = 2 [pid 5106] ioctl(3, NBD_DO_IT [pid 5105] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5105] exit_group(0) = ? [pid 5106] <... ioctl resumed>) = ? [pid 5106] +++ exited with 0 +++ [pid 5105] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5107 ./strace-static-x86_64: Process 5107 attached [pid 5107] set_robust_list(0x555555a845e0, 24) = 0 [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5107] setpgid(0, 0) = 0 [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5107] write(3, "1000", 4) = 4 [pid 5107] close(3) = 0 [ 64.012646][ T5106] block nbd0: shutting down sockets [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5107] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5107] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5108 attached [pid 5108] set_robust_list(0x7fab4e5639e0, 24 [pid 5107] <... clone resumed>, parent_tid=[5108], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5108 [pid 5108] <... set_robust_list resumed>) = 0 [pid 5107] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5108] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 5107] <... futex resumed>) = 0 [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] <... openat resumed>) = 3 [pid 5108] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5108] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5107] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5108] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5107] <... futex resumed>) = 0 [pid 5108] fcntl(3, F_DUPFD, 3 [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] <... fcntl resumed>) = 4 [pid 5108] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5108] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5107] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5108] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5107] <... futex resumed>) = 0 [pid 5108] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] <... ioctl resumed>) = 0 [pid 5108] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5107] <... futex resumed>) = 0 [pid 5108] <... futex resumed>) = 1 [pid 5107] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5108] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5107] <... futex resumed>) = 0 [pid 5108] <... socketpair resumed>[5, 6]) = 0 [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5107] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5108] <... futex resumed>) = 0 [pid 5107] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5108] ioctl(3, NBD_SET_SOCK, 5 [pid 5107] <... futex resumed>) = 0 [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] <... ioctl resumed>) = 0 [pid 5108] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5108] ioctl(3, NBD_SET_SOCK, 5 [pid 5107] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] <... ioctl resumed>) = 0 [pid 5108] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5107] <... futex resumed>) = 0 [pid 5107] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5108] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5108] write(7, "16", 2) = 2 [ 64.128352][ T5108] FAULT_INJECTION: forcing a failure. [ 64.128352][ T5108] name failslab, interval 1, probability 0, space 0, times 0 [ 64.141175][ T5108] CPU: 1 PID: 5108 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 64.151277][ T5108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 64.161350][ T5108] Call Trace: [ 64.164630][ T5108] [ 64.167556][ T5108] dump_stack_lvl+0x1e3/0x2d0 [ 64.172236][ T5108] ? nf_tcp_handle_invalid+0x630/0x630 [ 64.177692][ T5108] ? panic+0x770/0x770 [ 64.181766][ T5108] ? __might_sleep+0xc0/0xc0 [ 64.186354][ T5108] ? lockdep_init_map_type+0x9d/0x8d0 [ 64.191729][ T5108] should_fail_ex+0x3aa/0x4e0 [ 64.196404][ T5108] ? security_inode_alloc+0x24/0x130 [ 64.201685][ T5108] should_failslab+0x5/0x20 [ 64.206184][ T5108] kmem_cache_alloc+0x69/0x350 [ 64.210953][ T5108] security_inode_alloc+0x24/0x130 [ 64.216062][ T5108] inode_init_always+0x887/0xb80 [ 64.221004][ T5108] new_inode_pseudo+0x94/0x1d0 [ 64.225765][ T5108] new_inode+0x25/0x1d0 [ 64.229912][ T5108] ? start_creating+0x22a/0x330 [ 64.234758][ T5108] __debugfs_create_file+0x146/0x500 [ 64.240044][ T5108] nbd_start_device+0x42c/0xb70 [ 64.244907][ T5108] nbd_start_device_ioctl+0xa7/0x5c0 [ 64.250183][ T5108] ? nbd_ioctl+0xd7/0x5b0 [ 64.254510][ T5108] ? nbd_set_size+0x490/0x490 [ 64.259204][ T5108] ? safesetid_security_capable+0xab/0x1b0 [ 64.265037][ T5108] ? bpf_lsm_capable+0x5/0x10 [ 64.269729][ T5108] nbd_ioctl+0x28c/0x5b0 [ 64.273973][ T5108] ? nbd_release+0x130/0x130 [ 64.278565][ T5108] blkdev_ioctl+0x3c9/0x7c0 [ 64.283097][ T5108] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 64.288577][ T5108] ? bpf_lsm_file_ioctl+0x5/0x10 [ 64.293540][ T5108] ? security_file_ioctl+0x9d/0xb0 [ 64.298680][ T5108] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 64.304151][ T5108] __se_sys_ioctl+0xfb/0x170 [ 64.308745][ T5108] do_syscall_64+0x2b/0x70 [ 64.313162][ T5108] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 64.319057][ T5108] RIP: 0033:0x7fab4e5b6259 [ 64.323466][ T5108] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 64.343066][ T5108] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 64.351478][ T5108] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 64.359453][ T5108] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 64.367417][ T5108] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5108] ioctl(3, NBD_DO_IT [pid 5107] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 64.375381][ T5108] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 64.383350][ T5108] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 64.391330][ T5108] [ 64.395988][ T5108] debugfs: out of free dentries, can not create file 'timeout' [pid 5107] exit_group(0) = ? [pid 5108] <... ioctl resumed>) = ? [pid 5108] +++ exited with 0 +++ [pid 5107] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5109 ./strace-static-x86_64: Process 5109 attached [pid 5109] set_robust_list(0x555555a845e0, 24) = 0 [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5109] setpgid(0, 0) = 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5109] write(3, "1000", 4) = 4 [pid 5109] close(3) = 0 [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5109] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5109] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5110], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5110 [pid 5109] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5110 attached [pid 5110] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5110] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5110] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5109] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5110] <... futex resumed>) = 1 [pid 5110] fcntl(3, F_DUPFD, 3) = 4 [pid 5110] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5109] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5110] <... futex resumed>) = 1 [pid 5110] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5110] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5109] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5110] <... futex resumed>) = 1 [pid 5110] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5110] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5109] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5110] <... futex resumed>) = 1 [ 64.567775][ T5108] block nbd0: shutting down sockets [pid 5110] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5110] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5109] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5110] <... futex resumed>) = 1 [pid 5110] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5110] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5109] <... futex resumed>) = 0 [pid 5110] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5109] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5110] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5109] <... futex resumed>) = 0 [pid 5110] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5109] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5110] <... openat resumed>) = 7 [pid 5110] write(7, "16", 2) = 2 [ 64.686828][ T5110] FAULT_INJECTION: forcing a failure. [ 64.686828][ T5110] name failslab, interval 1, probability 0, space 0, times 0 [ 64.699508][ T5110] CPU: 1 PID: 5110 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 64.709570][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 64.719620][ T5110] Call Trace: [ 64.722902][ T5110] [ 64.725854][ T5110] dump_stack_lvl+0x1e3/0x2d0 [ 64.730549][ T5110] ? nf_tcp_handle_invalid+0x630/0x630 [ 64.736020][ T5110] ? panic+0x770/0x770 [ 64.740116][ T5110] ? __might_sleep+0xc0/0xc0 [ 64.744751][ T5110] should_fail_ex+0x3aa/0x4e0 [ 64.749439][ T5110] ? __d_alloc+0x31/0x700 [ 64.753774][ T5110] should_failslab+0x5/0x20 [ 64.758270][ T5110] kmem_cache_alloc_lru+0x75/0x320 [ 64.763370][ T5110] ? mark_lock+0x9a/0x350 [ 64.767726][ T5110] __d_alloc+0x31/0x700 [ 64.771881][ T5110] d_alloc_parallel+0xcb/0x12c0 [ 64.776751][ T5110] ? lockdep_init_map_type+0x9d/0x8d0 [ 64.782138][ T5110] ? lockdep_softirqs_off+0x420/0x420 [ 64.787509][ T5110] ? d_hash_and_lookup+0x1c0/0x1c0 [ 64.792617][ T5110] ? __init_waitqueue_head+0xa6/0x140 [ 64.797993][ T5110] __lookup_slow+0x112/0x3e0 [ 64.802585][ T5110] ? lookup_one_len+0x690/0x690 [ 64.807473][ T5110] lookup_one_len+0x430/0x690 [ 64.812174][ T5110] ? try_lookup_one_len+0x670/0x670 [ 64.817384][ T5110] ? mntput+0x60/0xb0 [ 64.821402][ T5110] start_creating+0x183/0x330 [ 64.826091][ T5110] __debugfs_create_file+0x74/0x500 [ 64.831304][ T5110] nbd_start_device+0x44a/0xb70 [ 64.836182][ T5110] nbd_start_device_ioctl+0xa7/0x5c0 [ 64.841461][ T5110] ? nbd_ioctl+0xd7/0x5b0 [ 64.845784][ T5110] ? nbd_set_size+0x490/0x490 [ 64.850471][ T5110] ? safesetid_security_capable+0xab/0x1b0 [ 64.856295][ T5110] ? bpf_lsm_capable+0x5/0x10 [ 64.860993][ T5110] nbd_ioctl+0x28c/0x5b0 [ 64.865261][ T5110] ? nbd_release+0x130/0x130 [ 64.869852][ T5110] blkdev_ioctl+0x3c9/0x7c0 [ 64.874355][ T5110] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 64.879812][ T5110] ? bpf_lsm_file_ioctl+0x5/0x10 [ 64.884746][ T5110] ? security_file_ioctl+0x9d/0xb0 [ 64.889866][ T5110] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 64.895325][ T5110] __se_sys_ioctl+0xfb/0x170 [ 64.899928][ T5110] do_syscall_64+0x2b/0x70 [ 64.904355][ T5110] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 64.910242][ T5110] RIP: 0033:0x7fab4e5b6259 [ 64.914654][ T5110] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5110] ioctl(3, NBD_DO_IT [pid 5109] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 64.934255][ T5110] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 64.942669][ T5110] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 64.950639][ T5110] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 64.958609][ T5110] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 64.966602][ T5110] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 64.974585][ T5110] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 64.982561][ T5110] [pid 5109] exit_group(0) = ? [pid 5110] <... ioctl resumed>) = ? [pid 5110] +++ exited with 0 +++ [pid 5109] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5111 ./strace-static-x86_64: Process 5111 attached [pid 5111] set_robust_list(0x555555a845e0, 24) = 0 [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5111] setpgid(0, 0) = 0 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5111] write(3, "1000", 4) = 4 [pid 5111] close(3) = 0 [pid 5111] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5111] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5111] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5111] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5112 attached , parent_tid=[5112], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5112 [pid 5111] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5111] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5112] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5112] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5112] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 65.127826][ T5110] block nbd0: shutting down sockets [pid 5111] <... futex resumed>) = 0 [pid 5111] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5111] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5112] fcntl(3, F_DUPFD, 3) = 4 [pid 5112] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5111] <... futex resumed>) = 0 [pid 5111] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5111] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5112] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5112] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5111] <... futex resumed>) = 0 [pid 5112] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5111] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5112] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5111] <... futex resumed>) = 0 [pid 5112] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5111] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5112] <... socketpair resumed>[5, 6]) = 0 [pid 5112] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5111] <... futex resumed>) = 0 [pid 5111] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5111] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5112] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5112] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5111] <... futex resumed>) = 0 [pid 5112] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5111] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5112] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5111] <... futex resumed>) = 0 [pid 5112] ioctl(3, NBD_SET_SOCK, 5 [pid 5111] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5111] futex(0x7fab4e63a4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5111] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e522000 [pid 5111] mprotect(0x7fab4e523000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5111] clone(child_stack=0x7fab4e5423f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5113], tls=0x7fab4e542700, child_tidptr=0x7fab4e5429d0) = 5113 [pid 5111] futex(0x7fab4e63a4d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5111] futex(0x7fab4e63a4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5113 attached [pid 5113] set_robust_list(0x7fab4e5429e0, 24) = 0 [pid 5113] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5113] write(7, "16", 2) = 2 [pid 5113] ioctl(3, NBD_DO_IT [pid 5112] <... ioctl resumed>) = 0 [pid 5112] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 65.275324][ T5113] FAULT_INJECTION: forcing a failure. [ 65.275324][ T5113] name failslab, interval 1, probability 0, space 0, times 0 [ 65.288149][ T5113] CPU: 0 PID: 5113 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 65.298227][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 65.308274][ T5113] Call Trace: [ 65.311562][ T5113] [ 65.314495][ T5113] dump_stack_lvl+0x1e3/0x2d0 [ 65.319170][ T5113] ? nf_tcp_handle_invalid+0x630/0x630 [ 65.324635][ T5113] ? panic+0x770/0x770 [ 65.328711][ T5113] ? __might_sleep+0xc0/0xc0 [ 65.333331][ T5113] should_fail_ex+0x3aa/0x4e0 [ 65.338025][ T5113] ? __d_alloc+0x31/0x700 [ 65.342395][ T5113] should_failslab+0x5/0x20 [ 65.346919][ T5113] kmem_cache_alloc_lru+0x75/0x320 [ 65.352116][ T5113] ? mark_lock+0x9a/0x350 [ 65.356452][ T5113] __d_alloc+0x31/0x700 [ 65.360644][ T5113] d_alloc_parallel+0xcb/0x12c0 [ 65.365509][ T5113] ? lockdep_init_map_type+0x9d/0x8d0 [ 65.370877][ T5113] ? lockdep_softirqs_off+0x420/0x420 [ 65.376260][ T5113] ? d_hash_and_lookup+0x1c0/0x1c0 [ 65.381387][ T5113] ? __init_waitqueue_head+0xa6/0x140 [ 65.386754][ T5113] __lookup_slow+0x112/0x3e0 [ 65.391338][ T5113] ? lookup_one_len+0x690/0x690 [ 65.396390][ T5113] lookup_one_len+0x430/0x690 [ 65.401085][ T5113] ? try_lookup_one_len+0x670/0x670 [ 65.406380][ T5113] ? mntput+0x60/0xb0 [ 65.410379][ T5113] start_creating+0x183/0x330 [ 65.415076][ T5113] __debugfs_create_file+0x74/0x500 [ 65.420281][ T5113] nbd_start_device+0x44a/0xb70 [ 65.425239][ T5113] nbd_start_device_ioctl+0xa7/0x5c0 [ 65.430520][ T5113] ? nbd_ioctl+0xd7/0x5b0 [ 65.434850][ T5113] ? nbd_set_size+0x490/0x490 [ 65.439518][ T5113] ? safesetid_security_capable+0xab/0x1b0 [ 65.445320][ T5113] ? bpf_lsm_capable+0x5/0x10 [ 65.449998][ T5113] nbd_ioctl+0x28c/0x5b0 [ 65.454232][ T5113] ? nbd_release+0x130/0x130 [ 65.458819][ T5113] blkdev_ioctl+0x3c9/0x7c0 [ 65.463317][ T5113] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 65.468777][ T5113] ? bpf_lsm_file_ioctl+0x5/0x10 [ 65.473721][ T5113] ? security_file_ioctl+0x9d/0xb0 [ 65.478827][ T5113] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 65.484378][ T5113] __se_sys_ioctl+0xfb/0x170 [ 65.488975][ T5113] do_syscall_64+0x2b/0x70 [ 65.493382][ T5113] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 65.499361][ T5113] RIP: 0033:0x7fab4e5b6259 [ 65.503778][ T5113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5112] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5111] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 65.523494][ T5113] RSP: 002b:00007fab4e5422e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 65.531948][ T5113] RAX: ffffffffffffffda RBX: 00007fab4e63a4d0 RCX: 00007fab4e5b6259 [ 65.539936][ T5113] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 65.547917][ T5113] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 65.555893][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4dc [ 65.563867][ T5113] R13: 00007fab4e5422f0 R14: 00007fab4e63a4d8 R15: 0000000000000002 [ 65.571861][ T5113] [pid 5111] exit_group(0 [pid 5112] <... futex resumed>) = ? [pid 5111] <... exit_group resumed>) = ? [pid 5112] +++ exited with 0 +++ [pid 5113] <... ioctl resumed>) = ? [pid 5113] +++ exited with 0 +++ [pid 5111] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5114 ./strace-static-x86_64: Process 5114 attached [pid 5114] set_robust_list(0x555555a845e0, 24) = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] setpgid(0, 0) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5114] write(3, "1000", 4) = 4 [pid 5114] close(3) = 0 [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5114] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5114] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5115], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5115 [pid 5114] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5115 attached [pid 5115] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5115] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5115] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5114] <... futex resumed>) = 0 [pid 5114] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5115] <... futex resumed>) = 1 [pid 5115] fcntl(3, F_DUPFD, 3) = 4 [pid 5115] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5114] <... futex resumed>) = 0 [pid 5114] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5115] <... futex resumed>) = 1 [pid 5115] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5115] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5114] <... futex resumed>) = 0 [pid 5114] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5115] <... futex resumed>) = 1 [pid 5115] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5115] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5114] <... futex resumed>) = 0 [pid 5114] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5115] <... futex resumed>) = 1 [ 65.713375][ T5113] block nbd0: shutting down sockets [pid 5115] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5115] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5114] <... futex resumed>) = 0 [pid 5114] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5115] <... futex resumed>) = 1 [pid 5115] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5115] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5114] <... futex resumed>) = 0 [pid 5115] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5114] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5115] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5114] <... futex resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5114] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5115] <... openat resumed>) = 7 [pid 5115] write(7, "16", 2) = 2 [pid 5115] ioctl(3, NBD_DO_IT [pid 5114] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 65.806404][ T5115] FAULT_INJECTION: forcing a failure. [ 65.806404][ T5115] name failslab, interval 1, probability 0, space 0, times 0 [ 65.819573][ T5115] CPU: 0 PID: 5115 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 65.829682][ T5115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 65.839835][ T5115] Call Trace: [ 65.843112][ T5115] [ 65.846046][ T5115] dump_stack_lvl+0x1e3/0x2d0 [ 65.850900][ T5115] ? nf_tcp_handle_invalid+0x630/0x630 [ 65.856369][ T5115] ? panic+0x770/0x770 [ 65.860473][ T5115] ? __might_sleep+0xc0/0xc0 [ 65.865257][ T5115] should_fail_ex+0x3aa/0x4e0 [ 65.869929][ T5115] ? new_inode_pseudo+0x81/0x1d0 [ 65.874879][ T5115] should_failslab+0x5/0x20 [ 65.879405][ T5115] kmem_cache_alloc_lru+0x75/0x320 [ 65.884549][ T5115] ? try_lookup_one_len+0x670/0x670 [ 65.889779][ T5115] new_inode_pseudo+0x81/0x1d0 [ 65.894564][ T5115] new_inode+0x25/0x1d0 [ 65.898736][ T5115] ? start_creating+0x22a/0x330 [ 65.904379][ T5115] __debugfs_create_file+0x146/0x500 [ 65.909681][ T5115] nbd_start_device+0x42c/0xb70 [ 65.915338][ T5115] nbd_start_device_ioctl+0xa7/0x5c0 [ 65.920641][ T5115] ? nbd_ioctl+0xd7/0x5b0 [ 65.924974][ T5115] ? nbd_set_size+0x490/0x490 [ 65.929652][ T5115] ? safesetid_security_capable+0xab/0x1b0 [ 65.935466][ T5115] ? bpf_lsm_capable+0x5/0x10 [ 65.940152][ T5115] nbd_ioctl+0x28c/0x5b0 [ 65.944392][ T5115] ? nbd_release+0x130/0x130 [ 65.948983][ T5115] blkdev_ioctl+0x3c9/0x7c0 [ 65.953485][ T5115] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 65.958946][ T5115] ? bpf_lsm_file_ioctl+0x5/0x10 [ 65.963969][ T5115] ? security_file_ioctl+0x9d/0xb0 [ 65.969077][ T5115] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 65.974529][ T5115] __se_sys_ioctl+0xfb/0x170 [ 65.979119][ T5115] do_syscall_64+0x2b/0x70 [ 65.983529][ T5115] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 65.989422][ T5115] RIP: 0033:0x7fab4e5b6259 [ 65.993834][ T5115] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 66.013442][ T5115] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 66.021854][ T5115] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 66.029821][ T5115] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 66.037786][ T5115] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 66.045751][ T5115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 66.053719][ T5115] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 66.061699][ T5115] [ 66.067363][ T5115] debugfs: out of free dentries, can not create file 'timeout' [pid 5114] exit_group(0) = ? [pid 5115] <... ioctl resumed>) = ? [pid 5115] +++ exited with 0 +++ [pid 5114] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5116 attached , child_tidptr=0x555555a845d0) = 5116 [pid 5116] set_robust_list(0x555555a845e0, 24) = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5116] setpgid(0, 0) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5116] write(3, "1000", 4) = 4 [pid 5116] close(3) = 0 [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5116] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5116] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5116] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5117 attached , parent_tid=[5117], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5117 [pid 5116] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5117] set_robust_list(0x7fab4e5639e0, 24 [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... set_robust_list resumed>) = 0 [ 66.136255][ T5115] block nbd0: shutting down sockets [pid 5117] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5117] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5116] <... futex resumed>) = 0 [pid 5117] fcntl(3, F_DUPFD, 3 [pid 5116] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... fcntl resumed>) = 4 [pid 5116] <... futex resumed>) = 0 [pid 5117] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... futex resumed>) = 0 [pid 5116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5117] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5116] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... ioctl resumed>) = 0 [pid 5116] <... futex resumed>) = 0 [pid 5117] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... futex resumed>) = 0 [pid 5116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5117] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5116] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5117] <... socketpair resumed>[5, 6]) = 0 [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5116] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] ioctl(3, NBD_SET_SOCK, 5 [pid 5116] <... futex resumed>) = 0 [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... ioctl resumed>) = 0 [pid 5117] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5116] <... futex resumed>) = 0 [pid 5117] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5116] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5116] <... futex resumed>) = 0 [pid 5117] ioctl(3, NBD_SET_SOCK, 5 [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... ioctl resumed>) = 0 [pid 5117] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5116] <... futex resumed>) = 0 [pid 5117] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5116] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5117] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5116] <... futex resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5116] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5117] <... openat resumed>) = 7 [pid 5117] write(7, "16", 2) = 2 [ 66.248453][ T5117] FAULT_INJECTION: forcing a failure. [ 66.248453][ T5117] name failslab, interval 1, probability 0, space 0, times 0 [ 66.261197][ T5117] CPU: 0 PID: 5117 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 66.271290][ T5117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 66.281367][ T5117] Call Trace: [ 66.284652][ T5117] [ 66.287578][ T5117] dump_stack_lvl+0x1e3/0x2d0 [ 66.292253][ T5117] ? nf_tcp_handle_invalid+0x630/0x630 [ 66.297706][ T5117] ? panic+0x770/0x770 [ 66.301775][ T5117] ? __might_sleep+0xc0/0xc0 [ 66.306360][ T5117] ? lockdep_init_map_type+0x9d/0x8d0 [ 66.311744][ T5117] should_fail_ex+0x3aa/0x4e0 [ 66.316430][ T5117] ? security_inode_alloc+0x24/0x130 [ 66.321742][ T5117] should_failslab+0x5/0x20 [ 66.326372][ T5117] kmem_cache_alloc+0x69/0x350 [ 66.331181][ T5117] security_inode_alloc+0x24/0x130 [ 66.336339][ T5117] inode_init_always+0x887/0xb80 [ 66.341300][ T5117] new_inode_pseudo+0x94/0x1d0 [ 66.346069][ T5117] new_inode+0x25/0x1d0 [ 66.350222][ T5117] ? start_creating+0x22a/0x330 [ 66.355074][ T5117] __debugfs_create_file+0x146/0x500 [ 66.360363][ T5117] nbd_start_device+0x42c/0xb70 [ 66.365224][ T5117] nbd_start_device_ioctl+0xa7/0x5c0 [ 66.370505][ T5117] ? nbd_ioctl+0xd7/0x5b0 [ 66.374830][ T5117] ? nbd_set_size+0x490/0x490 [ 66.379503][ T5117] ? safesetid_security_capable+0xab/0x1b0 [ 66.385312][ T5117] ? bpf_lsm_capable+0x5/0x10 [ 66.389998][ T5117] nbd_ioctl+0x28c/0x5b0 [ 66.394237][ T5117] ? nbd_release+0x130/0x130 [ 66.398826][ T5117] blkdev_ioctl+0x3c9/0x7c0 [ 66.403329][ T5117] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 66.409575][ T5117] ? bpf_lsm_file_ioctl+0x5/0x10 [ 66.415308][ T5117] ? security_file_ioctl+0x9d/0xb0 [ 66.420422][ T5117] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 66.425878][ T5117] __se_sys_ioctl+0xfb/0x170 [ 66.430470][ T5117] do_syscall_64+0x2b/0x70 [ 66.434883][ T5117] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 66.440773][ T5117] RIP: 0033:0x7fab4e5b6259 [ 66.445184][ T5117] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 66.464786][ T5117] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 66.473219][ T5117] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 66.481210][ T5117] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 66.489180][ T5117] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5117] ioctl(3, NBD_DO_IT [pid 5116] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 66.497148][ T5117] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 66.505114][ T5117] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 66.513367][ T5117] [ 66.516850][ T5117] debugfs: out of free dentries, can not create file 'timeout' [pid 5116] exit_group(0) = ? [pid 5117] <... ioctl resumed>) = ? [pid 5117] +++ exited with 0 +++ [pid 5116] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5118 ./strace-static-x86_64: Process 5118 attached [pid 5118] set_robust_list(0x555555a845e0, 24) = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5118] setpgid(0, 0) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5118] write(3, "1000", 4) = 4 [pid 5118] close(3) = 0 [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5118] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5118] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5118] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5119 attached , parent_tid=[5119], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5119 [pid 5119] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5119] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5118] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5119] <... futex resumed>) = 0 [pid 5119] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5119] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5119] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5118] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5119] <... futex resumed>) = 0 [pid 5119] fcntl(3, F_DUPFD, 3) = 4 [pid 5119] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5119] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5118] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5119] <... futex resumed>) = 0 [pid 5119] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5119] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5119] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5118] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5119] <... futex resumed>) = 0 [pid 5119] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5119] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5119] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5118] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5119] <... futex resumed>) = 0 [pid 5118] <... futex resumed>) = 1 [pid 5119] ioctl(3, NBD_SET_SOCK, 5 [ 66.691131][ T5117] block nbd0: shutting down sockets [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5119] <... ioctl resumed>) = 0 [pid 5119] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5118] <... futex resumed>) = 0 [pid 5119] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5118] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5119] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5119] ioctl(3, NBD_SET_SOCK, 5 [pid 5118] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5118] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5118] futex(0x7fab4e63a4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5118] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e522000 [pid 5118] mprotect(0x7fab4e523000, 131072, PROT_READ|PROT_WRITE [pid 5119] <... ioctl resumed>) = 0 [pid 5118] <... mprotect resumed>) = 0 [pid 5119] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5118] clone(child_stack=0x7fab4e5423f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5119] <... futex resumed>) = 0 [pid 5119] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5118] <... clone resumed>, parent_tid=[5120], tls=0x7fab4e542700, child_tidptr=0x7fab4e5429d0) = 5120 [pid 5118] futex(0x7fab4e63a4d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5118] futex(0x7fab4e63a4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5120 attached [pid 5120] set_robust_list(0x7fab4e5429e0, 24) = 0 [pid 5120] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5120] write(7, "16", 2) = 2 [ 66.824595][ T5120] FAULT_INJECTION: forcing a failure. [ 66.824595][ T5120] name failslab, interval 1, probability 0, space 0, times 0 [ 66.837551][ T5120] CPU: 0 PID: 5120 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 66.847631][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 66.858722][ T5120] Call Trace: [ 66.862003][ T5120] [ 66.864926][ T5120] dump_stack_lvl+0x1e3/0x2d0 [ 66.869594][ T5120] ? nf_tcp_handle_invalid+0x630/0x630 [ 66.875041][ T5120] ? panic+0x770/0x770 [ 66.879101][ T5120] ? __might_sleep+0xc0/0xc0 [ 66.883680][ T5120] ? lockdep_init_map_type+0x9d/0x8d0 [ 66.889061][ T5120] should_fail_ex+0x3aa/0x4e0 [ 66.893726][ T5120] ? security_inode_alloc+0x24/0x130 [ 66.899018][ T5120] should_failslab+0x5/0x20 [ 66.903528][ T5120] kmem_cache_alloc+0x69/0x350 [ 66.908316][ T5120] security_inode_alloc+0x24/0x130 [ 66.913427][ T5120] inode_init_always+0x887/0xb80 [ 66.918374][ T5120] new_inode_pseudo+0x94/0x1d0 [ 66.923146][ T5120] new_inode+0x25/0x1d0 [ 66.927319][ T5120] ? start_creating+0x22a/0x330 [ 66.932203][ T5120] __debugfs_create_file+0x146/0x500 [ 66.937522][ T5120] nbd_start_device+0x42c/0xb70 [ 66.942386][ T5120] nbd_start_device_ioctl+0xa7/0x5c0 [ 66.947675][ T5120] ? nbd_ioctl+0xd7/0x5b0 [ 66.952000][ T5120] ? print_irqtrace_events+0x220/0x220 [ 66.957632][ T5120] ? nbd_set_size+0x490/0x490 [ 66.962321][ T5120] ? safesetid_security_capable+0xab/0x1b0 [ 66.968129][ T5120] ? bpf_lsm_capable+0x5/0x10 [ 66.972812][ T5120] nbd_ioctl+0x28c/0x5b0 [ 66.977050][ T5120] ? nbd_release+0x130/0x130 [ 66.981644][ T5120] blkdev_ioctl+0x3c9/0x7c0 [ 66.986157][ T5120] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 66.991626][ T5120] ? bpf_lsm_file_ioctl+0x5/0x10 [ 66.996563][ T5120] ? security_file_ioctl+0x9d/0xb0 [ 67.001673][ T5120] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 67.008087][ T5120] __se_sys_ioctl+0xfb/0x170 [ 67.012677][ T5120] do_syscall_64+0x2b/0x70 [ 67.017089][ T5120] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 67.022983][ T5120] RIP: 0033:0x7fab4e5b6259 [ 67.027403][ T5120] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 67.047007][ T5120] RSP: 002b:00007fab4e5422e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 67.055424][ T5120] RAX: ffffffffffffffda RBX: 00007fab4e63a4d0 RCX: 00007fab4e5b6259 [ 67.063617][ T5120] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [pid 5120] ioctl(3, NBD_DO_IT [pid 5118] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 67.071586][ T5120] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 67.079552][ T5120] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4dc [ 67.087518][ T5120] R13: 00007fab4e5422f0 R14: 00007fab4e63a4d8 R15: 0000000000000002 [ 67.095498][ T5120] [ 67.099275][ T5120] debugfs: out of free dentries, can not create file 'timeout' [pid 5118] exit_group(0 [pid 5119] <... futex resumed>) = ? [pid 5118] <... exit_group resumed>) = ? [pid 5119] +++ exited with 0 +++ [pid 5120] <... ioctl resumed>) = ? [pid 5120] +++ exited with 0 +++ [pid 5118] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5121 ./strace-static-x86_64: Process 5121 attached [pid 5121] set_robust_list(0x555555a845e0, 24) = 0 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5121] setpgid(0, 0) = 0 [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5121] write(3, "1000", 4) = 4 [pid 5121] close(3) = 0 [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5121] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [ 67.235025][ T5120] block nbd0: shutting down sockets [pid 5121] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5121] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5122 attached [pid 5122] set_robust_list(0x7fab4e5639e0, 24 [pid 5121] <... clone resumed>, parent_tid=[5122], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5122 [pid 5122] <... set_robust_list resumed>) = 0 [pid 5121] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5122] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 5121] <... futex resumed>) = 0 [pid 5122] <... openat resumed>) = 3 [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5122] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5121] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5122] <... futex resumed>) = 0 [pid 5121] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5122] fcntl(3, F_DUPFD, 3 [pid 5121] <... futex resumed>) = 0 [pid 5122] <... fcntl resumed>) = 4 [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5122] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5121] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5122] <... futex resumed>) = 0 [pid 5121] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5122] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5121] <... futex resumed>) = 0 [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5122] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5121] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5122] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5121] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5122] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5121] <... futex resumed>) = 0 [pid 5122] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5122] <... socketpair resumed>[5, 6]) = 0 [pid 5122] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5121] <... futex resumed>) = 0 [pid 5122] ioctl(3, NBD_SET_SOCK, 5 [pid 5121] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5122] <... ioctl resumed>) = 0 [pid 5122] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5121] <... futex resumed>) = 0 [pid 5122] <... futex resumed>) = 1 [pid 5121] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5122] ioctl(3, NBD_SET_SOCK, 5 [pid 5121] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5121] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5121] futex(0x7fab4e63a4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5121] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e522000 [pid 5121] mprotect(0x7fab4e523000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5121] clone(child_stack=0x7fab4e5423f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5123 attached [pid 5123] set_robust_list(0x7fab4e5429e0, 24 [pid 5121] <... clone resumed>, parent_tid=[5123], tls=0x7fab4e542700, child_tidptr=0x7fab4e5429d0) = 5123 [pid 5123] <... set_robust_list resumed>) = 0 [pid 5121] futex(0x7fab4e63a4d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5123] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5121] <... futex resumed>) = 0 [pid 5121] futex(0x7fab4e63a4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5123] <... openat resumed>) = 7 [pid 5123] write(7, "16", 2) = 2 [pid 5123] ioctl(3, NBD_DO_IT [pid 5122] <... ioctl resumed>) = 0 [pid 5122] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5122] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5121] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5121] exit_group(0 [pid 5122] <... futex resumed>) = ? [pid 5122] +++ exited with 0 +++ [pid 5121] <... exit_group resumed>) = ? [pid 5123] <... ioctl resumed>) = ? [pid 5123] +++ exited with 0 +++ [pid 5121] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5124 ./strace-static-x86_64: Process 5124 attached [pid 5124] set_robust_list(0x555555a845e0, 24) = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5124] setpgid(0, 0) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5124] write(3, "1000", 4) = 4 [pid 5124] close(3) = 0 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 67.563579][ T5123] block nbd0: shutting down sockets [pid 5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5124] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5124] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5125], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5125 [pid 5124] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5125 attached [pid 5125] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5125] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5125] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... futex resumed>) = 0 [pid 5124] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] <... futex resumed>) = 1 [pid 5125] fcntl(3, F_DUPFD, 3) = 4 [pid 5125] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... futex resumed>) = 0 [pid 5124] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] <... futex resumed>) = 1 [pid 5125] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5125] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... futex resumed>) = 0 [pid 5124] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] <... futex resumed>) = 1 [pid 5125] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5125] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... futex resumed>) = 0 [pid 5125] <... futex resumed>) = 1 [pid 5124] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5125] ioctl(3, NBD_SET_SOCK, 5 [pid 5124] <... futex resumed>) = 0 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] <... ioctl resumed>) = 0 [pid 5125] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5124] <... futex resumed>) = 0 [pid 5125] ioctl(3, NBD_SET_SOCK, 5 [pid 5124] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] <... ioctl resumed>) = 0 [pid 5125] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5125] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5124] <... futex resumed>) = 0 [pid 5124] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5125] <... futex resumed>) = 0 [pid 5124] <... futex resumed>) = 1 [pid 5125] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5124] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5125] write(7, "16", 2) = 2 [pid 5125] ioctl(3, NBD_DO_IT [pid 5124] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 67.707590][ T5125] FAULT_INJECTION: forcing a failure. [ 67.707590][ T5125] name failslab, interval 1, probability 0, space 0, times 0 [ 67.720294][ T5125] CPU: 1 PID: 5125 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 67.730353][ T5125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 67.740409][ T5125] Call Trace: [ 67.743704][ T5125] [ 67.746639][ T5125] dump_stack_lvl+0x1e3/0x2d0 [ 67.751320][ T5125] ? nf_tcp_handle_invalid+0x630/0x630 [ 67.756778][ T5125] ? panic+0x770/0x770 [ 67.760870][ T5125] ? __might_sleep+0xc0/0xc0 [ 67.765507][ T5125] should_fail_ex+0x3aa/0x4e0 [ 67.770217][ T5125] ? __d_alloc+0x31/0x700 [ 67.774569][ T5125] should_failslab+0x5/0x20 [ 67.779078][ T5125] kmem_cache_alloc_lru+0x75/0x320 [ 67.784187][ T5125] ? mark_lock+0x9a/0x350 [ 67.788524][ T5125] __d_alloc+0x31/0x700 [ 67.792711][ T5125] d_alloc_parallel+0xcb/0x12c0 [ 67.797583][ T5125] ? lockdep_init_map_type+0x9d/0x8d0 [ 67.802985][ T5125] ? lockdep_softirqs_off+0x420/0x420 [ 67.808387][ T5125] ? d_hash_and_lookup+0x1c0/0x1c0 [ 67.813521][ T5125] ? __init_waitqueue_head+0xa6/0x140 [ 67.818897][ T5125] __lookup_slow+0x112/0x3e0 [ 67.823494][ T5125] ? lookup_one_len+0x690/0x690 [ 67.828363][ T5125] lookup_one_len+0x430/0x690 [ 67.833046][ T5125] ? try_lookup_one_len+0x670/0x670 [ 67.838247][ T5125] ? mntput+0x60/0xb0 [ 67.842235][ T5125] start_creating+0x183/0x330 [ 67.846911][ T5125] __debugfs_create_file+0x74/0x500 [ 67.852114][ T5125] nbd_start_device+0x42c/0xb70 [ 67.857088][ T5125] nbd_start_device_ioctl+0xa7/0x5c0 [ 67.862398][ T5125] ? nbd_ioctl+0xd7/0x5b0 [ 67.866828][ T5125] ? nbd_set_size+0x490/0x490 [ 67.871507][ T5125] ? safesetid_security_capable+0xab/0x1b0 [ 67.877318][ T5125] ? bpf_lsm_capable+0x5/0x10 [ 67.882001][ T5125] nbd_ioctl+0x28c/0x5b0 [ 67.886240][ T5125] ? nbd_release+0x130/0x130 [ 67.890848][ T5125] blkdev_ioctl+0x3c9/0x7c0 [ 67.895367][ T5125] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 67.900832][ T5125] ? bpf_lsm_file_ioctl+0x5/0x10 [ 67.905770][ T5125] ? security_file_ioctl+0x9d/0xb0 [ 67.910881][ T5125] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 67.916341][ T5125] __se_sys_ioctl+0xfb/0x170 [ 67.920931][ T5125] do_syscall_64+0x2b/0x70 [ 67.925429][ T5125] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 67.931323][ T5125] RIP: 0033:0x7fab4e5b6259 [ 67.935735][ T5125] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 67.955341][ T5125] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 67.963755][ T5125] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 67.971720][ T5125] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 67.979687][ T5125] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 67.987655][ T5125] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 67.995623][ T5125] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 68.003604][ T5125] [pid 5124] exit_group(0) = ? [pid 5125] <... ioctl resumed>) = ? [pid 5125] +++ exited with 0 +++ [pid 5124] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5126 attached , child_tidptr=0x555555a845d0) = 5126 [pid 5126] set_robust_list(0x555555a845e0, 24) = 0 [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5126] setpgid(0, 0) = 0 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5126] write(3, "1000", 4) = 4 [pid 5126] close(3) = 0 [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5126] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5126] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5126] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5127], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5127 [pid 5126] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5127 attached [pid 5127] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5127] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5127] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5126] <... futex resumed>) = 0 [pid 5126] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5127] <... futex resumed>) = 1 [pid 5127] fcntl(3, F_DUPFD, 3) = 4 [pid 5127] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5126] <... futex resumed>) = 0 [pid 5126] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5127] <... futex resumed>) = 1 [pid 5127] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5127] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5126] <... futex resumed>) = 0 [pid 5126] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5127] <... futex resumed>) = 1 [pid 5127] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5127] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5126] <... futex resumed>) = 0 [pid 5126] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5127] <... futex resumed>) = 1 [ 68.161839][ T5125] block nbd0: shutting down sockets [pid 5127] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5127] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5126] <... futex resumed>) = 0 [pid 5126] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5127] <... futex resumed>) = 1 [pid 5126] <... futex resumed>) = 0 [pid 5127] ioctl(3, NBD_SET_SOCK, 5 [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5127] <... ioctl resumed>) = 0 [pid 5127] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5126] <... futex resumed>) = 0 [pid 5127] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5126] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5127] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5126] <... futex resumed>) = 0 [pid 5127] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5126] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5127] <... openat resumed>) = 7 [pid 5127] write(7, "16", 2) = 2 [ 68.277023][ T5127] FAULT_INJECTION: forcing a failure. [ 68.277023][ T5127] name failslab, interval 1, probability 0, space 0, times 0 [ 68.289711][ T5127] CPU: 1 PID: 5127 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 68.299771][ T5127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 68.309828][ T5127] Call Trace: [ 68.313195][ T5127] [ 68.316125][ T5127] dump_stack_lvl+0x1e3/0x2d0 [ 68.320825][ T5127] ? nf_tcp_handle_invalid+0x630/0x630 [ 68.326306][ T5127] ? panic+0x770/0x770 [ 68.330397][ T5127] ? __might_sleep+0xc0/0xc0 [ 68.335005][ T5127] should_fail_ex+0x3aa/0x4e0 [ 68.339697][ T5127] ? new_inode_pseudo+0x81/0x1d0 [ 68.344628][ T5127] should_failslab+0x5/0x20 [ 68.349138][ T5127] kmem_cache_alloc_lru+0x75/0x320 [ 68.354260][ T5127] ? try_lookup_one_len+0x670/0x670 [ 68.359457][ T5127] new_inode_pseudo+0x81/0x1d0 [ 68.364224][ T5127] new_inode+0x25/0x1d0 [ 68.368393][ T5127] ? start_creating+0x22a/0x330 [ 68.373253][ T5127] __debugfs_create_file+0x146/0x500 [ 68.378553][ T5127] nbd_start_device+0x42c/0xb70 [ 68.383429][ T5127] nbd_start_device_ioctl+0xa7/0x5c0 [ 68.388714][ T5127] ? nbd_ioctl+0xd7/0x5b0 [ 68.393050][ T5127] ? nbd_set_size+0x490/0x490 [ 68.397725][ T5127] ? safesetid_security_capable+0xab/0x1b0 [ 68.403557][ T5127] ? bpf_lsm_capable+0x5/0x10 [ 68.408256][ T5127] nbd_ioctl+0x28c/0x5b0 [ 68.412497][ T5127] ? nbd_release+0x130/0x130 [ 68.417085][ T5127] blkdev_ioctl+0x3c9/0x7c0 [ 68.421616][ T5127] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 68.427109][ T5127] ? bpf_lsm_file_ioctl+0x5/0x10 [ 68.432058][ T5127] ? security_file_ioctl+0x9d/0xb0 [ 68.437168][ T5127] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 68.442636][ T5127] __se_sys_ioctl+0xfb/0x170 [ 68.447243][ T5127] do_syscall_64+0x2b/0x70 [ 68.451654][ T5127] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 68.457543][ T5127] RIP: 0033:0x7fab4e5b6259 [ 68.461962][ T5127] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 68.481597][ T5127] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 68.491166][ T5127] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 68.499148][ T5127] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 68.507119][ T5127] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 68.515094][ T5127] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [pid 5127] ioctl(3, NBD_DO_IT [pid 5126] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 68.523074][ T5127] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 68.531066][ T5127] [ 68.534384][ T5127] debugfs: out of free dentries, can not create file 'timeout' [pid 5126] exit_group(0) = ? [pid 5127] <... ioctl resumed>) = ? [pid 5127] +++ exited with 0 +++ [pid 5126] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5128 ./strace-static-x86_64: Process 5128 attached [pid 5128] set_robust_list(0x555555a845e0, 24) = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5128] setpgid(0, 0) = 0 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5128] write(3, "1000", 4) = 4 [pid 5128] close(3) = 0 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5128] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5128] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5128] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5129 attached , parent_tid=[5129], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5129 [pid 5129] set_robust_list(0x7fab4e5639e0, 24 [pid 5128] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... set_robust_list resumed>) = 0 [pid 5128] <... futex resumed>) = 0 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 68.686356][ T5127] block nbd0: shutting down sockets [pid 5129] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5129] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] <... futex resumed>) = 0 [pid 5129] <... futex resumed>) = 1 [pid 5128] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] fcntl(3, F_DUPFD, 3 [pid 5128] <... futex resumed>) = 0 [pid 5129] <... fcntl resumed>) = 4 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5129] <... futex resumed>) = 0 [pid 5129] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5128] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... ioctl resumed>) = 0 [pid 5129] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5128] <... futex resumed>) = 0 [pid 5129] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5128] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... socketpair resumed>[5, 6]) = 0 [pid 5129] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5128] <... futex resumed>) = 0 [pid 5129] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5128] <... futex resumed>) = 0 [pid 5129] ioctl(3, NBD_SET_SOCK, 5 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... ioctl resumed>) = 0 [pid 5129] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5128] <... futex resumed>) = 0 [pid 5129] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5128] <... futex resumed>) = 0 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5129] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5129] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] <... futex resumed>) = 0 [pid 5128] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = 0 [pid 5128] <... futex resumed>) = 1 [pid 5129] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5128] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] write(7, "16", 2) = 2 [pid 5129] ioctl(3, NBD_DO_IT [pid 5128] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 68.818354][ T5129] FAULT_INJECTION: forcing a failure. [ 68.818354][ T5129] name failslab, interval 1, probability 0, space 0, times 0 [ 68.831111][ T5129] CPU: 0 PID: 5129 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 68.841193][ T5129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 68.851274][ T5129] Call Trace: [ 68.854561][ T5129] [ 68.857490][ T5129] dump_stack_lvl+0x1e3/0x2d0 [ 68.862164][ T5129] ? nf_tcp_handle_invalid+0x630/0x630 [ 68.867619][ T5129] ? panic+0x770/0x770 [ 68.871695][ T5129] ? __might_sleep+0xc0/0xc0 [ 68.876294][ T5129] should_fail_ex+0x3aa/0x4e0 [ 68.881002][ T5129] ? new_inode_pseudo+0x81/0x1d0 [ 68.885962][ T5129] should_failslab+0x5/0x20 [ 68.890487][ T5129] kmem_cache_alloc_lru+0x75/0x320 [ 68.895609][ T5129] ? try_lookup_one_len+0x670/0x670 [ 68.900818][ T5129] new_inode_pseudo+0x81/0x1d0 [ 68.905581][ T5129] new_inode+0x25/0x1d0 [ 68.909726][ T5129] ? start_creating+0x22a/0x330 [ 68.914574][ T5129] __debugfs_create_file+0x146/0x500 [ 68.919860][ T5129] nbd_start_device+0x42c/0xb70 [ 68.924717][ T5129] nbd_start_device_ioctl+0xa7/0x5c0 [ 68.929996][ T5129] ? nbd_ioctl+0xd7/0x5b0 [ 68.934327][ T5129] ? nbd_set_size+0x490/0x490 [ 68.939008][ T5129] ? safesetid_security_capable+0xab/0x1b0 [ 68.944818][ T5129] ? bpf_lsm_capable+0x5/0x10 [ 68.949503][ T5129] nbd_ioctl+0x28c/0x5b0 [ 68.953742][ T5129] ? nbd_release+0x130/0x130 [ 68.958340][ T5129] blkdev_ioctl+0x3c9/0x7c0 [ 68.962844][ T5129] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 68.968310][ T5129] ? bpf_lsm_file_ioctl+0x5/0x10 [ 68.973247][ T5129] ? security_file_ioctl+0x9d/0xb0 [ 68.978360][ T5129] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 68.983815][ T5129] __se_sys_ioctl+0xfb/0x170 [ 68.988403][ T5129] do_syscall_64+0x2b/0x70 [ 68.992816][ T5129] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 68.998721][ T5129] RIP: 0033:0x7fab4e5b6259 [ 69.003135][ T5129] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 69.022735][ T5129] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 69.031498][ T5129] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 69.040257][ T5129] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 69.048252][ T5129] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 69.057087][ T5129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 69.065052][ T5129] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 69.073032][ T5129] [ 69.079609][ T5129] debugfs: out of free dentries, can not create file 'timeout' [pid 5128] exit_group(0) = ? [pid 5129] <... ioctl resumed>) = ? [pid 5129] +++ exited with 0 +++ [pid 5128] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5130 ./strace-static-x86_64: Process 5130 attached [pid 5130] set_robust_list(0x555555a845e0, 24) = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5130] setpgid(0, 0) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5130] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5130] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5131 attached , parent_tid=[5131], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5131 [pid 5130] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] set_robust_list(0x7fab4e5639e0, 24) = 0 [ 69.137263][ T5129] block nbd0: shutting down sockets [pid 5131] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5131] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] fcntl(3, F_DUPFD, 3) = 4 [pid 5131] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] <... futex resumed>) = 1 [pid 5130] <... futex resumed>) = 0 [pid 5131] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] <... ioctl resumed>) = 0 [pid 5131] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5130] <... futex resumed>) = 0 [pid 5131] <... futex resumed>) = 1 [pid 5130] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] <... socketpair resumed>[5, 6]) = 0 [pid 5131] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] <... futex resumed>) = 1 [pid 5130] <... futex resumed>) = 0 [pid 5131] ioctl(3, NBD_SET_SOCK, 5 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] <... ioctl resumed>) = 0 [pid 5131] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] ioctl(3, NBD_SET_SOCK, 5 [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] <... ioctl resumed>) = 0 [pid 5131] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] <... openat resumed>) = 7 [pid 5131] write(7, "16", 2) = 2 [ 69.267234][ T5131] FAULT_INJECTION: forcing a failure. [ 69.267234][ T5131] name failslab, interval 1, probability 0, space 0, times 0 [ 69.280797][ T5131] CPU: 0 PID: 5131 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 69.290892][ T5131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 69.300954][ T5131] Call Trace: [ 69.304254][ T5131] [ 69.307212][ T5131] dump_stack_lvl+0x1e3/0x2d0 [ 69.311889][ T5131] ? nf_tcp_handle_invalid+0x630/0x630 [ 69.317355][ T5131] ? panic+0x770/0x770 [ 69.321420][ T5131] ? __might_sleep+0xc0/0xc0 [ 69.326018][ T5131] ? lockdep_init_map_type+0x9d/0x8d0 [ 69.331775][ T5131] should_fail_ex+0x3aa/0x4e0 [ 69.336461][ T5131] ? security_inode_alloc+0x24/0x130 [ 69.341784][ T5131] should_failslab+0x5/0x20 [ 69.346315][ T5131] kmem_cache_alloc+0x69/0x350 [ 69.351094][ T5131] security_inode_alloc+0x24/0x130 [ 69.356215][ T5131] inode_init_always+0x887/0xb80 [ 69.361173][ T5131] new_inode_pseudo+0x94/0x1d0 [ 69.365959][ T5131] new_inode+0x25/0x1d0 [ 69.370120][ T5131] ? start_creating+0x22a/0x330 [ 69.374975][ T5131] __debugfs_create_file+0x146/0x500 [ 69.380271][ T5131] nbd_start_device+0x42c/0xb70 [ 69.385139][ T5131] nbd_start_device_ioctl+0xa7/0x5c0 [ 69.390417][ T5131] ? nbd_ioctl+0xd7/0x5b0 [ 69.394744][ T5131] ? nbd_set_size+0x490/0x490 [ 69.399420][ T5131] ? safesetid_security_capable+0xab/0x1b0 [ 69.405229][ T5131] ? bpf_lsm_capable+0x5/0x10 [ 69.409914][ T5131] nbd_ioctl+0x28c/0x5b0 [ 69.414152][ T5131] ? nbd_release+0x130/0x130 [ 69.418751][ T5131] blkdev_ioctl+0x3c9/0x7c0 [ 69.423259][ T5131] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 69.428725][ T5131] ? bpf_lsm_file_ioctl+0x5/0x10 [ 69.433666][ T5131] ? security_file_ioctl+0x9d/0xb0 [ 69.438778][ T5131] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 69.444230][ T5131] __se_sys_ioctl+0xfb/0x170 [ 69.448822][ T5131] do_syscall_64+0x2b/0x70 [ 69.453234][ T5131] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 69.459128][ T5131] RIP: 0033:0x7fab4e5b6259 [ 69.463538][ T5131] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 69.483139][ T5131] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 69.491549][ T5131] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 69.499514][ T5131] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 69.507478][ T5131] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5131] ioctl(3, NBD_DO_IT [pid 5130] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 69.515445][ T5131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 69.523427][ T5131] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 69.531764][ T5131] [ 69.535500][ T5131] debugfs: out of free dentries, can not create file 'timeout' [pid 5130] exit_group(0) = ? [pid 5131] <... ioctl resumed>) = ? [pid 5131] +++ exited with 0 +++ [pid 5130] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5132 attached , child_tidptr=0x555555a845d0) = 5132 [pid 5132] set_robust_list(0x555555a845e0, 24) = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5132] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5132] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5133], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5133 [pid 5132] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5133 attached [pid 5133] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5133] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5133] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] <... futex resumed>) = 1 [pid 5133] fcntl(3, F_DUPFD, 3) = 4 [pid 5133] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] <... futex resumed>) = 1 [pid 5133] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5133] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] <... futex resumed>) = 1 [pid 5133] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5133] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] <... futex resumed>) = 1 [ 69.783053][ T5131] block nbd0: shutting down sockets [pid 5133] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5133] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5133] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5132] <... futex resumed>) = 0 [pid 5132] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5133] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5133] write(7, "16", 2) = 2 [ 69.928972][ T5133] FAULT_INJECTION: forcing a failure. [ 69.928972][ T5133] name failslab, interval 1, probability 0, space 0, times 0 [ 69.941652][ T5133] CPU: 0 PID: 5133 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 69.951714][ T5133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 69.961766][ T5133] Call Trace: [ 69.965038][ T5133] [ 69.967961][ T5133] dump_stack_lvl+0x1e3/0x2d0 [ 69.972641][ T5133] ? nf_tcp_handle_invalid+0x630/0x630 [pid 5133] ioctl(3, NBD_DO_IT [pid 5132] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5132] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 69.978108][ T5133] ? panic+0x770/0x770 [ 69.982216][ T5133] ? __might_sleep+0xc0/0xc0 [ 69.986811][ T5133] should_fail_ex+0x3aa/0x4e0 [ 69.991495][ T5133] ? __d_alloc+0x31/0x700 [ 69.995832][ T5133] should_failslab+0x5/0x20 [ 70.000783][ T5133] kmem_cache_alloc_lru+0x75/0x320 [ 70.005912][ T5133] ? mark_lock+0x9a/0x350 [ 70.010243][ T5133] __d_alloc+0x31/0x700 [ 70.014404][ T5133] d_alloc_parallel+0xcb/0x12c0 [ 70.019286][ T5133] ? lockdep_init_map_type+0x9d/0x8d0 [ 70.024679][ T5133] ? lockdep_softirqs_off+0x420/0x420 [ 70.030052][ T5133] ? d_hash_and_lookup+0x1c0/0x1c0 [ 70.035195][ T5133] ? __init_waitqueue_head+0xa6/0x140 [ 70.040598][ T5133] __lookup_slow+0x112/0x3e0 [ 70.045219][ T5133] ? lookup_one_len+0x690/0x690 [ 70.050116][ T5133] lookup_one_len+0x430/0x690 [ 70.054807][ T5133] ? try_lookup_one_len+0x670/0x670 [ 70.060007][ T5133] ? mntput+0x60/0xb0 [ 70.063996][ T5133] start_creating+0x183/0x330 [ 70.068692][ T5133] __debugfs_create_file+0x74/0x500 [ 70.073911][ T5133] nbd_start_device+0x42c/0xb70 [ 70.078775][ T5133] nbd_start_device_ioctl+0xa7/0x5c0 [ 70.084059][ T5133] ? nbd_ioctl+0xd7/0x5b0 [ 70.088402][ T5133] ? nbd_set_size+0x490/0x490 [ 70.093078][ T5133] ? safesetid_security_capable+0xab/0x1b0 [ 70.098889][ T5133] ? bpf_lsm_capable+0x5/0x10 [ 70.103579][ T5133] nbd_ioctl+0x28c/0x5b0 [ 70.107818][ T5133] ? nbd_release+0x130/0x130 [ 70.113200][ T5133] blkdev_ioctl+0x3c9/0x7c0 [ 70.117710][ T5133] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 70.123172][ T5133] ? bpf_lsm_file_ioctl+0x5/0x10 [ 70.128116][ T5133] ? security_file_ioctl+0x9d/0xb0 [ 70.133235][ T5133] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 70.138689][ T5133] __se_sys_ioctl+0xfb/0x170 [ 70.143368][ T5133] do_syscall_64+0x2b/0x70 [ 70.147920][ T5133] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 70.153811][ T5133] RIP: 0033:0x7fab4e5b6259 [ 70.158226][ T5133] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 70.177827][ T5133] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 70.186239][ T5133] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 70.194208][ T5133] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 70.202179][ T5133] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 70.210148][ T5133] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 70.218119][ T5133] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 70.226102][ T5133] [pid 5132] exit_group(0) = ? [pid 5133] <... ioctl resumed>) = ? [pid 5133] +++ exited with 0 +++ [pid 5132] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5134 ./strace-static-x86_64: Process 5134 attached [pid 5134] set_robust_list(0x555555a845e0, 24) = 0 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5134] setpgid(0, 0) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5134] write(3, "1000", 4) = 4 [pid 5134] close(3) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5134] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5134] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5135], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5135 [pid 5134] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5135 attached [pid 5135] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5135] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5135] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5134] <... futex resumed>) = 0 [ 70.307476][ T5133] block nbd0: shutting down sockets [pid 5134] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5135] <... futex resumed>) = 1 [pid 5135] fcntl(3, F_DUPFD, 3) = 4 [pid 5135] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5134] <... futex resumed>) = 0 [pid 5134] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5135] <... futex resumed>) = 1 [pid 5135] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5135] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5134] <... futex resumed>) = 0 [pid 5134] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5135] <... futex resumed>) = 1 [pid 5135] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5135] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5134] <... futex resumed>) = 0 [pid 5134] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5135] <... futex resumed>) = 1 [pid 5135] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5135] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5134] <... futex resumed>) = 0 [pid 5134] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5135] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5135] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5134] <... futex resumed>) = 0 [pid 5134] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5134] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5135] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 5135] write(7, "16", 2) = 2 [ 70.448595][ T5135] FAULT_INJECTION: forcing a failure. [ 70.448595][ T5135] name failslab, interval 1, probability 0, space 0, times 0 [ 70.461328][ T5135] CPU: 0 PID: 5135 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 70.471406][ T5135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 70.481485][ T5135] Call Trace: [ 70.484767][ T5135] [ 70.487700][ T5135] dump_stack_lvl+0x1e3/0x2d0 [ 70.492384][ T5135] ? nf_tcp_handle_invalid+0x630/0x630 [ 70.497868][ T5135] ? panic+0x770/0x770 [ 70.501951][ T5135] ? __might_sleep+0xc0/0xc0 [ 70.506550][ T5135] should_fail_ex+0x3aa/0x4e0 [ 70.511234][ T5135] ? new_inode_pseudo+0x81/0x1d0 [ 70.516192][ T5135] should_failslab+0x5/0x20 [ 70.520711][ T5135] kmem_cache_alloc_lru+0x75/0x320 [ 70.525832][ T5135] ? try_lookup_one_len+0x670/0x670 [ 70.531040][ T5135] new_inode_pseudo+0x81/0x1d0 [ 70.535802][ T5135] new_inode+0x25/0x1d0 [ 70.539955][ T5135] ? start_creating+0x22a/0x330 [ 70.544806][ T5135] __debugfs_create_file+0x146/0x500 [ 70.550091][ T5135] nbd_start_device+0x42c/0xb70 [ 70.554956][ T5135] nbd_start_device_ioctl+0xa7/0x5c0 [ 70.560237][ T5135] ? nbd_ioctl+0xd7/0x5b0 [ 70.564564][ T5135] ? nbd_set_size+0x490/0x490 [ 70.569241][ T5135] ? safesetid_security_capable+0xab/0x1b0 [ 70.575915][ T5135] ? bpf_lsm_capable+0x5/0x10 [ 70.580596][ T5135] nbd_ioctl+0x28c/0x5b0 [ 70.584837][ T5135] ? nbd_release+0x130/0x130 [ 70.589432][ T5135] blkdev_ioctl+0x3c9/0x7c0 [ 70.593937][ T5135] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 70.599399][ T5135] ? bpf_lsm_file_ioctl+0x5/0x10 [ 70.604343][ T5135] ? security_file_ioctl+0x9d/0xb0 [ 70.609546][ T5135] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 70.615004][ T5135] __se_sys_ioctl+0xfb/0x170 [ 70.619598][ T5135] do_syscall_64+0x2b/0x70 [ 70.624014][ T5135] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 70.631044][ T5135] RIP: 0033:0x7fab4e5b6259 [ 70.635454][ T5135] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 70.655055][ T5135] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 70.663465][ T5135] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 70.671456][ T5135] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 70.679443][ T5135] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 70.687416][ T5135] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [pid 5135] ioctl(3, NBD_DO_IT [pid 5134] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 70.695384][ T5135] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 70.703367][ T5135] [ 70.707810][ T5135] debugfs: out of free dentries, can not create file 'timeout' [pid 5134] exit_group(0) = ? [pid 5135] <... ioctl resumed>) = ? [pid 5135] +++ exited with 0 +++ [pid 5134] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5136 ./strace-static-x86_64: Process 5136 attached [pid 5136] set_robust_list(0x555555a845e0, 24) = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5136] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5136] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5137], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5137 [pid 5136] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5137 attached [pid 5137] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5137] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5137] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] <... futex resumed>) = 0 [pid 5136] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... futex resumed>) = 1 [pid 5137] fcntl(3, F_DUPFD, 3) = 4 [pid 5137] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] <... futex resumed>) = 0 [pid 5136] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 70.935595][ T5135] block nbd0: shutting down sockets [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... futex resumed>) = 1 [pid 5137] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5137] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] <... futex resumed>) = 0 [pid 5136] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... futex resumed>) = 1 [pid 5137] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5137] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] <... futex resumed>) = 0 [pid 5136] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... futex resumed>) = 1 [pid 5137] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5137] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5136] <... futex resumed>) = 0 [pid 5137] ioctl(3, NBD_SET_SOCK, 5 [pid 5136] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... ioctl resumed>) = 0 [pid 5137] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5136] <... futex resumed>) = 0 [pid 5137] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5136] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5136] <... futex resumed>) = 0 [pid 5137] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5136] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... openat resumed>) = 7 [pid 5137] write(7, "16", 2) = 2 [ 71.066701][ T5137] FAULT_INJECTION: forcing a failure. [ 71.066701][ T5137] name failslab, interval 1, probability 0, space 0, times 0 [ 71.079368][ T5137] CPU: 1 PID: 5137 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 71.089427][ T5137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 71.099479][ T5137] Call Trace: [ 71.102754][ T5137] [ 71.105679][ T5137] dump_stack_lvl+0x1e3/0x2d0 [ 71.110396][ T5137] ? nf_tcp_handle_invalid+0x630/0x630 [ 71.115861][ T5137] ? panic+0x770/0x770 [ 71.119973][ T5137] ? __might_sleep+0xc0/0xc0 [ 71.124572][ T5137] ? lockdep_init_map_type+0x9d/0x8d0 [ 71.129961][ T5137] should_fail_ex+0x3aa/0x4e0 [ 71.134643][ T5137] ? security_inode_alloc+0x24/0x130 [ 71.139933][ T5137] should_failslab+0x5/0x20 [ 71.144449][ T5137] kmem_cache_alloc+0x69/0x350 [ 71.149214][ T5137] security_inode_alloc+0x24/0x130 [ 71.154321][ T5137] inode_init_always+0x887/0xb80 [ 71.159344][ T5137] new_inode_pseudo+0x94/0x1d0 [ 71.164122][ T5137] new_inode+0x25/0x1d0 [ 71.168283][ T5137] ? start_creating+0x22a/0x330 [ 71.173144][ T5137] __debugfs_create_file+0x146/0x500 [ 71.178432][ T5137] nbd_start_device+0x42c/0xb70 [ 71.183297][ T5137] nbd_start_device_ioctl+0xa7/0x5c0 [ 71.188577][ T5137] ? nbd_ioctl+0xd7/0x5b0 [ 71.192904][ T5137] ? nbd_set_size+0x490/0x490 [ 71.197579][ T5137] ? safesetid_security_capable+0xab/0x1b0 [ 71.203388][ T5137] ? bpf_lsm_capable+0x5/0x10 [ 71.208081][ T5137] nbd_ioctl+0x28c/0x5b0 [ 71.212318][ T5137] ? nbd_release+0x130/0x130 [ 71.217778][ T5137] blkdev_ioctl+0x3c9/0x7c0 [ 71.222288][ T5137] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 71.227748][ T5137] ? bpf_lsm_file_ioctl+0x5/0x10 [ 71.232683][ T5137] ? security_file_ioctl+0x9d/0xb0 [ 71.237793][ T5137] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 71.243246][ T5137] __se_sys_ioctl+0xfb/0x170 [ 71.247835][ T5137] do_syscall_64+0x2b/0x70 [ 71.252247][ T5137] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 71.258142][ T5137] RIP: 0033:0x7fab4e5b6259 [ 71.262566][ T5137] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 71.282167][ T5137] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 71.290582][ T5137] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 71.298554][ T5137] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 71.306518][ T5137] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [pid 5137] ioctl(3, NBD_DO_IT [pid 5136] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 71.314483][ T5137] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 71.322449][ T5137] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 71.330431][ T5137] [ 71.340786][ T5137] debugfs: out of free dentries, can not create file 'timeout' [pid 5136] exit_group(0) = ? [pid 5137] <... ioctl resumed>) = ? [ 71.481146][ T5137] block nbd0: shutting down sockets [pid 5137] +++ exited with 0 +++ [pid 5136] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a845d0) = 5138 ./strace-static-x86_64: Process 5138 attached [pid 5138] set_robust_list(0x555555a845e0, 24) = 0 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5138] setpgid(0, 0) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5138] write(3, "1000", 4) = 4 [pid 5138] close(3) = 0 [pid 5138] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5138] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e543000 [pid 5138] mprotect(0x7fab4e544000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5138] clone(child_stack=0x7fab4e5633f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5139], tls=0x7fab4e563700, child_tidptr=0x7fab4e5639d0) = 5139 [pid 5138] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5138] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5139 attached [pid 5139] set_robust_list(0x7fab4e5639e0, 24) = 0 [pid 5139] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5139] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5139] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5138] <... futex resumed>) = 0 [pid 5138] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5139] <... futex resumed>) = 0 [pid 5139] fcntl(3, F_DUPFD, 3) = 4 [pid 5139] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5139] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5138] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5138] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5139] <... futex resumed>) = 0 [pid 5139] ioctl(4, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA|NBD_FLAG_SEND_TRIM|NBD_FLAG_SEND_DF|NBD_FLAG_CAN_MULTI_CONN|NBD_FLAG_SEND_RESIZE|NBD_FLAG_SEND_CACHE|0x5d90d800) = 0 [pid 5139] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5139] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5138] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5138] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5139] <... futex resumed>) = 0 [pid 5139] socketpair(AF_UNIX, SOCK_STREAM, 0, [5, 6]) = 0 [pid 5139] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5139] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5138] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5138] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5139] <... futex resumed>) = 0 [pid 5139] ioctl(3, NBD_SET_SOCK, 5 [pid 5138] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5138] futex(0x7fab4e63a4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5138] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fab4e522000 [pid 5138] mprotect(0x7fab4e523000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5138] clone(child_stack=0x7fab4e5423f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5140], tls=0x7fab4e542700, child_tidptr=0x7fab4e5429d0) = 5140 [pid 5138] futex(0x7fab4e63a4d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5138] futex(0x7fab4e63a4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5140 attached [pid 5140] set_robust_list(0x7fab4e5429e0, 24) = 0 [pid 5140] ioctl(3, NBD_SET_SOCK, 5 [pid 5139] <... ioctl resumed>) = 0 [pid 5139] futex(0x7fab4e63a4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5139] futex(0x7fab4e63a4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5138] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5138] futex(0x7fab4e63a4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5139] <... futex resumed>) = 0 [pid 5138] <... futex resumed>) = 1 [pid 5139] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 5138] futex(0x7fab4e63a4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5139] <... openat resumed>) = 7 [pid 5139] write(7, "16", 2) = 2 [pid 5139] ioctl(3, NBD_DO_IT [pid 5140] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5140] futex(0x7fab4e63a4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] futex(0x7fab4e63a4d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5138] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 71.714296][ T5140] block nbd0: Device being setup by another task [ 71.787769][ T5139] ------------[ cut here ]------------ [ 71.793269][ T5139] kernfs: can not remove 'nr_tags', no directory [ 71.800047][ T5139] WARNING: CPU: 1 PID: 5139 at fs/kernfs/dir.c:1652 kernfs_remove_by_name_ns+0xf5/0x150 [ 71.809947][ T5139] Modules linked in: [ 71.814265][ T5139] CPU: 0 PID: 5139 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 71.824545][ T5139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 71.834807][ T5139] RIP: 0010:kernfs_remove_by_name_ns+0xf5/0x150 [ 71.841180][ T5139] Code: 48 89 df e8 5d ec ff ff 48 89 df e8 a5 97 ff ff 31 db eb 29 e8 cc 16 70 ff 48 c7 c7 40 ba 20 8b 4c 89 e6 31 c0 e8 7b 69 36 ff <0f> 0b bb fe ff ff ff eb 12 e8 ad 16 70 ff bb fe ff ff ff 4c 89 f7 [ 71.861242][ T5139] RSP: 0018:ffffc90003ecf960 EFLAGS: 00010246 [ 71.867485][ T5139] RAX: 73baecdeb84dee00 RBX: ffffffff8db38140 RCX: ffff88807799d7c0 [ 71.875561][ T5139] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [pid 5138] exit_group(0 [pid 5140] <... futex resumed>) = ? [pid 5138] <... exit_group resumed>) = ? [pid 5140] +++ exited with 0 +++ [ 71.883561][ T5139] RBP: dffffc0000000000 R08: ffffffff81709fad R09: fffff520007d9ee5 [ 71.891608][ T5139] R10: fffff520007d9ee5 R11: 1ffff920007d9ee4 R12: ffffffff8b676340 [ 71.899994][ T5139] R13: 0000000000000000 R14: ffffffff8b6762e0 R15: 0000000000000000 [ 71.908128][ T5139] FS: 00007fab4e563700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 71.917177][ T5139] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.923786][ T5139] CR2: 00007fab4e562ec8 CR3: 00000000298d9000 CR4: 00000000003506f0 [ 71.931913][ T5139] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 71.939943][ T5139] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 71.947989][ T5139] Call Trace: [ 71.951292][ T5139] [ 71.954324][ T5139] sysfs_remove_group+0x102/0x2b0 [ 71.959393][ T5139] sysfs_remove_groups+0x5b/0xb0 [ 71.964408][ T5139] __kobject_del+0x84/0x300 [ 71.968934][ T5139] kobject_del+0x41/0x60 [ 71.973179][ T5139] blk_mq_sysfs_unregister_hctxs+0x235/0x320 [ 71.979241][ T5139] ? blk_mq_sysfs_unregister+0x3a0/0x3a0 [ 71.984954][ T5139] ? mutex_lock_nested+0x17/0x20 [ 71.989908][ T5139] ? blk_mq_unfreeze_queue+0x71/0x100 [ 71.995351][ T5139] blk_mq_update_nr_hw_queues+0x647/0x13a0 [ 72.001200][ T5139] ? blk_mq_update_nr_requests+0x680/0x680 [ 72.007079][ T5139] ? do_raw_spin_unlock+0x134/0x8a0 [ 72.012299][ T5139] nbd_start_device+0x15d/0xb70 [ 72.017269][ T5139] nbd_start_device_ioctl+0xa7/0x5c0 [ 72.022573][ T5139] ? nbd_ioctl+0xd7/0x5b0 [ 72.027325][ T5139] ? nbd_set_size+0x490/0x490 [ 72.032032][ T5139] ? safesetid_security_capable+0xab/0x1b0 [ 72.038028][ T5139] ? bpf_lsm_capable+0x5/0x10 [ 72.042752][ T5139] nbd_ioctl+0x28c/0x5b0 [ 72.047093][ T5139] ? nbd_release+0x130/0x130 [ 72.051719][ T5139] blkdev_ioctl+0x3c9/0x7c0 [ 72.056321][ T5139] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 72.061803][ T5139] ? bpf_lsm_file_ioctl+0x5/0x10 [ 72.066794][ T5139] ? security_file_ioctl+0x9d/0xb0 [ 72.071926][ T5139] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 72.077477][ T5139] __se_sys_ioctl+0xfb/0x170 [ 72.082088][ T5139] do_syscall_64+0x2b/0x70 [ 72.086558][ T5139] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 72.092473][ T5139] RIP: 0033:0x7fab4e5b6259 [ 72.097008][ T5139] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.116706][ T5139] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 72.125215][ T5139] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 72.133302][ T5139] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 72.141374][ T5139] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 72.149395][ T5139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 72.157444][ T5139] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 72.165517][ T5139] [ 72.168558][ T5139] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 72.175836][ T5139] CPU: 0 PID: 5139 Comm: syz-executor310 Not tainted 6.1.0-syzkaller-14594-g72a85e2b0a1e #0 [ 72.187283][ T5139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 72.197340][ T5139] Call Trace: [ 72.200712][ T5139] [ 72.203632][ T5139] dump_stack_lvl+0x1e3/0x2d0 [ 72.208320][ T5139] ? nf_tcp_handle_invalid+0x630/0x630 [ 72.213799][ T5139] ? panic+0x770/0x770 [ 72.217882][ T5139] ? vscnprintf+0x59/0x80 [ 72.222219][ T5139] ? kernfs_remove_by_name_ns+0xc0/0x150 [ 72.227878][ T5139] panic+0x316/0x770 [ 72.231799][ T5139] ? __warn+0x16d/0x2d0 [ 72.235974][ T5139] ? memcpy_page_flushcache+0x100/0x100 [ 72.241562][ T5139] ? kernfs_remove_by_name_ns+0xf5/0x150 [ 72.247221][ T5139] __warn+0x284/0x2d0 [ 72.251227][ T5139] ? kernfs_remove_by_name_ns+0xf5/0x150 [ 72.256885][ T5139] report_bug+0x1b3/0x2d0 [ 72.261234][ T5139] handle_bug+0x3d/0x70 [ 72.265392][ T5139] exc_invalid_op+0x16/0x40 [ 72.269887][ T5139] asm_exc_invalid_op+0x16/0x20 [ 72.274734][ T5139] RIP: 0010:kernfs_remove_by_name_ns+0xf5/0x150 [ 72.280975][ T5139] Code: 48 89 df e8 5d ec ff ff 48 89 df e8 a5 97 ff ff 31 db eb 29 e8 cc 16 70 ff 48 c7 c7 40 ba 20 8b 4c 89 e6 31 c0 e8 7b 69 36 ff <0f> 0b bb fe ff ff ff eb 12 e8 ad 16 70 ff bb fe ff ff ff 4c 89 f7 [ 72.300578][ T5139] RSP: 0018:ffffc90003ecf960 EFLAGS: 00010246 [ 72.306652][ T5139] RAX: 73baecdeb84dee00 RBX: ffffffff8db38140 RCX: ffff88807799d7c0 [ 72.314619][ T5139] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 72.322583][ T5139] RBP: dffffc0000000000 R08: ffffffff81709fad R09: fffff520007d9ee5 [ 72.331097][ T5139] R10: fffff520007d9ee5 R11: 1ffff920007d9ee4 R12: ffffffff8b676340 [ 72.339080][ T5139] R13: 0000000000000000 R14: ffffffff8b6762e0 R15: 0000000000000000 [ 72.347077][ T5139] ? __wake_up_klogd+0xcd/0x100 [ 72.351980][ T5139] sysfs_remove_group+0x102/0x2b0 [ 72.357024][ T5139] sysfs_remove_groups+0x5b/0xb0 [ 72.362050][ T5139] __kobject_del+0x84/0x300 [ 72.366818][ T5139] kobject_del+0x41/0x60 [ 72.371076][ T5139] blk_mq_sysfs_unregister_hctxs+0x235/0x320 [ 72.377078][ T5139] ? blk_mq_sysfs_unregister+0x3a0/0x3a0 [ 72.382711][ T5139] ? mutex_lock_nested+0x17/0x20 [ 72.387645][ T5139] ? blk_mq_unfreeze_queue+0x71/0x100 [ 72.393020][ T5139] blk_mq_update_nr_hw_queues+0x647/0x13a0 [ 72.398832][ T5139] ? blk_mq_update_nr_requests+0x680/0x680 [ 72.404637][ T5139] ? do_raw_spin_unlock+0x134/0x8a0 [ 72.409843][ T5139] nbd_start_device+0x15d/0xb70 [ 72.414712][ T5139] nbd_start_device_ioctl+0xa7/0x5c0 [ 72.419993][ T5139] ? nbd_ioctl+0xd7/0x5b0 [ 72.424319][ T5139] ? nbd_set_size+0x490/0x490 [ 72.429032][ T5139] ? safesetid_security_capable+0xab/0x1b0 [ 72.434856][ T5139] ? bpf_lsm_capable+0x5/0x10 [ 72.439541][ T5139] nbd_ioctl+0x28c/0x5b0 [ 72.443781][ T5139] ? nbd_release+0x130/0x130 [ 72.448371][ T5139] blkdev_ioctl+0x3c9/0x7c0 [ 72.452876][ T5139] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 72.458336][ T5139] ? bpf_lsm_file_ioctl+0x5/0x10 [ 72.463279][ T5139] ? security_file_ioctl+0x9d/0xb0 [ 72.468392][ T5139] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 72.473845][ T5139] __se_sys_ioctl+0xfb/0x170 [ 72.478440][ T5139] do_syscall_64+0x2b/0x70 [ 72.484072][ T5139] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 72.489967][ T5139] RIP: 0033:0x7fab4e5b6259 [ 72.494392][ T5139] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.513999][ T5139] RSP: 002b:00007fab4e5632e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 72.523217][ T5139] RAX: ffffffffffffffda RBX: 00007fab4e63a4c0 RCX: 00007fab4e5b6259 [ 72.531183][ T5139] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 72.539149][ T5139] RBP: 00007fab4e607184 R08: 0000000000000002 R09: 0000000000003631 [ 72.547121][ T5139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab4e63a4cc [ 72.555087][ T5139] R13: 00007fab4e5632f0 R14: 00007fab4e63a4c8 R15: 0000000000000002 [ 72.563094][ T5139] [ 72.566270][ T5139] Kernel Offset: disabled [ 72.570668][ T5139] Rebooting in 86400 seconds..