Comments (3)
dvyukov
commented on September 21, 2024
from syzkaller.
dvyukov
commented on September 21, 2024
Extracted another reproducer for a crash, now it is 155 calls:
2017/02/01 00:00:26 executing program 5:
mmap(&(0x7f0000000000/0xfff000)=nil, (0xfff000), 0x3, 0x32, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000ec2000-0x8)="2e2f66696c653000", 0x0)
mlockall(0x0)
perf_event_open(&(0x7f000002f000-0x78)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xc642, 0x0, 0xd34, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0xffffffff, 0xffffffffffffffff, 0xa)
ioctl$SNDRV_TIMER_IOCTL_STATUS(0xffffffffffffffff, 0x80605414, &(0x7f0000013000-0xf7)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00004b6000-0x11)="2f6465762f7667615f6172626974657200", 0x0, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000068000)={[0xd7, 0x0, 0x8001, 0x60a5, 0x10000, 0x5, 0x6, 0xff, 0xffff, 0xfffffffffffffffe, 0x7fff, 0x400, 0x2, 0x6, 0x1, 0x0], 0xf000, 0x8000})
sendmsg(0xffffffffffffffff, &(0x7f0000007000)={&(0x7f0000005000)=@un=@abs={0x0, 0x0, 0x0}, 0x8, &(0x7f0000054000)=[{&(0x7f0000000000)="46343ebf8dac5c2b440677c405605e49057e36760edfee6cdd4ac3fb53c9dd6ed420cbed074b8bde1d35ec6f108d7cce32b90761db61f6187acb3ef178b13cacacaa4e3d714da37185dc25bb725810fd829ea86060d4485d2fbb28e9daa352376ed016d611bcf960806f6ed9b68480e82f35ba3d6f7f235f245d4c17435b5d103df02ce023fc457297ee097c43743f5023290796c309dcdc9f5c3f32d3000000000000800181b60f1395e03f734ce46e7ae9710cda4f19a5460f4bfe217bf501fb4316f862c6f1839a21ae299d33c30590d2000000000000000862039aa51f52aed49e0bb23136036a6574f2f8000d7f97b106e6d3e62968dd56b0e7f9c2b1f2916751efe5467decb9ea475f1e5c75a9343fcaf434b6965135790c91bbf3354eb307341b8eb69384b86ccf62c9ca3fd3", 0x130}], 0x1, &(0x7f0000027000-0x138)=[], 0x0, 0x20000000}, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$netrom(0xffffffffffffffff, &(0x7f0000891000)=@full={{0x6, {"9b631434f9a4bf"}, 0xf11e}, [{"c5b6274843be99"}, {"2e9f581f88f468"}, {"f26c159d423e17"}, {"30c44eb40adf10"}, {"4b4fb543807dc3"}, {"22a46f5236e1aa"}, {"e1b69c43a2c0d5"}, {"5cc62c2671d29c"}]}, 0x48)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000002000)={0x1ff, 0x5, 0x2, "71756575653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
creat(&(0x7f0000019000)="2e2f66696c653000", 0x0)
r1 = open(&(0x7f0000019000-0x8)="2e2f62757300", 0x885d3addd51b95d2, 0x0)
set_mempolicy(0x3, &(0x7f0000cd7000)=0x5, 0x7)
socket$unix(0x1, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00005ca000-0x8)={0xffffffffffffffff, 0xffffffffffffffff})
creat(&(0x7f0000cdb000)="2e2f62757300", 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f000001f000-0x58)={0x26, "726e670000000000000000000000", 0x3, 0x0, "73006131000000000000000000000000000000000000000000000000000000000000000000000000000000000000150000009e00000000000000020000000000"}, 0x58)
openat$autofs(0xffffffffffffff9c, &(0x7f00009aa000-0xc)="2f6465762f6175746f667300", 0x42, 0x0)
mremap(&(0x7f0000a93000/0x2000)=nil, (0x2000), (0xe000), 0x3, &(0x7f0000b18000/0xe000)=nil)
mprotect(&(0x7f0000b1e000/0x2000)=nil, (0x2000), 0x4)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f000015a000-0xc)="2f6465762f72666b696c6c00", 0x40, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket(0xa, 0x6, 0x0)
setsockopt$ip_ipsec(r4, 0x0, 0x10, &(0x7f0000b9f000-0xf0)={{{@in6=@loopback={0x0, 0x1}, @in6=@empty={0x0, 0x0}, 0x2, 0x4000, 0x0, 0x9, 0x9, 0x10000, 0x4, 0x8, 0x2, 0x3}, {0x8712, 0x8b, 0xff, 0x6, 0x101, 0x9, 0x2, 0x1000}, {0x1, 0x200, 0x7, 0xe4bb}, 0x20, 0xe41b, 0x2a9d, 0x7fff, 0x8, 0x3ff}, {{@in=@loopback=0x7f000001, 0x1, 0x9}, 0xfffffffffffffffa, @in=@loopback=0x7f000001, 0xd282, 0x5, 0x0, 0x1, 0x8, 0x5, 0xecc}}, 0xf0)
mkdir(&(0x7f000026c000)="2e2f66696c653000", 0x1400103)
r5 = syz_open_dev$sndseq(&(0x7f0000038000)="2f6465762f736e642f73657100", 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000048000-0x8c)={0x0, 0x0, 0x0, "71756575653100000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r6 = userfaultfd(0x800)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x0, 0x0})
dup3(r6, r6, 0x80000)
ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0)
read(r6, &(0x7f0000013000-0xb1)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0xb1)
r7 = epoll_create1(0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000012000/0x2000)=nil, (0x2000)}, 0x1, 0x0})
close(r7)
r8 = syz_open_dev$sndtimer(&(0x7f0000000000)="2f6465762f736e642f74696d657200", 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r8, 0xc0145401, &(0x7f0000013000)={0x0, 0x0, 0x0, 0x0, 0x0})
lseek(0xffffffffffffffff, 0x0, 0x7)
ioctl$SNDRV_TIMER_IOCTL_STATUS(r8, 0x80605414, &(0x7f0000001000+0xf42)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
close(r6)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r5, 0xc08c5335, &(0x7f000004b000-0x8c)={0x0, 0x80, 0xb5d, "ec306fd83ca199a51d2ba3564fb788e9ed13c848324cabfa36cc218669c5f2a8a170e5fea0a5b47fa6c2ebdf343bdad74c0b60376a6981a156e97a252a7633d4", 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000002f000-0x8)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = syz_open_dev$urandom(&(0x7f000002b000-0xd)="2f6465762f7572616e646f6d00", 0x0, 0x0)
close(r10)
perf_event_open(&(0x7f0000001000-0x78)={0x1, 0x78, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f000076f000-0x20)={0x4, 0x73, 0x1, 0x9, 0xd8d1, 0x1, 0xfffffffffffffbed, 0xffffffff, 0x400}, 0x20)
inotify_init()
r11 = openat$hwrng(0xffffffffffffff9c, &(0x7f00003b4000-0xb)="2f6465762f6877726e6700", 0x40400, 0x0)
write$fuse_ioctl(r11, &(0x7f0000eb1000)={0x20, 0xff, 0x7fffffff, 0x3, 0x2, 0x4, 0x8001}, 0x20)
seccomp(0x1, 0x0, &(0x7f0000001000-0x10)={0x0, &(0x7f0000022000)=[]})
mprotect(&(0x7f00002b1000/0xc00000)=nil, (0xc00000), 0x7)
r12 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000eb2000-0xf)="2f6465762f73657175656e63657200", 0x2000, 0x0)
r13 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xdd, 0x0, 0xfffffffffffffffe, 0x6, 0x0, 0x2, 0x0, 0x0, 0xfe, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x4000000000, 0xfffffffffffffffd, 0x4, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffe, 0x8000000000000, 0x0, 0x0, 0x0, 0x0}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x2400, 0x84fe)
r14 = dup3(r13, r13, 0x0)
connect$netrom(r14, &(0x7f0000b11000-0x48)=@full={{0x6, {"85a0a0513e810a"}, 0x7f}, [{"69ce91fe21e0ee"}, {"b709c36c1e16e4"}, {"32a96171496573"}, {"2ae83a62c90848"}, {"21fc1762d5d685"}, {"9e9b02c3d84438"}, {"beff6afd9f7c60"}, {"88401a99930af3"}]}, 0x48)
r15 = socket(0x2, 0x5, 0xffffffffffffffff)
setsockopt$sock_int(r15, 0x1, 0xc, &(0x7f000003b000)=0xfffffffffffffffe, 0x4)
stat(&(0x7f00008be000-0x8)="2e2f66696c653000", &(0x7f0000044000-0x44)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
recvmsg$netrom(r15, &(0x7f0000714000)={&(0x7f0000fad000)=@ax25={0x6, {"639ca3d32884a8"}, 0x10000}, 0x10, &(0x7f00001fe000)=[{&(0x7f0000ebc000-0xc)="70f5696a6f93537d459ffe38", 0xc}, {&(0x7f0000fad000)="", 0x0}], 0x2, &(0x7f0000e47000-0x438)=[{0x20, 0x111, 0x0, "fd6ffd3839d87b009691320570"}, {0x10, 0x1ff, 0x3, ""}], 0x2, 0x0}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000ada000)="2f6465762f6b766d00", 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r16, 0x4010ae67, &(0x7f0000d86000)={0x1, 0x0, 0x0})
ioctl$KVM_REGISTER_COALESCED_MMIO(r16, 0x4010ae67, &(0x7f000085e000)={0x0, 0x0, 0x0})
accept$sctp(0xffffffffffffff9c, &(0x7f0000000000)=@in6={0x0, 0x0, 0x0, @loopback={0x0, 0x0}, 0x0}, &(0x7f0000da2000-0x4)=0x20)
prlimit64(0x0, 0x7, &(0x7f0000002000)={0x0, 0x0}, &(0x7f0000003000-0x10)={0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000014000)={0x1, 0x19, 0x6, 0x6, 0x1}, 0x14)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x2)
r18 = timerfd_create(0x1, 0x80000)
read(r17, &(0x7f0000b63000-0x8)="0000000000000000", 0x8)
r19 = openat$autofs(0xffffffffffffff9c, &(0x7f0000e0a000)="2f6465762f6175746f667300", 0x1, 0x0)
mkdir(&(0x7f000002a000-0xa)="2e2f636f6e74726f6c00", 0x0)
r20 = inotify_init1(0x0)
getsockopt$ip_mreq(r19, 0x0, 0x0, &(0x7f0000cfe000-0x8)={@loopback=0x0, @empty=0x0}, &(0x7f000024b000)=0x8)
r21 = dup3(r18, r18, 0x80000)
setsockopt$NETLINK_NO_ENOBUFS(r21, 0x10e, 0x5, &(0x7f0000203000)=0x80000001, 0x4)
r22 = gettid()
fcntl$setown(r20, 0x8, r22)
r23 = inotify_add_watch(r21, &(0x7f0000b22000)="2e2f66696c653000", 0x4000001)
inotify_rm_watch(r19, r23)
ioctl$EVIOCGKEYCODE_V2(r14, 0x80284504, &(0x7f0000113000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$PIO_FONTRESET(r19, 0x4b6d, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000d89000-0xc)="2f6465762f6175746f667300", 0x300003, 0x0)
getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f000084f000-0xc)={0x0, 0x0, 0x0}, &(0x7f00006b0000)=0xc)
rt_sigprocmask(0x0, &(0x7f000003b000)={0xfffffffffffffffe}, 0x0, 0x8)
fcntl$setsig(r20, 0xa, 0x20)
inotify_add_watch(r20, &(0x7f0000d04000-0xa)="2e2f66696c653000", 0x1)
ioctl$EVIOCSABS2F(r21, 0x401845ef, &(0x7f0000baa000)={0x5, 0x2, 0x4, 0xffffffffffffffff, 0x200, 0x80})
mkdir(&(0x7f0000141000-0x10)="2e2f66696c653000", 0x0)
epoll_create1(0x80000)
timerfd_settime(r18, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x80000000, 0x6}}, &(0x7f0000001000-0x20)={{0x0, 0x0}, {0x0, 0x0}})
syz_kvm_setup_cpu$x86(r16, r17, &(0x7f00002f7000/0x18000)=nil, &(0x7f0000777000)=[@text16={0x10, &(0x7f0000ad5000)="0f20d86635080000000f22d83e660f3a0d8b943200f0822f78676426666566670f0092b72e000064660f1343001b2f26f366363666260f3065d9fd0f017a006764f3f26465260f01c9", 0x49}], 0x1, 0x0, &(0x7f0000ad5000)=[], 0x0)
ioctl$KVM_SET_TSS_ADDR(r14, 0xae47, 0xd000)
syz_open_dev$vcsn(&(0x7f0000b26000)="2f6465762f7663732300", 0x80000001, 0x4c2a80)
add_key(&(0x7f0000d02000)="ba656c6400", &(0x7f0000e0d000)={0x73, 0x79, 0x7a, 0x0, 0x0}, &(0x7f00003fa000)="44eb63abd2db6fd34e9dfa7d35539035f88d7cbe9491cfb5b5e89347323e1f0f50d8079f65f89f4e2ca858dbe46c357f96348993c0b3eaa014188feeb6ae8b40d03695341017ebbe4dd644f4cd7801638a9ea9bf060c32c74a6334305f577ae7de877e834d7099235d59d0a7d23d020f76e71d7fe23a54ce0d813fddba81e073d5f180216a34b03142db0559d3ea2b811ec2b83f95ac0214b0f7e98c74c083f1e3655b59401ae4f7e17f84489eb0931258a8faefcc8ee00a39ef8ea6dd523da43937", 0xc2, 0xffffffffffffffff)
r24 = request_key(&(0x7f00009b9000-0x5)="7573657200", &(0x7f0000ebe000)={0x73, 0x79, 0x7a, 0x1, 0x0}, &(0x7f0000b1b000)="2f6465762f7663732300", 0xfffffffffffffffb)
add_key(&(0x7f0000ac7000)="73797a6b616c6c657200", &(0x7f0000768000-0x5)={0x73, 0x79, 0x7a, 0x1, 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f00008d3000-0x12)="2e726571756573745f6b65795f6175746800", &(0x7f0000d03000)={0x73, 0x79, 0x7a, 0x0, 0x0}, &(0x7f0000281000)="297d5d00", 0xfffffffffffffffb)
r25 = add_key(&(0x7f000014d000-0x5)="7573657200", &(0x7f0000f06000-0x5)={0x73, 0x79, 0x7a, 0x1, 0x0}, &(0x7f00000ff000-0x5a)="2faa95927f7fb22c7d2dfe1402e2eb70665dea112fc683b0729afec7f450678eaddcd6f73c66111d85f3481daf7baa82d7005c4f804dc951e241d6432d3f6f3c17e0eadba2950d2be3ea58cb8198b4e7f4dad57496566c856cb9d1dc6a18bee65dd2b3ce08cbe6adb936399e3a1eb2f47fa1b79805af1893a2daa1fe719be87d0a4ab39109e4a8ee417b3bee2553b981efb65309149e68f07503a92ef5c47a44b25486bc08fa16bcd35fe9ddd734988ee0a3d02b8b4aecf4233c", 0xba, 0xfffffffffffffffb)
keyctl$unlink(0x9, r24, r25)
shmget$private(0x0, (0x11000), 0x54000000, &(0x7f0000744000/0x11000)=nil)
shmget(0x3, (0x9000), 0x2000005400007d, &(0x7f00001c9000/0x9000)=nil)
shmget(0x2, (0x1000), 0xfffffffffffffffe, &(0x7f0000872000/0x1000)=nil)
shmget$private(0x0, (0x2000), 0x1, &(0x7f0000ebc000/0x2000)=nil)
shmget(0x1, (0x2000), 0x400, &(0x7f0000b1c000/0x2000)=nil)
shmget(0x3, (0x4000), 0x100, &(0x7f00001d9000/0x4000)=nil)
shmget(0x0, (0x3000), 0x1000, &(0x7f00000dc000/0x3000)=nil)
shmget(0x3, (0x1000), 0x54001018, &(0x7f00004e4000/0x1000)=nil)
shmget$private(0x0, (0x1000), 0x10000014, &(0x7f0000661000/0x1000)=nil)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r12, 0x40345410, &(0x7f0000a2b000-0x34)={{0x0, 0x3, 0x54, 0x3, 0x4}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
io_setup(0x1, &(0x7f0000054000-0x8)=<r26=>0x0)
r27 = syz_open_dev$vcsn(&(0x7f0000ff8000)="2f6465762f7663732300", 0xa70, 0x400080)
connect(r27, &(0x7f0000eb2000)=@sco={0x1f, {0x3371ca1a, 0x2, 0x0, 0x5, 0x81, 0x7}}, 0x8)
clock_gettime(0x5, &(0x7f0000eb1000)={<r28=>0x0, 0x0})
io_getevents(r26, 0x1, 0x1, &(0x7f0000aeb000)=[{0x0, 0x0, 0x0, 0x0}], &(0x7f000023c000-0x10)={r28, 0x0})
io_destroy(r26)
set_mempolicy(0x1, &(0x7f0000001000)=0x10001, 0x3)
clock_gettime(0xffffffffffd, &(0x7f0000eb4000-0x10)={0x0, 0x0})
r29 = syz_open_dev$ircomm(&(0x7f0000518000-0xd)="2f6465762f6972636f6d6d2300", 0xc, 0x2)
ioctl$KVM_CREATE_VCPU(r29, 0xae41, 0x0)
r30 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r30, &(0x7f0000055000-0xda)="000000000000000000000000000000000000000000000000", 0x18)
socket(0xa, 0x400000006, 0x0)
r31 = dup3(r9, r10, 0x0)
ioctl$bt(r31, 0x541b, &(0x7f0000578000-0x44)="139e6067738aa558bf2ae9438e3bf77e7db561b4169b0c65b898c6fd4f37b8ef0b9e3cc3f299b787f1ccef75afe8fc32304a2812e38fc30238ae56a14f37c0dd79d7f6c3")
mmap(&(0x7f0000000000/0xfb9000)=nil, (0xfb9000), 0x3, 0x32, 0xffffffffffffffff, 0x0)
r32 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
mmap(&(0x7f0000fb9000/0x1000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0)
bind(r32, &(0x7f0000fb9000)=@in={0x2, 0x0, @loopback=0x7f000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10)
syz_emit_ethernet(0x5d, &(0x7f0000001000-0x15e)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, @random="961c254def9a", [], {{0x800, {{{0xe, 0x4, 0x0, 0x0, 0x4f, 0x3, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0xfffffffffffffffc, @remote={0xac, 0x14, 0x0, 0xbb}, {[@generic={0x83, 0x3, "1e"}, @rr={0x7, 0xf, 0x0, [@empty=0x0, @multicast1=0xe0000001, @local={0xac, 0x14, 0x0, 0xaa}]}, @rr={0x7, 0xf, 0x100000000, [@multicast1=0xe0000001, @rand_addr=0x5, @remote={0xac, 0x14, 0x0, 0xbb}]}]}}, {{{0x3, 0x1, @random=0x4, @random=0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, {[]}}, {"eae1bb"}}}}}}}})
socket$kcm(0x29, 0x5, 0x0)
mmap(&(0x7f0000fb9000/0x1000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0)
r33 = openat$rtc(0xffffffffffffff9c, &(0x7f0000fb9000)="2f6465762f72746300", 0x200000, 0x0)
mmap(&(0x7f0000fb9000/0x1000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0)
epoll_pwait(r33, &(0x7f00002f6000)=[{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}], 0x7, 0x693ab1e, &(0x7f0000fba000-0x8)={0x1}, 0x8)
mmap(&(0x7f0000fba000/0x1000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0)
r34 = gettid()
r35 = getuid()
setsockopt$ipv6_int(r32, 0x29, 0x0, &(0x7f0000860000)=0xffffffff, 0x4)
ioctl$DRM_IOCTL_GET_CLIENT(r33, 0xc0286405, &(0x7f0000f81000)={0x5, 0x100000000, r34, 0x8, r35, 0x10000, 0x0, 0x7})
ioctl$DRM_IOCTL_ADD_CTX(r33, 0xc0086420, &(0x7f0000fba000)={<r36=>0x0, 0x0})
ioctl$DRM_IOCTL_UNLOCK(r33, 0x4008642b, &(0x7f00006f3000)={r36, 0x2})
setsockopt$ip_mreqsrc(r33, 0x0, 0x26, &(0x7f0000518000-0xc)={@broadcast=0xffffffff, @empty=0x0, @empty=0x0}, 0xc)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r31, 0x40485404, &(0x7f00009ae000)={{0x0, 0x3, 0x8000, 0x1, 0xffffffffffff0001}, 0xffffffffffffffff, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
write(r5, &(0x7f00006a8000-0x1f)="1f0000000701fff2ffffff00000000ff006d0039090001000300bc1f001900", 0x1f)
mremap(&(0x7f0000d86000/0x3000)=nil, (0x3000), (0x4000), 0x3, &(0x7f0000d27000/0x4000)=nil)
sched_setscheduler(0x0, 0x800000000000000, &(0x7f0000a93000)=0x4)
ioctl$TIOCLINUX3(r27, 0x541c, &(0x7f0000b19000-0x1)=0x3)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000c3e000)={{0x0, 0x0}, {0x0, 0x0}})
socket(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000e45000-0x8)={0xffffffffffffffff, 0xffffffffffffffff})
fallocate(0xffffffffffffffff, 0x0, 0x40000, 0x18000)
poll(&(0x7f000095d000)=[{0xffffffffffffffff, 0x7, 0x7f}, {0xffffffffffffffff, 0x2, 0x3}, {0xffffffffffffffff, 0x400, 0x1}, {0xffffffffffffffff, 0x2f, 0x3}, {0xffffffffffffffff, 0x8, 0x43}, {0xffffffffffffffff, 0x1, 0x3}, {0xffffffffffffffff, 0x3, 0x5}], 0x7, 0x81)
madvise(&(0x7f00003d1000/0x4000)=nil, (0x4000), 0x11)
from syzkaller.
dvyukov
commented on September 21, 2024
Closing. This was resolved by something.
from syzkaller.
Related Issues (20)
- executor: Ctrl+Alt+Del kills executor HOT 1
- manager: detect lost connection when executor gets killed
- Docs: syz-cover can't be built with command specified in coverage.md HOT 8
- tools/syz-env: Support linux/arm64. HOT 4
- About usb-fuzzer in syzkaller HOT 1
- tools/syz-cover: syz-cover breaks if optional modules flag isn't provided. HOT 1
- "pages build and deployment / build (dynamic)" failures HOT 4
- vm/dispatcher: a test failure
- Too frequent runner vm-0: failed to recv *flatrpc.ExecutorMessageRaw: EOF HOT 6
- syzbot: some branch name patterns seems to break the bot reproducing feature HOT 3
- corpus is not removed when description file updated with some size limit. HOT 1
- executor: coverage collection in snapshotting mode is broken HOT 1
- syz-manager: bugs may be reproduced twice HOT 1
- syzkaller, not syzbot findings tracking
- syz-ci: smoke test panic in case of fuzzing_vms > 0
- syz-manager: panic in paseExecResult
- dashboard/app: unstable coverage aggregation HOT 10
- syzkaller: split lock detection HOT 1
- dashboard: reconsider the console log trimming policy HOT 4
- tools/syz-cover: make the force flag for incomplete coverage callbacks available HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from syzkaller.