./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1099769985

<...>
forked to background, child pid 3182
no interfaces have a carrier
[   21.853917][ T3183] 8021q: adding VLAN 0 to HW filter on device bond0
[   21.864060][ T3183] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.83' (ECDSA) to the list of known hosts.
execve("./syz-executor1099769985", ["./syz-executor1099769985"], 0x7ffec11dc010 /* 10 vars */) = 0
brk(NULL)                               = 0x555556775000
brk(0x555556775c40)                     = 0x555556775c40
arch_prctl(ARCH_SET_FS, 0x555556775300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1099769985", 4096) = 28
brk(0x555556796c40)                     = 0x555556796c40
brk(0x555556797000)                     = 0x555556797000
mprotect(0x7f3784112000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=680, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3604}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x25\x00\x00\x00\x48\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 680
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3604}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
access("/proc/net", R_OK)               = 0
access("/proc/net/unix", R_OK)          = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3604}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3604}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3604}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3604}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3604}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
close(3)                                = 0
close(4)                                = 0
openat(AT_FDCWD, "/dev/dri/card0", O_RDONLY) = 3
ioctl(3, DRM_IOCTL_MODE_CREATE_DUMB, 0x20000100) = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
write(4, "4", 1)                        = 1
mmap(0x20ffc000, 12328, PROT_NONE, MAP_PRIVATE|MAP_FIXED, 3, 0x100000000) = -1 ENOMEM (Cannot allocate memory)
exit_group(0)                           = ?
syzkaller login: [   43.840543][ T3604] ==================================================================
[   43.848910][ T3604] BUG: KASAN: use-after-free in drm_gem_object_release_handle+0xf2/0x110
[   43.857379][ T3604] Read of size 8 at addr ffff88802111a9e8 by task syz-executor109/3604
[   43.865596][ T3604] 
[   43.867899][ T3604] CPU: 0 PID: 3604 Comm: syz-executor109 Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0
[   43.878148][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   43.888191][ T3604] Call Trace:
[   43.891452][ T3604]  <TASK>
[   43.894363][ T3604]  dump_stack_lvl+0xcd/0x134
[   43.898940][ T3604]  print_report.cold+0x2ba/0x719
[   43.903861][ T3604]  ? drm_gem_object_release_handle+0xf2/0x110
[   43.909907][ T3604]  kasan_report+0xb1/0x1e0
[   43.914334][ T3604]  ? drm_gem_object_release_handle+0xf2/0x110
[   43.920488][ T3604]  ? drm_gem_object_handle_put_unlocked+0x390/0x390
[   43.927056][ T3604]  drm_gem_object_release_handle+0xf2/0x110
[   43.933102][ T3604]  ? drm_gem_object_handle_put_unlocked+0x390/0x390
[   43.939671][ T3604]  idr_for_each+0x113/0x220
[   43.944155][ T3604]  ? idr_find+0x50/0x50
[   43.948288][ T3604]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[   43.954093][ T3604]  drm_gem_release+0x22/0x30
[   43.958664][ T3604]  drm_file_free.part.0+0x805/0xb80
[   43.963843][ T3604]  ? fsnotify+0x1680/0x1680
[   43.968325][ T3604]  drm_close_helper.isra.0+0x17d/0x1f0
[   43.973763][ T3604]  drm_release+0x1e6/0x530
[   43.978173][ T3604]  __fput+0x277/0x9d0
[   43.982140][ T3604]  ? drm_release_noglobal+0x180/0x180
[   43.987507][ T3604]  task_work_run+0xdd/0x1a0
[   43.992166][ T3604]  do_exit+0xad5/0x29b0
[   43.996301][ T3604]  ? mm_update_next_owner+0x7a0/0x7a0
[   44.001648][ T3604]  ? _raw_spin_unlock_irq+0x1f/0x40
[   44.006829][ T3604]  ? _raw_spin_unlock_irq+0x1f/0x40
[   44.012016][ T3604]  do_group_exit+0xd2/0x2f0
[   44.016500][ T3604]  __x64_sys_exit_group+0x3a/0x50
[   44.021498][ T3604]  do_syscall_64+0x35/0xb0
[   44.025895][ T3604]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   44.031774][ T3604] RIP: 0033:0x7f37840a2009
[   44.036171][ T3604] Code: Unable to access opcode bytes at RIP 0x7f37840a1fdf.
[   44.043535][ T3604] RSP: 002b:00007ffe21d2a3f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   44.051927][ T3604] RAX: ffffffffffffffda RBX: 00007f37841183f0 RCX: 00007f37840a2009
[   44.059879][ T3604] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   44.067830][ T3604] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000100000000
[   44.075826][ T3604] R10: 0000000000000012 R11: 0000000000000246 R12: 00007f37841183f0
[   44.083775][ T3604] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   44.091735][ T3604]  </TASK>
[   44.094739][ T3604] 
[   44.097039][ T3604] Allocated by task 3604:
[   44.101337][ T3604]  kasan_save_stack+0x1e/0x40
[   44.105996][ T3604]  __kasan_kmalloc+0xa9/0xd0
[   44.110564][ T3604]  vgem_gem_create_object+0x38/0xb0
[   44.115743][ T3604]  __drm_gem_shmem_create+0x80/0x480
[   44.121007][ T3604]  drm_gem_shmem_dumb_create+0x13c/0x380
[   44.126614][ T3604]  drm_mode_create_dumb+0x26c/0x2f0
[   44.131792][ T3604]  drm_ioctl_kernel+0x27d/0x4e0
[   44.136626][ T3604]  drm_ioctl+0x51e/0x9d0
[   44.140846][ T3604]  __x64_sys_ioctl+0x193/0x200
[   44.145587][ T3604]  do_syscall_64+0x35/0xb0
[   44.149997][ T3604]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   44.155870][ T3604] 
[   44.158169][ T3604] Freed by task 3604:
[   44.162122][ T3604]  kasan_save_stack+0x1e/0x40
[   44.166775][ T3604]  kasan_set_track+0x21/0x30
[   44.171339][ T3604]  kasan_set_free_info+0x20/0x30
[   44.176253][ T3604]  ____kasan_slab_free+0x166/0x1c0
[   44.181338][ T3604]  slab_free_freelist_hook+0x8b/0x1c0
[   44.186685][ T3604]  kfree+0xe2/0x580
[   44.190473][ T3604]  drm_gem_mmap+0x4fc/0x770
[   44.194950][ T3604]  mmap_region+0xbff/0x1460
[   44.199431][ T3604]  do_mmap+0x863/0xfa0
[   44.203477][ T3604]  vm_mmap_pgoff+0x1ab/0x270
[   44.208044][ T3604]  ksys_mmap_pgoff+0x41b/0x5a0
[   44.212789][ T3604]  do_syscall_64+0x35/0xb0
[   44.217188][ T3604]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   44.223062][ T3604] 
[   44.225360][ T3604] The buggy address belongs to the object at ffff88802111a800
[   44.225360][ T3604]  which belongs to the cache kmalloc-1k of size 1024
[   44.239393][ T3604] The buggy address is located 488 bytes inside of
[   44.239393][ T3604]  1024-byte region [ffff88802111a800, ffff88802111ac00)
[   44.252731][ T3604] 
[   44.255030][ T3604] The buggy address belongs to the physical page:
[   44.261413][ T3604] page:ffffea0000844600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21118
[   44.271537][ T3604] head:ffffea0000844600 order:3 compound_mapcount:0 compound_pincount:0
[   44.279838][ T3604] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   44.287796][ T3604] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888011841dc0
[   44.296363][ T3604] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   44.304919][ T3604] page dumped because: kasan: bad access detected
[   44.311304][ T3604] page_owner tracks the page as allocated
[   44.316997][ T3604] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3599, tgid 3599 (sshd), ts 43832492930, free_ts 43805533578
[   44.337649][ T3604]  get_page_from_freelist+0x109b/0x2ce0
[   44.343183][ T3604]  __alloc_pages+0x1c7/0x510
[   44.347748][ T3604]  alloc_pages+0x1a6/0x270
[   44.352140][ T3604]  allocate_slab+0x27e/0x3d0
[   44.356708][ T3604]  ___slab_alloc+0x7f1/0xe10
[   44.361292][ T3604]  __slab_alloc.constprop.0+0x4d/0xa0
[   44.366640][ T3604]  __kmalloc_node_track_caller+0x2f2/0x380
[   44.372427][ T3604]  __alloc_skb+0xd9/0x2f0
[   44.376907][ T3604]  tcp_stream_alloc_skb+0x38/0x580
[   44.381996][ T3604]  tcp_sendmsg_locked+0xc36/0x2f80
[   44.387107][ T3604]  tcp_sendmsg+0x2b/0x40
[   44.391337][ T3604]  inet_sendmsg+0x99/0xe0
[   44.395644][ T3604]  sock_sendmsg+0xcf/0x120
[   44.400037][ T3604]  sock_write_iter+0x291/0x3d0
[   44.404775][ T3604]  vfs_write+0x9e9/0xdd0
[   44.408998][ T3604]  ksys_write+0x1e8/0x250
[   44.413306][ T3604] page last free stack trace:
[   44.417952][ T3604]  free_pcp_prepare+0x5e4/0xd20
[   44.422869][ T3604]  free_unref_page+0x19/0x4d0
[   44.427612][ T3604]  __unfreeze_partials+0x17c/0x1a0
[   44.432704][ T3604]  qlist_free_all+0x6a/0x170
[   44.437271][ T3604]  kasan_quarantine_reduce+0x180/0x200
[   44.442706][ T3604]  __kasan_slab_alloc+0xa2/0xc0
[   44.447533][ T3604]  kmem_cache_alloc_trace+0x2c0/0x3e0
[   44.452899][ T3604]  apparmor_sk_alloc_security+0x84/0x150
[   44.458507][ T3604]  security_sk_alloc+0x50/0xb0
[   44.463265][ T3604]  sk_prot_alloc+0x161/0x290
[   44.467850][ T3604]  sk_alloc+0x36/0x770
[   44.471914][ T3604]  __netlink_create+0x63/0x380
[   44.476656][ T3604]  netlink_create+0x3ad/0x5e0
[   44.481307][ T3604]  __sock_create+0x355/0x790
[   44.485871][ T3604]  __sys_socket+0x12f/0x240
[   44.490368][ T3604]  __x64_sys_socket+0x6f/0xb0
[   44.495022][ T3604] 
[   44.497322][ T3604] Memory state around the buggy address:
[   44.502945][ T3604]  ffff88802111a880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   44.510998][ T3604]  ffff88802111a900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   44.519038][ T3604] >ffff88802111a980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   44.527086][ T3604]                                                           ^
[   44.534516][ T3604]  ffff88802111aa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   44.542569][ T3604]  ffff88802111aa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   44.550609][ T3604] ==================================================================
[   44.559317][ T3604] Kernel panic - not syncing: panic_on_warn set ...
[   44.565918][ T3604] CPU: 0 PID: 3604 Comm: syz-executor109 Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0
[   44.576096][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   44.586147][ T3604] Call Trace:
[   44.589403][ T3604]  <TASK>
[   44.592317][ T3604]  dump_stack_lvl+0xcd/0x134
[   44.596890][ T3604]  panic+0x2c8/0x627
[   44.600761][ T3604]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   44.606721][ T3604]  ? preempt_schedule_common+0x59/0xc0
[   44.612177][ T3604]  ? preempt_schedule_thunk+0x16/0x18
[   44.617532][ T3604]  ? drm_gem_object_release_handle+0xf2/0x110
[   44.623578][ T3604]  end_report.part.0+0x3f/0x7c
[   44.628322][ T3604]  kasan_report.cold+0xa/0xf
[   44.632894][ T3604]  ? drm_gem_object_release_handle+0xf2/0x110
[   44.638938][ T3604]  ? drm_gem_object_handle_put_unlocked+0x390/0x390
[   44.645504][ T3604]  drm_gem_object_release_handle+0xf2/0x110
[   44.651389][ T3604]  ? drm_gem_object_handle_put_unlocked+0x390/0x390
[   44.657959][ T3604]  idr_for_each+0x113/0x220
[   44.662448][ T3604]  ? idr_find+0x50/0x50
[   44.666581][ T3604]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[   44.672368][ T3604]  drm_gem_release+0x22/0x30
[   44.676939][ T3604]  drm_file_free.part.0+0x805/0xb80
[   44.682115][ T3604]  ? fsnotify+0x1680/0x1680
[   44.686596][ T3604]  drm_close_helper.isra.0+0x17d/0x1f0
[   44.692032][ T3604]  drm_release+0x1e6/0x530
[   44.696424][ T3604]  __fput+0x277/0x9d0
[   44.700382][ T3604]  ? drm_release_noglobal+0x180/0x180
[   44.705731][ T3604]  task_work_run+0xdd/0x1a0
[   44.710228][ T3604]  do_exit+0xad5/0x29b0
[   44.714370][ T3604]  ? mm_update_next_owner+0x7a0/0x7a0
[   44.719721][ T3604]  ? _raw_spin_unlock_irq+0x1f/0x40
[   44.724901][ T3604]  ? _raw_spin_unlock_irq+0x1f/0x40
[   44.730076][ T3604]  do_group_exit+0xd2/0x2f0
[   44.734557][ T3604]  __x64_sys_exit_group+0x3a/0x50
[   44.739559][ T3604]  do_syscall_64+0x35/0xb0
[   44.743956][ T3604]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   44.749829][ T3604] RIP: 0033:0x7f37840a2009
[   44.754243][ T3604] Code: Unable to access opcode bytes at RIP 0x7f37840a1fdf.
[   44.761584][ T3604] RSP: 002b:00007ffe21d2a3f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   44.769972][ T3604] RAX: ffffffffffffffda RBX: 00007f37841183f0 RCX: 00007f37840a2009
[   44.777926][ T3604] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   44.785894][ T3604] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000100000000
[   44.793845][ T3604] R10: 0000000000000012 R11: 0000000000000246 R12: 00007f37841183f0
[   44.801796][ T3604] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   44.809750][ T3604]  </TASK>
[   44.813303][ T3604] Kernel Offset: disabled
[   44.817616][ T3604] Rebooting in 86400 seconds..