./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor986864673 <...> forked to background, child pid 3184 no interfaces have a carrier [ 26.915564][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.927404][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.174' (ECDSA) to the list of known hosts. execve("./syz-executor986864673", ["./syz-executor986864673"], 0x7fffffb6e010 /* 10 vars */) = 0 brk(NULL) = 0x555557239000 brk(0x555557239c40) = 0x555557239c40 arch_prctl(ARCH_SET_FS, 0x555557239300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor986864673", 4096) = 27 brk(0x55555725ac40) = 0x55555725ac40 brk(0x55555725b000) = 0x55555725b000 mprotect(0x7fdfd2840000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572395d0) = 3606 ./strace-static-x86_64: Process 3606 attached [pid 3606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3606] setpgid(0, 0) = 0 [pid 3606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "1000", 4) = 4 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3606] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3606] ftruncate(4, 65535) = 0 [pid 3606] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3606] dup(3) = 5 [pid 3606] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3606] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3606] write(7, "4", 1) = 1 [pid 3606] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3606] exit_group(0) = ? [pid 3606] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3606, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3607 attached , child_tidptr=0x5555572395d0) = 3607 [pid 3607] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3607] setpgid(0, 0) = 0 [pid 3607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3607] write(3, "1000", 4) = 4 [pid 3607] close(3) = 0 [pid 3607] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3607] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3607] ftruncate(4, 65535) = 0 [pid 3607] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3607] dup(3) = 5 [pid 3607] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3607] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3607] write(7, "4", 1) = 1 [pid 3607] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3607] exit_group(0) = ? [pid 3607] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3607, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3608 attached , child_tidptr=0x5555572395d0) = 3608 [pid 3608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3608] setpgid(0, 0) = 0 [pid 3608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3608] write(3, "1000", 4) = 4 [pid 3608] close(3) = 0 [pid 3608] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3608] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3608] ftruncate(4, 65535) = 0 [pid 3608] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3608] dup(3) = 5 [pid 3608] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3608] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3608] write(7, "4", 1) = 1 [pid 3608] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3608] exit_group(0) = ? [pid 3608] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3608, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3609 attached , child_tidptr=0x5555572395d0) = 3609 [pid 3609] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3609] setpgid(0, 0) = 0 [pid 3609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3609] write(3, "1000", 4) = 4 [pid 3609] close(3) = 0 [pid 3609] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3609] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3609] ftruncate(4, 65535) = 0 [pid 3609] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3609] dup(3) = 5 [pid 3609] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3609] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3609] write(7, "4", 1) = 1 [pid 3609] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3609] exit_group(0) = ? [pid 3609] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3609, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3610 attached , child_tidptr=0x5555572395d0) = 3610 [pid 3610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3610] setpgid(0, 0) = 0 [pid 3610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3610] write(3, "1000", 4) = 4 [pid 3610] close(3) = 0 [pid 3610] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3610] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3610] ftruncate(4, 65535) = 0 [pid 3610] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3610] dup(3) = 5 [pid 3610] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3610] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3610] write(7, "4", 1) = 1 [pid 3610] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3610] exit_group(0) = ? [pid 3610] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3610, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3611 attached , child_tidptr=0x5555572395d0) = 3611 [pid 3611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3611] setpgid(0, 0) = 0 [pid 3611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3611] write(3, "1000", 4) = 4 [pid 3611] close(3) = 0 [pid 3611] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3611] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3611] ftruncate(4, 65535) = 0 [pid 3611] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3611] dup(3) = 5 [pid 3611] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3611] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3611] write(7, "4", 1) = 1 [pid 3611] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3611] exit_group(0) = ? [pid 3611] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3611, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3612 attached , child_tidptr=0x5555572395d0) = 3612 [pid 3612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3612] setpgid(0, 0) = 0 [pid 3612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3612] write(3, "1000", 4) = 4 [pid 3612] close(3) = 0 [pid 3612] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3612] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3612] ftruncate(4, 65535) = 0 [pid 3612] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3612] dup(3) = 5 [pid 3612] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3612] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3612] write(7, "4", 1) = 1 [pid 3612] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3612] exit_group(0) = ? [pid 3612] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3612, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3613 attached , child_tidptr=0x5555572395d0) = 3613 [pid 3613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3613] setpgid(0, 0) = 0 [pid 3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3613] write(3, "1000", 4) = 4 [pid 3613] close(3) = 0 [pid 3613] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3613] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3613] ftruncate(4, 65535) = 0 [pid 3613] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3613] dup(3) = 5 [pid 3613] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3613] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3613] write(7, "4", 1) = 1 [pid 3613] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3613] exit_group(0) = ? [pid 3613] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3613, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572395d0) = 3614 ./strace-static-x86_64: Process 3614 attached [pid 3614] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3614] setpgid(0, 0) = 0 [pid 3614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3614] write(3, "1000", 4) = 4 [pid 3614] close(3) = 0 [pid 3614] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3614] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3614] ftruncate(4, 65535) = 0 [pid 3614] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3614] dup(3) = 5 [pid 3614] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3614] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3614] write(7, "4", 1) = 1 [pid 3614] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3614] exit_group(0) = ? [pid 3614] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3614, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572395d0) = 3615 ./strace-static-x86_64: Process 3615 attached [pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3615] setpgid(0, 0) = 0 [pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3615] write(3, "1000", 4) = 4 [pid 3615] close(3) = 0 [pid 3615] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3615] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3615] ftruncate(4, 65535) = 0 [pid 3615] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3615] dup(3) = 5 [pid 3615] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3615] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3615] write(7, "4", 1) = 1 [pid 3615] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = 0 [pid 3615] exit_group(0) = ? [pid 3615] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3615, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572395d0) = 3616 ./strace-static-x86_64: Process 3616 attached [pid 3616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3616] setpgid(0, 0) = 0 [pid 3616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3616] write(3, "1000", 4) = 4 [pid 3616] close(3) = 0 [pid 3616] openat(AT_FDCWD, "/dev/udmabuf", O_RDWR) = 3 [pid 3616] memfd_create("\x79\x10\x35\x25\xfa\x2c\x1f\x99\xa2\xc9\x8e\xcd\xfc\xfa\xf6\x12\x95\x5e\xdf\x54\xe2\x3d\x0e\x7e\x46\xcd\x73", MFD_ALLOW_SEALING) = 4 [pid 3616] ftruncate(4, 65535) = 0 [pid 3616] fcntl(4, F_ADD_SEALS, F_SEAL_SEAL|F_SEAL_SHRINK|F_SEAL_GROW) = 0 [pid 3616] dup(3) = 5 [pid 3616] ioctl(5, UDMABUF_CREATE, 0x20000080) = 6 [pid 3616] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7 [pid 3616] write(7, "4", 1) = 1 [pid 3616] ioctl(6, DMA_BUF_IOCTL_SYNC, 0x20000280) = -1 ENOMEM (Cannot allocate memory) [pid 3616] exit_group(0) = ? syzkaller login: [ 43.359605][ T3616] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 43.371349][ T3616] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 43.379777][ T3616] CPU: 0 PID: 3616 Comm: syz-executor986 Not tainted 5.19.0-next-20220809-syzkaller #0 [ 43.389414][ T3616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 43.399467][ T3616] RIP: 0010:release_udmabuf+0xcb/0x4f0 [ 43.404951][ T3616] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 04 00 00 48 8d 7d 0c 4c 8b 63 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 e2 [ 43.424572][ T3616] RSP: 0018:ffffc9000397fc60 EFLAGS: 00010246 [ 43.430638][ T3616] RAX: dffffc0000000000 RBX: ffffffff8cb69220 RCX: 0000000000000000 [ 43.438607][ T3616] RDX: 0000000000000000 RSI: ffffffff84adc4a0 RDI: 0000000000000000 [ 43.446580][ T3616] RBP: fffffffffffffff4 R08: 0000000000000005 R09: 0000000000000000 [ 43.454551][ T3616] R10: 0000000000000000 R11: 000000000008c07c R12: ffff88801ee92000 [ 43.462609][ T3616] R13: ffff888075fa2380 R14: ffff888024443b80 R15: 0000000000000000 [ 43.470583][ T3616] FS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 43.479517][ T3616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.486107][ T3616] CR2: 00007fdfd28472b0 CR3: 000000001c3f9000 CR4: 00000000003506f0 [ 43.494125][ T3616] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.502118][ T3616] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.510090][ T3616] Call Trace: [ 43.513385][ T3616] [ 43.516335][ T3616] dma_buf_release+0x157/0x2d0 [ 43.521128][ T3616] ? dmabuffs_dname+0x240/0x240 [ 43.525992][ T3616] __dentry_kill+0x42b/0x640 [ 43.530589][ T3616] ? dput+0x35/0xdb0 [ 43.534487][ T3616] ? dput+0x35/0xdb0 [ 43.538405][ T3616] dput+0x806/0xdb0 [ 43.542236][ T3616] __fput+0x39c/0x9d0 [ 43.546233][ T3616] task_work_run+0xdd/0x1a0 [ 43.550740][ T3616] do_exit+0xc39/0x2b60 [ 43.554922][ T3616] ? lock_downgrade+0x6e0/0x6e0 [ 43.559776][ T3616] ? do_raw_spin_lock+0x120/0x2a0 [ 43.564812][ T3616] ? mm_update_next_owner+0x7a0/0x7a0 [ 43.570211][ T3616] ? rwlock_bug.part.0+0x90/0x90 [ 43.575157][ T3616] ? _raw_spin_unlock_irq+0x1f/0x40 [ 43.580368][ T3616] ? _raw_spin_unlock_irq+0x1f/0x40 [ 43.585596][ T3616] do_group_exit+0xd0/0x2a0 [ 43.590189][ T3616] __x64_sys_exit_group+0x3a/0x50 [ 43.595215][ T3616] do_syscall_64+0x35/0xb0 [ 43.599637][ T3616] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.605533][ T3616] RIP: 0033:0x7fdfd27d1dd9 [ 43.609945][ T3616] Code: Unable to access opcode bytes at RIP 0x7fdfd27d1daf. [ 43.617489][ T3616] RSP: 002b:00007ffeeb607168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 43.625917][ T3616] RAX: ffffffffffffffda RBX: 00007fdfd2846410 RCX: 00007fdfd27d1dd9 [ 43.633898][ T3616] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 43.641896][ T3616] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000001 [ 43.649885][ T3616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdfd2846410 [ 43.657872][ T3616] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 43.665854][ T3616] [ 43.668902][ T3616] Modules linked in: [ 43.673278][ T3616] ---[ end trace 0000000000000000 ]--- [ 43.678828][ T3616] RIP: 0010:release_udmabuf+0xcb/0x4f0 [ 43.684576][ T3616] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 04 00 00 48 8d 7d 0c 4c 8b 63 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 e2 [ 43.704302][ T3616] RSP: 0018:ffffc9000397fc60 EFLAGS: 00010246 [ 43.710471][ T3616] RAX: dffffc0000000000 RBX: ffffffff8cb69220 RCX: 0000000000000000 [ 43.718484][ T3616] RDX: 0000000000000000 RSI: ffffffff84adc4a0 RDI: 0000000000000000 [ 43.726545][ T3616] RBP: fffffffffffffff4 R08: 0000000000000005 R09: 0000000000000000 [ 43.734549][ T3616] R10: 0000000000000000 R11: 000000000008c07c R12: ffff88801ee92000 [ 43.742550][ T3616] R13: ffff888075fa2380 R14: ffff888024443b80 R15: 0000000000000000 [ 43.750726][ T3616] FS: 0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 43.759683][ T3616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.766305][ T3616] CR2: 00007f6a3254ca70 CR3: 000000004e7f3000 CR4: 00000000003506e0 [ 43.774335][ T3616] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.782300][ T3616] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.790310][ T3616] Kernel panic - not syncing: Fatal exception [ 43.796446][ T3616] Kernel Offset: disabled [ 43.800766][ T3616] Rebooting in 86400 seconds..