./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2466557826 <...> forked to background, child pid 4642 no interfaces have a carrier [ 24.838957][ T4643] 8021q: adding VLAN 0 to HW filter on device bond0 [ 24.850430][ T4643] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.93' (ECDSA) to the list of known hosts. execve("./syz-executor2466557826", ["./syz-executor2466557826"], 0x7fffd0321b80 /* 10 vars */) = 0 brk(NULL) = 0x55555680b000 brk(0x55555680bd40) = 0x55555680bd40 arch_prctl(ARCH_SET_FS, 0x55555680b400) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x55555680b6d0) = 5063 set_robust_list(0x55555680b6e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f011c995100, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f011c994650}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f011c9951a0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f011c994650}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2466557826", 4096) = 28 brk(0x55555682cd40) = 0x55555682cd40 brk(0x55555682d000) = 0x55555682d000 mprotect(0x7f011ca60000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f011c98e030, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f011c994650}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f011c98e030, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f011c994650}, NULL, 8) = 0 getpid() = 5063 mkdir("./syzkaller.npxUC2", 0700) = 0 chmod("./syzkaller.npxUC2", 0777) = 0 chdir("./syzkaller.npxUC2") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555680b6d0) = 5064 ./strace-static-x86_64: Process 5064 attached [pid 5064] set_robust_list(0x55555680b6e0, 24) = 0 [pid 5064] chdir("./0") = 0 [pid 5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] setpgid(0, 0) = 0 [pid 5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] write(3, "1000", 4) = 4 [pid 5064] close(3) = 0 [pid 5064] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5064] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f011c963000 [pid 5064] mprotect(0x7f011c964000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5064] clone(child_stack=0x7f011c9832f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5066 attached [pid 5066] set_robust_list(0x7f011c9839e0, 24) = 0 [pid 5066] futex(0x7f011ca667a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] <... clone resumed>, parent_tid=[5066], tls=0x7f011c983700, child_tidptr=0x7f011c9839d0) = 5066 [pid 5064] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5066] <... futex resumed>) = 0 [pid 5066] sendto(-1, "\x08\x61\xf8\xc9\x21\xb8\x06\x76\xdd\xb5\xab\xff\xff\x6e\xa3\x9a\x60\x4b\x12\x7a\xe8\x5d\x01\xf5\xff\x2c\x05\x7b\x9a\x1b\x37\x7d\xea\x05\x8b\x4c\xf0\xf6\xec\xa8\x34\x25\xa4\xd6\x60\xe5\xa9\xd8\x50\xcd\xef\x21\xbe\x79\xca\xd7\x5b\x47\xae\x21\x17\x3e\x74\xd5\x63\xa3\x6c\x5b\x61\x1d\x4a\x96\xb0\x40\xd2\xb1\x7a\x6a\xce\x12\x21\xc8\x53\x5f\xee\x3a\xc1\x48\x98\xba\xa1\xe5\x2a\x5c\x91\x9d\x98\x5a\x2c\x45"..., 188, 0, NULL, 0 [pid 5064] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5066] <... sendto resumed>) = -1 EBADF (Bad file descriptor) [pid 5066] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5066] futex(0x7f011ca667a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5064] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5066] <... futex resumed>) = 0 [pid 5064] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5066] memfd_create("syzkaller", 0) = 3 [pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0114563000 [pid 5066] write(3, "\x58\x46\x53\x42\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xca\x7e\x21\x01\xb8\xf1\x48\x38\x8e\x2d\x76\x37\xb9\x06\x20\xe6\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x05\x01\x00\x00\x00\x00\x00\x00\x05\x02\x00\x00\x00\x01\x00\x00\x10\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x02\x70"..., 16777216) = 16777216 [pid 5066] munmap(0x7f0114563000, 16777216) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5066] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5066] close(3) = 0 [pid 5066] mkdir("./file0", 0777) = 0 syzkaller login: [ 63.975179][ T5066] loop0: detected capacity change from 0 to 32768 [ 63.990932][ T5066] XFS (loop0): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [pid 5066] mount("/dev/loop0", "./file0", "xfs", 0, "inode64,gqnoenforce,largeio,,nouuid") = 0 [pid 5066] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5066] chdir("./file0") = 0 [pid 5066] ioctl(4, LOOP_CLR_FD) = 0 [pid 5066] close(4) = 0 [pid 5066] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... futex resumed>) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5066] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5064] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5066] <... openat resumed>) = 4 [pid 5066] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5066] futex(0x7f011ca667a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5066] openat(AT_FDCWD, "net_prio.prioidx", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5066] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 64.020656][ T5066] XFS (loop0): Ending clean mount [ 64.029145][ T5066] XFS (loop0): Quotacheck needed: Please wait. [ 64.047940][ T5066] XFS (loop0): Quotacheck: Done. [pid 5066] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x61\xf8\xc9\x21\xb8\x06\x76\xdd\xb5\xab\xff\xff\x6e\xa3\x9a\x60\x4b\x12\x7a\xe8\x5d\x01\xf5\xff\x2c\x05\x7b\x9a\x1b\x37\x7d\xea\x05\x8b\x4c"..., 1840702833 [pid 5064] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5064] futex(0x7f011ca667bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f0115542000 [pid 5064] mprotect(0x7f0115543000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5064] clone(child_stack=0x7f01155622f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5076 attached [pid 5076] set_robust_list(0x7f01155629e0, 24 [pid 5064] <... clone resumed>, parent_tid=[5076], tls=0x7f0115562700, child_tidptr=0x7f01155629d0) = 5076 [pid 5076] <... set_robust_list resumed>) = 0 [pid 5064] futex(0x7f011ca667b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] mmap(0x20000000, 4194304, PROT_READ, MAP_SHARED|MAP_FIXED, 5, 0 [pid 5064] <... futex resumed>) = 0 [pid 5076] <... mmap resumed>) = 0x20000000 [pid 5064] futex(0x7f011ca667bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] futex(0x7f011ca667bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7f011ca667b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] futex(0x7f011ca667bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5076] <... futex resumed>) = 1 [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000c0} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000c4} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000c8} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000cc} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000d0} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000100} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000104} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000108} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000110} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000118} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000120} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000138} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000140} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000144} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000148} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000150} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000158} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000160} --- [pid 5076] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000178} --- [pid 5076] ioctl(4, _IOC(_IOC_READ|_IOC_WRITE, 0x58, 0x72, 0x10), 0x200000c0) = -1 EFAULT (Bad address) [pid 5076] futex(0x7f011ca667bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5076] futex(0x7f011ca667b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5066] <... write resumed>) = 12582912 [pid 5066] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5066] futex(0x7f011ca667a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] exit_group(0 [pid 5076] <... futex resumed>) = ? [pid 5066] <... futex resumed>) = ? [pid 5064] <... exit_group resumed>) = ? [pid 5076] +++ exited with 0 +++ [pid 5066] +++ exited with 0 +++ [pid 5064] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5064, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555680c720 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./0/binderfs") = 0 [ 64.230904][ T5063] XFS (loop0): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 64.243688][ T5074] XFS (loop0): SB summary counter sanity check failed [ 64.250604][ T5074] XFS (loop0): Metadata corruption detected at xfs_sb_write_verify+0x130/0x3e0, xfs_sb block 0x0 [ 64.261384][ T5074] XFS (loop0): Unmount and run xfs_repair [ 64.267098][ T5074] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 64.274602][ T5074] 00000000: 58 46 53 42 00 00 10 00 00 00 00 00 00 00 10 00 XFSB............ [ 64.283507][ T5074] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 64.293003][ T5074] 00000020: ca 7e 21 01 b8 f1 48 38 8e 2d 76 37 b9 06 20 e6 .~!...H8.-v7.. . [ 64.301927][ T5074] 00000030: 00 00 00 00 00 00 00 08 00 00 00 00 00 00 05 00 ................ [ 64.310831][ T5074] 00000040: 00 00 00 00 00 00 05 01 00 00 00 00 00 00 05 02 ................ [ 64.319822][ T5074] 00000050: 00 00 00 01 00 00 10 00 00 00 00 01 00 00 00 00 ................ [ 64.328714][ T5074] 00000060: 00 00 02 70 b4 f5 02 00 08 00 00 02 00 00 00 00 ...p............ [ 64.337580][ T5074] 00000070: 00 00 00 00 00 00 00 00 0c 09 0b 01 0c 00 00 64 ...............d [ 64.346815][ T5074] XFS (loop0): Corruption of in-memory data (0x8) detected at _xfs_buf_ioapply+0xa51/0xcb0 (fs/xfs/xfs_buf.c:1552). Shutting down filesystem. [ 64.361509][ T5074] XFS (loop0): Please unmount the filesystem and rectify the problem(s) umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x555556814760 /* 2 entries */, 32768) = 48 getdents64(4, 0x555556814760 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x55555680c720 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555680b6d0) = 5077 ./strace-static-x86_64: Process 5077 attached [pid 5077] set_robust_list(0x55555680b6e0, 24) = 0 [pid 5077] chdir("./1") = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] setpgid(0, 0) = 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] write(3, "1000", 4) = 4 [pid 5077] close(3) = 0 [pid 5077] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f011c963000 [pid 5077] mprotect(0x7f011c964000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5077] clone(child_stack=0x7f011c9832f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5078 attached , parent_tid=[5078], tls=0x7f011c983700, child_tidptr=0x7f011c9839d0) = 5078 [pid 5077] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] set_robust_list(0x7f011c9839e0, 24) = 0 [pid 5078] sendto(-1, "\x08\x61\xf8\xc9\x21\xb8\x06\x76\xdd\xb5\xab\xff\xff\x6e\xa3\x9a\x60\x4b\x12\x7a\xe8\x5d\x01\xf5\xff\x2c\x05\x7b\x9a\x1b\x37\x7d\xea\x05\x8b\x4c\xf0\xf6\xec\xa8\x34\x25\xa4\xd6\x60\xe5\xa9\xd8\x50\xcd\xef\x21\xbe\x79\xca\xd7\x5b\x47\xae\x21\x17\x3e\x74\xd5\x63\xa3\x6c\x5b\x61\x1d\x4a\x96\xb0\x40\xd2\xb1\x7a\x6a\xce\x12\x21\xc8\x53\x5f\xee\x3a\xc1\x48\x98\xba\xa1\xe5\x2a\x5c\x91\x9d\x98\x5a\x2c\x45"..., 188, 0, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 5078] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5078] memfd_create("syzkaller", 0) = 3 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0114563000 [pid 5078] write(3, "\x58\x46\x53\x42\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xca\x7e\x21\x01\xb8\xf1\x48\x38\x8e\x2d\x76\x37\xb9\x06\x20\xe6\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x05\x01\x00\x00\x00\x00\x00\x00\x05\x02\x00\x00\x00\x01\x00\x00\x10\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x02\x70"..., 16777216) = 16777216 [pid 5078] munmap(0x7f0114563000, 16777216) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5078] close(3) = 0 [pid 5078] mkdir("./file0", 0777) = 0 [ 64.556614][ T5078] loop0: detected capacity change from 0 to 32768 [ 64.569377][ T5078] XFS (loop0): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [pid 5078] mount("/dev/loop0", "./file0", "xfs", 0, "inode64,gqnoenforce,largeio,,nouuid") = 0 [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] chdir("./file0") = 0 [pid 5078] ioctl(4, LOOP_CLR_FD) = 0 [pid 5078] close(4) = 0 [pid 5078] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 5078] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5078] openat(AT_FDCWD, "net_prio.prioidx", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 5 [pid 5078] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f011ca667a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [ 64.597213][ T5078] XFS (loop0): Ending clean mount [ 64.603838][ T5078] XFS (loop0): Quotacheck needed: Please wait. [ 64.620529][ T5078] XFS (loop0): Quotacheck: Done. [pid 5078] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x61\xf8\xc9\x21\xb8\x06\x76\xdd\xb5\xab\xff\xff\x6e\xa3\x9a\x60\x4b\x12\x7a\xe8\x5d\x01\xf5\xff\x2c\x05\x7b\x9a\x1b\x37\x7d\xea\x05\x8b\x4c"..., 1840702833 [pid 5077] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5077] futex(0x7f011ca667ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5077] futex(0x7f011ca667bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f0115542000 [pid 5077] mprotect(0x7f0115543000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5077] clone(child_stack=0x7f01155622f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5087], tls=0x7f0115562700, child_tidptr=0x7f01155629d0) = 5087 [pid 5077] futex(0x7f011ca667b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f011ca667bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5087 attached [pid 5087] set_robust_list(0x7f01155629e0, 24) = 0 [pid 5087] mmap(0x20000000, 4194304, PROT_READ, MAP_SHARED|MAP_FIXED, 5, 0) = 0x20000000 [pid 5087] futex(0x7f011ca667bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7f011ca667b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7f011ca667bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5087] <... futex resumed>) = 1 [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000c0} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000c4} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000c8} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000cc} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000d0} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000100} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000104} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000108} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000110} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000118} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000120} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000138} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000140} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000144} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000148} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000150} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000158} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000160} --- [pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000178} --- [pid 5087] ioctl(4, _IOC(_IOC_READ|_IOC_WRITE, 0x58, 0x72, 0x10), 0x200000c0) = -1 EFAULT (Bad address) [pid 5087] futex(0x7f011ca667bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5087] <... futex resumed>) = 1 [pid 5087] futex(0x7f011ca667b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5078] <... write resumed>) = 16777216 [pid 5078] futex(0x7f011ca667ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5078] futex(0x7f011ca667a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] exit_group(0 [pid 5087] <... futex resumed>) = ? [pid 5078] <... futex resumed>) = ? [pid 5077] <... exit_group resumed>) = ? [pid 5087] +++ exited with 0 +++ [pid 5078] +++ exited with 0 +++ [pid 5077] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x55555680c720 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1/binderfs") = 0 [ 64.781422][ T9] ------------[ cut here ]------------ [ 64.787103][ T9] WARNING: CPU: 1 PID: 9 at fs/xfs/libxfs/xfs_bmap.c:4593 xfs_bmapi_convert_delalloc+0xd2a/0xf10 [ 64.797775][ T9] Modules linked in: [ 64.801792][ T9] CPU: 1 PID: 9 Comm: kworker/u4:0 Not tainted 6.2.0-rc6-syzkaller-00262-g95078069c1e7 #0 [ 64.811781][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 64.822012][ T9] Workqueue: writeback wb_workfn (flush-7:0) [ 64.828055][ T9] RIP: 0010:xfs_bmapi_convert_delalloc+0xd2a/0xf10 [ 64.834634][ T9] Code: ff ff e8 79 e0 89 fe 8b 94 24 10 01 00 00 48 8b b4 24 18 01 00 00 48 8b 7c 24 78 e8 00 e0 0c 00 e9 68 fe ff ff e8 56 e0 89 fe <0f> 0b 41 bc e4 ff ff ff e9 9e f8 ff ff 45 31 e4 e9 2a f6 ff ff 48 [ 64.854331][ T9] RSP: 0018:ffffc900000e6f60 EFLAGS: 00010293 [ 64.860513][ T9] RAX: 0000000000000000 RBX: ffffffffffffffff RCX: 0000000000000000 [ 64.868699][ T9] RDX: ffff88813fe48000 RSI: ffffffff82f7128a RDI: 0000000000000007 [ 64.876681][ T9] RBP: ffff888072014d80 R08: 0000000000000007 R09: ffffffffffffffff [ 64.884744][ T9] R10: ffffffffffffffff R11: 0000000000000000 R12: 0000000000000000 [ 64.892870][ T9] R13: 0000000000000000 R14: ffff88802a070000 R15: 0000000000000002 [ 64.900921][ T9] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 64.909995][ T9] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 64.916693][ T9] CR2: 000055555680b3b8 CR3: 000000007c843000 CR4: 0000000000350ee0 [ 64.924729][ T9] Call Trace: [ 64.928116][ T9] [ 64.931234][ T9] ? xfs_bmapi_write+0xe10/0xe10 [ 64.936237][ T9] ? xfs_map_blocks+0x5cb/0x1220 [ 64.941280][ T9] ? rcu_read_lock_sched_held+0x3e/0x70 [ 64.946877][ T9] xfs_map_blocks+0x74c/0x1220 [ 64.951827][ T9] ? xfs_imap_valid.part.0+0x790/0x790 [ 64.957327][ T9] ? folio_flags.constprop.0+0x53/0x150 [ 64.962939][ T9] ? iomap_page_create+0x1a9/0x3e0 [ 64.968262][ T9] iomap_do_writepage+0xbbd/0x27b0 [ 64.973443][ T9] ? iomap_write_end+0x9b0/0x9b0 [ 64.978464][ T9] write_cache_pages+0x785/0x19c0 [ 64.983531][ T9] ? iomap_write_end+0x9b0/0x9b0 [ 64.988549][ T9] ? balance_dirty_pages_ratelimited+0x20/0x20 [ 64.994774][ T9] ? do_raw_spin_lock+0x124/0x2b0 [ 64.999887][ T9] ? rwlock_bug.part.0+0x90/0x90 [ 65.004877][ T9] iomap_writepages+0x4f/0xb0 [ 65.009648][ T9] xfs_vm_writepages+0x138/0x1c0 [ 65.014605][ T9] ? xfs_vm_read_folio+0x20/0x20 [ 65.019647][ T9] ? xfs_vm_read_folio+0x20/0x20 [ 65.024613][ T9] do_writepages+0x1af/0x690 [ 65.029327][ T9] ? writeback_set_ratelimit+0x150/0x150 [ 65.035089][ T9] ? find_held_lock+0x2d/0x110 [ 65.039977][ T9] ? wbc_attach_and_unlock_inode+0x44d/0x8d0 [ 65.046003][ T9] ? lock_downgrade+0x6e0/0x6e0 [ 65.050964][ T9] __writeback_single_inode+0x159/0x1440 [ 65.056657][ T9] ? wbc_attach_and_unlock_inode+0x4a3/0x8d0 [ 65.062740][ T9] writeback_sb_inodes+0x54d/0xf90 [ 65.067906][ T9] ? sync_inode_metadata+0xe0/0xe0 [ 65.073129][ T9] ? rcu_read_lock_sched_held+0x3e/0x70 [ 65.078766][ T9] ? queue_io+0x427/0x600 [ 65.083124][ T9] wb_writeback+0x2c5/0xd70 [ 65.087649][ T9] ? __writeback_inodes_wb+0x280/0x280 [ 65.093251][ T9] wb_workfn+0x2e0/0x12f0 [ 65.097639][ T9] ? inode_wait_for_writeback+0x40/0x40 [ 65.103268][ T9] ? lock_release+0x810/0x810 [ 65.107990][ T9] ? lock_downgrade+0x6e0/0x6e0 [ 65.112982][ T9] process_one_work+0x9bf/0x1710 [ 65.117966][ T9] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 65.123424][ T9] ? rwlock_bug.part.0+0x90/0x90 [ 65.128542][ T9] ? _raw_spin_lock_irq+0x45/0x50 [ 65.133602][ T9] worker_thread+0x669/0x1090 [ 65.138364][ T9] ? process_one_work+0x1710/0x1710 [ 65.143586][ T9] kthread+0x2e8/0x3a0 [ 65.147682][ T9] ? kthread_complete_and_exit+0x40/0x40 [ 65.153521][ T9] ret_from_fork+0x1f/0x30 [ 65.157974][ T9] [ 65.161079][ T9] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 65.168378][ T9] CPU: 1 PID: 9 Comm: kworker/u4:0 Not tainted 6.2.0-rc6-syzkaller-00262-g95078069c1e7 #0 [ 65.178276][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 65.188337][ T9] Workqueue: writeback wb_workfn (flush-7:0) [ 65.194352][ T9] Call Trace: [ 65.197631][ T9] [ 65.200563][ T9] dump_stack_lvl+0xd1/0x138 [ 65.205160][ T9] panic+0x2cc/0x626 [ 65.209060][ T9] ? panic_print_sys_info.part.0+0x110/0x110 [ 65.215061][ T9] ? xfs_bmapi_convert_delalloc+0xd2a/0xf10 [ 65.220963][ T9] check_panic_on_warn.cold+0x19/0x35 [ 65.226367][ T9] __warn+0xf2/0x1a0 [ 65.231138][ T9] ? xfs_bmapi_convert_delalloc+0xd2a/0xf10 [ 65.237034][ T9] report_bug+0x1c0/0x210 [ 65.241382][ T9] handle_bug+0x3c/0x70 [ 65.245547][ T9] exc_invalid_op+0x18/0x50 [ 65.250074][ T9] asm_exc_invalid_op+0x1a/0x20 [ 65.254954][ T9] RIP: 0010:xfs_bmapi_convert_delalloc+0xd2a/0xf10 [ 65.261465][ T9] Code: ff ff e8 79 e0 89 fe 8b 94 24 10 01 00 00 48 8b b4 24 18 01 00 00 48 8b 7c 24 78 e8 00 e0 0c 00 e9 68 fe ff ff e8 56 e0 89 fe <0f> 0b 41 bc e4 ff ff ff e9 9e f8 ff ff 45 31 e4 e9 2a f6 ff ff 48 [ 65.281178][ T9] RSP: 0018:ffffc900000e6f60 EFLAGS: 00010293 [ 65.287338][ T9] RAX: 0000000000000000 RBX: ffffffffffffffff RCX: 0000000000000000 [ 65.295310][ T9] RDX: ffff88813fe48000 RSI: ffffffff82f7128a RDI: 0000000000000007 [ 65.303281][ T9] RBP: ffff888072014d80 R08: 0000000000000007 R09: ffffffffffffffff [ 65.311259][ T9] R10: ffffffffffffffff R11: 0000000000000000 R12: 0000000000000000 [ 65.319330][ T9] R13: 0000000000000000 R14: ffff88802a070000 R15: 0000000000000002 [ 65.327312][ T9] ? xfs_bmapi_convert_delalloc+0xd2a/0xf10 [ 65.333404][ T9] ? xfs_bmapi_write+0xe10/0xe10 [ 65.338385][ T9] ? xfs_map_blocks+0x5cb/0x1220 [ 65.343322][ T9] ? rcu_read_lock_sched_held+0x3e/0x70 [ 65.348884][ T9] xfs_map_blocks+0x74c/0x1220 [ 65.353662][ T9] ? xfs_imap_valid.part.0+0x790/0x790 [ 65.359128][ T9] ? folio_flags.constprop.0+0x53/0x150 [ 65.364675][ T9] ? iomap_page_create+0x1a9/0x3e0 [ 65.369794][ T9] iomap_do_writepage+0xbbd/0x27b0 [ 65.374924][ T9] ? iomap_write_end+0x9b0/0x9b0 [ 65.379906][ T9] write_cache_pages+0x785/0x19c0 [ 65.384961][ T9] ? iomap_write_end+0x9b0/0x9b0 [ 65.389933][ T9] ? balance_dirty_pages_ratelimited+0x20/0x20 [ 65.396141][ T9] ? do_raw_spin_lock+0x124/0x2b0 [ 65.401180][ T9] ? rwlock_bug.part.0+0x90/0x90 [ 65.406218][ T9] iomap_writepages+0x4f/0xb0 [ 65.410910][ T9] xfs_vm_writepages+0x138/0x1c0 [ 65.415858][ T9] ? xfs_vm_read_folio+0x20/0x20 [ 65.420829][ T9] ? xfs_vm_read_folio+0x20/0x20 [ 65.426031][ T9] do_writepages+0x1af/0x690 [ 65.430632][ T9] ? writeback_set_ratelimit+0x150/0x150 [ 65.436270][ T9] ? find_held_lock+0x2d/0x110 [ 65.441051][ T9] ? wbc_attach_and_unlock_inode+0x44d/0x8d0 [ 65.447044][ T9] ? lock_downgrade+0x6e0/0x6e0 [ 65.451919][ T9] __writeback_single_inode+0x159/0x1440 [ 65.457570][ T9] ? wbc_attach_and_unlock_inode+0x4a3/0x8d0 [ 65.463575][ T9] writeback_sb_inodes+0x54d/0xf90 [ 65.468713][ T9] ? sync_inode_metadata+0xe0/0xe0 [ 65.473851][ T9] ? rcu_read_lock_sched_held+0x3e/0x70 [ 65.479410][ T9] ? queue_io+0x427/0x600 [ 65.483757][ T9] wb_writeback+0x2c5/0xd70 [ 65.488372][ T9] ? __writeback_inodes_wb+0x280/0x280 [ 65.493856][ T9] wb_workfn+0x2e0/0x12f0 [ 65.498206][ T9] ? inode_wait_for_writeback+0x40/0x40 [ 65.503770][ T9] ? lock_release+0x810/0x810 [ 65.508462][ T9] ? lock_downgrade+0x6e0/0x6e0 [ 65.513336][ T9] process_one_work+0x9bf/0x1710 [ 65.518322][ T9] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 65.523967][ T9] ? rwlock_bug.part.0+0x90/0x90 [ 65.528915][ T9] ? _raw_spin_lock_irq+0x45/0x50 [ 65.534212][ T9] worker_thread+0x669/0x1090 [ 65.538930][ T9] ? process_one_work+0x1710/0x1710 [ 65.544136][ T9] kthread+0x2e8/0x3a0 [ 65.548489][ T9] ? kthread_complete_and_exit+0x40/0x40 [ 65.554128][ T9] ret_from_fork+0x1f/0x30 [ 65.558567][ T9] [ 65.562249][ T9] Kernel Offset: disabled [ 65.566679][ T9] Rebooting in 86400 seconds..