./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4097849009 <...> Warning: Permanently added '10.128.0.207' (ED25519) to the list of known hosts. execve("./syz-executor4097849009", ["./syz-executor4097849009"], 0x7ffd721ea1f0 /* 10 vars */) = 0 brk(NULL) = 0x555558eef000 brk(0x555558eefd00) = 0x555558eefd00 arch_prctl(ARCH_SET_FS, 0x555558eef380) = 0 set_tid_address(0x555558eef650) = 295 set_robust_list(0x555558eef660, 24) = 0 rseq(0x555558eefca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4097849009", 4096) = 28 getrandom("\x56\x99\x4a\x89\xd7\xea\x18\xc9", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555558eefd00 brk(0x555558f10d00) = 0x555558f10d00 brk(0x555558f11000) = 0x555558f11000 mprotect(0x7f01e2223000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555558eef650) = 296 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1./strace-static-x86_64: Process 296 attached ) = 1 [pid 295] close(3) = 0 [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC [pid 296] set_robust_list(0x555558eef660, 24 [pid 295] <... openat resumed>) = 3 [pid 296] <... set_robust_list resumed>) = 0 [pid 295] write(3, "296", 3) = 3 [pid 295] close(3) = 0 [pid 295] kill(296, SIGKILL) = 0 [pid 296] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=296, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- mkdir("./syzkaller.5iIvX2", 0700) = 0 chmod("./syzkaller.5iIvX2", 0777) = 0 chdir("./syzkaller.5iIvX2") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555558eef650) = 297 ./strace-static-x86_64: Process 297 attached [pid 297] set_robust_list(0x555558eef660, 24) = 0 [pid 297] chdir("./0") = 0 [pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 297] setpgid(0, 0) = 0 [pid 297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 297] write(3, "1000", 4) = 4 [pid 297] close(3) = 0 [pid 297] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 297] write(1, "executing program\n", 18) = 18 [pid 297] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3 [pid 297] ioctl(3, VHOST_SET_OWNER, 0) = 0 [pid 297] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0 [pid 297] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0 [ 29.601903][ T24] audit: type=1400 audit(1744413486.520:66): avc: denied { execmem } for pid=295 comm="syz-executor409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 297] eventfd2(118, EFD_SEMAPHORE) = 4 [pid 297] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0 [pid 297] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0 [pid 297] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0 [pid 297] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0 [pid 297] memfd_create("syzkaller", 0) = 5 [pid 297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01d9d6f000 [pid 297] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 297] munmap(0x7f01d9d6f000, 138412032) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [ 29.626988][ T24] audit: type=1400 audit(1744413486.550:67): avc: denied { read write } for pid=295 comm="syz-executor409" name="loop0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 29.653081][ T24] audit: type=1400 audit(1744413486.550:68): avc: denied { open } for pid=295 comm="syz-executor409" path="/dev/loop0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 297] ioctl(6, LOOP_SET_FD, 5) = 0 [pid 297] close(5) = 0 [pid 297] close(6) = 0 [pid 297] mkdir("./file0", 0777) = 0 [ 29.678791][ T24] audit: type=1400 audit(1744413486.560:69): avc: denied { ioctl } for pid=295 comm="syz-executor409" path="/dev/loop0" dev="devtmpfs" ino=111 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 29.704907][ T24] audit: type=1400 audit(1744413486.570:70): avc: denied { read write } for pid=297 comm="syz-executor409" name="vhost-vsock" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 29.729972][ T24] audit: type=1400 audit(1744413486.570:71): avc: denied { open } for pid=297 comm="syz-executor409" path="/dev/vhost-vsock" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 29.754587][ T24] audit: type=1400 audit(1744413486.570:72): avc: denied { ioctl } for pid=297 comm="syz-executor409" path="/dev/vhost-vsock" dev="devtmpfs" ino=258 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [pid 297] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0 [pid 297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5 [pid 297] chdir("./file0") = 0 [pid 297] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 297] ioctl(6, LOOP_CLR_FD) = 0 [pid 297] close(6) = 0 [pid 297] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6 [pid 297] write(6, "#! ./file1\n", 11) = 11 [pid 297] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000 [pid 297] setsockopt(-1, SOL_SOCKET, SO_REUSEADDR, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 297] rt_sigaction(SIGRT_32, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 29.782193][ T24] audit: type=1400 audit(1744413486.630:73): avc: denied { mounton } for pid=297 comm="syz-executor409" path="/root/syzkaller.5iIvX2/0/file0" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 29.784606][ T297] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue [ 29.828954][ T24] audit: type=1400 audit(1744413486.750:74): avc: denied { mount } for pid=297 comm="syz-executor409" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [pid 297] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200000000040} --- [pid 297] +++ killed by SIGBUS +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=297, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=3} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x555558ef06f0 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 [ 29.852366][ T299] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm vhost-297: bg 0: block 234: padding at end of block bitmap is not set [ 29.854063][ T24] audit: type=1400 audit(1744413486.770:75): avc: denied { write } for pid=297 comm="syz-executor409" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555558ef8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x555558ef8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = 0 getdents64(3, 0x555558ef06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555558eef650) = 303 ./strace-static-x86_64: Process 303 attached [pid 303] set_robust_list(0x555558eef660, 24) = 0 [pid 303] chdir("./1") = 0 [pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 303] setpgid(0, 0) = 0 [pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 303] write(3, "1000", 4) = 4 [pid 303] close(3) = 0 [pid 303] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 303] write(1, "executing program\n", 18) = 18 [pid 303] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3 [pid 303] ioctl(3, VHOST_SET_OWNER, 0) = 0 [pid 303] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0 [pid 303] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0 [pid 303] eventfd2(118, EFD_SEMAPHORE) = 4 [pid 303] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0 [pid 303] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0 [pid 303] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0 [pid 303] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0 [pid 303] memfd_create("syzkaller", 0) = 5 [pid 303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01d9d6f000 [pid 303] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 303] munmap(0x7f01d9d6f000, 138412032) = 0 [pid 303] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 303] ioctl(6, LOOP_SET_FD, 5) = 0 [pid 303] close(5) = 0 [pid 303] close(6) = 0 [pid 303] mkdir("./file0", 0777) = 0 [pid 303] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0 [pid 303] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5 [pid 303] chdir("./file0") = 0 [pid 303] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 303] ioctl(6, LOOP_CLR_FD) = 0 [pid 303] close(6) = 0 [pid 303] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6 [pid 303] write(6, "#! ./file1\n", 11) = 11 [pid 303] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000 [pid 303] setsockopt(-1, SOL_SOCKET, SO_REUSEADDR, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 303] rt_sigaction(SIGRT_32, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 303] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200000000040} --- [pid 303] +++ killed by SIGBUS +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=303, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x555558ef06f0 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/binderfs") = 0 [ 30.034269][ T303] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue [ 30.061213][ T303] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor409: bg 0: block 234: padding at end of block bitmap is not set umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555558ef8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x555558ef8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file0") = 0 getdents64(3, 0x555558ef06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555558eef650) = 308 ./strace-static-x86_64: Process 308 attached [pid 308] set_robust_list(0x555558eef660, 24) = 0 [pid 308] chdir("./2") = 0 [pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 308] setpgid(0, 0) = 0 [pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 308] write(3, "1000", 4) = 4 [pid 308] close(3) = 0 [pid 308] symlink("/dev/binderfs", "./binderfs") = 0 [pid 308] write(1, "executing program\n", 18executing program ) = 18 [pid 308] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3 [pid 308] ioctl(3, VHOST_SET_OWNER, 0) = 0 [pid 308] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0 [pid 308] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0 [pid 308] eventfd2(118, EFD_SEMAPHORE) = 4 [pid 308] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0 [pid 308] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0 [pid 308] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0 [pid 308] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0 [pid 308] memfd_create("syzkaller", 0) = 5 [pid 308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01d9d6f000 [pid 308] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 308] munmap(0x7f01d9d6f000, 138412032) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 308] ioctl(6, LOOP_SET_FD, 5) = 0 [pid 308] close(5) = 0 [pid 308] close(6) = 0 [pid 308] mkdir("./file0", 0777) = 0 [pid 308] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0 [pid 308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5 [pid 308] chdir("./file0") = 0 [pid 308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 308] ioctl(6, LOOP_CLR_FD) = 0 [pid 308] close(6) = 0 [pid 308] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6 [pid 308] write(6, "#! ./file1\n", 11) = 11 [pid 308] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000 [pid 308] setsockopt(-1, SOL_SOCKET, SO_REUSEADDR, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 308] rt_sigaction(SIGRT_32, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 308] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200000000040} --- [pid 308] +++ killed by SIGBUS +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=308, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x555558ef06f0 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/binderfs") = 0 [ 30.235363][ T308] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue [ 30.263792][ T308] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor409: bg 0: block 234: padding at end of block bitmap is not set umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555558ef8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x555558ef8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/file0") = 0 getdents64(3, 0x555558ef06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3executing program ) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555558eef650) = 313 ./strace-static-x86_64: Process 313 attached [pid 313] set_robust_list(0x555558eef660, 24) = 0 [pid 313] chdir("./3") = 0 [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 313] setpgid(0, 0) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 313] close(3) = 0 [pid 313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 313] write(1, "executing program\n", 18) = 18 [pid 313] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3 [pid 313] ioctl(3, VHOST_SET_OWNER, 0) = 0 [pid 313] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0 [pid 313] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0 [pid 313] eventfd2(118, EFD_SEMAPHORE) = 4 [pid 313] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0 [pid 313] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0 [pid 313] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0 [pid 313] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0 [pid 313] memfd_create("syzkaller", 0) = 5 [pid 313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01d9d6f000 [pid 313] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 313] munmap(0x7f01d9d6f000, 138412032) = 0 [pid 313] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 313] ioctl(6, LOOP_SET_FD, 5) = 0 [pid 313] close(5) = 0 [pid 313] close(6) = 0 [pid 313] mkdir("./file0", 0777) = 0 [pid 313] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0 [pid 313] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5 [pid 313] chdir("./file0") = 0 [pid 313] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 313] ioctl(6, LOOP_CLR_FD) = 0 [pid 313] close(6) = 0 [pid 313] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6 [pid 313] write(6, "#! ./file1\n", 11) = 11 [pid 313] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000 [pid 313] setsockopt(-1, SOL_SOCKET, SO_REUSEADDR, NULL, 0) = -1 EBADF (Bad file descriptor) [ 30.455790][ T313] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue [pid 313] rt_sigaction(SIGRT_32, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 313] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x200000000040} --- [pid 313] +++ killed by SIGBUS +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=313, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=2} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x555558ef06f0 /* 4 entries */, 32768) = 112 umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/binderfs") = 0 [ 30.496484][ T314] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm vhost-313: bg 0: block 234: padding at end of block bitmap is not set umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555558ef8730 /* 2 entries */, 32768) = 48 getdents64(4, 0x555558ef8730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/file0") = 0 getdents64(3, 0x555558ef06f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FDexecuting program ) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555558eef650) = 319 ./strace-static-x86_64: Process 319 attached [pid 319] set_robust_list(0x555558eef660, 24) = 0 [pid 319] chdir("./4") = 0 [pid 319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 319] setpgid(0, 0) = 0 [pid 319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 319] write(3, "1000", 4) = 4 [pid 319] close(3) = 0 [pid 319] symlink("/dev/binderfs", "./binderfs") = 0 [pid 319] write(1, "executing program\n", 18) = 18 [pid 319] openat(AT_FDCWD, "/dev/vhost-vsock", O_RDWR) = 3 [pid 319] ioctl(3, VHOST_SET_OWNER, 0) = 0 [pid 319] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000300) = 0 [pid 319] ioctl(3, VHOST_SET_MEM_TABLE, 0x200000003380) = 0 [pid 319] eventfd2(118, EFD_SEMAPHORE) = 4 [pid 319] ioctl(3, VHOST_SET_VRING_ERR, 0x2000000001c0) = 0 [pid 319] ioctl(3, VHOST_SET_VRING_ADDR, 0x200000000240) = 0 [pid 319] ioctl(3, VHOST_SET_VRING_KICK, 0x200000000000) = 0 [pid 319] ioctl(3, VHOST_VSOCK_SET_RUNNING, 0x200000000140) = 0 [pid 319] memfd_create("syzkaller", 0) = 5 [pid 319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01d9d6f000 [pid 319] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 319] munmap(0x7f01d9d6f000, 138412032) = 0 [pid 319] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 319] ioctl(6, LOOP_SET_FD, 5) = 0 [pid 319] close(5) = 0 [pid 319] close(6) = 0 [pid 319] mkdir("./file0", 0777) = 0 [pid 319] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_DIRSYNC|MS_NOATIME|MS_STRICTATIME|MS_LAZYTIME, "dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,"...) = 0 [pid 319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5 [pid 319] chdir("./file0") = 0 [pid 319] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 6 [pid 319] ioctl(6, LOOP_CLR_FD) = 0 [pid 319] close(6) = 0 [pid 319] openat(AT_FDCWD, "hugetlb.2MB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 6 [pid 319] write(6, "#! ./file1\n", 11) = 11 [pid 319] mmap(0x200000000000, 11755520, PROT_READ|PROT_WRITE|PROT_SEM|PROT_GROWSUP|0x800000, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x200000000000 [pid 319] setsockopt(-1, SOL_SOCKET, SO_REUSEADDR, NULL, 0) = -1 EBADF (Bad file descriptor) [pid 319] rt_sigaction(SIGRT_32, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 319] openat(AT_FDCWD, "/dev/rtc5", O_RDWR|O_NONBLOCK|O_DIRECT) = -1 ENOENT (No such file or directory) [pid 319] exit_group(0) = ? [pid 319] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=319, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x555558ef06f0 /* 4 entries */, 32768) = 112 umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/binderfs") = 0 [ 30.665348][ T319] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,noquota,data_err=abort,grpid,grpjquota=,nouid32,grpid,,errors=continue [ 30.694744][ T320] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm vhost-319: bg 0: block 234: padding at end of block bitmap is not set [ 30.715694][ T48] ------------[ cut here ]------------ [ 30.721175][ T48] kernel BUG at fs/ext4/inode.c:2777! [ 30.726689][ T48] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 30.732662][ T48] CPU: 0 PID: 48 Comm: kworker/u4:2 Not tainted 5.10.234-syzkaller-00157-ge0b88ee5f09c #0 [ 30.742864][ T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 30.753024][ T48] Workqueue: writeback wb_workfn (flush-7:0) [ 30.759323][ T48] RIP: 0010:ext4_writepages+0x3bdf/0x3c00 [ 30.765246][ T48] Code: 28 8c ff 31 ff 89 de e8 7f 28 8c ff 45 84 f6 75 27 e8 e5 25 8c ff 49 be 00 00 00 00 00 fc ff df e9 0e f7 ff ff e8 d1 25 8c ff <0f> 0b e8 ca 25 8c ff e8 71 e2 21 ff eb 9b e8 be 25 8c ff e8 65 e2 [ 30.786283][ T48] RSP: 0018:ffffc900009d70a0 EFLAGS: 00010293 [ 30.793481][ T48] RAX: ffffffff81de999f RBX: 0000008000000000 RCX: ffff888101ffbb40 [ 30.801720][ T48] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 30.810538][ T48] RBP: ffffc900009d7490 R08: ffffffff81de6413 R09: ffffed10237fa3bc [ 30.818398][ T48] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001 [ 30.826552][ T48] R13: ffffc900009d77d0 R14: 0000008410000000 R15: ffffc900009d7360 [ 30.834740][ T48] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 30.843586][ T48] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 30.850131][ T48] CR2: 00007ffe3a3c4b58 CR3: 000000010c910000 CR4: 00000000003506b0 [ 30.858069][ T48] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 30.865857][ T48] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 30.874302][ T48] Call Trace: [ 30.877441][ T48] ? __die_body+0x62/0xb0 [ 30.881687][ T48] ? die+0x88/0xb0 [ 30.885234][ T48] ? do_trap+0x1a4/0x310 [ 30.889566][ T48] ? ext4_writepages+0x3bdf/0x3c00 [ 30.894804][ T48] ? handle_invalid_op+0x95/0xc0 [ 30.899877][ T48] ? ext4_writepages+0x3bdf/0x3c00 [ 30.904792][ T48] ? exc_invalid_op+0x32/0x50 [ 30.909487][ T48] ? asm_exc_invalid_op+0x12/0x20 [ 30.914346][ T48] ? ext4_writepages+0x653/0x3c00 [ 30.919198][ T48] ? ext4_writepages+0x3bdf/0x3c00 [ 30.924158][ T48] ? ext4_writepages+0x3bdf/0x3c00 [ 30.929542][ T48] ? update_load_avg+0xdaa/0x1690 [ 30.934594][ T48] ? __kasan_check_read+0x11/0x20 [ 30.939415][ T48] ? mark_page_accessed+0x4f8/0x900 [ 30.944441][ T48] ? __find_get_block+0xdce/0x1320 [ 30.949620][ T48] ? write_boundary_block+0x150/0x150 [ 30.954805][ T48] ? sched_group_set_shares+0x490/0x490 [ 30.960329][ T48] ? ext4_readpage+0x230/0x230 [ 30.964923][ T48] ? __getblk_gfp+0x3d/0x7e0 [ 30.969520][ T48] ? memset+0x35/0x40 [ 30.974104][ T48] ? voluntary_active_balance+0x4c0/0x4c0 [ 30.979853][ T48] ? find_next_and_bit+0x176/0x1b0 [ 30.984759][ T48] ? memcpy+0x56/0x70 [ 30.988597][ T48] ? load_balance+0x1afc/0x7390 [ 30.993336][ T48] ? ext4_readpage+0x230/0x230 [ 30.997929][ T48] do_writepages+0x12e/0x270 [ 31.002451][ T48] ? __writepage+0x130/0x130 [ 31.007400][ T48] ? __kasan_check_write+0x14/0x20 [ 31.012317][ T48] ? _raw_spin_lock+0xa4/0x1b0 [ 31.017097][ T48] __writeback_single_inode+0xd7/0xac0 [ 31.022996][ T48] writeback_sb_inodes+0x99c/0x16b0 [ 31.028505][ T48] ? _raw_spin_lock+0xa4/0x1b0 [ 31.033550][ T48] ? queue_io+0x520/0x520 [ 31.038588][ T48] ? writeback_sb_inodes+0x16b0/0x16b0 [ 31.043985][ T48] ? queue_io+0x3d3/0x520 [ 31.048840][ T48] wb_writeback+0x404/0xc60 [ 31.054159][ T48] ? wb_io_lists_depopulated+0x180/0x180 [ 31.059890][ T48] ? set_worker_desc+0x158/0x1c0 [ 31.065307][ T48] ? _raw_spin_trylock_bh+0x190/0x190 [ 31.070553][ T48] ? __kasan_check_write+0x14/0x20 [ 31.075574][ T48] wb_workfn+0x3d9/0x1110 [ 31.079875][ T48] ? inode_wait_for_writeback+0x280/0x280 [ 31.085899][ T48] ? find_next_bit+0x7f/0x100 [ 31.090710][ T48] ? _raw_spin_unlock_irq+0x4e/0x70 [ 31.095879][ T48] ? finish_task_switch+0x130/0x5a0 [ 31.101079][ T48] ? __switch_to_asm+0x34/0x60 [ 31.106051][ T48] ? __kasan_check_read+0x11/0x20 [ 31.111145][ T48] ? read_word_at_a_time+0x12/0x20 [ 31.116251][ T48] ? strscpy+0x9c/0x260 [ 31.120722][ T48] process_one_work+0x6dc/0xbd0 [ 31.125379][ T48] worker_thread+0xaea/0x1510 [ 31.130009][ T48] ? _raw_spin_lock+0x1b0/0x1b0 [ 31.135428][ T48] kthread+0x34b/0x3d0 [ 31.139307][ T48] ? worker_clr_flags+0x180/0x180 [ 31.144913][ T48] ? kthread_blkcg+0xd0/0xd0 [ 31.149940][ T48] ret_from_fork+0x1f/0x30 [ 31.154440][ T48] Modules linked in: [ 31.159103][ T48] ---[ end trace 4ea9d0cded3d64a4 ]--- [ 31.164687][ T48] RIP: 0010:ext4_writepages+0x3bdf/0x3c00 [ 31.170491][ T48] Code: 28 8c ff 31 ff 89 de e8 7f 28 8c ff 45 84 f6 75 27 e8 e5 25 8c ff 49 be 00 00 00 00 00 fc ff df e9 0e f7 ff ff e8 d1 25 8c ff <0f> 0b e8 ca 25 8c ff e8 71 e2 21 ff eb 9b e8 be 25 8c ff e8 65 e2 [ 31.190904][ T48] RSP: 0018:ffffc900009d70a0 EFLAGS: 00010293 [ 31.197661][ T48] RAX: ffffffff81de999f RBX: 0000008000000000 RCX: ffff888101ffbb40 [ 31.206068][ T48] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 31.214194][ T48] RBP: ffffc900009d7490 R08: ffffffff81de6413 R09: ffffed10237fa3bc [ 31.222451][ T48] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001 [ 31.230670][ T48] R13: ffffc900009d77d0 R14: 0000008410000000 R15: ffffc900009d7360 [ 31.238945][ T48] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 31.248248][ T48] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.255041][ T48] CR2: 00007ffe3a3c4b58 CR3: 000000000660f000 CR4: 00000000003506b0 [ 31.263299][ T48] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 31.271599][ T48] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 31.279625][ T48] Kernel panic - not syncing: Fatal exception [ 31.285729][ T48] Kernel Offset: disabled [ 31.289905][ T48] Rebooting in 86400 seconds..