[ 62.180369][ T2529] ? lock_release+0x800/0x800 [ 62.185085][ T2529] ? pwq_dec_nr_in_flight+0x310/0x310 [ 62.190586][ T2529] ? rwlock_bug.part.0+0x90/0x90 [ 62.195568][ T2529] worker_thread+0x96/0xe10 [ 62.200111][ T2529] ? process_one_work+0x1690/0x1690 [ 62.205342][ T2529] kthread+0x3b5/0x4a0 [ 62.209435][ T2529] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.215184][ T2529] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.220941][ T2529] ret_from_fork+0x1f/0x30 [ OK ] Started Update UTMP about System Runlevel Changes. [ 66.541184][ T6793] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6793 [ 66.550737][ T6793] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.557037][ T6793] CPU: 1 PID: 6793 Comm: systemd-rfkill Not tainted 5.8.0-rc1-syzkaller #0 [ 66.565644][ T6793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.575704][ T6793] Call Trace: [ 66.579016][ T6793] dump_stack+0x18f/0x20d [ 66.583337][ T6793] check_preemption_disabled+0x20d/0x220 [ 66.589401][ T6793] ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.594518][ T6793] ? ext4_ext_search_right+0x2ca/0xb20 [ 66.599962][ T6793] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 66.605686][ T6793] ext4_ext_map_blocks+0x201b/0x33e0 [ 66.611080][ T6793] ? ext4_ext_release+0x10/0x10 [ 66.615956][ T6793] ? down_write_killable+0x170/0x170 [ 66.621312][ T6793] ? ext4_es_lookup_extent+0x41d/0xd10 [ 66.626969][ T6793] ext4_map_blocks+0x4cb/0x1640 [ 66.631897][ T6793] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 66.637233][ T6793] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 66.642805][ T6793] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 66.648792][ T6793] ? prandom_u32_state+0xe/0x170 [ 66.653725][ T6793] ? __brelse+0x84/0xa0 [ 66.657891][ T6793] ? __ext4_new_inode+0x144/0x55e0 [ 66.663005][ T6793] ext4_getblk+0xad/0x520 [ 66.667339][ T6793] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 66.673060][ T6793] ? ext4_free_inode+0x1700/0x1700 [ 66.678345][ T6793] ext4_bread+0x7c/0x380 [ 66.682572][ T6793] ? ext4_getblk+0x520/0x520 [ 66.687144][ T6793] ? dquot_get_next_dqblk+0x180/0x180 [ 66.692505][ T6793] ext4_append+0x153/0x360 [ 66.696904][ T6793] ext4_mkdir+0x5e0/0xdf0 [ 66.701225][ T6793] ? ext4_rmdir+0xde0/0xde0 [ 66.705841][ T6793] ? security_inode_permission+0xc4/0xf0 [ 66.711503][ T6793] vfs_mkdir+0x419/0x690 [ 66.716003][ T6793] do_mkdirat+0x21e/0x280 [ 66.720415][ T6793] ? __ia32_sys_mknod+0xb0/0xb0 [ 66.725474][ T6793] ? do_syscall_64+0x1c/0xe0 [ 66.730058][ T6793] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 66.736029][ T6793] do_syscall_64+0x60/0xe0 [ 66.740440][ T6793] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 66.746342][ T6793] RIP: 0033:0x7fb3ae76b687 [ 66.750746][ T6793] Code: Bad RIP value. [ 66.754939][ T6793] RSP: 002b:00007ffd48b0c078 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 66.763360][ T6793] RAX: ffffffffffffffda RBX: 000056536f8ee985 RCX: 00007fb3ae76b687 [ 66.771520][ T6793] RDX: 00007ffd48b0bf40 RSI: 00000000000001ed RDI: 000056536f8ee985 [ 66.779496][ T6793] RBP: 00007fb3ae76b680 R08: 0000000000000100 R09: 0000000000000000 [ 66.788422][ T6793] R10: 000056536f8ee980 R11: 0000000000000246 R12: 00000000000001ed [ 66.796401][ T6793] R13: 00007ffd48b0c200 R14: 0000000000000000 R15: 0000000000000000 Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.145' (ECDSA) to the list of known hosts. 2020/06/17 05:10:48 fuzzer started 2020/06/17 05:10:48 connecting to host at 10.128.0.26:40015 2020/06/17 05:10:48 checking machine... 2020/06/17 05:10:48 checking revisions... 2020/06/17 05:10:48 testing simple program... syzkaller login: [ 72.387694][ T1154] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1154 [ 72.397306][ T1154] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 72.403495][ T1154] CPU: 1 PID: 1154 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 72.411757][ T1154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.421828][ T1154] Call Trace: [ 72.425147][ T1154] dump_stack+0x18f/0x20d [ 72.429496][ T1154] check_preemption_disabled+0x20d/0x220 [ 72.433413][ T6806] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6806 [ 72.435144][ T1154] ext4_mb_new_blocks+0xa4d/0x3b70 [ 72.444314][ T6806] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 72.449349][ T1154] ? ext4_find_extent+0x81a/0xad0 [ 72.449374][ T1154] ? ext4_ext_search_right+0x2ca/0xb20 [ 72.465774][ T1154] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 72.471495][ T1154] ext4_ext_map_blocks+0x201b/0x33e0 [ 72.476788][ T1154] ? ext4_ext_release+0x10/0x10 [ 72.481767][ T1154] ? down_write_killable+0x170/0x170 [ 72.487043][ T1154] ? ext4_es_lookup_extent+0x41d/0xd10 [ 72.492499][ T1154] ext4_map_blocks+0x4cb/0x1640 [ 72.497347][ T1154] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 72.502541][ T1154] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 72.508078][ T1154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 72.514065][ T1154] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 72.519516][ T1154] ext4_writepages+0x1a7b/0x33c0 [ 72.524456][ T1154] ? lock_release+0x7f0/0x800 [ 72.529140][ T1154] ? __ext4_mark_inode_dirty+0x940/0x940 [ 72.534900][ T1154] ? __ext4_mark_inode_dirty+0x940/0x940 [ 72.540524][ T1154] ? do_writepages+0xfa/0x2a0 [ 72.545552][ T1154] do_writepages+0xfa/0x2a0 [ 72.550050][ T1154] ? page_writeback_cpu_online+0x10/0x10 [ 72.555675][ T1154] ? do_raw_spin_lock+0x120/0x2d0 [ 72.560695][ T1154] ? do_raw_spin_unlock+0x171/0x260 [ 72.565885][ T1154] ? _raw_spin_unlock+0x24/0x40 [ 72.570733][ T1154] __filemap_fdatawrite_range+0x2aa/0x390 [ 72.576488][ T1154] ? collapse_file+0x35a2/0x4330 [ 72.581446][ T1154] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 72.587543][ T1154] ? _raw_spin_unlock_irq+0x1f/0x80 [ 72.592735][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 72.598735][ T1154] collapse_file+0x35ac/0x4330 [ 72.603635][ T1154] ? collapse_huge_page+0x4350/0x4350 [ 72.609011][ T1154] ? khugepaged+0x2506/0x3fc0 [ 72.613695][ T1154] khugepaged+0x3041/0x3fc0 [ 72.618225][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 72.623864][ T1154] ? lock_downgrade+0x840/0x840 [ 72.628749][ T1154] ? finish_wait+0x260/0x260 [ 72.633351][ T1154] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 72.639151][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 72.645315][ T1154] ? __kthread_parkme+0x13f/0x1e0 [ 72.650353][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 72.656060][ T1154] kthread+0x3b5/0x4a0 [ 72.660220][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 72.665930][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 72.671663][ T1154] ret_from_fork+0x1f/0x30 [ 72.676091][ T6806] CPU: 0 PID: 6806 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 72.684869][ T6806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.694939][ T6806] Call Trace: [ 72.698253][ T6806] dump_stack+0x18f/0x20d [ 72.702613][ T6806] check_preemption_disabled+0x20d/0x220 [ 72.708269][ T6806] ext4_mb_new_blocks+0xa4d/0x3b70 [ 72.713531][ T6806] ? ext4_ext_search_right+0x2ca/0xb20 [ 72.719149][ T6806] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 72.725085][ T6806] ext4_ext_map_blocks+0x201b/0x33e0 [ 72.730406][ T6806] ? ext4_ext_release+0x10/0x10 [ 72.735299][ T6806] ? down_write_killable+0x170/0x170 [ 72.740602][ T6806] ? ext4_es_lookup_extent+0x41d/0xd10 [ 72.746146][ T6806] ext4_map_blocks+0x4cb/0x1640 [ 72.751185][ T6806] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 72.756628][ T6806] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 72.762208][ T6806] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 72.762927][ T1154] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1154 [ 72.768315][ T6806] ? prandom_u32_state+0xe/0x170 [ 72.768337][ T6806] ? __brelse+0x84/0xa0 [ 72.768353][ T6806] ? __ext4_new_inode+0x144/0x55e0 [ 72.768372][ T6806] ext4_getblk+0xad/0x520 [ 72.768389][ T6806] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 72.768409][ T6806] ? ext4_free_inode+0x1700/0x1700 [ 72.768427][ T6806] ext4_bread+0x7c/0x380 [ 72.768442][ T6806] ? ext4_getblk+0x520/0x520 [ 72.768459][ T6806] ? dquot_get_next_dqblk+0x180/0x180 [ 72.768485][ T6806] ext4_append+0x153/0x360 [ 72.768508][ T6806] ext4_mkdir+0x5e0/0xdf0 [ 72.768533][ T6806] ? ext4_rmdir+0xde0/0xde0 [ 72.768555][ T6806] ? security_inode_permission+0xc4/0xf0 [ 72.768580][ T6806] vfs_mkdir+0x419/0x690 [ 72.768602][ T6806] do_mkdirat+0x21e/0x280 [ 72.777750][ T1154] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 72.782548][ T6806] ? __ia32_sys_mknod+0xb0/0xb0 [ 72.782567][ T6806] ? do_syscall_64+0x1c/0xe0 [ 72.782584][ T6806] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 72.782603][ T6806] do_syscall_64+0x60/0xe0 [ 72.782624][ T6806] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 72.782642][ T6806] RIP: 0033:0x4b02a0 [ 72.885724][ T6806] Code: Bad RIP value. [ 72.889789][ T6806] RSP: 002b:000000c0000f54b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 72.898356][ T6806] RAX: ffffffffffffffda RBX: 000000c00002e500 RCX: 00000000004b02a0 [ 72.906547][ T6806] RDX: 00000000000001c0 RSI: 000000c000026f40 RDI: ffffffffffffff9c [ 72.914537][ T6806] RBP: 000000c0000f5510 R08: 0000000000000000 R09: 0000000000000000 [ 72.922500][ T6806] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 72.930479][ T6806] R13: 000000000000007b R14: 000000000000007a R15: 0000000000000100 [ 72.938463][ T1154] CPU: 1 PID: 1154 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 72.946761][ T1154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.956859][ T1154] Call Trace: [ 72.960260][ T1154] dump_stack+0x18f/0x20d [ 72.964631][ T1154] check_preemption_disabled+0x20d/0x220 [ 72.971070][ T1154] ext4_mb_new_blocks+0xa4d/0x3b70 [ 72.976410][ T1154] ? ext4_ext_search_right+0x2ca/0xb20 [ 72.982026][ T1154] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 72.988199][ T1154] ext4_ext_map_blocks+0x201b/0x33e0 [ 72.993488][ T1154] ? ext4_ext_release+0x10/0x10 [ 72.998339][ T1154] ? down_write_killable+0x170/0x170 [ 73.003628][ T1154] ? ext4_es_lookup_extent+0x41d/0xd10 [ 73.009101][ T1154] ext4_map_blocks+0x4cb/0x1640 [ 73.013987][ T1154] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 73.019345][ T1154] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 73.024891][ T1154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 73.030884][ T1154] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 73.036369][ T1154] ext4_writepages+0x1a7b/0x33c0 [ 73.041303][ T1154] ? lock_release+0x7f0/0x800 [ 73.045975][ T1154] ? __ext4_mark_inode_dirty+0x940/0x940 [ 73.051613][ T1154] ? __ext4_mark_inode_dirty+0x940/0x940 [ 73.057314][ T1154] ? do_writepages+0xfa/0x2a0 [ 73.062070][ T1154] do_writepages+0xfa/0x2a0 [ 73.066658][ T1154] ? page_writeback_cpu_online+0x10/0x10 [ 73.072460][ T1154] ? do_raw_spin_lock+0x120/0x2d0 [ 73.077713][ T1154] ? do_raw_spin_unlock+0x171/0x260 [ 73.083738][ T1154] ? _raw_spin_unlock+0x24/0x40 [ 73.088817][ T1154] __filemap_fdatawrite_range+0x2aa/0x390 [ 73.094543][ T1154] ? collapse_file+0x35a2/0x4330 [ 73.099498][ T1154] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 73.105590][ T1154] ? _raw_spin_unlock_irq+0x1f/0x80 [ 73.110787][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 73.116798][ T1154] collapse_file+0x35ac/0x4330 [ 73.121565][ T1154] ? collapse_huge_page+0x4350/0x4350 [ 73.126940][ T1154] ? khugepaged+0x2506/0x3fc0 [ 73.131630][ T1154] khugepaged+0x3041/0x3fc0 [ 73.136132][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 73.141750][ T1154] ? lock_downgrade+0x840/0x840 [ 73.146653][ T1154] ? finish_wait+0x260/0x260 [ 73.151262][ T1154] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 73.157087][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 73.163066][ T1154] ? __kthread_parkme+0x13f/0x1e0 [ 73.168080][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 73.173739][ T1154] kthread+0x3b5/0x4a0 [ 73.177802][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 73.183535][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 73.189552][ T1154] ret_from_fork+0x1f/0x30 [ 73.236090][ T6819] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6819 [ 73.246491][ T1154] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1154 [ 73.247058][ T6819] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 73.255938][ T1154] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 73.261806][ T6819] CPU: 0 PID: 6819 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 73.261820][ T6819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.286617][ T6819] Call Trace: [ 73.289975][ T6819] dump_stack+0x18f/0x20d [ 73.294399][ T6819] check_preemption_disabled+0x20d/0x220 [ 73.300024][ T6819] ext4_mb_new_blocks+0xa4d/0x3b70 [ 73.305134][ T6819] ? ext4_ext_search_right+0x2ca/0xb20 [ 73.310597][ T6819] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 73.316310][ T6819] ext4_ext_map_blocks+0x201b/0x33e0 [ 73.321614][ T6819] ? ext4_ext_release+0x10/0x10 [ 73.326468][ T6819] ? down_write_killable+0x170/0x170 [ 73.331767][ T6819] ? ext4_es_lookup_extent+0x41d/0xd10 [ 73.337223][ T6819] ext4_map_blocks+0x4cb/0x1640 [ 73.342161][ T6819] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 73.347402][ T6819] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 73.352980][ T6819] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 73.358969][ T6819] ? prandom_u32_state+0xe/0x170 [ 73.363903][ T6819] ? __brelse+0x84/0xa0 [ 73.368056][ T6819] ? __ext4_new_inode+0x144/0x55e0 [ 73.373167][ T6819] ext4_getblk+0xad/0x520 [ 73.377493][ T6819] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 73.384292][ T6819] ? ext4_free_inode+0x1700/0x1700 [ 73.389459][ T6819] ext4_bread+0x7c/0x380 [ 73.394561][ T6819] ? ext4_getblk+0x520/0x520 [ 73.399156][ T6819] ? dquot_get_next_dqblk+0x180/0x180 [ 73.404536][ T6819] ext4_append+0x153/0x360 [ 73.409031][ T6819] ext4_mkdir+0x5e0/0xdf0 [ 73.413354][ T6819] ? ext4_rmdir+0xde0/0xde0 [ 73.417953][ T6819] ? security_inode_permission+0xc4/0xf0 [ 73.423798][ T6819] vfs_mkdir+0x419/0x690 [ 73.428045][ T6819] do_mkdirat+0x21e/0x280 [ 73.432367][ T6819] ? __ia32_sys_mknod+0xb0/0xb0 [ 73.437208][ T6819] ? do_syscall_64+0x1c/0xe0 [ 73.442178][ T6819] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 73.449253][ T6819] do_syscall_64+0x60/0xe0 [ 73.453836][ T6819] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 73.459725][ T6819] RIP: 0033:0x45bed7 [ 73.463609][ T6819] Code: Bad RIP value. [ 73.467756][ T6819] RSP: 002b:00007fff5a1e80c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 73.476278][ T6819] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 73.484349][ T6819] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007fff5a1e82a0 [ 73.492491][ T6819] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000003780 [ 73.500448][ T6819] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 73.509996][ T6819] R13: 00007fff5a1e82a0 R14: 8421084210842109 R15: 00007fff5a1e82ac [ 73.517990][ T1154] CPU: 1 PID: 1154 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 73.526954][ T1154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.539119][ T1154] Call Trace: [ 73.542550][ T1154] dump_stack+0x18f/0x20d [ 73.547049][ T1154] check_preemption_disabled+0x20d/0x220 [ 73.553143][ T1154] ext4_mb_new_blocks+0xa4d/0x3b70 [ 73.558880][ T1154] ? ext4_ext_search_right+0x2ca/0xb20 [ 73.564448][ T1154] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 73.571360][ T1154] ext4_ext_map_blocks+0x201b/0x33e0 [ 73.576877][ T1154] ? ext4_ext_release+0x10/0x10 [ 73.581779][ T1154] ? down_write_killable+0x170/0x170 [ 73.587106][ T1154] ? ext4_es_lookup_extent+0x41d/0xd10 [ 73.592627][ T1154] ext4_map_blocks+0x4cb/0x1640 [ 73.597508][ T1154] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 73.602743][ T1154] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 73.608305][ T1154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 73.614298][ T1154] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 73.619787][ T1154] ext4_writepages+0x1a7b/0x33c0 [ 73.624832][ T1154] ? lock_release+0x7f0/0x800 [ 73.629549][ T1154] ? __ext4_mark_inode_dirty+0x940/0x940 [ 73.635313][ T1154] ? __ext4_mark_inode_dirty+0x940/0x940 [ 73.640980][ T1154] ? do_writepages+0xfa/0x2a0 [ 73.645662][ T1154] do_writepages+0xfa/0x2a0 [ 73.650279][ T1154] ? page_writeback_cpu_online+0x10/0x10 [ 73.656024][ T1154] ? do_raw_spin_lock+0x120/0x2d0 [ 73.661068][ T1154] ? do_raw_spin_unlock+0x171/0x260 [ 73.666290][ T1154] ? _raw_spin_unlock+0x24/0x40 [ 73.667699][ T6820] IPVS: ftp: loaded support on port[0] = 21 [ 73.671164][ T1154] __filemap_fdatawrite_range+0x2aa/0x390 [ 73.671181][ T1154] ? collapse_file+0x35a2/0x4330 [ 73.671196][ T1154] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 73.671224][ T1154] ? _raw_spin_unlock_irq+0x1f/0x80 [ 73.699550][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 73.705577][ T1154] collapse_file+0x35ac/0x4330 [ 73.710401][ T1154] ? collapse_huge_page+0x4350/0x4350 [ 73.716237][ T1154] ? khugepaged+0x2506/0x3fc0 [ 73.721056][ T1154] khugepaged+0x3041/0x3fc0 [ 73.725630][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 73.731578][ T1154] ? lock_downgrade+0x840/0x840 [ 73.733207][ T6820] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6820 [ 73.736633][ T1154] ? finish_wait+0x260/0x260 [ 73.746386][ T6820] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 73.751249][ T1154] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 73.751267][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 73.751291][ T1154] ? __kthread_parkme+0x13f/0x1e0 [ 73.751311][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 73.751329][ T1154] kthread+0x3b5/0x4a0 [ 73.784071][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 73.790857][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 73.796604][ T1154] ret_from_fork+0x1f/0x30 [ 73.801155][ T6820] CPU: 0 PID: 6820 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 73.809931][ T6820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.825309][ T6820] Call Trace: [ 73.828655][ T6820] dump_stack+0x18f/0x20d [ 73.834169][ T6820] check_preemption_disabled+0x20d/0x220 [ 73.842373][ T6820] ext4_mb_new_blocks+0xa4d/0x3b70 [ 73.849154][ T6820] ? ext4_ext_search_right+0x2ca/0xb20 [ 73.855708][ T6820] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 73.861566][ T6820] ext4_ext_map_blocks+0x201b/0x33e0 [ 73.867533][ T6820] ? ext4_ext_release+0x10/0x10 [ 73.872442][ T6820] ? down_write_killable+0x170/0x170 [ 73.877740][ T6820] ? ext4_es_lookup_extent+0x41d/0xd10 [ 73.883325][ T6820] ext4_map_blocks+0x4cb/0x1640 [ 73.888418][ T6820] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 73.893644][ T6820] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 73.899418][ T6820] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 73.905864][ T6820] ? prandom_u32_state+0xe/0x170 [ 73.910925][ T6820] ? __brelse+0x84/0xa0 [ 73.915237][ T6820] ? __ext4_new_inode+0x144/0x55e0 [ 73.920381][ T6820] ext4_getblk+0xad/0x520 [ 73.925184][ T6820] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 73.931803][ T6820] ? ext4_free_inode+0x1700/0x1700 [ 73.936941][ T6820] ext4_bread+0x7c/0x380 [ 73.941211][ T6820] ? ext4_getblk+0x520/0x520 [ 73.945836][ T6820] ? dquot_get_next_dqblk+0x180/0x180 [ 73.951237][ T6820] ext4_append+0x153/0x360 [ 73.955848][ T6820] ext4_mkdir+0x5e0/0xdf0 [ 73.960729][ T6820] ? ext4_rmdir+0xde0/0xde0 [ 73.965458][ T6820] ? security_inode_permission+0xc4/0xf0 [ 73.971209][ T6820] vfs_mkdir+0x419/0x690 [ 73.975445][ T6820] do_mkdirat+0x21e/0x280 [ 73.979762][ T6820] ? __ia32_sys_mknod+0xb0/0xb0 [ 73.984841][ T6820] ? do_syscall_64+0x1c/0xe0 [ 73.990593][ T6820] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 73.996967][ T6820] do_syscall_64+0x60/0xe0 [ 74.001685][ T6820] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.007613][ T6820] RIP: 0033:0x45bed7 [ 74.011506][ T6820] Code: Bad RIP value. [ 74.015759][ T6820] RSP: 002b:00007fff5a1e7fb8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 74.024355][ T6820] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 74.032320][ T6820] RDX: 00007fff5a1e8003 RSI: 00000000000001ff RDI: 00007fff5a1e8000 [ 74.040380][ T6820] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 74.048447][ T6820] R10: 0000000000000064 R11: 0000000000000206 R12: 00000000004185c0 [ 74.056433][ T6820] R13: 00007fff5a1e7ff0 R14: 0000000000000000 R15: 00007fff5a1e8000 [ 74.128630][ T6820] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6820 [ 74.138693][ T6820] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.144852][ T6820] CPU: 0 PID: 6820 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 74.153758][ T6820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.163902][ T6820] Call Trace: [ 74.167217][ T6820] dump_stack+0x18f/0x20d [ 74.171697][ T6820] check_preemption_disabled+0x20d/0x220 [ 74.177709][ T6820] ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.182861][ T6820] ? ext4_ext_search_right+0x2ca/0xb20 [ 74.188327][ T6820] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 74.194074][ T6820] ext4_ext_map_blocks+0x201b/0x33e0 [ 74.199361][ T6820] ? ext4_ext_release+0x10/0x10 [ 74.204296][ T6820] ? down_write_killable+0x170/0x170 [ 74.209654][ T6820] ? ext4_es_lookup_extent+0x41d/0xd10 [ 74.215120][ T6820] ext4_map_blocks+0x4cb/0x1640 [ 74.219982][ T6820] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 74.225209][ T6820] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 74.230776][ T6820] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 74.236834][ T6820] ? prandom_u32_state+0xe/0x170 [ 74.241893][ T6820] ? __brelse+0x84/0xa0 [ 74.246248][ T6820] ? __ext4_new_inode+0x144/0x55e0 [ 74.251383][ T6820] ext4_getblk+0xad/0x520 [ 74.255808][ T6820] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 74.261549][ T6820] ? ext4_free_inode+0x1700/0x1700 [ 74.267271][ T6820] ext4_bread+0x7c/0x380 [ 74.271710][ T6820] ? ext4_getblk+0x520/0x520 [ 74.276469][ T6820] ? dquot_get_next_dqblk+0x180/0x180 [ 74.281931][ T6820] ext4_append+0x153/0x360 [ 74.286836][ T6820] ext4_mkdir+0x5e0/0xdf0 [ 74.291936][ T6820] ? ext4_rmdir+0xde0/0xde0 [ 74.297024][ T6820] ? security_inode_permission+0xc4/0xf0 [ 74.303449][ T6820] vfs_mkdir+0x419/0x690 [ 74.308296][ T6820] do_mkdirat+0x21e/0x280 [ 74.312775][ T6820] ? __ia32_sys_mknod+0xb0/0xb0 [ 74.317673][ T6820] ? do_syscall_64+0x1c/0xe0 [ 74.322917][ T6820] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 74.328959][ T6820] do_syscall_64+0x60/0xe0 [ 74.333502][ T6820] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.339804][ T6820] RIP: 0033:0x45bed7 [ 74.344264][ T6820] Code: Bad RIP value. [ 74.348917][ T6820] RSP: 002b:00007fff5a1e7fb8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 74.358551][ T6820] RAX: ffffffffffffffda RBX: 0000000000012178 RCX: 000000000045bed7 [ 74.366728][ T6820] RDX: 00007fff5a1e8003 RSI: 00000000000001ff RDI: 00007fff5a1e8000 2020/06/17 05:10:50 building call list... [ 74.375623][ T6820] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 74.384146][ T6820] R10: 0000000000000064 R11: 0000000000000206 R12: 0000000000000003 [ 74.392584][ T6820] R13: 00007fff5a1e7ff0 R14: 000000000001216c R15: 00007fff5a1e8000 [ 74.629097][ T25] tipc: TX() has been purged, node left! [ 75.151713][ T25] ================================================================== [ 75.159988][ T25] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 75.167896][ T25] Write of size 1 at addr ffff88808b70d9e4 by task kworker/u4:2/25 [ 75.175781][ T25] [ 75.178152][ T25] CPU: 0 PID: 25 Comm: kworker/u4:2 Not tainted 5.8.0-rc1-syzkaller #0 [ 75.186383][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.196574][ T25] Workqueue: netns cleanup_net [ 75.202575][ T25] Call Trace: [ 75.206112][ T25] dump_stack+0x18f/0x20d [ 75.211110][ T25] ? afs_wake_up_async_call+0x6aa/0x770 [ 75.221796][ T25] ? afs_wake_up_async_call+0x6aa/0x770 [ 75.227716][ T25] ? afs_put_call+0xa40/0xa40 [ 75.232412][ T25] print_address_description.constprop.0.cold+0xd3/0x413 [ 75.240248][ T25] ? vprintk_func+0x97/0x1a6 [ 75.246317][ T25] ? afs_wake_up_async_call+0x6aa/0x770 executing program [ 75.252158][ T25] kasan_report.cold+0x1f/0x37 [ 75.256933][ T25] ? rcu_read_lock_held_common+0x51/0xa0 [ 75.262574][ T25] ? afs_wake_up_async_call+0x6aa/0x770 [ 75.268244][ T25] afs_wake_up_async_call+0x6aa/0x770 [ 75.274338][ T25] ? afs_close_socket+0x320/0x320 [ 75.279493][ T25] ? afs_put_call+0xa40/0xa40 [ 75.284293][ T25] rxrpc_notify_socket+0x1db/0x5d0 [ 75.289420][ T25] ? afs_put_call+0xa40/0xa40 [ 75.294155][ T25] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 75.300851][ T25] rxrpc_call_completed+0xca/0xf0 [ 75.306358][ T25] rxrpc_discard_prealloc+0x781/0xab0 [ 75.312447][ T25] ? lock_sock_nested+0x94/0x110 [ 75.317707][ T25] rxrpc_listen+0x147/0x360 [ 75.322959][ T25] afs_close_socket+0x95/0x320 [ 75.328032][ T25] ? afs_purge_servers+0x16d/0x300 [ 75.333363][ T25] ? afs_rx_discard_new_call+0x50/0x50 [ 75.338936][ T25] ? init_wait_var_entry+0x200/0x200 [ 75.344453][ T25] ? rcu_read_lock_held_common+0xa0/0xa0 [ 75.350300][ T25] ? check_preemption_disabled+0x38/0x220 [ 75.356561][ T25] afs_net_exit+0x1bc/0x310 [ 75.361365][ T25] ? afs_net_init+0xe30/0xe30 [ 75.366280][ T25] ops_exit_list.isra.0+0xa8/0x150 [ 75.371417][ T25] cleanup_net+0x511/0xa50 [ 75.376063][ T25] ? unregister_pernet_device+0x70/0x70 [ 75.382182][ T25] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 75.388276][ T25] process_one_work+0x965/0x1690 [ 75.393281][ T25] ? lock_release+0x800/0x800 [ 75.397969][ T25] ? pwq_dec_nr_in_flight+0x310/0x310 [ 75.403789][ T25] ? rwlock_bug.part.0+0x90/0x90 [ 75.408743][ T25] worker_thread+0x96/0xe10 [ 75.413265][ T25] ? process_one_work+0x1690/0x1690 [ 75.418778][ T25] kthread+0x3b5/0x4a0 [ 75.422852][ T25] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 75.429118][ T25] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 75.434843][ T25] ret_from_fork+0x1f/0x30 [ 75.439271][ T25] [ 75.441681][ T25] Allocated by task 6820: [ 75.446610][ T25] save_stack+0x1b/0x40 [ 75.451036][ T25] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 75.456758][ T25] kmem_cache_alloc_trace+0x153/0x7d0 [ 75.462228][ T25] afs_alloc_call+0x55/0x630 [ 75.466992][ T25] afs_charge_preallocation+0xe9/0x2d0 [ 75.473381][ T25] afs_open_socket+0x292/0x360 [ 75.478573][ T25] afs_net_init+0xa6c/0xe30 [ 75.483088][ T25] ops_init+0xaf/0x420 [ 75.487215][ T25] setup_net+0x2de/0x860 [ 75.491583][ T25] copy_net_ns+0x293/0x590 [ 75.496390][ T25] create_new_namespaces+0x3fb/0xb30 [ 75.501701][ T25] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 75.507464][ T25] ksys_unshare+0x43d/0x8e0 [ 75.512246][ T25] __x64_sys_unshare+0x2d/0x40 [ 75.520962][ T25] do_syscall_64+0x60/0xe0 [ 75.525579][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 75.531733][ T25] [ 75.534060][ T25] Freed by task 25: [ 75.537875][ T25] save_stack+0x1b/0x40 [ 75.542036][ T25] __kasan_slab_free+0xf7/0x140 [ 75.547110][ T25] kfree+0x109/0x2b0 [ 75.551240][ T25] afs_put_call+0x585/0xa40 [ 75.555922][ T25] rxrpc_discard_prealloc+0x764/0xab0 [ 75.561646][ T25] rxrpc_listen+0x147/0x360 [ 75.566603][ T25] afs_close_socket+0x95/0x320 [ 75.571503][ T25] afs_net_exit+0x1bc/0x310 [ 75.576030][ T25] ops_exit_list.isra.0+0xa8/0x150 [ 75.581197][ T25] cleanup_net+0x511/0xa50 [ 75.585626][ T25] process_one_work+0x965/0x1690 [ 75.590766][ T25] worker_thread+0x96/0xe10 [ 75.595268][ T25] kthread+0x3b5/0x4a0 [ 75.599480][ T25] ret_from_fork+0x1f/0x30 [ 75.604619][ T25] [ 75.607169][ T25] The buggy address belongs to the object at ffff88808b70d800 [ 75.607169][ T25] which belongs to the cache kmalloc-1k of size 1024 [ 75.622119][ T25] The buggy address is located 484 bytes inside of [ 75.622119][ T25] 1024-byte region [ffff88808b70d800, ffff88808b70dc00) [ 75.638299][ T25] The buggy address belongs to the page: [ 75.645548][ T25] page:ffffea00022dc340 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 75.655016][ T25] flags: 0xfffe0000000200(slab) [ 75.660159][ T25] raw: 00fffe0000000200 ffffea00022dc308 ffffea000250ac48 ffff8880aa000c40 [ 75.669046][ T25] raw: 0000000000000000 ffff88808b70d000 0000000100000002 0000000000000000 [ 75.677650][ T25] page dumped because: kasan: bad access detected [ 75.684201][ T25] [ 75.686555][ T25] Memory state around the buggy address: [ 75.692215][ T25] ffff88808b70d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 75.700910][ T25] ffff88808b70d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 75.709255][ T25] >ffff88808b70d980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 75.717425][ T25] ^ [ 75.726032][ T25] ffff88808b70da00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 75.734129][ T25] ffff88808b70da80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 75.742304][ T25] ================================================================== [ 75.750491][ T25] Disabling lock debugging due to kernel taint [ 75.756815][ T25] Kernel panic - not syncing: panic_on_warn set ... [ 75.763522][ T25] CPU: 0 PID: 25 Comm: kworker/u4:2 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 75.773240][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.783310][ T25] Workqueue: netns cleanup_net [ 75.788196][ T25] Call Trace: [ 75.791494][ T25] dump_stack+0x18f/0x20d [ 75.795837][ T25] ? afs_wake_up_async_call+0x670/0x770 [ 75.801391][ T25] ? afs_put_call+0xa40/0xa40 [ 75.806072][ T25] panic+0x2e3/0x75c [ 75.809972][ T25] ? __warn_printk+0xf3/0xf3 [ 75.815551][ T25] ? asm_common_interrupt+0x1e/0x40 [ 75.820955][ T25] ? trace_hardirqs_on+0x55/0x220 [ 75.826112][ T25] ? afs_wake_up_async_call+0x6aa/0x770 [ 75.831781][ T25] ? afs_wake_up_async_call+0x6aa/0x770 [ 75.837798][ T25] ? afs_put_call+0xa40/0xa40 [ 75.842601][ T25] end_report+0x4d/0x53 [ 75.846929][ T25] kasan_report.cold+0xd/0x37 [ 75.851755][ T25] ? rcu_read_lock_held_common+0x51/0xa0 [ 75.858096][ T25] ? afs_wake_up_async_call+0x6aa/0x770 [ 75.864021][ T25] afs_wake_up_async_call+0x6aa/0x770 [ 75.870361][ T25] ? afs_close_socket+0x320/0x320 [ 75.877105][ T25] ? afs_put_call+0xa40/0xa40 [ 75.882045][ T25] rxrpc_notify_socket+0x1db/0x5d0 [ 75.887155][ T25] ? afs_put_call+0xa40/0xa40 [ 75.891830][ T25] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 75.898329][ T25] rxrpc_call_completed+0xca/0xf0 [ 75.903349][ T25] rxrpc_discard_prealloc+0x781/0xab0 [ 75.908719][ T25] ? lock_sock_nested+0x94/0x110 [ 75.913743][ T25] rxrpc_listen+0x147/0x360 [ 75.918317][ T25] afs_close_socket+0x95/0x320 [ 75.923167][ T25] ? afs_purge_servers+0x16d/0x300 [ 75.928378][ T25] ? afs_rx_discard_new_call+0x50/0x50 [ 75.934192][ T25] ? init_wait_var_entry+0x200/0x200 [ 75.939490][ T25] ? rcu_read_lock_held_common+0xa0/0xa0 [ 75.945130][ T25] ? check_preemption_disabled+0x38/0x220 [ 75.951121][ T25] afs_net_exit+0x1bc/0x310 [ 75.955718][ T25] ? afs_net_init+0xe30/0xe30 [ 75.960395][ T25] ops_exit_list.isra.0+0xa8/0x150 [ 75.965501][ T25] cleanup_net+0x511/0xa50 [ 75.970373][ T25] ? unregister_pernet_device+0x70/0x70 [ 75.975947][ T25] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 75.981937][ T25] process_one_work+0x965/0x1690 [ 75.986987][ T25] ? lock_release+0x800/0x800 [ 75.991931][ T25] ? pwq_dec_nr_in_flight+0x310/0x310 [ 75.997521][ T25] ? rwlock_bug.part.0+0x90/0x90 [ 76.002645][ T25] worker_thread+0x96/0xe10 [ 76.007151][ T25] ? process_one_work+0x1690/0x1690 [ 76.012529][ T25] kthread+0x3b5/0x4a0 [ 76.016591][ T25] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 76.022323][ T25] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 76.028039][ T25] ret_from_fork+0x1f/0x30 [ 76.033964][ T25] Kernel Offset: disabled [ 76.038473][ T25] Rebooting in 86400 seconds..