[ 62.247444][ T224] process_one_work+0x965/0x1690 [ 62.252386][ T224] ? lock_release+0x800/0x800 [ 62.257049][ T224] ? pwq_dec_nr_in_flight+0x310/0x310 [ 62.262408][ T224] ? rwlock_bug.part.0+0x90/0x90 [ 62.267341][ T224] worker_thread+0x96/0xe10 [ 62.271837][ T224] ? process_one_work+0x1690/0x1690 [ 62.277038][ T224] kthread+0x3b5/0x4a0 [ 62.281090][ T224] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.286794][ T224] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.292512][ T224] ret_from_fork+0x1f/0x30 Warning: Permanently added '10.128.10.47' (ECDSA) to the list of known hosts. 2020/06/16 20:28:01 fuzzer started 2020/06/16 20:28:01 connecting to host at 10.128.0.26:40917 2020/06/16 20:28:01 checking machine... 2020/06/16 20:28:01 checking revisions... 2020/06/16 20:28:01 testing simple program... [ 68.926570][ T6797] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6797 [ 68.936237][ T6797] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.942146][ T6797] CPU: 0 PID: 6797 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 68.951125][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.962779][ T6797] Call Trace: [ 68.966096][ T6797] dump_stack+0x18f/0x20d [ 68.970793][ T6797] check_preemption_disabled+0x20d/0x220 [ 68.976446][ T6797] ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.981806][ T6797] ? ext4_ext_search_right+0x2ca/0xb20 [ 68.987442][ T6797] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 68.999079][ T6797] ext4_ext_map_blocks+0x201b/0x33e0 [ 69.004440][ T6797] ? ext4_ext_release+0x10/0x10 [ 69.010017][ T6797] ? down_write_killable+0x170/0x170 [ 69.015882][ T6797] ? ext4_es_lookup_extent+0x41d/0xd10 [ 69.021609][ T6797] ext4_map_blocks+0x4cb/0x1640 [ 69.027419][ T6797] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 69.032863][ T6797] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 69.038861][ T6797] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.045157][ T6797] ? prandom_u32_state+0xe/0x170 [ 69.050356][ T6797] ? __brelse+0x84/0xa0 [ 69.054519][ T6797] ? __ext4_new_inode+0x144/0x55e0 [ 69.059860][ T6797] ext4_getblk+0xad/0x520 [ 69.064428][ T6797] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 69.070632][ T6797] ? ext4_free_inode+0x1700/0x1700 [ 69.075936][ T6797] ext4_bread+0x7c/0x380 [ 69.080349][ T6797] ? ext4_getblk+0x520/0x520 [ 69.085055][ T6797] ? dquot_get_next_dqblk+0x180/0x180 [ 69.090650][ T6797] ext4_append+0x153/0x360 [ 69.095513][ T6797] ext4_mkdir+0x5e0/0xdf0 [ 69.100337][ T6797] ? ext4_rmdir+0xde0/0xde0 [ 69.105542][ T6797] ? security_inode_permission+0xc4/0xf0 [ 69.111532][ T6797] vfs_mkdir+0x419/0x690 [ 69.116514][ T6797] do_mkdirat+0x21e/0x280 [ 69.121582][ T6797] ? __ia32_sys_mknod+0xb0/0xb0 [ 69.127365][ T6797] ? do_syscall_64+0x1c/0xe0 [ 69.137650][ T6797] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 69.145600][ T6797] do_syscall_64+0x60/0xe0 [ 69.150138][ T6797] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.156279][ T6797] RIP: 0033:0x4b02a0 [ 69.160721][ T6797] Code: Bad RIP value. [ 69.165608][ T6797] RSP: 002b:000000c0000d34b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 69.174771][ T6797] RAX: ffffffffffffffda RBX: 000000c00002e500 RCX: 00000000004b02a0 [ 69.184096][ T6797] RDX: 00000000000001c0 RSI: 000000c0000e0b40 RDI: ffffffffffffff9c [ 69.192954][ T6797] RBP: 000000c0000d3510 R08: 0000000000000000 R09: 0000000000000000 [ 69.201897][ T6797] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 69.212133][ T6797] R13: 000000000000005b R14: 000000000000005a R15: 0000000000000100 [ 69.239692][ T6800] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6800 [ 69.249922][ T6800] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 69.256121][ T6800] CPU: 0 PID: 6800 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 69.264806][ T6800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.276541][ T6800] Call Trace: [ 69.282623][ T6800] dump_stack+0x18f/0x20d [ 69.288338][ T6800] check_preemption_disabled+0x20d/0x220 [ 69.296445][ T6800] ext4_mb_new_blocks+0xa4d/0x3b70 [ 69.302856][ T6800] ? ext4_ext_search_right+0x2ca/0xb20 [ 69.310699][ T6800] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 69.318523][ T6800] ext4_ext_map_blocks+0x201b/0x33e0 [ 69.324602][ T6800] ? ext4_ext_release+0x10/0x10 [ 69.329643][ T6800] ? down_write_killable+0x170/0x170 [ 69.336544][ T6800] ? ext4_es_lookup_extent+0x41d/0xd10 [ 69.342386][ T6800] ext4_map_blocks+0x4cb/0x1640 [ 69.347533][ T6800] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 69.353080][ T6800] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 69.359327][ T6800] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.366287][ T6800] ? prandom_u32_state+0xe/0x170 [ 69.373441][ T6800] ? __brelse+0x84/0xa0 [ 69.377698][ T6800] ? __ext4_new_inode+0x144/0x55e0 [ 69.383552][ T6800] ext4_getblk+0xad/0x520 [ 69.388971][ T6800] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 69.395274][ T6800] ? ext4_free_inode+0x1700/0x1700 [ 69.400522][ T6800] ext4_bread+0x7c/0x380 [ 69.405460][ T6800] ? ext4_getblk+0x520/0x520 [ 69.411063][ T6800] ? dquot_get_next_dqblk+0x180/0x180 [ 69.417171][ T6800] ext4_append+0x153/0x360 [ 69.422437][ T6800] ext4_mkdir+0x5e0/0xdf0 [ 69.427842][ T6800] ? ext4_rmdir+0xde0/0xde0 [ 69.433648][ T6800] ? security_inode_permission+0xc4/0xf0 [ 69.439299][ T6800] vfs_mkdir+0x419/0x690 [ 69.443823][ T6800] do_mkdirat+0x21e/0x280 [ 69.448632][ T6800] ? __ia32_sys_mknod+0xb0/0xb0 [ 69.455091][ T6800] ? do_syscall_64+0x1c/0xe0 [ 69.460028][ T6800] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 69.466431][ T6800] do_syscall_64+0x60/0xe0 [ 69.471584][ T6800] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.478269][ T6800] RIP: 0033:0x45bed7 [ 69.482979][ T6800] Code: Bad RIP value. [ 69.488227][ T6800] RSP: 002b:00007ffe63c17818 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 69.498111][ T6800] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 69.506441][ T6800] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007ffe63c179f0 [ 69.516770][ T6800] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000003300 [ 69.526101][ T6800] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 69.534630][ T6800] R13: 00007ffe63c179f0 R14: 8421084210842109 R15: 00007ffe63c179fc [ 69.625426][ T6801] IPVS: ftp: loaded support on port[0] = 21 [ 69.664804][ T6801] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6801 [ 69.675216][ T6801] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 69.681115][ T6801] CPU: 1 PID: 6801 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 69.689693][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.699986][ T6801] Call Trace: [ 69.703576][ T6801] dump_stack+0x18f/0x20d [ 69.708088][ T6801] check_preemption_disabled+0x20d/0x220 [ 69.713861][ T6801] ext4_mb_new_blocks+0xa4d/0x3b70 [ 69.718981][ T6801] ? ext4_ext_search_right+0x2ca/0xb20 [ 69.724485][ T6801] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 69.730343][ T6801] ext4_ext_map_blocks+0x201b/0x33e0 [ 69.736053][ T6801] ? ext4_ext_release+0x10/0x10 [ 69.741552][ T6801] ? down_write_killable+0x170/0x170 [ 69.746846][ T6801] ? ext4_es_lookup_extent+0x41d/0xd10 [ 69.752645][ T6801] ext4_map_blocks+0x4cb/0x1640 [ 69.757511][ T6801] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 69.762724][ T6801] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 69.768369][ T6801] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.774363][ T6801] ? prandom_u32_state+0xe/0x170 [ 69.779662][ T6801] ? __brelse+0x84/0xa0 [ 69.783884][ T6801] ? __ext4_new_inode+0x144/0x55e0 [ 69.789393][ T6801] ext4_getblk+0xad/0x520 [ 69.793742][ T6801] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 69.800171][ T6801] ? ext4_free_inode+0x1700/0x1700 [ 69.805287][ T6801] ext4_bread+0x7c/0x380 [ 69.809739][ T6801] ? ext4_getblk+0x520/0x520 [ 69.814356][ T6801] ? dquot_get_next_dqblk+0x180/0x180 [ 69.819736][ T6801] ext4_append+0x153/0x360 [ 69.824518][ T6801] ext4_mkdir+0x5e0/0xdf0 [ 69.828967][ T6801] ? ext4_rmdir+0xde0/0xde0 [ 69.833478][ T6801] ? security_inode_permission+0xc4/0xf0 [ 69.839239][ T6801] vfs_mkdir+0x419/0x690 [ 69.844102][ T6801] do_mkdirat+0x21e/0x280 [ 69.849001][ T6801] ? __ia32_sys_mknod+0xb0/0xb0 [ 69.854113][ T6801] ? do_syscall_64+0x1c/0xe0 [ 69.860037][ T6801] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 69.867130][ T6801] do_syscall_64+0x60/0xe0 [ 69.871923][ T6801] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.878433][ T6801] RIP: 0033:0x45bed7 [ 69.882894][ T6801] Code: Bad RIP value. [ 69.887250][ T6801] RSP: 002b:00007ffe63c17708 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 69.896527][ T6801] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 69.907897][ T6801] RDX: 00007ffe63c17753 RSI: 00000000000001ff RDI: 00007ffe63c17750 [ 69.916113][ T6801] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 69.924981][ T6801] R10: 0000000000000064 R11: 0000000000000202 R12: 00000000004185c0 [ 69.933606][ T6801] R13: 00007ffe63c17740 R14: 0000000000000000 R15: 00007ffe63c17750 [ 69.990344][ T6801] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6801 [ 70.000151][ T6801] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 70.006403][ T6801] CPU: 0 PID: 6801 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 70.015715][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.025777][ T6801] Call Trace: [ 70.029641][ T6801] dump_stack+0x18f/0x20d [ 70.034109][ T6801] check_preemption_disabled+0x20d/0x220 [ 70.039959][ T6801] ext4_mb_new_blocks+0xa4d/0x3b70 [ 70.045101][ T6801] ? ext4_ext_search_right+0x2ca/0xb20 [ 70.050574][ T6801] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 70.056328][ T6801] ext4_ext_map_blocks+0x201b/0x33e0 [ 70.061670][ T6801] ? ext4_ext_release+0x10/0x10 [ 70.066541][ T6801] ? down_write_killable+0x170/0x170 [ 70.071848][ T6801] ? ext4_es_lookup_extent+0x41d/0xd10 [ 70.078028][ T6801] ext4_map_blocks+0x4cb/0x1640 [ 70.082962][ T6801] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 70.088687][ T6801] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 70.094249][ T6801] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 70.100269][ T6801] ? prandom_u32_state+0xe/0x170 [ 70.105298][ T6801] ? __brelse+0x84/0xa0 [ 70.109576][ T6801] ? __ext4_new_inode+0x144/0x55e0 [ 70.114764][ T6801] ext4_getblk+0xad/0x520 [ 70.119191][ T6801] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 70.125083][ T6801] ? ext4_free_inode+0x1700/0x1700 [ 70.130174][ T6801] ext4_bread+0x7c/0x380 [ 70.134396][ T6801] ? ext4_getblk+0x520/0x520 [ 70.139240][ T6801] ? dquot_get_next_dqblk+0x180/0x180 [ 70.144628][ T6801] ext4_append+0x153/0x360 [ 70.149046][ T6801] ext4_mkdir+0x5e0/0xdf0 [ 70.153382][ T6801] ? ext4_rmdir+0xde0/0xde0 [ 70.158021][ T6801] ? security_inode_permission+0xc4/0xf0 [ 70.163667][ T6801] vfs_mkdir+0x419/0x690 [ 70.167898][ T6801] do_mkdirat+0x21e/0x280 [ 70.172836][ T6801] ? __ia32_sys_mknod+0xb0/0xb0 [ 70.178009][ T6801] ? do_syscall_64+0x1c/0xe0 [ 70.182887][ T6801] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 70.191700][ T6801] do_syscall_64+0x60/0xe0 [ 70.196305][ T6801] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 70.202827][ T6801] RIP: 0033:0x45bed7 [ 70.206739][ T6801] Code: Bad RIP value. [ 70.211188][ T6801] RSP: 002b:00007ffe63c17708 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 70.220753][ T6801] RAX: ffffffffffffffda RBX: 0000000000011156 RCX: 000000000045bed7 [ 70.228977][ T6801] RDX: 00007ffe63c17753 RSI: 00000000000001ff RDI: 00007ffe63c17750 2020/06/16 20:28:03 building call list... [ 70.237229][ T6801] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 70.245184][ T6801] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000003 [ 70.253162][ T6801] R13: 00007ffe63c17740 R14: 0000000000011143 R15: 00007ffe63c17750 [ 70.563204][ T298] tipc: TX() has been purged, node left! [ 71.045597][ T298] ================================================================== [ 71.054236][ T298] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 71.062260][ T298] Write of size 1 at addr ffff8880a623f9e4 by task kworker/u4:7/298 [ 71.070336][ T298] [ 71.072670][ T298] CPU: 1 PID: 298 Comm: kworker/u4:7 Not tainted 5.8.0-rc1-syzkaller #0 [ 71.081419][ T298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.091563][ T298] Workqueue: netns cleanup_net [ 71.096502][ T298] Call Trace: [ 71.099795][ T298] dump_stack+0x18f/0x20d [ 71.104300][ T298] ? afs_wake_up_async_call+0x6aa/0x770 [ 71.109843][ T298] ? afs_wake_up_async_call+0x6aa/0x770 [ 71.115386][ T298] ? afs_put_call+0xa40/0xa40 [ 71.120063][ T298] print_address_description.constprop.0.cold+0xd3/0x413 [ 71.127439][ T298] ? vprintk_func+0x97/0x1a6 [ 71.132035][ T298] ? afs_wake_up_async_call+0x6aa/0x770 [ 71.137576][ T298] kasan_report.cold+0x1f/0x37 [ 71.142429][ T298] ? rcu_read_lock_held_common+0x51/0xa0 [ 71.148055][ T298] ? afs_wake_up_async_call+0x6aa/0x770 [ 71.153615][ T298] afs_wake_up_async_call+0x6aa/0x770 [ 71.158985][ T298] ? afs_close_socket+0x320/0x320 [ 71.164011][ T298] ? afs_put_call+0xa40/0xa40 [ 71.168777][ T298] rxrpc_notify_socket+0x1db/0x5d0 [ 71.173897][ T298] ? afs_put_call+0xa40/0xa40 [ 71.179969][ T298] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 71.186499][ T298] rxrpc_call_completed+0xca/0xf0 [ 71.191536][ T298] rxrpc_discard_prealloc+0x781/0xab0 [ 71.197281][ T298] ? lock_sock_nested+0x94/0x110 [ 71.202722][ T298] rxrpc_listen+0x147/0x360 [ 71.207442][ T298] afs_close_socket+0x95/0x320 [ 71.212302][ T298] ? afs_purge_servers+0x16d/0x300 [ 71.217533][ T298] ? afs_rx_discard_new_call+0x50/0x50 [ 71.223473][ T298] ? init_wait_var_entry+0x200/0x200 [ 71.228967][ T298] ? rcu_read_lock_held_common+0xa0/0xa0 [ 71.235310][ T298] ? check_preemption_disabled+0x38/0x220 [ 71.241210][ T298] afs_net_exit+0x1bc/0x310 [ 71.245814][ T298] ? afs_net_init+0xe30/0xe30 [ 71.250629][ T298] ops_exit_list.isra.0+0xa8/0x150 [ 71.256148][ T298] cleanup_net+0x511/0xa50 [ 71.261288][ T298] ? unregister_pernet_device+0x70/0x70 [ 71.267192][ T298] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 71.273821][ T298] process_one_work+0x965/0x1690 [ 71.279174][ T298] ? lock_release+0x800/0x800 [ 71.284263][ T298] ? pwq_dec_nr_in_flight+0x310/0x310 [ 71.289989][ T298] ? rwlock_bug.part.0+0x90/0x90 [ 71.296151][ T298] worker_thread+0x96/0xe10 [ 71.301024][ T298] ? process_one_work+0x1690/0x1690 [ 71.306508][ T298] kthread+0x3b5/0x4a0 [ 71.310581][ T298] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 71.316322][ T298] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 71.322309][ T298] ret_from_fork+0x1f/0x30 [ 71.326827][ T298] [ 71.329220][ T298] Allocated by task 6801: [ 71.333640][ T298] save_stack+0x1b/0x40 [ 71.338065][ T298] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 71.344588][ T298] kmem_cache_alloc_trace+0x153/0x7d0 [ 71.350065][ T298] afs_alloc_call+0x55/0x630 [ 71.354856][ T298] afs_charge_preallocation+0xe9/0x2d0 [ 71.360395][ T298] afs_open_socket+0x292/0x360 [ 71.365155][ T298] afs_net_init+0xa6c/0xe30 [ 71.369655][ T298] ops_init+0xaf/0x420 [ 71.373720][ T298] setup_net+0x2de/0x860 [ 71.377957][ T298] copy_net_ns+0x293/0x590 [ 71.382369][ T298] create_new_namespaces+0x3fb/0xb30 [ 71.387834][ T298] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 71.393810][ T298] ksys_unshare+0x43d/0x8e0 [ 71.398308][ T298] __x64_sys_unshare+0x2d/0x40 [ 71.403077][ T298] do_syscall_64+0x60/0xe0 [ 71.407491][ T298] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 71.413401][ T298] [ 71.415725][ T298] Freed by task 298: [ 71.419620][ T298] save_stack+0x1b/0x40 [ 71.423778][ T298] __kasan_slab_free+0xf7/0x140 [ 71.428712][ T298] kfree+0x109/0x2b0 [ 71.432631][ T298] afs_put_call+0x585/0xa40 [ 71.437826][ T298] rxrpc_discard_prealloc+0x764/0xab0 [ 71.443294][ T298] rxrpc_listen+0x147/0x360 [ 71.448357][ T298] afs_close_socket+0x95/0x320 [ 71.454107][ T298] afs_net_exit+0x1bc/0x310 [ 71.458883][ T298] ops_exit_list.isra.0+0xa8/0x150 [ 71.465845][ T298] cleanup_net+0x511/0xa50 [ 71.470500][ T298] process_one_work+0x965/0x1690 [ 71.475639][ T298] worker_thread+0x96/0xe10 [ 71.481899][ T298] kthread+0x3b5/0x4a0 [ 71.486437][ T298] ret_from_fork+0x1f/0x30 [ 71.491491][ T298] [ 71.494128][ T298] The buggy address belongs to the object at ffff8880a623f800 [ 71.494128][ T298] which belongs to the cache kmalloc-1k of size 1024 [ 71.510592][ T298] The buggy address is located 484 bytes inside of [ 71.510592][ T298] 1024-byte region [ffff8880a623f800, ffff8880a623fc00) [ 71.528604][ T298] The buggy address belongs to the page: [ 71.534363][ T298] page:ffffea0002988fc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 71.543667][ T298] flags: 0xfffe0000000200(slab) [ 71.548908][ T298] raw: 00fffe0000000200 ffffea0002623588 ffffea000230a248 ffff8880aa000c40 [ 71.561568][ T298] raw: 0000000000000000 ffff8880a623f000 0000000100000002 0000000000000000 [ 71.573363][ T298] page dumped because: kasan: bad access detected [ 71.580146][ T298] [ 71.582655][ T298] Memory state around the buggy address: [ 71.588552][ T298] ffff8880a623f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.596630][ T298] ffff8880a623f900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.604884][ T298] >ffff8880a623f980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.612977][ T298] ^ [ 71.620732][ T298] ffff8880a623fa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.628832][ T298] ffff8880a623fa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.637143][ T298] ================================================================== [ 71.645283][ T298] Disabling lock debugging due to kernel taint [ 71.651496][ T298] Kernel panic - not syncing: panic_on_warn set ... [ 71.658083][ T298] CPU: 1 PID: 298 Comm: kworker/u4:7 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 71.668073][ T298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.678442][ T298] Workqueue: netns cleanup_net [ 71.683208][ T298] Call Trace: [ 71.686594][ T298] dump_stack+0x18f/0x20d [ 71.690925][ T298] ? afs_wake_up_async_call+0x670/0x770 [ 71.696481][ T298] ? afs_put_call+0xa40/0xa40 [ 71.701157][ T298] panic+0x2e3/0x75c [ 71.705055][ T298] ? __warn_printk+0xf3/0xf3 [ 71.709640][ T298] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 71.715777][ T298] ? trace_hardirqs_on+0x55/0x220 [ 71.720990][ T298] ? afs_wake_up_async_call+0x6aa/0x770 [ 71.727477][ T298] ? afs_wake_up_async_call+0x6aa/0x770 [ 71.733192][ T298] ? afs_put_call+0xa40/0xa40 [ 71.737858][ T298] end_report+0x4d/0x53 [ 71.742271][ T298] kasan_report.cold+0xd/0x37 [ 71.746935][ T298] ? rcu_read_lock_held_common+0x51/0xa0 [ 71.752564][ T298] ? afs_wake_up_async_call+0x6aa/0x770 [ 71.758104][ T298] afs_wake_up_async_call+0x6aa/0x770 [ 71.763463][ T298] ? afs_close_socket+0x320/0x320 [ 71.768476][ T298] ? afs_put_call+0xa40/0xa40 [ 71.773145][ T298] rxrpc_notify_socket+0x1db/0x5d0 [ 71.778293][ T298] ? afs_put_call+0xa40/0xa40 [ 71.782966][ T298] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 71.790255][ T298] rxrpc_call_completed+0xca/0xf0 [ 71.795769][ T298] rxrpc_discard_prealloc+0x781/0xab0 [ 71.801141][ T298] ? lock_sock_nested+0x94/0x110 [ 71.806434][ T298] rxrpc_listen+0x147/0x360 [ 71.810956][ T298] afs_close_socket+0x95/0x320 [ 71.815820][ T298] ? afs_purge_servers+0x16d/0x300 [ 71.820959][ T298] ? afs_rx_discard_new_call+0x50/0x50 [ 71.826671][ T298] ? init_wait_var_entry+0x200/0x200 [ 71.832080][ T298] ? rcu_read_lock_held_common+0xa0/0xa0 [ 71.837838][ T298] ? check_preemption_disabled+0x38/0x220 [ 71.843792][ T298] afs_net_exit+0x1bc/0x310 [ 71.848294][ T298] ? afs_net_init+0xe30/0xe30 [ 71.852965][ T298] ops_exit_list.isra.0+0xa8/0x150 [ 71.858104][ T298] cleanup_net+0x511/0xa50 [ 71.862521][ T298] ? unregister_pernet_device+0x70/0x70 [ 71.868055][ T298] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 71.874314][ T298] process_one_work+0x965/0x1690 [ 71.879256][ T298] ? lock_release+0x800/0x800 [ 71.883978][ T298] ? pwq_dec_nr_in_flight+0x310/0x310 [ 71.889362][ T298] ? rwlock_bug.part.0+0x90/0x90 [ 71.894317][ T298] worker_thread+0x96/0xe10 [ 71.898997][ T298] ? process_one_work+0x1690/0x1690 [ 71.904207][ T298] kthread+0x3b5/0x4a0 [ 71.908258][ T298] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 71.914705][ T298] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 71.920566][ T298] ret_from_fork+0x1f/0x30 [ 71.926409][ T298] Kernel Offset: disabled [ 71.930954][ T298] Rebooting in 86400 seconds..