[ 60.842432][ T182] process_one_work+0x965/0x1690 [ 60.847372][ T182] ? lock_release+0x800/0x800 [ 60.852037][ T182] ? pwq_dec_nr_in_flight+0x310/0x310 [ 60.857399][ T182] ? rwlock_bug.part.0+0x90/0x90 [ 60.862331][ T182] worker_thread+0x96/0xe10 [ 60.866828][ T182] ? process_one_work+0x1690/0x1690 [ 60.872036][ T182] kthread+0x3b5/0x4a0 [ 60.876089][ T182] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 60.881811][ T182] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 60.887538][ T182] ret_from_fork+0x1f/0x30 [ 63.094555][ T6827] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6827 [ 63.104480][ T6827] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.110387][ T6827] CPU: 0 PID: 6827 Comm: systemd-rfkill Not tainted 5.8.0-rc1-syzkaller #0 [ 63.118955][ T6827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.128998][ T6827] Call Trace: [ 63.132283][ T6827] dump_stack+0x18f/0x20d [ 63.136601][ T6827] check_preemption_disabled+0x20d/0x220 [ 63.142233][ T6827] ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.147401][ T6827] ? ext4_ext_search_right+0x2ca/0xb20 [ 63.152966][ T6827] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 63.158680][ T6827] ext4_ext_map_blocks+0x201b/0x33e0 [ 63.163978][ T6827] ? ext4_ext_release+0x10/0x10 [ 63.168826][ T6827] ? down_write_killable+0x170/0x170 [ 63.174094][ T6827] ? ext4_es_lookup_extent+0x41d/0xd10 [ 63.179711][ T6827] ext4_map_blocks+0x4cb/0x1640 [ 63.184568][ T6827] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 63.189771][ T6827] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.195306][ T6827] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.201293][ T6827] ? prandom_u32_state+0xe/0x170 [ 63.206229][ T6827] ? __brelse+0x84/0xa0 [ 63.210377][ T6827] ? __ext4_new_inode+0x144/0x55e0 [ 63.215497][ T6827] ext4_getblk+0xad/0x520 [ 63.219809][ T6827] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 63.225546][ T6827] ? ext4_free_inode+0x1700/0x1700 [ 63.230651][ T6827] ext4_bread+0x7c/0x380 [ 63.234912][ T6827] ? ext4_getblk+0x520/0x520 [ 63.239501][ T6827] ? dquot_get_next_dqblk+0x180/0x180 [ 63.244882][ T6827] ext4_append+0x153/0x360 [ 63.249283][ T6827] ext4_mkdir+0x5e0/0xdf0 [ 63.253601][ T6827] ? ext4_rmdir+0xde0/0xde0 [ 63.258088][ T6827] ? security_inode_permission+0xc4/0xf0 [ 63.263726][ T6827] vfs_mkdir+0x419/0x690 [ 63.267951][ T6827] do_mkdirat+0x21e/0x280 [ 63.272525][ T6827] ? __ia32_sys_mknod+0xb0/0xb0 [ 63.277376][ T6827] ? do_syscall_64+0x1c/0xe0 [ 63.281955][ T6827] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 63.287941][ T6827] do_syscall_64+0x60/0xe0 [ 63.292361][ T6827] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.298250][ T6827] RIP: 0033:0x7f38b4289687 [ 63.302644][ T6827] Code: Bad RIP value. [ 63.306823][ T6827] RSP: 002b:00007ffcd56a3368 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 63.315242][ T6827] RAX: ffffffffffffffda RBX: 000055f53eb16985 RCX: 00007f38b4289687 [ 63.323199][ T6827] RDX: 00007ffcd56a3230 RSI: 00000000000001ed RDI: 000055f53eb16985 [ 63.331169][ T6827] RBP: 00007f38b4289680 R08: 0000000000000100 R09: 0000000000000000 [ 63.339149][ T6827] R10: 000055f53eb16980 R11: 0000000000000246 R12: 00000000000001ed [ 63.347234][ T6827] R13: 00007ffcd56a34f0 R14: 0000000000000000 R15: 0000000000000000 Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.12' (ECDSA) to the list of known hosts. 2020/06/16 03:39:59 fuzzer started 2020/06/16 03:39:59 connecting to host at 10.128.0.26:34225 2020/06/16 03:39:59 checking machine... 2020/06/16 03:39:59 checking revisions... 2020/06/16 03:39:59 testing simple program... syzkaller login: [ 67.609719][ T6838] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6838 [ 67.618881][ T6838] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.624878][ T6838] CPU: 1 PID: 6838 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 67.633104][ T6838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.643157][ T6838] Call Trace: [ 67.646439][ T6838] dump_stack+0x18f/0x20d [ 67.650774][ T6838] check_preemption_disabled+0x20d/0x220 [ 67.656386][ T6838] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.661484][ T6838] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.666921][ T6838] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 67.672636][ T6838] ext4_ext_map_blocks+0x201b/0x33e0 [ 67.677908][ T6838] ? ext4_ext_release+0x10/0x10 [ 67.682763][ T6838] ? down_write_killable+0x170/0x170 [ 67.688025][ T6838] ? ext4_es_lookup_extent+0x41d/0xd10 [ 67.693466][ T6838] ext4_map_blocks+0x4cb/0x1640 [ 67.698313][ T6838] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 67.703509][ T6838] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 67.709036][ T6838] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 67.715009][ T6838] ? prandom_u32_state+0xe/0x170 [ 67.719946][ T6838] ? __brelse+0x84/0xa0 [ 67.724097][ T6838] ? __ext4_new_inode+0x144/0x55e0 [ 67.729186][ T6838] ext4_getblk+0xad/0x520 [ 67.733511][ T6838] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 67.739214][ T6838] ? ext4_free_inode+0x1700/0x1700 [ 67.744320][ T6838] ext4_bread+0x7c/0x380 [ 67.748557][ T6838] ? ext4_getblk+0x520/0x520 [ 67.755050][ T6838] ? dquot_get_next_dqblk+0x180/0x180 [ 67.760419][ T6838] ext4_append+0x153/0x360 [ 67.764827][ T6838] ext4_mkdir+0x5e0/0xdf0 [ 67.769348][ T6838] ? ext4_rmdir+0xde0/0xde0 [ 67.774062][ T6838] ? security_inode_permission+0xc4/0xf0 [ 67.779684][ T6838] vfs_mkdir+0x419/0x690 [ 67.783971][ T6838] do_mkdirat+0x21e/0x280 [ 67.788341][ T6838] ? __ia32_sys_mknod+0xb0/0xb0 [ 67.794066][ T6838] ? do_syscall_64+0x1c/0xe0 [ 67.798643][ T6838] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.804652][ T6838] do_syscall_64+0x60/0xe0 [ 67.809073][ T6838] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.814949][ T6838] RIP: 0033:0x4b02a0 [ 67.818817][ T6838] Code: Bad RIP value. [ 67.822869][ T6838] RSP: 002b:000000c0000c74b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 67.831259][ T6838] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b02a0 [ 67.839216][ T6838] RDX: 00000000000001c0 RSI: 000000c000026a40 RDI: ffffffffffffff9c [ 67.847610][ T6838] RBP: 000000c0000c7510 R08: 0000000000000000 R09: 0000000000000000 [ 67.861200][ T6838] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 67.869162][ T6838] R13: 0000000000000053 R14: 0000000000000052 R15: 0000000000000100 [ 67.887934][ T6851] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6851 [ 67.897472][ T6851] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.903510][ T6851] CPU: 1 PID: 6851 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 67.912110][ T6851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.922247][ T6851] Call Trace: [ 67.925541][ T6851] dump_stack+0x18f/0x20d [ 67.929912][ T6851] check_preemption_disabled+0x20d/0x220 [ 67.935578][ T6851] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.940720][ T6851] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.946205][ T6851] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 67.952009][ T6851] ext4_ext_map_blocks+0x201b/0x33e0 [ 67.957362][ T6851] ? ext4_ext_release+0x10/0x10 [ 67.962234][ T6851] ? down_write_killable+0x170/0x170 [ 67.967556][ T6851] ? ext4_es_lookup_extent+0x41d/0xd10 [ 67.973040][ T6851] ext4_map_blocks+0x4cb/0x1640 [ 67.977907][ T6851] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 67.983103][ T6851] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 67.989548][ T6851] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 67.995522][ T6851] ? prandom_u32_state+0xe/0x170 [ 68.000450][ T6851] ? __brelse+0x84/0xa0 [ 68.004605][ T6851] ? __ext4_new_inode+0x144/0x55e0 [ 68.009703][ T6851] ext4_getblk+0xad/0x520 [ 68.014036][ T6851] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 68.019774][ T6851] ? ext4_free_inode+0x1700/0x1700 [ 68.024877][ T6851] ext4_bread+0x7c/0x380 [ 68.029101][ T6851] ? ext4_getblk+0x520/0x520 [ 68.033684][ T6851] ? dquot_get_next_dqblk+0x180/0x180 [ 68.039165][ T6851] ext4_append+0x153/0x360 [ 68.043566][ T6851] ext4_mkdir+0x5e0/0xdf0 [ 68.048153][ T6851] ? ext4_rmdir+0xde0/0xde0 [ 68.052656][ T6851] ? security_inode_permission+0xc4/0xf0 [ 68.058278][ T6851] vfs_mkdir+0x419/0x690 [ 68.062521][ T6851] do_mkdirat+0x21e/0x280 [ 68.066835][ T6851] ? __ia32_sys_mknod+0xb0/0xb0 [ 68.071684][ T6851] ? do_syscall_64+0x1c/0xe0 [ 68.076255][ T6851] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 68.082228][ T6851] do_syscall_64+0x60/0xe0 [ 68.086637][ T6851] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.092520][ T6851] RIP: 0033:0x45bed7 [ 68.096486][ T6851] Code: Bad RIP value. [ 68.100527][ T6851] RSP: 002b:00007ffe81d11b38 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 68.108920][ T6851] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 68.121298][ T6851] RDX: 0000000000000002 RSI: 00000000000001c0 RDI: 00007ffe81d11d10 [ 68.129272][ T6851] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000002dc0 [ 68.137395][ T6851] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 68.146038][ T6851] R13: 00007ffe81d11d10 R14: 8421084210842109 R15: 00007ffe81d11d1c [ 68.249826][ T6852] IPVS: ftp: loaded support on port[0] = 21 [ 68.291102][ T6852] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6852 [ 68.300687][ T6852] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.306661][ T6852] CPU: 0 PID: 6852 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 68.315265][ T6852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.325455][ T6852] Call Trace: [ 68.328773][ T6852] dump_stack+0x18f/0x20d [ 68.333096][ T6852] check_preemption_disabled+0x20d/0x220 [ 68.338800][ T6852] ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.343905][ T6852] ? ext4_ext_search_right+0x2ca/0xb20 [ 68.349348][ T6852] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 68.355061][ T6852] ext4_ext_map_blocks+0x201b/0x33e0 [ 68.360338][ T6852] ? ext4_ext_release+0x10/0x10 [ 68.365183][ T6852] ? down_write_killable+0x170/0x170 [ 68.370482][ T6852] ? ext4_es_lookup_extent+0x41d/0xd10 [ 68.375946][ T6852] ext4_map_blocks+0x4cb/0x1640 [ 68.380784][ T6852] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 68.385982][ T6852] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 68.391522][ T6852] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 68.397742][ T6852] ? prandom_u32_state+0xe/0x170 [ 68.402749][ T6852] ? __brelse+0x84/0xa0 [ 68.406882][ T6852] ? __ext4_new_inode+0x144/0x55e0 [ 68.411997][ T6852] ext4_getblk+0xad/0x520 [ 68.416310][ T6852] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 68.422024][ T6852] ? ext4_free_inode+0x1700/0x1700 [ 68.427466][ T6852] ext4_bread+0x7c/0x380 [ 68.431708][ T6852] ? ext4_getblk+0x520/0x520 [ 68.436280][ T6852] ? dquot_get_next_dqblk+0x180/0x180 [ 68.441900][ T6852] ext4_append+0x153/0x360 [ 68.446300][ T6852] ext4_mkdir+0x5e0/0xdf0 [ 68.450616][ T6852] ? ext4_rmdir+0xde0/0xde0 [ 68.455119][ T6852] ? security_inode_permission+0xc4/0xf0 [ 68.460742][ T6852] vfs_mkdir+0x419/0x690 [ 68.465122][ T6852] do_mkdirat+0x21e/0x280 [ 68.469432][ T6852] ? __ia32_sys_mknod+0xb0/0xb0 [ 68.474274][ T6852] ? do_syscall_64+0x1c/0xe0 [ 68.478843][ T6852] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 68.484804][ T6852] do_syscall_64+0x60/0xe0 [ 68.489230][ T6852] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.495649][ T6852] RIP: 0033:0x45bed7 [ 68.499542][ T6852] Code: Bad RIP value. [ 68.503605][ T6852] RSP: 002b:00007ffe81d11a28 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 68.512006][ T6852] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 68.520220][ T6852] RDX: 00007ffe81d11a73 RSI: 00000000000001ff RDI: 00007ffe81d11a70 [ 68.528280][ T6852] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 68.536240][ T6852] R10: 0000000000000064 R11: 0000000000000206 R12: 00000000004185c0 [ 68.544222][ T6852] R13: 00007ffe81d11a60 R14: 0000000000000000 R15: 00007ffe81d11a70 [ 68.651663][ T6852] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6852 [ 68.661172][ T6852] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.667083][ T6852] CPU: 0 PID: 6852 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 68.675677][ T6852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.685763][ T6852] Call Trace: [ 68.689057][ T6852] dump_stack+0x18f/0x20d [ 68.693454][ T6852] check_preemption_disabled+0x20d/0x220 [ 68.699113][ T6852] ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.704682][ T6852] ? ext4_ext_search_right+0x2ca/0xb20 [ 68.710141][ T6852] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 68.715877][ T6852] ext4_ext_map_blocks+0x201b/0x33e0 [ 68.721193][ T6852] ? ext4_ext_release+0x10/0x10 [ 68.726103][ T6852] ? down_write_killable+0x170/0x170 [ 68.731424][ T6852] ? ext4_es_lookup_extent+0x41d/0xd10 [ 68.736915][ T6852] ext4_map_blocks+0x4cb/0x1640 [ 68.741801][ T6852] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 68.747011][ T6852] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 68.752675][ T6852] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 68.758674][ T6852] ? prandom_u32_state+0xe/0x170 [ 68.763644][ T6852] ? __brelse+0x84/0xa0 [ 68.768100][ T6852] ? __ext4_new_inode+0x144/0x55e0 [ 68.773246][ T6852] ext4_getblk+0xad/0x520 [ 68.777718][ T6852] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 68.783462][ T6852] ? ext4_free_inode+0x1700/0x1700 [ 68.788568][ T6852] ext4_bread+0x7c/0x380 [ 68.792809][ T6852] ? ext4_getblk+0x520/0x520 [ 68.797439][ T6852] ? dquot_get_next_dqblk+0x180/0x180 [ 68.802808][ T6852] ext4_append+0x153/0x360 [ 68.807214][ T6852] ext4_mkdir+0x5e0/0xdf0 [ 68.811537][ T6852] ? ext4_rmdir+0xde0/0xde0 [ 68.816030][ T6852] ? security_inode_permission+0xc4/0xf0 [ 68.821745][ T6852] vfs_mkdir+0x419/0x690 [ 68.826009][ T6852] do_mkdirat+0x21e/0x280 [ 68.830638][ T6852] ? __ia32_sys_mknod+0xb0/0xb0 [ 68.835636][ T6852] ? do_syscall_64+0x1c/0xe0 [ 68.840284][ T6852] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 68.846401][ T6852] do_syscall_64+0x60/0xe0 [ 68.850885][ T6852] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.856788][ T6852] RIP: 0033:0x45bed7 [ 68.860772][ T6852] Code: Bad RIP value. [ 68.864849][ T6852] RSP: 002b:00007ffe81d11a28 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 68.873476][ T6852] RAX: ffffffffffffffda RBX: 0000000000010bff RCX: 000000000045bed7 [ 68.881554][ T6852] RDX: 00007ffe81d11a73 RSI: 00000000000001ff RDI: 00007ffe81d11a70 [ 68.889534][ T6852] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 2020/06/16 03:40:01 building call list... [ 68.897553][ T6852] R10: 0000000000000064 R11: 0000000000000206 R12: 0000000000000003 [ 68.905535][ T6852] R13: 00007ffe81d11a60 R14: 0000000000010be5 R15: 00007ffe81d11a70 [ 69.119646][ T154] tipc: TX() has been purged, node left! [ 69.642324][ T154] ================================================================== [ 69.650916][ T154] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 69.659138][ T154] Write of size 1 at addr ffff8880986789e4 by task kworker/u4:3/154 [ 69.667595][ T154] [ 69.669940][ T154] CPU: 1 PID: 154 Comm: kworker/u4:3 Not tainted 5.8.0-rc1-syzkaller #0 [ 69.678380][ T154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.688572][ T154] Workqueue: netns cleanup_net [ 69.693339][ T154] Call Trace: [ 69.696641][ T154] dump_stack+0x18f/0x20d [ 69.702064][ T154] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.707978][ T154] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.713784][ T154] ? afs_put_call+0xa40/0xa40 [ 69.718616][ T154] print_address_description.constprop.0.cold+0xd3/0x413 [ 69.725783][ T154] ? vprintk_func+0x97/0x1a6 [ 69.730598][ T154] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.736188][ T154] kasan_report.cold+0x1f/0x37 [ 69.740979][ T154] ? rcu_read_lock_held_common+0x51/0xa0 [ 69.746637][ T154] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.752199][ T154] afs_wake_up_async_call+0x6aa/0x770 [ 69.757595][ T154] ? afs_close_socket+0x320/0x320 [ 69.762623][ T154] ? afs_put_call+0xa40/0xa40 [ 69.767301][ T154] rxrpc_notify_socket+0x1db/0x5d0 [ 69.772427][ T154] ? afs_put_call+0xa40/0xa40 [ 69.777107][ T154] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 69.783613][ T154] rxrpc_call_completed+0xca/0xf0 [ 69.788656][ T154] rxrpc_discard_prealloc+0x781/0xab0 [ 69.794203][ T154] ? lock_sock_nested+0x94/0x110 [ 69.799163][ T154] rxrpc_listen+0x147/0x360 [ 69.803679][ T154] afs_close_socket+0x95/0x320 [ 69.808447][ T154] ? afs_purge_servers+0x16d/0x300 [ 69.813564][ T154] ? afs_rx_discard_new_call+0x50/0x50 [ 69.819029][ T154] ? init_wait_var_entry+0x200/0x200 [ 69.824325][ T154] ? rcu_read_lock_held_common+0xa0/0xa0 [ 69.829962][ T154] ? check_preemption_disabled+0x38/0x220 [ 69.835754][ T154] afs_net_exit+0x1bc/0x310 [ 69.840280][ T154] ? afs_net_init+0xe30/0xe30 [ 69.844967][ T154] ops_exit_list.isra.0+0xa8/0x150 [ 69.850087][ T154] cleanup_net+0x511/0xa50 [ 69.854513][ T154] ? unregister_pernet_device+0x70/0x70 [ 69.860080][ T154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.866069][ T154] process_one_work+0x965/0x1690 [ 69.871034][ T154] ? lock_release+0x800/0x800 [ 69.875714][ T154] ? pwq_dec_nr_in_flight+0x310/0x310 [ 69.881091][ T154] ? rwlock_bug.part.0+0x90/0x90 [ 69.886038][ T154] worker_thread+0x96/0xe10 [ 69.890582][ T154] ? process_one_work+0x1690/0x1690 [ 69.895797][ T154] kthread+0x3b5/0x4a0 [ 69.899886][ T154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 69.905638][ T154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 69.911377][ T154] ret_from_fork+0x1f/0x30 [ 69.915805][ T154] [ 69.918131][ T154] Allocated by task 6852: [ 69.922462][ T154] save_stack+0x1b/0x40 [ 69.926634][ T154] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 69.932263][ T154] kmem_cache_alloc_trace+0x153/0x7d0 [ 69.937630][ T154] afs_alloc_call+0x55/0x630 [ 69.942219][ T154] afs_charge_preallocation+0xe9/0x2d0 [ 69.947674][ T154] afs_open_socket+0x292/0x360 [ 69.952432][ T154] afs_net_init+0xa6c/0xe30 [ 69.956932][ T154] ops_init+0xaf/0x420 [ 69.960995][ T154] setup_net+0x2de/0x860 [ 69.965266][ T154] copy_net_ns+0x293/0x590 [ 69.969697][ T154] create_new_namespaces+0x3fb/0xb30 [ 69.974986][ T154] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 69.980616][ T154] ksys_unshare+0x43d/0x8e0 [ 69.985116][ T154] __x64_sys_unshare+0x2d/0x40 [ 69.989901][ T154] do_syscall_64+0x60/0xe0 [ 69.994346][ T154] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 70.000249][ T154] [ 70.002585][ T154] Freed by task 154: [ 70.006490][ T154] save_stack+0x1b/0x40 [ 70.010647][ T154] __kasan_slab_free+0xf7/0x140 [ 70.015494][ T154] kfree+0x109/0x2b0 [ 70.019392][ T154] afs_put_call+0x585/0xa40 [ 70.023898][ T154] rxrpc_discard_prealloc+0x764/0xab0 [ 70.029270][ T154] rxrpc_listen+0x147/0x360 [ 70.033771][ T154] afs_close_socket+0x95/0x320 [ 70.038529][ T154] afs_net_exit+0x1bc/0x310 [ 70.043052][ T154] ops_exit_list.isra.0+0xa8/0x150 [ 70.048195][ T154] cleanup_net+0x511/0xa50 [ 70.052624][ T154] process_one_work+0x965/0x1690 [ 70.057848][ T154] worker_thread+0x96/0xe10 [ 70.062455][ T154] kthread+0x3b5/0x4a0 [ 70.066630][ T154] ret_from_fork+0x1f/0x30 [ 70.071036][ T154] [ 70.073368][ T154] The buggy address belongs to the object at ffff888098678800 [ 70.073368][ T154] which belongs to the cache kmalloc-1k of size 1024 [ 70.087432][ T154] The buggy address is located 484 bytes inside of [ 70.087432][ T154] 1024-byte region [ffff888098678800, ffff888098678c00) [ 70.100803][ T154] The buggy address belongs to the page: [ 70.106475][ T154] page:ffffea0002619e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 70.115581][ T154] flags: 0xfffe0000000200(slab) [ 70.120473][ T154] raw: 00fffe0000000200 ffffea00028c4548 ffffea00028c4488 ffff8880aa000c40 [ 70.129059][ T154] raw: 0000000000000000 ffff888098678000 0000000100000002 0000000000000000 [ 70.137660][ T154] page dumped because: kasan: bad access detected [ 70.144162][ T154] [ 70.146613][ T154] Memory state around the buggy address: [ 70.152253][ T154] ffff888098678880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.160328][ T154] ffff888098678900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.168413][ T154] >ffff888098678980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.176476][ T154] ^ [ 70.183763][ T154] ffff888098678a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.191829][ T154] ffff888098678a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.199921][ T154] ================================================================== [ 70.207969][ T154] Disabling lock debugging due to kernel taint [ 70.214196][ T154] Kernel panic - not syncing: panic_on_warn set ... [ 70.220787][ T154] CPU: 1 PID: 154 Comm: kworker/u4:3 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 70.230498][ T154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.240685][ T154] Workqueue: netns cleanup_net [ 70.245463][ T154] Call Trace: [ 70.248768][ T154] dump_stack+0x18f/0x20d [ 70.253122][ T154] ? afs_wake_up_async_call+0x670/0x770 [ 70.258682][ T154] ? afs_put_call+0xa40/0xa40 [ 70.263366][ T154] panic+0x2e3/0x75c [ 70.267289][ T154] ? __warn_printk+0xf3/0xf3 [ 70.271891][ T154] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 70.278057][ T154] ? trace_hardirqs_on+0x55/0x220 [ 70.283085][ T154] ? afs_wake_up_async_call+0x6aa/0x770 [ 70.288625][ T154] ? afs_wake_up_async_call+0x6aa/0x770 [ 70.294196][ T154] ? afs_put_call+0xa40/0xa40 [ 70.298883][ T154] end_report+0x4d/0x53 [ 70.303032][ T154] kasan_report.cold+0xd/0x37 [ 70.307721][ T154] ? rcu_read_lock_held_common+0x51/0xa0 [ 70.313345][ T154] ? afs_wake_up_async_call+0x6aa/0x770 [ 70.318888][ T154] afs_wake_up_async_call+0x6aa/0x770 [ 70.324255][ T154] ? afs_close_socket+0x320/0x320 [ 70.329273][ T154] ? afs_put_call+0xa40/0xa40 [ 70.333965][ T154] rxrpc_notify_socket+0x1db/0x5d0 [ 70.339070][ T154] ? afs_put_call+0xa40/0xa40 [ 70.343744][ T154] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 70.350156][ T154] rxrpc_call_completed+0xca/0xf0 [ 70.355202][ T154] rxrpc_discard_prealloc+0x781/0xab0 [ 70.360653][ T154] ? lock_sock_nested+0x94/0x110 [ 70.365614][ T154] rxrpc_listen+0x147/0x360 [ 70.370126][ T154] afs_close_socket+0x95/0x320 [ 70.374895][ T154] ? afs_purge_servers+0x16d/0x300 [ 70.380465][ T154] ? afs_rx_discard_new_call+0x50/0x50 [ 70.386705][ T154] ? init_wait_var_entry+0x200/0x200 [ 70.391989][ T154] ? rcu_read_lock_held_common+0xa0/0xa0 [ 70.397616][ T154] ? check_preemption_disabled+0x38/0x220 [ 70.403349][ T154] afs_net_exit+0x1bc/0x310 [ 70.407855][ T154] ? afs_net_init+0xe30/0xe30 [ 70.412531][ T154] ops_exit_list.isra.0+0xa8/0x150 [ 70.417748][ T154] cleanup_net+0x511/0xa50 [ 70.422164][ T154] ? unregister_pernet_device+0x70/0x70 [ 70.427709][ T154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 70.433863][ T154] process_one_work+0x965/0x1690 [ 70.439168][ T154] ? lock_release+0x800/0x800 [ 70.443839][ T154] ? pwq_dec_nr_in_flight+0x310/0x310 [ 70.449206][ T154] ? rwlock_bug.part.0+0x90/0x90 [ 70.454140][ T154] worker_thread+0x96/0xe10 [ 70.458642][ T154] ? process_one_work+0x1690/0x1690 [ 70.463938][ T154] kthread+0x3b5/0x4a0 [ 70.468012][ T154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 70.473734][ T154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 70.479449][ T154] ret_from_fork+0x1f/0x30 [ 70.485500][ T154] Kernel Offset: disabled [ 70.489857][ T154] Rebooting in 86400 seconds..