Warning: Permanently added '10.128.0.56' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   29.680810] ==================================================================
[   29.688174] BUG: KASAN: stack-out-of-bounds in unwind_next_frame+0x146f/0x17d0
[   29.695507] Read of size 8 at addr ffff8880ba507cb0 by task syz-executor361/7960
[   29.703506] 
[   29.705111] CPU: 1 PID: 7960 Comm: syz-executor361 Not tainted 4.14.292-syzkaller #0
[   29.712962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   29.722294] Call Trace:
[   29.724856]  <IRQ>
[   29.726989]  dump_stack+0x1b2/0x281
[   29.730593]  print_address_description.cold+0x54/0x1d3
[   29.735845]  kasan_report_error.cold+0x8a/0x191
[   29.740487]  ? unwind_next_frame+0x146f/0x17d0
[   29.745044]  __asan_report_load8_noabort+0x68/0x70
[   29.749951]  ? unwind_next_frame+0x146f/0x17d0
[   29.754509]  unwind_next_frame+0x146f/0x17d0
[   29.758893]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.764342]  ? lock_downgrade+0x740/0x740
[   29.768466]  ? lock_downgrade+0x740/0x740
[   29.772593]  ? deref_stack_reg+0x1a0/0x1a0
[   29.776807]  ? check_preemption_disabled+0x35/0x240
[   29.781805]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.787144]  perf_callchain_kernel+0x38c/0x520
[   29.791700]  ? arch_perf_update_userpage+0x300/0x300
[   29.796777]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.802114]  ? check_preemption_disabled+0x35/0x240
[   29.807109]  get_perf_callchain+0x2de/0x740
[   29.811410]  ? put_callchain_buffers+0x60/0x60
[   29.815969]  ? put_callchain_buffers+0x60/0x60
[   29.820532]  ? perf_tp_event+0x3e0/0x6e0
[   29.824569]  perf_callchain+0x147/0x190
[   29.828519]  perf_prepare_sample+0xc9a/0x1370
[   29.832988]  ? perf_output_sample+0x16f0/0x16f0
[   29.837632]  perf_event_output_forward+0xc9/0x1f0
[   29.842446]  ? perf_prepare_sample+0x1370/0x1370
[   29.847176]  ? perf_event_output_forward+0x143/0x1f0
[   29.852250]  ? perf_prepare_sample+0x1370/0x1370
[   29.856978]  ? check_preemption_disabled+0x35/0x240
[   29.861966]  __perf_event_overflow+0x113/0x310
[   29.866521]  perf_swevent_event+0x3c8/0x460
[   29.870814]  perf_tp_event+0x540/0x6e0
[   29.874677]  ? check_preemption_disabled+0x35/0x240
[   29.879665]  ? perf_swevent_event+0x460/0x460
[   29.884136]  ? __save_stack_trace+0x63/0x160
[   29.888519]  ? deref_stack_reg+0x124/0x1a0
[   29.892730]  ? is_bpf_text_address+0x91/0x150
[   29.897199]  ? lock_acquire+0x170/0x3f0
[   29.901148]  ? lock_downgrade+0x740/0x740
[   29.905271]  ? is_bpf_text_address+0xb8/0x150
[   29.909739]  ? kernel_text_address+0xbd/0xf0
[   29.914123]  ? perf_trace_run_bpf_submit+0x119/0x200
[   29.919199]  ? check_preemption_disabled+0x35/0x240
[   29.924188]  perf_trace_run_bpf_submit+0x119/0x200
[   29.929093]  perf_trace_lock+0x2d6/0x490
[   29.933129]  ? perf_trace_lock_acquire+0x510/0x510
[   29.938032]  ? unmap_single_vma+0x147/0x2b0
[   29.942325]  ? perf_trace_lock_acquire+0x510/0x510
[   29.947227]  ? do_syscall_64+0x1d5/0x640
[   29.951264]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.956599]  ? free_object+0xe4/0x240
[   29.960371]  ? perf_trace_lock_acquire+0x510/0x510
[   29.965272]  lock_release+0x4df/0x870
[   29.969045]  ? lock_acquire+0x170/0x3f0
[   29.972994]  ? lock_downgrade+0x740/0x740
[   29.977130]  ? lock_acquire+0x170/0x3f0
[   29.981082]  _raw_spin_unlock_irqrestore+0x1b/0xe0
[   29.985995]  free_object+0xe4/0x240
[   29.989603]  debug_check_no_obj_freed+0x372/0x680
[   29.994431]  ? mark_held_locks+0xa6/0xf0
[   29.998473]  ? free_uid+0x24d/0x330
[   30.002421]  ? debug_object_activate+0x490/0x490
[   30.007153]  kmem_cache_free+0x156/0x2b0
[   30.011190]  ? profiling_store+0xb0/0xb0
[   30.015228]  rcu_process_callbacks+0x780/0x1180
[   30.019891]  ? note_gp_changes+0x2f0/0x2f0
[   30.024116]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   30.029558]  __do_softirq+0x24d/0x9ff
[   30.033343]  ? check_preemption_disabled+0x35/0x240
[   30.038333]  irq_exit+0x193/0x240
[   30.041767]  smp_apic_timer_interrupt+0x141/0x5e0
[   30.046583]  apic_timer_interrupt+0x93/0xa0
[   30.050879]  </IRQ>
[   30.053095] RIP: 0010:lock_release+0x41e/0x870
[   30.057650] RSP: 0018:ffff8880a29b79c0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10
[   30.065334] RAX: 1ffffffff11e1359 RBX: 1ffff11014536f3b RCX: 1ffff11012e0e5e6
[   30.072578] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 0000000000000286
[   30.079824] RBP: ffff888097072680 R08: 0000000000000000 R09: 0000000000000001
[   30.087065] R10: ffff8880a29b7880 R11: 0000000000000001 R12: 4266a10b7c0d49cf
[   30.094309] R13: 0000000000000003 R14: ffff888097072680 R15: 0000000000000002
[   30.101563]  ? check_preemption_disabled+0x35/0x240
[   30.106556]  ? lock_downgrade+0x740/0x740
[   30.110679]  page_remove_rmap+0x96/0xe0
[   30.114642]  unmap_page_range+0xf41/0x1d90
[   30.118853]  ? vm_normal_page_pmd+0x340/0x340
[   30.123321]  unmap_single_vma+0x147/0x2b0
[   30.127442]  unmap_vmas+0x9d/0x160
[   30.130954]  exit_mmap+0x270/0x4d0
[   30.134468]  ? SyS_remap_file_pages+0x6a0/0x6a0
[   30.139114]  ? kmem_cache_free+0x23a/0x2b0
[   30.143322]  ? __khugepaged_exit+0x29b/0x3c0
[   30.147706]  mmput+0xfa/0x420
[   30.150788]  do_exit+0x984/0x2850
[   30.154216]  ? __do_page_fault+0x571/0xad0
[   30.158423]  ? mm_update_next_owner+0x5b0/0x5b0
[   30.163066]  ? lock_downgrade+0x740/0x740
[   30.167202]  do_group_exit+0x100/0x2e0
[   30.171071]  SyS_exit_group+0x19/0x20
[   30.174848]  ? do_group_exit+0x2e0/0x2e0
[   30.178885]  do_syscall_64+0x1d5/0x640
[   30.182752]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.187917] RIP: 0033:0x7f1f65fe8ca9
[   30.191602] RSP: 002b:00007ffd9fd0f5c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   30.199282] RAX: ffffffffffffffda RBX: 00007f1f6605c270 RCX: 00007f1f65fe8ca9
[   30.206874] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   30.214117] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000
[   30.221362] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007f1f6605c270
[   30.228607] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   30.235853] 
[   30.237468] The buggy address belongs to the page:
[   30.242371] page:ffffea0002e941c0 count:1 mapcount:0 mapping:          (null) index:0x0
[   30.250486] flags: 0xfff00000000800(reserved)
[   30.254955] raw: 00fff00000000800 0000000000000000 0000000000000000 00000001ffffffff
[   30.262809] raw: ffffea0002e941e0 ffffea0002e941e0 0000000000000000 0000000000000000
[   30.270660] page dumped because: kasan: bad access detected
[   30.276338] 
[   30.277936] Memory state around the buggy address:
[   30.282852]  ffff8880ba507b80: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1
[   30.290183]  ffff8880ba507c00: 04 f2 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
[   30.297530] >ffff8880ba507c80: f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00 00 00
[   30.304873]                                      ^
[   30.309775]  ffff8880ba507d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   30.317106]  ffff8880ba507d80: 00 00 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00
[   30.324432] ==================================================================
[   30.331777] Disabling lock debugging due to kernel taint
[   30.337199] Kernel panic - not syncing: panic_on_warn set ...
[   30.337199] 
[   30.344532] CPU: 1 PID: 7960 Comm: syz-executor361 Tainted: G    B           4.14.292-syzkaller #0
[   30.353600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   30.362924] Call Trace:
[   30.365484]  <IRQ>
[   30.367630]  dump_stack+0x1b2/0x281
[   30.371230]  panic+0x1f9/0x42d
[   30.374395]  ? add_taint.cold+0x16/0x16
[   30.378343]  ? lock_downgrade+0x740/0x740
[   30.382465]  kasan_end_report+0x43/0x49
[   30.386414]  kasan_report_error.cold+0xa7/0x191
[   30.391058]  ? unwind_next_frame+0x146f/0x17d0
[   30.395614]  __asan_report_load8_noabort+0x68/0x70
[   30.400516]  ? unwind_next_frame+0x146f/0x17d0
[   30.405070]  unwind_next_frame+0x146f/0x17d0
[   30.409452]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.414788]  ? lock_downgrade+0x740/0x740
[   30.418911]  ? lock_downgrade+0x740/0x740
[   30.423031]  ? deref_stack_reg+0x1a0/0x1a0
[   30.427240]  ? check_preemption_disabled+0x35/0x240
[   30.432247]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.437592]  perf_callchain_kernel+0x38c/0x520
[   30.442148]  ? arch_perf_update_userpage+0x300/0x300
[   30.447232]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.452577]  ? check_preemption_disabled+0x35/0x240
[   30.457572]  get_perf_callchain+0x2de/0x740
[   30.461869]  ? put_callchain_buffers+0x60/0x60
[   30.466423]  ? put_callchain_buffers+0x60/0x60
[   30.470976]  ? perf_tp_event+0x3e0/0x6e0
[   30.475015]  perf_callchain+0x147/0x190
[   30.478964]  perf_prepare_sample+0xc9a/0x1370
[   30.483433]  ? perf_output_sample+0x16f0/0x16f0
[   30.488088]  perf_event_output_forward+0xc9/0x1f0
[   30.492904]  ? perf_prepare_sample+0x1370/0x1370
[   30.497640]  ? perf_event_output_forward+0x143/0x1f0
[   30.502719]  ? perf_prepare_sample+0x1370/0x1370
[   30.507454]  ? check_preemption_disabled+0x35/0x240
[   30.512444]  __perf_event_overflow+0x113/0x310
[   30.517003]  perf_swevent_event+0x3c8/0x460
[   30.521302]  perf_tp_event+0x540/0x6e0
[   30.525163]  ? check_preemption_disabled+0x35/0x240
[   30.530154]  ? perf_swevent_event+0x460/0x460
[   30.534622]  ? __save_stack_trace+0x63/0x160
[   30.539019]  ? deref_stack_reg+0x124/0x1a0
[   30.543229]  ? is_bpf_text_address+0x91/0x150
[   30.547701]  ? lock_acquire+0x170/0x3f0
[   30.551649]  ? lock_downgrade+0x740/0x740
[   30.555773]  ? is_bpf_text_address+0xb8/0x150
[   30.560253]  ? kernel_text_address+0xbd/0xf0
[   30.564640]  ? perf_trace_run_bpf_submit+0x119/0x200
[   30.569757]  ? check_preemption_disabled+0x35/0x240
[   30.574759]  perf_trace_run_bpf_submit+0x119/0x200
[   30.579670]  perf_trace_lock+0x2d6/0x490
[   30.583737]  ? perf_trace_lock_acquire+0x510/0x510
[   30.588696]  ? unmap_single_vma+0x147/0x2b0
[   30.593008]  ? perf_trace_lock_acquire+0x510/0x510
[   30.597912]  ? do_syscall_64+0x1d5/0x640
[   30.601951]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.607290]  ? free_object+0xe4/0x240
[   30.611066]  ? perf_trace_lock_acquire+0x510/0x510
[   30.615969]  lock_release+0x4df/0x870
[   30.619745]  ? lock_acquire+0x170/0x3f0
[   30.623698]  ? lock_downgrade+0x740/0x740
[   30.627826]  ? lock_acquire+0x170/0x3f0
[   30.631775]  _raw_spin_unlock_irqrestore+0x1b/0xe0
[   30.637624]  free_object+0xe4/0x240
[   30.641235]  debug_check_no_obj_freed+0x372/0x680
[   30.646054]  ? mark_held_locks+0xa6/0xf0
[   30.650091]  ? free_uid+0x24d/0x330
[   30.653693]  ? debug_object_activate+0x490/0x490
[   30.658431]  kmem_cache_free+0x156/0x2b0
[   30.662466]  ? profiling_store+0xb0/0xb0
[   30.666504]  rcu_process_callbacks+0x780/0x1180
[   30.671146]  ? note_gp_changes+0x2f0/0x2f0
[   30.675357]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   30.680781]  __do_softirq+0x24d/0x9ff
[   30.684557]  ? check_preemption_disabled+0x35/0x240
[   30.689544]  irq_exit+0x193/0x240
[   30.692970]  smp_apic_timer_interrupt+0x141/0x5e0
[   30.697786]  apic_timer_interrupt+0x93/0xa0
[   30.702078]  </IRQ>
[   30.704291] RIP: 0010:lock_release+0x41e/0x870
[   30.708842] RSP: 0018:ffff8880a29b79c0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10
[   30.716522] RAX: 1ffffffff11e1359 RBX: 1ffff11014536f3b RCX: 1ffff11012e0e5e6
[   30.723763] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 0000000000000286
[   30.731006] RBP: ffff888097072680 R08: 0000000000000000 R09: 0000000000000001
[   30.738247] R10: ffff8880a29b7880 R11: 0000000000000001 R12: 4266a10b7c0d49cf
[   30.745491] R13: 0000000000000003 R14: ffff888097072680 R15: 0000000000000002
[   30.752740]  ? check_preemption_disabled+0x35/0x240
[   30.757730]  ? lock_downgrade+0x740/0x740
[   30.761880]  page_remove_rmap+0x96/0xe0
[   30.765829]  unmap_page_range+0xf41/0x1d90
[   30.770039]  ? vm_normal_page_pmd+0x340/0x340
[   30.774507]  unmap_single_vma+0x147/0x2b0
[   30.778636]  unmap_vmas+0x9d/0x160
[   30.782148]  exit_mmap+0x270/0x4d0
[   30.785666]  ? SyS_remap_file_pages+0x6a0/0x6a0
[   30.790309]  ? kmem_cache_free+0x23a/0x2b0
[   30.794518]  ? __khugepaged_exit+0x29b/0x3c0
[   30.798899]  mmput+0xfa/0x420
[   30.801981]  do_exit+0x984/0x2850
[   30.805412]  ? __do_page_fault+0x571/0xad0
[   30.809619]  ? mm_update_next_owner+0x5b0/0x5b0
[   30.814263]  ? lock_downgrade+0x740/0x740
[   30.818382]  do_group_exit+0x100/0x2e0
[   30.822243]  SyS_exit_group+0x19/0x20
[   30.826015]  ? do_group_exit+0x2e0/0x2e0
[   30.830052]  do_syscall_64+0x1d5/0x640
[   30.833919]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.839080] RIP: 0033:0x7f1f65fe8ca9
[   30.842765] RSP: 002b:00007ffd9fd0f5c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   30.850448] RAX: ffffffffffffffda RBX: 00007f1f6605c270 RCX: 00007f1f65fe8ca9
[   30.857695] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   30.864936] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000
[   30.872180] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007f1f6605c270
[   30.879421] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   31.976394] Shutting down cpus with NMI
[   31.980547] Kernel Offset: disabled
[   31.984155] Rebooting in 86400 seconds..