syzkaller login: [ 63.677812][ T152] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/152 [ 63.687145][ T152] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.693138][ T152] CPU: 0 PID: 152 Comm: kworker/u4:4 Not tainted 5.8.0-rc1-syzkaller #0 [ 63.701458][ T152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.711715][ T152] Workqueue: writeback wb_workfn (flush-8:0) [ 63.717963][ T152] Call Trace: [ 63.722526][ T152] dump_stack+0x18f/0x20d [ 63.726973][ T152] check_preemption_disabled+0x20d/0x220 [ 63.732610][ T152] ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.740653][ T152] ? ext4_find_extent+0x81a/0xad0 [ 63.745742][ T152] ? ext4_ext_search_right+0x2ca/0xb20 [ 63.751315][ T152] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 63.757164][ T152] ext4_ext_map_blocks+0x201b/0x33e0 [ 63.762479][ T152] ? ext4_ext_release+0x10/0x10 [ 63.767438][ T152] ? down_write_killable+0x170/0x170 [ 63.772722][ T152] ? ext4_es_lookup_extent+0x41d/0xd10 [ 63.778186][ T152] ext4_map_blocks+0x4cb/0x1640 [ 63.783147][ T152] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 63.788758][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.794511][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.800520][ T152] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 63.805999][ T152] ext4_writepages+0x1a7b/0x33c0 [ 63.811303][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.817104][ T152] ? __lock_acquire+0x2224/0x48b0 [ 63.822396][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.828906][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.834906][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.842627][ T152] ? do_writepages+0xfa/0x2a0 [ 63.847453][ T152] do_writepages+0xfa/0x2a0 [ 63.852834][ T152] ? page_writeback_cpu_online+0x10/0x10 [ 63.858458][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.863995][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.869968][ T152] ? lock_downgrade+0x840/0x840 [ 63.874898][ T152] __writeback_single_inode+0x12a/0x13d0 [ 63.880519][ T152] ? _raw_spin_unlock+0x24/0x40 [ 63.885346][ T152] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 63.891319][ T152] writeback_sb_inodes+0x515/0xdc0 [ 63.896423][ T152] ? __writeback_single_inode+0x13d0/0x13d0 [ 63.902313][ T152] __writeback_inodes_wb+0xc3/0x250 [ 63.907507][ T152] wb_writeback+0x8db/0xd50 [ 63.912009][ T152] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 63.918440][ T152] ? cpumask_next+0x3c/0x40 [ 63.923223][ T152] ? get_nr_dirty_inodes+0xd6/0x130 [ 63.928460][ T152] wb_workfn+0x9bc/0x1090 [ 63.932787][ T152] ? inode_wait_for_writeback+0x30/0x30 [ 63.938324][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.943859][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.949826][ T152] process_one_work+0x965/0x1690 [ 63.954758][ T152] ? lock_release+0x800/0x800 [ 63.959429][ T152] ? pwq_dec_nr_in_flight+0x310/0x310 [ 63.964793][ T152] ? rwlock_bug.part.0+0x90/0x90 [ 63.969728][ T152] worker_thread+0x96/0xe10 [ 63.974226][ T152] ? process_one_work+0x1690/0x1690 [ 63.979413][ T152] kthread+0x3b5/0x4a0 [ 63.983561][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.989292][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.995187][ T152] ret_from_fork+0x1f/0x30 [ 64.002401][ T152] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/152 [ 64.011828][ T152] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.018191][ T152] CPU: 0 PID: 152 Comm: kworker/u4:4 Not tainted 5.8.0-rc1-syzkaller #0 [ 64.026536][ T152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.036600][ T152] Workqueue: writeback wb_workfn (flush-8:0) [ 64.042569][ T152] Call Trace: [ 64.045861][ T152] dump_stack+0x18f/0x20d [ 64.050783][ T152] check_preemption_disabled+0x20d/0x220 [ 64.056405][ T152] ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.061531][ T152] ? ext4_find_extent+0x81a/0xad0 [ 64.066550][ T152] ? ext4_ext_search_right+0x2ca/0xb20 [ 64.071999][ T152] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 64.077740][ T152] ext4_ext_map_blocks+0x201b/0x33e0 [ 64.083011][ T152] ? ext4_ext_release+0x10/0x10 [ 64.087957][ T152] ? down_write_killable+0x170/0x170 [ 64.093255][ T152] ? ext4_es_lookup_extent+0x41d/0xd10 [ 64.098717][ T152] ext4_map_blocks+0x4cb/0x1640 [ 64.103563][ T152] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 64.108851][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.114528][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.120553][ T152] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 64.126016][ T152] ext4_writepages+0x1a7b/0x33c0 [ 64.130973][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.136594][ T152] ? __lock_acquire+0x2224/0x48b0 [ 64.141699][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.147678][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.153739][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.159381][ T152] ? do_writepages+0xfa/0x2a0 [ 64.164035][ T152] do_writepages+0xfa/0x2a0 [ 64.168530][ T152] ? page_writeback_cpu_online+0x10/0x10 [ 64.174160][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.179783][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.185764][ T152] ? lock_downgrade+0x840/0x840 [ 64.191482][ T152] __writeback_single_inode+0x12a/0x13d0 [ 64.197169][ T152] ? _raw_spin_unlock+0x24/0x40 [ 64.202040][ T152] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 64.208020][ T152] writeback_sb_inodes+0x515/0xdc0 [ 64.213135][ T152] ? __writeback_single_inode+0x13d0/0x13d0 [ 64.219032][ T152] __writeback_inodes_wb+0xc3/0x250 [ 64.224225][ T152] wb_writeback+0x8db/0xd50 [ 64.228733][ T152] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 64.235069][ T152] ? cpumask_next+0x3c/0x40 [ 64.239560][ T152] ? get_nr_dirty_inodes+0xd6/0x130 [ 64.244759][ T152] wb_workfn+0x9bc/0x1090 [ 64.249088][ T152] ? inode_wait_for_writeback+0x30/0x30 [ 64.254632][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.260175][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.266137][ T152] process_one_work+0x965/0x1690 [ 64.271061][ T152] ? lock_release+0x800/0x800 [ 64.275723][ T152] ? pwq_dec_nr_in_flight+0x310/0x310 [ 64.281095][ T152] ? rwlock_bug.part.0+0x90/0x90 [ 64.286033][ T152] worker_thread+0x96/0xe10 [ 64.290527][ T152] ? process_one_work+0x1690/0x1690 [ 64.295718][ T152] kthread+0x3b5/0x4a0 [ 64.299772][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.305522][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.311360][ T152] ret_from_fork+0x1f/0x30 [ 64.317086][ T152] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/152 [ 64.326308][ T152] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.332336][ T152] CPU: 0 PID: 152 Comm: kworker/u4:4 Not tainted 5.8.0-rc1-syzkaller #0 [ 64.341819][ T152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.352658][ T152] Workqueue: writeback wb_workfn (flush-8:0) [ 64.360010][ T152] Call Trace: [ 64.363293][ T152] dump_stack+0x18f/0x20d [ 64.367607][ T152] check_preemption_disabled+0x20d/0x220 [ 64.373565][ T152] ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.378669][ T152] ? ext4_find_extent+0x81a/0xad0 [ 64.383685][ T152] ? ext4_ext_search_right+0x2ca/0xb20 [ 64.389261][ T152] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 64.395123][ T152] ext4_ext_map_blocks+0x201b/0x33e0 [ 64.400453][ T152] ? ext4_ext_release+0x10/0x10 [ 64.405296][ T152] ? down_write_killable+0x170/0x170 [ 64.410648][ T152] ? ext4_es_lookup_extent+0x41d/0xd10 [ 64.416407][ T152] ext4_map_blocks+0x4cb/0x1640 [ 64.421287][ T152] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 64.426484][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.432011][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.438162][ T152] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 64.443620][ T152] ext4_writepages+0x1a7b/0x33c0 [ 64.448552][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.454172][ T152] ? __lock_acquire+0x2224/0x48b0 [ 64.459195][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.465256][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.471240][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.476875][ T152] ? do_writepages+0xfa/0x2a0 [ 64.481545][ T152] do_writepages+0xfa/0x2a0 [ 64.486094][ T152] ? page_writeback_cpu_online+0x10/0x10 [ 64.491738][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.497273][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.503241][ T152] ? lock_downgrade+0x840/0x840 [ 64.508089][ T152] __writeback_single_inode+0x12a/0x13d0 [ 64.513703][ T152] ? _raw_spin_unlock+0x24/0x40 [ 64.518545][ T152] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 64.524602][ T152] writeback_sb_inodes+0x515/0xdc0 [ 64.529714][ T152] ? __writeback_single_inode+0x13d0/0x13d0 [ 64.535731][ T152] __writeback_inodes_wb+0xc3/0x250 [ 64.540929][ T152] wb_writeback+0x8db/0xd50 [ 64.545444][ T152] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 64.551765][ T152] ? cpumask_next+0x3c/0x40 [ 64.556266][ T152] ? get_nr_dirty_inodes+0xd6/0x130 [ 64.561451][ T152] wb_workfn+0x9bc/0x1090 [ 64.565881][ T152] ? inode_wait_for_writeback+0x30/0x30 [ 64.571448][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.577281][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.583412][ T152] process_one_work+0x965/0x1690 [ 64.589310][ T152] ? lock_release+0x800/0x800 [ 64.594035][ T152] ? pwq_dec_nr_in_flight+0x310/0x310 [ 64.599731][ T152] ? rwlock_bug.part.0+0x90/0x90 [ 64.605198][ T152] worker_thread+0x96/0xe10 [ 64.610695][ T152] ? process_one_work+0x1690/0x1690 [ 64.615947][ T152] kthread+0x3b5/0x4a0 [ 64.620072][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.625787][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.632466][ T152] ret_from_fork+0x1f/0x30 [ 64.639309][ T152] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/152 [ 64.648859][ T152] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.654776][ T152] CPU: 0 PID: 152 Comm: kworker/u4:4 Not tainted 5.8.0-rc1-syzkaller #0 [ 64.663126][ T152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.673577][ T152] Workqueue: writeback wb_workfn (flush-8:0) [ 64.679552][ T152] Call Trace: [ 64.682835][ T152] dump_stack+0x18f/0x20d [ 64.687440][ T152] check_preemption_disabled+0x20d/0x220 [ 64.693219][ T152] ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.698615][ T152] ? ext4_find_extent+0x81a/0xad0 [ 64.703738][ T152] ? ext4_ext_search_right+0x2ca/0xb20 [ 64.709703][ T152] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 64.715608][ T152] ext4_ext_map_blocks+0x201b/0x33e0 [ 64.721376][ T152] ? ext4_ext_release+0x10/0x10 [ 64.726605][ T152] ? down_write_killable+0x170/0x170 [ 64.732206][ T152] ? ext4_es_lookup_extent+0x41d/0xd10 [ 64.739631][ T152] ext4_map_blocks+0x4cb/0x1640 [ 64.744498][ T152] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 64.749698][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.755232][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.761206][ T152] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 64.767004][ T152] ext4_writepages+0x1a7b/0x33c0 [ 64.772120][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.777878][ T152] ? __lock_acquire+0x2224/0x48b0 [ 64.783114][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.789213][ T152] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.796360][ T152] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.802020][ T152] ? do_writepages+0xfa/0x2a0 [ 64.806687][ T152] do_writepages+0xfa/0x2a0 [ 64.811713][ T152] ? page_writeback_cpu_online+0x10/0x10 [ 64.818399][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.823962][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.830240][ T152] ? lock_downgrade+0x840/0x840 [ 64.835214][ T152] __writeback_single_inode+0x12a/0x13d0 [ 64.841038][ T152] ? _raw_spin_unlock+0x24/0x40 [ 64.845904][ T152] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 64.851995][ T152] writeback_sb_inodes+0x515/0xdc0 [ 64.857309][ T152] ? __writeback_single_inode+0x13d0/0x13d0 [ 64.865574][ T152] __writeback_inodes_wb+0xc3/0x250 [ 64.871152][ T152] wb_writeback+0x8db/0xd50 [ 64.876301][ T152] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 64.882703][ T152] ? cpumask_next+0x3c/0x40 [ 64.887763][ T152] ? get_nr_dirty_inodes+0xd6/0x130 [ 64.896730][ T152] wb_workfn+0x9bc/0x1090 [ 64.901057][ T152] ? inode_wait_for_writeback+0x30/0x30 [ 64.907905][ T152] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.914315][ T152] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.920506][ T152] process_one_work+0x965/0x1690 [ 64.925463][ T152] ? lock_release+0x800/0x800 [ 64.930124][ T152] ? pwq_dec_nr_in_flight+0x310/0x310 [ 64.935482][ T152] ? rwlock_bug.part.0+0x90/0x90 [ 64.940427][ T152] worker_thread+0x96/0xe10 [ 64.944934][ T152] ? process_one_work+0x1690/0x1690 [ 64.951281][ T152] kthread+0x3b5/0x4a0 [ 64.955433][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.961264][ T152] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.967228][ T152] ret_from_fork+0x1f/0x30 Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts. 2020/06/17 05:10:42 fuzzer started 2020/06/17 05:10:42 connecting to host at 10.128.0.26:42881 2020/06/17 05:10:42 checking machine... 2020/06/17 05:10:42 checking revisions... 2020/06/17 05:10:42 testing simple program... [ 66.404347][ T6792] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6792 [ 66.414720][ T6792] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.421830][ T6792] CPU: 0 PID: 6792 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 66.430158][ T6792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.440196][ T6792] Call Trace: [ 66.443488][ T6792] dump_stack+0x18f/0x20d [ 66.447900][ T6792] check_preemption_disabled+0x20d/0x220 [ 66.454140][ T6792] ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.459597][ T6792] ? ext4_ext_search_right+0x2ca/0xb20 [ 66.466269][ T6792] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 66.472007][ T6792] ext4_ext_map_blocks+0x201b/0x33e0 [ 66.477708][ T6792] ? ext4_ext_release+0x10/0x10 [ 66.482566][ T6792] ? down_write_killable+0x170/0x170 [ 66.487851][ T6792] ? ext4_es_lookup_extent+0x41d/0xd10 [ 66.493304][ T6792] ext4_map_blocks+0x4cb/0x1640 [ 66.498230][ T6792] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 66.503421][ T6792] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 66.508950][ T6792] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 66.514918][ T6792] ? prandom_u32_state+0xe/0x170 [ 66.519840][ T6792] ? __brelse+0x84/0xa0 [ 66.524071][ T6792] ? __ext4_new_inode+0x144/0x55e0 [ 66.529172][ T6792] ext4_getblk+0xad/0x520 [ 66.533504][ T6792] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 66.539223][ T6792] ? ext4_free_inode+0x1700/0x1700 [ 66.544332][ T6792] ext4_bread+0x7c/0x380 [ 66.548586][ T6792] ? ext4_getblk+0x520/0x520 [ 66.553166][ T6792] ? dquot_get_next_dqblk+0x180/0x180 [ 66.558541][ T6792] ext4_append+0x153/0x360 [ 66.562950][ T6792] ext4_mkdir+0x5e0/0xdf0 [ 66.567275][ T6792] ? ext4_rmdir+0xde0/0xde0 [ 66.571771][ T6792] ? security_inode_permission+0xc4/0xf0 [ 66.577428][ T6792] vfs_mkdir+0x419/0x690 [ 66.581678][ T6792] do_mkdirat+0x21e/0x280 [ 66.586012][ T6792] ? __ia32_sys_mknod+0xb0/0xb0 [ 66.590850][ T6792] ? do_syscall_64+0x1c/0xe0 [ 66.595508][ T6792] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 66.601482][ T6792] do_syscall_64+0x60/0xe0 [ 66.605891][ T6792] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 66.611761][ T6792] RIP: 0033:0x4b02a0 [ 66.615626][ T6792] Code: Bad RIP value. [ 66.620217][ T6792] RSP: 002b:000000c0000df4b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 66.629632][ T6792] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b02a0 [ 66.637679][ T6792] RDX: 00000000000001c0 RSI: 000000c0000ceee0 RDI: ffffffffffffff9c [ 66.645905][ T6792] RBP: 000000c0000df510 R08: 0000000000000000 R09: 0000000000000000 [ 66.653865][ T6792] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 66.666070][ T6792] R13: 0000000000000078 R14: 0000000000000077 R15: 0000000000000100 [ 66.693618][ T6807] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6807 [ 66.703210][ T6807] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.709642][ T6807] CPU: 1 PID: 6807 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 66.719172][ T6807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.729970][ T6807] Call Trace: [ 66.734314][ T6807] dump_stack+0x18f/0x20d [ 66.739690][ T6807] check_preemption_disabled+0x20d/0x220 [ 66.745958][ T6807] ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.751280][ T6807] ? ext4_ext_search_right+0x2ca/0xb20 [ 66.757162][ T6807] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 66.762971][ T6807] ext4_ext_map_blocks+0x201b/0x33e0 [ 66.768344][ T6807] ? ext4_ext_release+0x10/0x10 [ 66.773190][ T6807] ? down_write_killable+0x170/0x170 [ 66.778469][ T6807] ? ext4_es_lookup_extent+0x41d/0xd10 [ 66.783928][ T6807] ext4_map_blocks+0x4cb/0x1640 [ 66.788797][ T6807] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 66.793978][ T6807] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 66.799523][ T6807] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 66.805511][ T6807] ? prandom_u32_state+0xe/0x170 [ 66.810640][ T6807] ? __brelse+0x84/0xa0 [ 66.814803][ T6807] ? __ext4_new_inode+0x144/0x55e0 [ 66.819916][ T6807] ext4_getblk+0xad/0x520 [ 66.824272][ T6807] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 66.830023][ T6807] ? ext4_free_inode+0x1700/0x1700 [ 66.835168][ T6807] ext4_bread+0x7c/0x380 [ 66.839399][ T6807] ? ext4_getblk+0x520/0x520 [ 66.843986][ T6807] ? dquot_get_next_dqblk+0x180/0x180 [ 66.849373][ T6807] ext4_append+0x153/0x360 [ 66.853800][ T6807] ext4_mkdir+0x5e0/0xdf0 [ 66.858142][ T6807] ? ext4_rmdir+0xde0/0xde0 [ 66.862645][ T6807] ? security_inode_permission+0xc4/0xf0 [ 66.868282][ T6807] vfs_mkdir+0x419/0x690 [ 66.872523][ T6807] do_mkdirat+0x21e/0x280 [ 66.876864][ T6807] ? __ia32_sys_mknod+0xb0/0xb0 [ 66.881721][ T6807] ? do_syscall_64+0x1c/0xe0 [ 66.886389][ T6807] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 66.892377][ T6807] do_syscall_64+0x60/0xe0 [ 66.896876][ T6807] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 66.902902][ T6807] RIP: 0033:0x45bed7 [ 66.906866][ T6807] Code: Bad RIP value. [ 66.911204][ T6807] RSP: 002b:00007ffed316e348 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 66.920393][ T6807] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 66.928789][ T6807] RDX: 0000000000000002 RSI: 00000000000001c0 RDI: 00007ffed316e520 [ 66.937057][ T6807] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000002c80 [ 66.945122][ T6807] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 66.953292][ T6807] R13: 00007ffed316e520 R14: 8421084210842109 R15: 00007ffed316e52c [ 67.041117][ T6808] IPVS: ftp: loaded support on port[0] = 21 [ 67.079438][ T6808] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6808 [ 67.089028][ T6808] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.094945][ T6808] CPU: 0 PID: 6808 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 67.103601][ T6808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.114080][ T6808] Call Trace: [ 67.117533][ T6808] dump_stack+0x18f/0x20d [ 67.121934][ T6808] check_preemption_disabled+0x20d/0x220 [ 67.127588][ T6808] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.133053][ T6808] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.138607][ T6808] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 67.144353][ T6808] ext4_ext_map_blocks+0x201b/0x33e0 [ 67.149628][ T6808] ? ext4_ext_release+0x10/0x10 [ 67.154589][ T6808] ? down_write_killable+0x170/0x170 [ 67.159874][ T6808] ? ext4_es_lookup_extent+0x41d/0xd10 [ 67.167059][ T6808] ext4_map_blocks+0x4cb/0x1640 [ 67.172025][ T6808] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 67.177221][ T6808] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 67.182775][ T6808] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 67.188870][ T6808] ? prandom_u32_state+0xe/0x170 [ 67.193795][ T6808] ? __brelse+0x84/0xa0 [ 67.197934][ T6808] ? __ext4_new_inode+0x144/0x55e0 [ 67.203166][ T6808] ext4_getblk+0xad/0x520 [ 67.207594][ T6808] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 67.213317][ T6808] ? ext4_free_inode+0x1700/0x1700 [ 67.218429][ T6808] ext4_bread+0x7c/0x380 [ 67.222658][ T6808] ? ext4_getblk+0x520/0x520 [ 67.227335][ T6808] ? dquot_get_next_dqblk+0x180/0x180 [ 67.232699][ T6808] ext4_append+0x153/0x360 [ 67.237116][ T6808] ext4_mkdir+0x5e0/0xdf0 [ 67.241636][ T6808] ? ext4_rmdir+0xde0/0xde0 [ 67.246235][ T6808] ? security_inode_permission+0xc4/0xf0 [ 67.251858][ T6808] vfs_mkdir+0x419/0x690 [ 67.256120][ T6808] do_mkdirat+0x21e/0x280 [ 67.260477][ T6808] ? __ia32_sys_mknod+0xb0/0xb0 [ 67.265320][ T6808] ? do_syscall_64+0x1c/0xe0 [ 67.269894][ T6808] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.275862][ T6808] do_syscall_64+0x60/0xe0 [ 67.280279][ T6808] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.286176][ T6808] RIP: 0033:0x45bed7 [ 67.290057][ T6808] Code: Bad RIP value. [ 67.294099][ T6808] RSP: 002b:00007ffed316e238 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 67.302671][ T6808] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 67.310636][ T6808] RDX: 00007ffed316e283 RSI: 00000000000001ff RDI: 00007ffed316e280 [ 67.319039][ T6808] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 67.327003][ T6808] R10: 0000000000000064 R11: 0000000000000202 R12: 00000000004185c0 [ 67.334994][ T6808] R13: 00007ffed316e270 R14: 0000000000000000 R15: 00007ffed316e280 [ 67.389042][ T6808] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6808 [ 67.399637][ T6808] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.405560][ T6808] CPU: 0 PID: 6808 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 67.414591][ T6808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.424648][ T6808] Call Trace: [ 67.428066][ T6808] dump_stack+0x18f/0x20d [ 67.432411][ T6808] check_preemption_disabled+0x20d/0x220 [ 67.438342][ T6808] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.443486][ T6808] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.449256][ T6808] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 67.455095][ T6808] ext4_ext_map_blocks+0x201b/0x33e0 [ 67.460424][ T6808] ? ext4_ext_release+0x10/0x10 [ 67.465312][ T6808] ? down_write_killable+0x170/0x170 [ 67.473997][ T6808] ? ext4_es_lookup_extent+0x41d/0xd10 [ 67.479479][ T6808] ext4_map_blocks+0x4cb/0x1640 [ 67.484368][ T6808] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 67.490020][ T6808] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 67.495730][ T6808] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 67.502571][ T6808] ? prandom_u32_state+0xe/0x170 [ 67.507775][ T6808] ? __brelse+0x84/0xa0 [ 67.511931][ T6808] ? __ext4_new_inode+0x144/0x55e0 [ 67.517042][ T6808] ext4_getblk+0xad/0x520 [ 67.521856][ T6808] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 67.527591][ T6808] ? ext4_free_inode+0x1700/0x1700 [ 67.533065][ T6808] ext4_bread+0x7c/0x380 [ 67.537313][ T6808] ? ext4_getblk+0x520/0x520 [ 67.541915][ T6808] ? dquot_get_next_dqblk+0x180/0x180 [ 67.547294][ T6808] ext4_append+0x153/0x360 [ 67.551727][ T6808] ext4_mkdir+0x5e0/0xdf0 [ 67.556075][ T6808] ? ext4_rmdir+0xde0/0xde0 [ 67.560585][ T6808] ? security_inode_permission+0xc4/0xf0 [ 67.566240][ T6808] vfs_mkdir+0x419/0x690 [ 67.570625][ T6808] do_mkdirat+0x21e/0x280 [ 67.575904][ T6808] ? __ia32_sys_mknod+0xb0/0xb0 [ 67.580770][ T6808] ? do_syscall_64+0x1c/0xe0 [ 67.585347][ T6808] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.591339][ T6808] do_syscall_64+0x60/0xe0 [ 67.595757][ T6808] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.602352][ T6808] RIP: 0033:0x45bed7 [ 67.606242][ T6808] Code: Bad RIP value. [ 67.610305][ T6808] RSP: 002b:00007ffed316e238 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 67.619388][ T6808] RAX: ffffffffffffffda RBX: 0000000000010732 RCX: 000000000045bed7 [ 67.627995][ T6808] RDX: 00007ffed316e283 RSI: 00000000000001ff RDI: 00007ffed316e280 2020/06/17 05:10:44 building call list... [ 67.636329][ T6808] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 67.644643][ T6808] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000003 [ 67.652610][ T6808] R13: 00007ffed316e270 R14: 000000000001072d R15: 00007ffed316e280 [ 67.906065][ T184] tipc: TX() has been purged, node left! [ 68.448410][ T184] ================================================================== [ 68.457110][ T184] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 68.465605][ T184] Write of size 1 at addr ffff8880955ed1e4 by task kworker/u4:5/184 [ 68.473571][ T184] [ 68.475950][ T184] CPU: 0 PID: 184 Comm: kworker/u4:5 Not tainted 5.8.0-rc1-syzkaller #0 [ 68.484963][ T184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.495462][ T184] Workqueue: netns cleanup_net [ 68.500397][ T184] Call Trace: [ 68.503689][ T184] dump_stack+0x18f/0x20d [ 68.509426][ T184] ? afs_wake_up_async_call+0x6aa/0x770 [ 68.514969][ T184] ? afs_wake_up_async_call+0x6aa/0x770 [ 68.520598][ T184] ? afs_put_call+0xa40/0xa40 [ 68.525362][ T184] print_address_description.constprop.0.cold+0xd3/0x413 [ 68.532415][ T184] ? vprintk_func+0x97/0x1a6 [ 68.537007][ T184] ? afs_wake_up_async_call+0x6aa/0x770 [ 68.542901][ T184] kasan_report.cold+0x1f/0x37 [ 68.547674][ T184] ? rcu_read_lock_held_common+0x51/0xa0 [ 68.553909][ T184] ? afs_wake_up_async_call+0x6aa/0x770 [ 68.559457][ T184] afs_wake_up_async_call+0x6aa/0x770 [ 68.565956][ T184] ? afs_close_socket+0x320/0x320 [ 68.570983][ T184] ? afs_put_call+0xa40/0xa40 [ 68.575662][ T184] rxrpc_notify_socket+0x1db/0x5d0 [ 68.580783][ T184] ? afs_put_call+0xa40/0xa40 [ 68.585474][ T184] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 68.591904][ T184] rxrpc_call_completed+0xca/0xf0 [ 68.596939][ T184] rxrpc_discard_prealloc+0x781/0xab0 [ 68.602313][ T184] ? lock_sock_nested+0x94/0x110 [ 68.607257][ T184] rxrpc_listen+0x147/0x360 [ 68.611852][ T184] afs_close_socket+0x95/0x320 [ 68.616626][ T184] ? afs_purge_servers+0x16d/0x300 [ 68.621746][ T184] ? afs_rx_discard_new_call+0x50/0x50 [ 68.627304][ T184] ? init_wait_var_entry+0x200/0x200 [ 68.632791][ T184] ? rcu_read_lock_held_common+0xa0/0xa0 [ 68.638423][ T184] ? check_preemption_disabled+0x38/0x220 [ 68.644162][ T184] afs_net_exit+0x1bc/0x310 [ 68.648665][ T184] ? afs_net_init+0xe30/0xe30 [ 68.653339][ T184] ops_exit_list.isra.0+0xa8/0x150 [ 68.658452][ T184] cleanup_net+0x511/0xa50 [ 68.662891][ T184] ? unregister_pernet_device+0x70/0x70 [ 68.668455][ T184] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 68.674443][ T184] process_one_work+0x965/0x1690 [ 68.679395][ T184] ? lock_release+0x800/0x800 [ 68.684075][ T184] ? pwq_dec_nr_in_flight+0x310/0x310 [ 68.689537][ T184] ? rwlock_bug.part.0+0x90/0x90 [ 68.694507][ T184] worker_thread+0x96/0xe10 [ 68.699023][ T184] ? process_one_work+0x1690/0x1690 [ 68.704219][ T184] kthread+0x3b5/0x4a0 [ 68.708287][ T184] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 68.714001][ T184] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 68.719729][ T184] ret_from_fork+0x1f/0x30 [ 68.724363][ T184] [ 68.726710][ T184] Allocated by task 6808: [ 68.731055][ T184] save_stack+0x1b/0x40 [ 68.736190][ T184] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 68.741834][ T184] kmem_cache_alloc_trace+0x153/0x7d0 [ 68.747306][ T184] afs_alloc_call+0x55/0x630 [ 68.751901][ T184] afs_charge_preallocation+0xe9/0x2d0 [ 68.757353][ T184] afs_open_socket+0x292/0x360 [ 68.762108][ T184] afs_net_init+0xa6c/0xe30 [ 68.766606][ T184] ops_init+0xaf/0x420 [ 68.770686][ T184] setup_net+0x2de/0x860 [ 68.774955][ T184] copy_net_ns+0x293/0x590 [ 68.779386][ T184] create_new_namespaces+0x3fb/0xb30 [ 68.784684][ T184] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 68.790313][ T184] ksys_unshare+0x43d/0x8e0 [ 68.795254][ T184] __x64_sys_unshare+0x2d/0x40 [ 68.800014][ T184] do_syscall_64+0x60/0xe0 [ 68.805570][ T184] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.811822][ T184] [ 68.814665][ T184] Freed by task 184: [ 68.818573][ T184] save_stack+0x1b/0x40 [ 68.822816][ T184] __kasan_slab_free+0xf7/0x140 [ 68.829718][ T184] kfree+0x109/0x2b0 [ 68.833707][ T184] afs_put_call+0x585/0xa40 [ 68.838646][ T184] rxrpc_discard_prealloc+0x764/0xab0 [ 68.844241][ T184] rxrpc_listen+0x147/0x360 [ 68.849706][ T184] afs_close_socket+0x95/0x320 [ 68.854837][ T184] afs_net_exit+0x1bc/0x310 [ 68.860290][ T184] ops_exit_list.isra.0+0xa8/0x150 [ 68.865568][ T184] cleanup_net+0x511/0xa50 [ 68.869995][ T184] process_one_work+0x965/0x1690 [ 68.874930][ T184] worker_thread+0x96/0xe10 [ 68.879697][ T184] kthread+0x3b5/0x4a0 [ 68.884234][ T184] ret_from_fork+0x1f/0x30 [ 68.888813][ T184] [ 68.891162][ T184] The buggy address belongs to the object at ffff8880955ed000 [ 68.891162][ T184] which belongs to the cache kmalloc-1k of size 1024 [ 68.906779][ T184] The buggy address is located 484 bytes inside of [ 68.906779][ T184] 1024-byte region [ffff8880955ed000, ffff8880955ed400) [ 68.920739][ T184] The buggy address belongs to the page: [ 68.926370][ T184] page:ffffea0002557b40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 68.935470][ T184] flags: 0xfffe0000000200(slab) [ 68.940336][ T184] raw: 00fffe0000000200 ffffea00027c4d08 ffffea0002544748 ffff8880aa000c40 [ 68.948919][ T184] raw: 0000000000000000 ffff8880955ed000 0000000100000002 0000000000000000 [ 68.957504][ T184] page dumped because: kasan: bad access detected [ 68.963922][ T184] [ 68.966247][ T184] Memory state around the buggy address: [ 68.971889][ T184] ffff8880955ed080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 68.979957][ T184] ffff8880955ed100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 68.988012][ T184] >ffff8880955ed180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 68.996079][ T184] ^ [ 69.003282][ T184] ffff8880955ed200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.011339][ T184] ffff8880955ed280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.019478][ T184] ================================================================== [ 69.027526][ T184] Disabling lock debugging due to kernel taint [ 69.033764][ T184] Kernel panic - not syncing: panic_on_warn set ... [ 69.040392][ T184] CPU: 0 PID: 184 Comm: kworker/u4:5 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 69.050213][ T184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.060310][ T184] Workqueue: netns cleanup_net [ 69.065086][ T184] Call Trace: [ 69.068382][ T184] dump_stack+0x18f/0x20d [ 69.072752][ T184] ? afs_wake_up_async_call+0x670/0x770 [ 69.078329][ T184] ? afs_put_call+0xa40/0xa40 [ 69.083172][ T184] panic+0x2e3/0x75c [ 69.087092][ T184] ? __warn_printk+0xf3/0xf3 [ 69.091713][ T184] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 69.098043][ T184] ? trace_hardirqs_on+0x55/0x220 [ 69.103059][ T184] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.108604][ T184] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.114223][ T184] ? afs_put_call+0xa40/0xa40 [ 69.118981][ T184] end_report+0x4d/0x53 [ 69.123139][ T184] kasan_report.cold+0xd/0x37 [ 69.127816][ T184] ? rcu_read_lock_held_common+0x51/0xa0 [ 69.133442][ T184] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.139112][ T184] afs_wake_up_async_call+0x6aa/0x770 [ 69.144492][ T184] ? afs_close_socket+0x320/0x320 [ 69.149611][ T184] ? afs_put_call+0xa40/0xa40 [ 69.154299][ T184] rxrpc_notify_socket+0x1db/0x5d0 [ 69.159605][ T184] ? afs_put_call+0xa40/0xa40 [ 69.164455][ T184] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 69.170963][ T184] rxrpc_call_completed+0xca/0xf0 [ 69.176438][ T184] rxrpc_discard_prealloc+0x781/0xab0 [ 69.182467][ T184] ? lock_sock_nested+0x94/0x110 [ 69.187606][ T184] rxrpc_listen+0x147/0x360 [ 69.192192][ T184] afs_close_socket+0x95/0x320 [ 69.197061][ T184] ? afs_purge_servers+0x16d/0x300 [ 69.202427][ T184] ? afs_rx_discard_new_call+0x50/0x50 [ 69.208053][ T184] ? init_wait_var_entry+0x200/0x200 [ 69.213506][ T184] ? rcu_read_lock_held_common+0xa0/0xa0 [ 69.220871][ T184] ? check_preemption_disabled+0x38/0x220 [ 69.227286][ T184] afs_net_exit+0x1bc/0x310 [ 69.232067][ T184] ? afs_net_init+0xe30/0xe30 [ 69.237690][ T184] ops_exit_list.isra.0+0xa8/0x150 [ 69.243523][ T184] cleanup_net+0x511/0xa50 [ 69.248022][ T184] ? unregister_pernet_device+0x70/0x70 [ 69.253657][ T184] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.259775][ T184] process_one_work+0x965/0x1690 [ 69.264714][ T184] ? lock_release+0x800/0x800 [ 69.269483][ T184] ? pwq_dec_nr_in_flight+0x310/0x310 [ 69.274878][ T184] ? rwlock_bug.part.0+0x90/0x90 [ 69.279813][ T184] worker_thread+0x96/0xe10 [ 69.284316][ T184] ? process_one_work+0x1690/0x1690 [ 69.289506][ T184] kthread+0x3b5/0x4a0 [ 69.293571][ T184] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 69.299781][ T184] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 69.305509][ T184] ret_from_fork+0x1f/0x30 [ 69.311327][ T184] Kernel Offset: disabled [ 69.315739][ T184] Rebooting in 86400 seconds..