Warning: Permanently added '10.128.0.110' (ECDSA) to the list of known hosts. executing program [ 40.852698][ T6979] IPVS: ftp: loaded support on port[0] = 21 [ 40.884021][ T6979] netlink: 16 bytes leftover after parsing attributes in process `syz-executor107'. [ 40.943919][ T6979] ------------[ cut here ]------------ [ 40.949416][ T6979] refcount_t: underflow; use-after-free. [ 40.956082][ T6979] WARNING: CPU: 1 PID: 6979 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 [ 40.965550][ T6979] Kernel panic - not syncing: panic_on_warn set ... [ 40.972177][ T6979] CPU: 1 PID: 6979 Comm: syz-executor107 Not tainted 5.6.0-syzkaller #0 [ 40.980534][ T6979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.990780][ T6979] Call Trace: [ 40.994057][ T6979] dump_stack+0x1e9/0x30e [ 40.998490][ T6979] panic+0x264/0x7a0 [ 41.002428][ T6979] ? __warn+0x102/0x210 [ 41.006569][ T6979] ? refcount_warn_saturate+0x15b/0x1a0 [ 41.012209][ T6979] __warn+0x209/0x210 [ 41.016191][ T6979] ? refcount_warn_saturate+0x15b/0x1a0 [ 41.021714][ T6979] report_bug+0x1ac/0x2d0 [ 41.026098][ T6979] do_error_trap+0xca/0x1c0 [ 41.030599][ T6979] do_invalid_op+0x32/0x40 [ 41.035052][ T6979] ? refcount_warn_saturate+0x15b/0x1a0 [ 41.040651][ T6979] invalid_op+0x23/0x30 [ 41.044897][ T6979] RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 [ 41.051086][ T6979] Code: c7 6a 77 f2 88 31 c0 e8 f3 b7 ad fd 0f 0b eb 85 e8 2a a4 db fd c6 05 ef 45 cd 05 01 48 c7 c7 96 77 f2 88 31 c0 e8 d5 b7 ad fd <0f> 0b e9 64 ff ff ff e8 09 a4 db fd c6 05 cf 45 cd 05 01 48 c7 c7 [ 41.070843][ T6979] RSP: 0018:ffffc90000f97d98 EFLAGS: 00010246 [ 41.076888][ T6979] RAX: e55b4ee8dc4a2100 RBX: 0000000000000003 RCX: ffff8880a8606540 [ 41.084839][ T6979] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 41.092791][ T6979] RBP: 0000000000000003 R08: ffffffff815f5a86 R09: ffffed1015d26668 [ 41.100755][ T6979] R10: ffffed1015d26668 R11: 0000000000000000 R12: ffff8880a804a040 [ 41.108704][ T6979] R13: 0000000000000100 R14: ffff8880a9a8cc30 R15: ffff8880a804a044 [ 41.116673][ T6979] ? vprintk_emit+0x2e6/0x3b0 [ 41.121331][ T6979] ? refcount_warn_saturate+0x15b/0x1a0 [ 41.126852][ T6979] free_nsproxy+0x343/0x3b0 [ 41.131351][ T6979] do_exit+0x5ea/0x1f80 [ 41.135489][ T6979] do_group_exit+0x15e/0x2c0 [ 41.140054][ T6979] ? trace_irq_disable_rcuidle+0x1f/0x1d0 [ 41.145748][ T6979] __do_sys_exit_group+0x13/0x20 [ 41.150660][ T6979] __se_sys_exit_group+0x10/0x10 [ 41.155577][ T6979] __x64_sys_exit_group+0x37/0x40 [ 41.160592][ T6979] do_syscall_64+0xf3/0x1b0 [ 41.165075][ T6979] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 41.171125][ T6979] RIP: 0033:0x43f998 [ 41.175001][ T6979] Code: Bad RIP value. [ 41.179042][ T6979] RSP: 002b:00007fff7f3413d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 41.187430][ T6979] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000043f998 [ 41.195377][ T6979] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 [ 41.203338][ T6979] RBP: 00000000004bfa10 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 41.211301][ T6979] R10: 0000000120080522 R11: 0000000000000246 R12: 0000000000000001 [ 41.219255][ T6979] R13: 00000000006d11c0 R14: 0000000000000000 R15: 0000000000000000 [ 41.228825][ T6979] Kernel Offset: disabled [ 41.233195][ T6979] Rebooting in 86400 seconds..