[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. [ 69.606739][ T6784] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6784 [ 69.616362][ T6784] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 69.622755][ T6784] CPU: 0 PID: 6784 Comm: systemd-rfkill Not tainted 5.8.0-rc1-syzkaller #0 [ 69.631451][ T6784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.643419][ T6784] Call Trace: [ 69.646919][ T6784] dump_stack+0x18f/0x20d [ 69.651510][ T6784] check_preemption_disabled+0x20d/0x220 [ 69.657333][ T6784] ext4_mb_new_blocks+0xa4d/0x3b70 [ 69.662808][ T6784] ? ext4_ext_search_right+0x2ca/0xb20 [ 69.668440][ T6784] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 69.674845][ T6784] ext4_ext_map_blocks+0x201b/0x33e0 [ 69.680458][ T6784] ? ext4_ext_release+0x10/0x10 [ 69.685454][ T6784] ? down_write_killable+0x170/0x170 [ 69.691022][ T6784] ? ext4_es_lookup_extent+0x41d/0xd10 [ 69.696649][ T6784] ext4_map_blocks+0x4cb/0x1640 [ 69.701498][ T6784] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 69.707117][ T6784] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 69.712654][ T6784] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.718729][ T6784] ? prandom_u32_state+0xe/0x170 [ 69.724017][ T6784] ? __brelse+0x84/0xa0 [ 69.728325][ T6784] ? __ext4_new_inode+0x144/0x55e0 [ 69.733446][ T6784] ext4_getblk+0xad/0x520 [ 69.737807][ T6784] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 69.743534][ T6784] ? ext4_free_inode+0x1700/0x1700 [ 69.748637][ T6784] ext4_bread+0x7c/0x380 [ 69.753145][ T6784] ? ext4_getblk+0x520/0x520 [ 69.757729][ T6784] ? dquot_get_next_dqblk+0x180/0x180 [ 69.763115][ T6784] ext4_append+0x153/0x360 [ 69.767667][ T6784] ext4_mkdir+0x5e0/0xdf0 [ 69.772196][ T6784] ? ext4_rmdir+0xde0/0xde0 [ 69.776754][ T6784] ? security_inode_permission+0xc4/0xf0 [ 69.782637][ T6784] vfs_mkdir+0x419/0x690 [ 69.787079][ T6784] do_mkdirat+0x21e/0x280 [ 69.791429][ T6784] ? __ia32_sys_mknod+0xb0/0xb0 [ 69.796642][ T6784] ? do_syscall_64+0x1c/0xe0 [ 69.804229][ T6784] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 69.810346][ T6784] do_syscall_64+0x60/0xe0 [ 69.815042][ T6784] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.820945][ T6784] RIP: 0033:0x7f9e1f3c2687 [ 69.825611][ T6784] Code: Bad RIP value. [ 69.829664][ T6784] RSP: 002b:00007fffc0f3f5d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 69.838065][ T6784] RAX: ffffffffffffffda RBX: 000055d46c60f985 RCX: 00007f9e1f3c2687 [ 69.846048][ T6784] RDX: 00007fffc0f3f4a0 RSI: 00000000000001ed RDI: 000055d46c60f985 [ 69.854012][ T6784] RBP: 00007f9e1f3c2680 R08: 0000000000000100 R09: 0000000000000000 [ 69.861972][ T6784] R10: 000055d46c60f980 R11: 0000000000000246 R12: 00000000000001ed [ 69.870083][ T6784] R13: 00007fffc0f3f760 R14: 0000000000000000 R15: 0000000000000000 Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts. 2020/06/15 22:30:24 fuzzer started 2020/06/15 22:30:24 connecting to host at 10.128.0.26:45047 2020/06/15 22:30:24 checking machine... 2020/06/15 22:30:24 checking revisions... 2020/06/15 22:30:24 testing simple program... syzkaller login: [ 74.149607][ T6791] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6791 [ 74.159948][ T6791] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.166459][ T6791] CPU: 1 PID: 6791 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 74.174703][ T6791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.188134][ T6791] Call Trace: [ 74.191638][ T6791] dump_stack+0x18f/0x20d [ 74.195995][ T6791] check_preemption_disabled+0x20d/0x220 [ 74.201809][ T6791] ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.207628][ T6791] ? ext4_ext_search_right+0x2ca/0xb20 [ 74.216155][ T6791] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 74.221998][ T6791] ext4_ext_map_blocks+0x201b/0x33e0 [ 74.227381][ T6791] ? ext4_ext_release+0x10/0x10 [ 74.232240][ T6791] ? down_write_killable+0x170/0x170 [ 74.237534][ T6791] ? ext4_es_lookup_extent+0x41d/0xd10 [ 74.244301][ T6791] ext4_map_blocks+0x4cb/0x1640 [ 74.249519][ T6791] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 74.254743][ T6791] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 74.260407][ T6791] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 74.266396][ T6791] ? prandom_u32_state+0xe/0x170 [ 74.271714][ T6791] ? __brelse+0x84/0xa0 [ 74.276349][ T6791] ? __ext4_new_inode+0x144/0x55e0 [ 74.281463][ T6791] ext4_getblk+0xad/0x520 [ 74.286236][ T6791] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 74.292149][ T6791] ? ext4_free_inode+0x1700/0x1700 [ 74.297540][ T6791] ext4_bread+0x7c/0x380 [ 74.301890][ T6791] ? ext4_getblk+0x520/0x520 [ 74.306767][ T6791] ? dquot_get_next_dqblk+0x180/0x180 [ 74.312589][ T6791] ext4_append+0x153/0x360 [ 74.317889][ T6791] ext4_mkdir+0x5e0/0xdf0 [ 74.322374][ T6791] ? ext4_rmdir+0xde0/0xde0 [ 74.326891][ T6791] ? security_inode_permission+0xc4/0xf0 [ 74.332756][ T6791] vfs_mkdir+0x419/0x690 [ 74.337134][ T6791] do_mkdirat+0x21e/0x280 [ 74.341618][ T6791] ? __ia32_sys_mknod+0xb0/0xb0 [ 74.346637][ T6791] ? do_syscall_64+0x1c/0xe0 [ 74.351279][ T6791] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 74.357398][ T6791] do_syscall_64+0x60/0xe0 [ 74.362001][ T6791] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.368888][ T6791] RIP: 0033:0x4b02a0 [ 74.373215][ T6791] Code: Bad RIP value. [ 74.377634][ T6791] RSP: 002b:000000c0003c34b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 74.386736][ T6791] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b02a0 [ 74.394877][ T6791] RDX: 00000000000001c0 RSI: 000000c000026ea0 RDI: ffffffffffffff9c [ 74.402850][ T6791] RBP: 000000c0003c3510 R08: 0000000000000000 R09: 0000000000000000 [ 74.411090][ T6791] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 74.419233][ T6791] R13: 0000000000000076 R14: 0000000000000075 R15: 0000000000000100 [ 74.450531][ T6808] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6808 [ 74.460149][ T6808] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.466415][ T6808] CPU: 0 PID: 6808 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 74.475833][ T6808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.486498][ T6808] Call Trace: [ 74.489924][ T6808] dump_stack+0x18f/0x20d [ 74.494841][ T6808] check_preemption_disabled+0x20d/0x220 [ 74.501991][ T6808] ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.508451][ T6808] ? ext4_ext_search_right+0x2ca/0xb20 [ 74.513947][ T6808] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 74.520398][ T6808] ext4_ext_map_blocks+0x201b/0x33e0 [ 74.525994][ T6808] ? ext4_ext_release+0x10/0x10 [ 74.531642][ T6808] ? down_write_killable+0x170/0x170 [ 74.537187][ T6808] ? ext4_es_lookup_extent+0x41d/0xd10 [ 74.542638][ T6808] ext4_map_blocks+0x4cb/0x1640 [ 74.547777][ T6808] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 74.553256][ T6808] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 74.559362][ T6808] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 74.565334][ T6808] ? prandom_u32_state+0xe/0x170 [ 74.570782][ T6808] ? __brelse+0x84/0xa0 [ 74.575621][ T6808] ? __ext4_new_inode+0x144/0x55e0 [ 74.581114][ T6808] ext4_getblk+0xad/0x520 [ 74.585524][ T6808] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 74.591259][ T6808] ? ext4_free_inode+0x1700/0x1700 [ 74.596378][ T6808] ext4_bread+0x7c/0x380 [ 74.600627][ T6808] ? ext4_getblk+0x520/0x520 [ 74.606154][ T6808] ? dquot_get_next_dqblk+0x180/0x180 [ 74.611875][ T6808] ext4_append+0x153/0x360 [ 74.616625][ T6808] ext4_mkdir+0x5e0/0xdf0 [ 74.620957][ T6808] ? ext4_rmdir+0xde0/0xde0 [ 74.625452][ T6808] ? security_inode_permission+0xc4/0xf0 [ 74.631257][ T6808] vfs_mkdir+0x419/0x690 [ 74.635849][ T6808] do_mkdirat+0x21e/0x280 [ 74.640196][ T6808] ? __ia32_sys_mknod+0xb0/0xb0 [ 74.645492][ T6808] ? do_syscall_64+0x1c/0xe0 [ 74.650505][ T6808] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 74.656526][ T6808] do_syscall_64+0x60/0xe0 [ 74.660943][ T6808] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.666822][ T6808] RIP: 0033:0x45bed7 [ 74.670705][ T6808] Code: Bad RIP value. [ 74.674760][ T6808] RSP: 002b:00007ffe3d9074d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 74.683170][ T6808] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 74.691395][ T6808] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007ffe3d9076b0 [ 74.699693][ T6808] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000003280 [ 74.709048][ T6808] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 74.718794][ T6808] R13: 00007ffe3d9076b0 R14: 8421084210842109 R15: 00007ffe3d9076bc [ 74.825590][ T6809] IPVS: ftp: loaded support on port[0] = 21 [ 74.867592][ T6809] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6809 [ 74.877465][ T6809] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.883478][ T6809] CPU: 1 PID: 6809 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 74.892222][ T6809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.903193][ T6809] Call Trace: [ 74.906589][ T6809] dump_stack+0x18f/0x20d [ 74.911147][ T6809] check_preemption_disabled+0x20d/0x220 [ 74.916965][ T6809] ext4_mb_new_blocks+0xa4d/0x3b70 [ 74.922275][ T6809] ? ext4_ext_search_right+0x2ca/0xb20 [ 74.927881][ T6809] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 74.934076][ T6809] ext4_ext_map_blocks+0x201b/0x33e0 [ 74.939405][ T6809] ? ext4_ext_release+0x10/0x10 [ 74.944417][ T6809] ? down_write_killable+0x170/0x170 [ 74.950405][ T6809] ? ext4_es_lookup_extent+0x41d/0xd10 [ 74.956545][ T6809] ext4_map_blocks+0x4cb/0x1640 [ 74.961705][ T6809] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 74.966946][ T6809] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 74.973051][ T6809] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 74.979336][ T6809] ? prandom_u32_state+0xe/0x170 [ 74.985473][ T6809] ? __brelse+0x84/0xa0 [ 74.989755][ T6809] ? __ext4_new_inode+0x144/0x55e0 [ 74.994915][ T6809] ext4_getblk+0xad/0x520 [ 74.999499][ T6809] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 75.005469][ T6809] ? ext4_free_inode+0x1700/0x1700 [ 75.011155][ T6809] ext4_bread+0x7c/0x380 [ 75.015515][ T6809] ? ext4_getblk+0x520/0x520 [ 75.020285][ T6809] ? dquot_get_next_dqblk+0x180/0x180 [ 75.025860][ T6809] ext4_append+0x153/0x360 [ 75.030424][ T6809] ext4_mkdir+0x5e0/0xdf0 [ 75.035023][ T6809] ? ext4_rmdir+0xde0/0xde0 [ 75.039895][ T6809] ? security_inode_permission+0xc4/0xf0 [ 75.045562][ T6809] vfs_mkdir+0x419/0x690 [ 75.050148][ T6809] do_mkdirat+0x21e/0x280 [ 75.054558][ T6809] ? __ia32_sys_mknod+0xb0/0xb0 [ 75.059566][ T6809] ? do_syscall_64+0x1c/0xe0 [ 75.064160][ T6809] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 75.070132][ T6809] do_syscall_64+0x60/0xe0 [ 75.074578][ T6809] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 75.080481][ T6809] RIP: 0033:0x45bed7 [ 75.084512][ T6809] Code: Bad RIP value. [ 75.088807][ T6809] RSP: 002b:00007ffe3d9073c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 75.097348][ T6809] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 75.105501][ T6809] RDX: 00007ffe3d907413 RSI: 00000000000001ff RDI: 00007ffe3d907410 [ 75.113991][ T6809] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 75.122151][ T6809] R10: 0000000000000064 R11: 0000000000000202 R12: 00000000004185c0 [ 75.130119][ T6809] R13: 00007ffe3d907400 R14: 0000000000000000 R15: 00007ffe3d907410 [ 75.192342][ T6809] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6809 [ 75.202202][ T6809] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 75.208646][ T6809] CPU: 0 PID: 6809 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 75.217425][ T6809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.227499][ T6809] Call Trace: [ 75.230817][ T6809] dump_stack+0x18f/0x20d [ 75.235189][ T6809] check_preemption_disabled+0x20d/0x220 [ 75.241034][ T6809] ext4_mb_new_blocks+0xa4d/0x3b70 [ 75.246191][ T6809] ? ext4_ext_search_right+0x2ca/0xb20 [ 75.251709][ T6809] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 75.257467][ T6809] ext4_ext_map_blocks+0x201b/0x33e0 [ 75.262801][ T6809] ? ext4_ext_release+0x10/0x10 [ 75.267715][ T6809] ? down_write_killable+0x170/0x170 [ 75.273014][ T6809] ? ext4_es_lookup_extent+0x41d/0xd10 [ 75.278618][ T6809] ext4_map_blocks+0x4cb/0x1640 [ 75.283495][ T6809] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 75.288867][ T6809] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 75.294417][ T6809] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 75.300525][ T6809] ? prandom_u32_state+0xe/0x170 [ 75.305587][ T6809] ? __brelse+0x84/0xa0 [ 75.309974][ T6809] ? __ext4_new_inode+0x144/0x55e0 [ 75.315138][ T6809] ext4_getblk+0xad/0x520 [ 75.319486][ T6809] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 75.326447][ T6809] ? ext4_free_inode+0x1700/0x1700 [ 75.331656][ T6809] ext4_bread+0x7c/0x380 [ 75.335884][ T6809] ? ext4_getblk+0x520/0x520 [ 75.340459][ T6809] ? dquot_get_next_dqblk+0x180/0x180 [ 75.345854][ T6809] ext4_append+0x153/0x360 [ 75.350283][ T6809] ext4_mkdir+0x5e0/0xdf0 [ 75.355629][ T6809] ? ext4_rmdir+0xde0/0xde0 [ 75.360429][ T6809] ? security_inode_permission+0xc4/0xf0 [ 75.366202][ T6809] vfs_mkdir+0x419/0x690 [ 75.370997][ T6809] do_mkdirat+0x21e/0x280 [ 75.375641][ T6809] ? __ia32_sys_mknod+0xb0/0xb0 [ 75.381437][ T6809] ? do_syscall_64+0x1c/0xe0 [ 75.386504][ T6809] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 75.392970][ T6809] do_syscall_64+0x60/0xe0 [ 75.397415][ T6809] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 75.403519][ T6809] RIP: 0033:0x45bed7 [ 75.409938][ T6809] Code: Bad RIP value. [ 75.414191][ T6809] RSP: 002b:00007ffe3d9073c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 75.422758][ T6809] RAX: ffffffffffffffda RBX: 00000000000125a1 RCX: 000000000045bed7 [ 75.432198][ T6809] RDX: 00007ffe3d907413 RSI: 00000000000001ff RDI: 00007ffe3d907410 2020/06/15 22:30:26 building call list... [ 75.440699][ T6809] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 75.449129][ T6809] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000003 [ 75.458192][ T6809] R13: 00007ffe3d907400 R14: 000000000001258c R15: 00007ffe3d907410 [ 75.552487][ T1156] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1156 [ 75.564109][ T1156] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 75.570123][ T1156] CPU: 1 PID: 1156 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 75.578910][ T1156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.589939][ T1156] Call Trace: [ 75.593242][ T1156] dump_stack+0x18f/0x20d [ 75.597780][ T1156] check_preemption_disabled+0x20d/0x220 [ 75.605454][ T1156] ext4_mb_new_blocks+0xa4d/0x3b70 [ 75.613604][ T1156] ? ext4_find_extent+0x81a/0xad0 [ 75.619039][ T1156] ? ext4_ext_search_right+0x2ca/0xb20 [ 75.626343][ T1156] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 75.632233][ T1156] ext4_ext_map_blocks+0x201b/0x33e0 [ 75.637569][ T1156] ? ext4_ext_release+0x10/0x10 [ 75.644957][ T1156] ? down_write_killable+0x170/0x170 [ 75.651042][ T1156] ? ext4_es_lookup_extent+0x41d/0xd10 [ 75.656862][ T1156] ext4_map_blocks+0x4cb/0x1640 [ 75.662574][ T1156] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 75.668000][ T1156] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 75.674013][ T1156] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 75.680100][ T1156] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 75.685662][ T1156] ext4_writepages+0x1a7b/0x33c0 [ 75.690705][ T1156] ? lock_release+0x7f0/0x800 [ 75.696160][ T1156] ? __ext4_mark_inode_dirty+0x940/0x940 [ 75.703865][ T1156] ? __ext4_mark_inode_dirty+0x940/0x940 [ 75.710053][ T1156] ? do_writepages+0xfa/0x2a0 [ 75.715176][ T1156] do_writepages+0xfa/0x2a0 [ 75.719818][ T1156] ? page_writeback_cpu_online+0x10/0x10 [ 75.725588][ T1156] ? do_raw_spin_lock+0x120/0x2d0 [ 75.730768][ T1156] ? do_raw_spin_unlock+0x171/0x260 [ 75.736359][ T1156] ? _raw_spin_unlock+0x24/0x40 [ 75.743708][ T1156] __filemap_fdatawrite_range+0x2aa/0x390 [ 75.749446][ T1156] ? collapse_file+0x35a2/0x4330 [ 75.755012][ T1156] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 75.761520][ T1156] ? _raw_spin_unlock_irq+0x1f/0x80 [ 75.766921][ T1156] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 75.775083][ T1156] collapse_file+0x35ac/0x4330 [ 75.780917][ T1156] ? collapse_huge_page+0x4350/0x4350 [ 75.786394][ T1156] ? khugepaged+0x2506/0x3fc0 [ 75.791095][ T1156] ? xas_find+0x31a/0x880 [ 75.795436][ T1156] ? check_preemption_disabled+0x38/0x220 [ 75.801264][ T1156] khugepaged+0x3041/0x3fc0 [ 75.805806][ T1156] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 75.811443][ T1156] ? lock_downgrade+0x840/0x840 [ 75.817549][ T1156] ? finish_wait+0x260/0x260 [ 75.823401][ T1156] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 75.829538][ T1156] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 75.835543][ T1156] ? __kthread_parkme+0x13f/0x1e0 [ 75.840685][ T1156] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 75.846401][ T1156] kthread+0x3b5/0x4a0 [ 75.850497][ T1156] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 75.856672][ T1156] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 75.862535][ T1156] ret_from_fork+0x1f/0x30 [ 75.978613][ T1156] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1156 [ 75.987910][ T1156] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 75.994003][ T1156] CPU: 1 PID: 1156 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 76.002612][ T1156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.012755][ T1156] Call Trace: [ 76.017174][ T1156] dump_stack+0x18f/0x20d [ 76.021533][ T1156] check_preemption_disabled+0x20d/0x220 [ 76.027790][ T1156] ext4_mb_new_blocks+0xa4d/0x3b70 [ 76.033602][ T1156] ? ext4_ext_search_right+0x2ca/0xb20 [ 76.039439][ T1156] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 76.045657][ T1156] ext4_ext_map_blocks+0x201b/0x33e0 [ 76.051811][ T1156] ? ext4_ext_release+0x10/0x10 [ 76.057239][ T1156] ? down_write_killable+0x170/0x170 [ 76.062799][ T1156] ? ext4_es_lookup_extent+0x41d/0xd10 [ 76.069031][ T1156] ext4_map_blocks+0x4cb/0x1640 [ 76.074047][ T1156] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 76.080597][ T1156] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 76.086166][ T1156] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 76.092179][ T1156] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 76.097650][ T1156] ext4_writepages+0x1a7b/0x33c0 [ 76.102733][ T1156] ? lock_release+0x7f0/0x800 [ 76.107486][ T1156] ? __ext4_mark_inode_dirty+0x940/0x940 [ 76.113278][ T1156] ? __ext4_mark_inode_dirty+0x940/0x940 [ 76.118954][ T1156] ? do_writepages+0xfa/0x2a0 [ 76.123666][ T1156] do_writepages+0xfa/0x2a0 [ 76.128191][ T1156] ? page_writeback_cpu_online+0x10/0x10 [ 76.133938][ T1156] ? do_raw_spin_lock+0x120/0x2d0 [ 76.138973][ T1156] ? do_raw_spin_unlock+0x171/0x260 [ 76.144190][ T1156] ? _raw_spin_unlock+0x24/0x40 [ 76.149053][ T1156] __filemap_fdatawrite_range+0x2aa/0x390 [ 76.154972][ T1156] ? collapse_file+0x35a2/0x4330 [ 76.159927][ T1156] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 76.166031][ T1156] ? _raw_spin_unlock_irq+0x1f/0x80 [ 76.171250][ T1156] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 76.177270][ T1156] collapse_file+0x35ac/0x4330 [ 76.182278][ T1156] ? collapse_huge_page+0x4350/0x4350 [ 76.187668][ T1156] ? khugepaged+0x2506/0x3fc0 [ 76.192384][ T1156] ? xas_find+0x31a/0x880 [ 76.196740][ T1156] ? check_preemption_disabled+0x38/0x220 [ 76.202500][ T1156] khugepaged+0x3041/0x3fc0 [ 76.207233][ T1156] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 76.212934][ T1156] ? lock_downgrade+0x840/0x840 [ 76.218062][ T1156] ? finish_wait+0x260/0x260 [ 76.223044][ T1156] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 76.229228][ T1156] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 76.235224][ T1156] ? __kthread_parkme+0x13f/0x1e0 [ 76.240257][ T1156] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 76.246355][ T1156] kthread+0x3b5/0x4a0 [ 76.252075][ T1156] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 76.257807][ T1156] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 76.263633][ T1156] ret_from_fork+0x1f/0x30 [ 76.279671][ T129] tipc: TX() has been purged, node left! [ 76.342336][ T1156] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1156 [ 76.352623][ T1156] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 76.358885][ T1156] CPU: 1 PID: 1156 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 76.369060][ T1156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.380082][ T1156] Call Trace: [ 76.383894][ T1156] dump_stack+0x18f/0x20d [ 76.388462][ T1156] check_preemption_disabled+0x20d/0x220 [ 76.394216][ T1156] ext4_mb_new_blocks+0xa4d/0x3b70 [ 76.399350][ T1156] ? ext4_ext_search_right+0x2ca/0xb20 [ 76.405015][ T1156] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 76.411746][ T1156] ext4_ext_map_blocks+0x201b/0x33e0 [ 76.417204][ T1156] ? ext4_ext_release+0x10/0x10 [ 76.422390][ T1156] ? down_write_killable+0x170/0x170 [ 76.427812][ T1156] ? ext4_es_lookup_extent+0x41d/0xd10 [ 76.434531][ T1156] ext4_map_blocks+0x4cb/0x1640 [ 76.439434][ T1156] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 76.444669][ T1156] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 76.450252][ T1156] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 76.456684][ T1156] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 76.462205][ T1156] ext4_writepages+0x1a7b/0x33c0 [ 76.467160][ T1156] ? lock_release+0x7f0/0x800 [ 76.472235][ T1156] ? __ext4_mark_inode_dirty+0x940/0x940 [ 76.479091][ T1156] ? __ext4_mark_inode_dirty+0x940/0x940 [ 76.484760][ T1156] ? do_writepages+0xfa/0x2a0 [ 76.489489][ T1156] do_writepages+0xfa/0x2a0 [ 76.494040][ T1156] ? page_writeback_cpu_online+0x10/0x10 [ 76.499804][ T1156] ? do_raw_spin_lock+0x120/0x2d0 [ 76.504847][ T1156] ? do_raw_spin_unlock+0x171/0x260 [ 76.510181][ T1156] ? _raw_spin_unlock+0x24/0x40 [ 76.515052][ T1156] __filemap_fdatawrite_range+0x2aa/0x390 [ 76.520781][ T1156] ? collapse_file+0x35a2/0x4330 [ 76.525724][ T1156] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 76.531827][ T1156] ? _raw_spin_unlock_irq+0x1f/0x80 [ 76.537224][ T1156] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 76.543243][ T1156] collapse_file+0x35ac/0x4330 [ 76.548043][ T1156] ? collapse_huge_page+0x4350/0x4350 [ 76.553494][ T1156] ? khugepaged+0x2506/0x3fc0 [ 76.558206][ T1156] ? xas_find+0x31a/0x880 [ 76.562550][ T1156] ? check_preemption_disabled+0x38/0x220 [ 76.568382][ T1156] khugepaged+0x3041/0x3fc0 [ 76.572925][ T1156] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 76.578568][ T1156] ? lock_downgrade+0x840/0x840 [ 76.583432][ T1156] ? finish_wait+0x260/0x260 [ 76.588035][ T1156] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 76.593975][ T1156] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 76.600007][ T1156] ? __kthread_parkme+0x13f/0x1e0 [ 76.605059][ T1156] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 76.610707][ T1156] kthread+0x3b5/0x4a0 [ 76.615003][ T1156] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 76.620825][ T1156] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 76.626563][ T1156] ret_from_fork+0x1f/0x30 executing program [ 77.062275][ T129] ================================================================== [ 77.070753][ T129] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 77.078997][ T129] Write of size 1 at addr ffff8880a19a79e4 by task kworker/u4:3/129 [ 77.086982][ T129] [ 77.089332][ T129] CPU: 1 PID: 129 Comm: kworker/u4:3 Not tainted 5.8.0-rc1-syzkaller #0 [ 77.097676][ T129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.107843][ T129] Workqueue: netns cleanup_net [ 77.112615][ T129] Call Trace: [ 77.115927][ T129] dump_stack+0x18f/0x20d [ 77.120374][ T129] ? afs_wake_up_async_call+0x6aa/0x770 [ 77.125943][ T129] ? afs_wake_up_async_call+0x6aa/0x770 [ 77.131900][ T129] ? afs_put_call+0xa40/0xa40 [ 77.136631][ T129] print_address_description.constprop.0.cold+0xd3/0x413 [ 77.143787][ T129] ? vprintk_func+0x97/0x1a6 [ 77.148550][ T129] ? afs_wake_up_async_call+0x6aa/0x770 [ 77.154127][ T129] kasan_report.cold+0x1f/0x37 [ 77.158913][ T129] ? rcu_read_lock_held_common+0x51/0xa0 [ 77.164565][ T129] ? afs_wake_up_async_call+0x6aa/0x770 [ 77.170144][ T129] afs_wake_up_async_call+0x6aa/0x770 [ 77.175539][ T129] ? afs_close_socket+0x320/0x320 [ 77.180698][ T129] ? afs_put_call+0xa40/0xa40 [ 77.185401][ T129] rxrpc_notify_socket+0x1db/0x5d0 [ 77.190545][ T129] ? afs_put_call+0xa40/0xa40 [ 77.195374][ T129] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 77.201848][ T129] rxrpc_call_completed+0xca/0xf0 [ 77.206915][ T129] rxrpc_discard_prealloc+0x781/0xab0 [ 77.212595][ T129] ? lock_sock_nested+0x94/0x110 [ 77.217560][ T129] rxrpc_listen+0x147/0x360 [ 77.222083][ T129] afs_close_socket+0x95/0x320 [ 77.226879][ T129] ? afs_purge_servers+0x16d/0x300 [ 77.232034][ T129] ? afs_rx_discard_new_call+0x50/0x50 [ 77.237533][ T129] ? init_wait_var_entry+0x200/0x200 [ 77.243034][ T129] ? rcu_read_lock_held_common+0xa0/0xa0 [ 77.249554][ T129] ? check_preemption_disabled+0x38/0x220 [ 77.259162][ T129] afs_net_exit+0x1bc/0x310 [ 77.263796][ T129] ? afs_net_init+0xe30/0xe30 [ 77.268541][ T129] ops_exit_list.isra.0+0xa8/0x150 [ 77.273671][ T129] cleanup_net+0x511/0xa50 [ 77.278182][ T129] ? unregister_pernet_device+0x70/0x70 [ 77.283745][ T129] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 77.289748][ T129] process_one_work+0x965/0x1690 [ 77.294724][ T129] ? lock_release+0x800/0x800 [ 77.299407][ T129] ? pwq_dec_nr_in_flight+0x310/0x310 [ 77.304792][ T129] ? rwlock_bug.part.0+0x90/0x90 [ 77.309947][ T129] worker_thread+0x96/0xe10 [ 77.314472][ T129] ? process_one_work+0x1690/0x1690 [ 77.319678][ T129] kthread+0x3b5/0x4a0 [ 77.323754][ T129] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 77.329476][ T129] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 77.335207][ T129] ret_from_fork+0x1f/0x30 [ 77.339652][ T129] [ 77.342006][ T129] Allocated by task 6809: [ 77.346360][ T129] save_stack+0x1b/0x40 [ 77.350798][ T129] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 77.356460][ T129] kmem_cache_alloc_trace+0x153/0x7d0 [ 77.361860][ T129] afs_alloc_call+0x55/0x630 [ 77.366607][ T129] afs_charge_preallocation+0xe9/0x2d0 [ 77.372081][ T129] afs_open_socket+0x292/0x360 [ 77.376845][ T129] afs_net_init+0xa6c/0xe30 [ 77.381437][ T129] ops_init+0xaf/0x420 [ 77.385522][ T129] setup_net+0x2de/0x860 [ 77.389781][ T129] copy_net_ns+0x293/0x590 [ 77.394219][ T129] create_new_namespaces+0x3fb/0xb30 [ 77.399541][ T129] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 77.405200][ T129] ksys_unshare+0x43d/0x8e0 [ 77.409713][ T129] __x64_sys_unshare+0x2d/0x40 [ 77.414475][ T129] do_syscall_64+0x60/0xe0 [ 77.418915][ T129] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 77.424807][ T129] [ 77.427140][ T129] Freed by task 129: [ 77.431045][ T129] save_stack+0x1b/0x40 [ 77.435203][ T129] __kasan_slab_free+0xf7/0x140 [ 77.440066][ T129] kfree+0x109/0x2b0 [ 77.444069][ T129] afs_put_call+0x585/0xa40 [ 77.448590][ T129] rxrpc_discard_prealloc+0x764/0xab0 [ 77.453968][ T129] rxrpc_listen+0x147/0x360 [ 77.458495][ T129] afs_close_socket+0x95/0x320 [ 77.463418][ T129] afs_net_exit+0x1bc/0x310 [ 77.468069][ T129] ops_exit_list.isra.0+0xa8/0x150 [ 77.473194][ T129] cleanup_net+0x511/0xa50 [ 77.477826][ T129] process_one_work+0x965/0x1690 [ 77.483044][ T129] worker_thread+0x96/0xe10 [ 77.487562][ T129] kthread+0x3b5/0x4a0 [ 77.491638][ T129] ret_from_fork+0x1f/0x30 [ 77.496163][ T129] [ 77.498505][ T129] The buggy address belongs to the object at ffff8880a19a7800 [ 77.498505][ T129] which belongs to the cache kmalloc-1k of size 1024 [ 77.512783][ T129] The buggy address is located 484 bytes inside of [ 77.512783][ T129] 1024-byte region [ffff8880a19a7800, ffff8880a19a7c00) [ 77.526281][ T129] The buggy address belongs to the page: [ 77.531925][ T129] page:ffffea00028669c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 77.541035][ T129] flags: 0xfffe0000000200(slab) [ 77.545988][ T129] raw: 00fffe0000000200 ffffea0002a5c248 ffffea00025343c8 ffff8880aa000c40 [ 77.554595][ T129] raw: 0000000000000000 ffff8880a19a7000 0000000100000002 0000000000000000 [ 77.564320][ T129] page dumped because: kasan: bad access detected [ 77.570779][ T129] [ 77.573117][ T129] Memory state around the buggy address: [ 77.578754][ T129] ffff8880a19a7880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 77.587114][ T129] ffff8880a19a7900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 77.595222][ T129] >ffff8880a19a7980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 77.603553][ T129] ^ [ 77.610770][ T129] ffff8880a19a7a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 77.618852][ T129] ffff8880a19a7a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 77.626933][ T129] ================================================================== [ 77.635079][ T129] Disabling lock debugging due to kernel taint [ 77.641301][ T129] Kernel panic - not syncing: panic_on_warn set ... [ 77.647980][ T129] CPU: 1 PID: 129 Comm: kworker/u4:3 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 77.657681][ T129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.667759][ T129] Workqueue: netns cleanup_net [ 77.672527][ T129] Call Trace: [ 77.675851][ T129] dump_stack+0x18f/0x20d [ 77.680184][ T129] ? afs_wake_up_async_call+0x670/0x770 [ 77.685721][ T129] ? afs_put_call+0xa40/0xa40 [ 77.690513][ T129] panic+0x2e3/0x75c [ 77.694420][ T129] ? __warn_printk+0xf3/0xf3 [ 77.699016][ T129] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 77.705178][ T129] ? trace_hardirqs_on+0x55/0x220 [ 77.710209][ T129] ? afs_wake_up_async_call+0x6aa/0x770 [ 77.715765][ T129] ? afs_wake_up_async_call+0x6aa/0x770 [ 77.721318][ T129] ? afs_put_call+0xa40/0xa40 [ 77.725996][ T129] end_report+0x4d/0x53 [ 77.730160][ T129] kasan_report.cold+0xd/0x37 [ 77.734851][ T129] ? rcu_read_lock_held_common+0x51/0xa0 [ 77.741932][ T129] ? afs_wake_up_async_call+0x6aa/0x770 [ 77.747493][ T129] afs_wake_up_async_call+0x6aa/0x770 [ 77.752882][ T129] ? afs_close_socket+0x320/0x320 [ 77.757914][ T129] ? afs_put_call+0xa40/0xa40 [ 77.762730][ T129] rxrpc_notify_socket+0x1db/0x5d0 [ 77.767861][ T129] ? afs_put_call+0xa40/0xa40 [ 77.772742][ T129] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 77.779272][ T129] rxrpc_call_completed+0xca/0xf0 [ 77.784336][ T129] rxrpc_discard_prealloc+0x781/0xab0 [ 77.789748][ T129] ? lock_sock_nested+0x94/0x110 [ 77.794698][ T129] rxrpc_listen+0x147/0x360 [ 77.799221][ T129] afs_close_socket+0x95/0x320 [ 77.804257][ T129] ? afs_purge_servers+0x16d/0x300 [ 77.809387][ T129] ? afs_rx_discard_new_call+0x50/0x50 [ 77.814869][ T129] ? init_wait_var_entry+0x200/0x200 [ 77.820266][ T129] ? rcu_read_lock_held_common+0xa0/0xa0 [ 77.826086][ T129] ? check_preemption_disabled+0x38/0x220 [ 77.831849][ T129] afs_net_exit+0x1bc/0x310 [ 77.836538][ T129] ? afs_net_init+0xe30/0xe30 [ 77.841516][ T129] ops_exit_list.isra.0+0xa8/0x150 [ 77.846780][ T129] cleanup_net+0x511/0xa50 [ 77.851216][ T129] ? unregister_pernet_device+0x70/0x70 [ 77.856799][ T129] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 77.863114][ T129] process_one_work+0x965/0x1690 [ 77.868192][ T129] ? lock_release+0x800/0x800 [ 77.872888][ T129] ? pwq_dec_nr_in_flight+0x310/0x310 [ 77.878827][ T129] ? rwlock_bug.part.0+0x90/0x90 [ 77.883868][ T129] worker_thread+0x96/0xe10 [ 77.888396][ T129] ? process_one_work+0x1690/0x1690 [ 77.893593][ T129] kthread+0x3b5/0x4a0 [ 77.897641][ T129] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 77.903340][ T129] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 77.909158][ T129] ret_from_fork+0x1f/0x30 [ 77.915298][ T129] Kernel Offset: disabled [ 77.919790][ T129] Rebooting in 86400 seconds..