[   36.711037]  default_idle+0xbf/0x460
[   36.714715]  ? __sched_text_end+0x4/0x4
[   36.718654]  ? tick_nohz_idle_enter+0xde/0x160
[   36.723199]  arch_cpu_idle+0xa/0x10
[   36.726789]  default_idle_call+0x36/0x90
[   36.730813]  do_idle+0x24e/0x3b0
[   36.734140]  ? complete+0x62/0x80
[   36.737556]  cpu_startup_entry+0x18/0x20
[   36.741586]  start_secondary+0x2ea/0x3f0
[   36.745610]  secondary_startup_64+0xa5/0xa5
Warning: Permanently added 'ci-upstream-net-kasan-gce-9,10.128.15.206' (ECDSA) to the list of known hosts.
2017/10/24 03:08:00 parsed 1 programs
2017/10/24 03:08:00 executed programs: 0
2017/10/24 03:08:05 executed programs: 678
[   83.120459] refcount_t: underflow; use-after-free.
[   83.127333] ------------[ cut here ]------------
[   83.133765] WARNING: CPU: 1 PID: 7362 at lib/refcount.c:186 refcount_sub_and_test+0x167/0x1b0
[   83.142803] Kernel panic - not syncing: panic_on_warn set ...
[   83.142803] 
[   83.150159] CPU: 1 PID: 7362 Comm: syz-executor2 Not tainted 4.14.0-rc5+ #90
[   83.157324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   83.166648] Call Trace:
[   83.169207]  dump_stack+0x194/0x257
[   83.172807]  ? arch_local_irq_restore+0x53/0x53
[   83.177452]  panic+0x1e4/0x417
[   83.180615]  ? __warn+0x1d9/0x1d9
[   83.184037]  ? show_regs_print_info+0x65/0x65
[   83.188509]  ? refcount_sub_and_test+0x167/0x1b0
[   83.193231]  __warn+0x1c4/0x1d9
[   83.196477]  ? refcount_sub_and_test+0x167/0x1b0
[   83.201201]  report_bug+0x211/0x2d0
[   83.204797]  fixup_bug+0x40/0x90
[   83.208131]  do_trap+0x260/0x390
[   83.211468]  do_error_trap+0x120/0x390
[   83.215327]  ? do_trap+0x390/0x390
[   83.218835]  ? refcount_sub_and_test+0x167/0x1b0
[   83.223555]  ? vprintk_emit+0x3ea/0x590
[   83.227503]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   83.232314]  do_invalid_op+0x1b/0x20
[   83.235996]  invalid_op+0x18/0x20
[   83.239418] RIP: 0010:refcount_sub_and_test+0x167/0x1b0
[   83.244745] RSP: 0018:ffff8801c5e0e500 EFLAGS: 00010282
[   83.250074] RAX: 0000000000000026 RBX: 0000000000000001 RCX: 0000000000000000
[   83.257311] RDX: 0000000000000026 RSI: 1ffff10038bc1c60 RDI: ffffed0038bc1c94
[   83.264546] RBP: ffff8801c5e0e590 R08: 0000000000000000 R09: 1ffff10038bc1c32
[   83.271783] R10: 0000000014027db2 R11: ffffffff85b2cb78 R12: 1ffff10038bc1ca1
[   83.279020] R13: 00000000ffffff01 R14: 0000000000000100 R15: ffff8801c5fe02fc
[   83.286272]  ? refcount_inc+0x50/0x50
[   83.290039]  ? __sctp_outq_teardown+0xa5b/0x1230
[   83.294761]  ? sctp_association_free+0x2d0/0x930
[   83.299484]  ? sctp_do_sm+0x271b/0x6a30
[   83.303423]  ? sctp_primitive_SHUTDOWN+0xa0/0xd0
[   83.308143]  ? sctp_close+0x3c6/0x980
[   83.311909]  ? inet_release+0xed/0x1c0
[   83.315763]  ? sock_release+0x8d/0x1e0
[   83.319616]  ? sock_close+0x16/0x20
[   83.323211]  sctp_wfree+0x183/0x620
[   83.326803]  ? exit_to_usermode_loop+0x214/0x310
[   83.331526]  ? syscall_return_slowpath+0x42f/0x510
[   83.336420]  ? __sctp_write_space+0x910/0x910
[   83.340885]  skb_release_head_state+0x124/0x200
[   83.345521]  skb_release_all+0x15/0x60
[   83.349375]  consume_skb+0x153/0x490
[   83.353055]  ? sctp_chunk_put+0x99/0x420
[   83.357084]  ? alloc_skb_with_frags+0x750/0x750
[   83.361725]  ? sctp_chunk_hold+0x20/0x20
[   83.365755]  ? sctp_sched_dequeue_common+0x2aa/0x5d0
[   83.370826]  ? refcount_sub_and_test+0x115/0x1b0
[   83.375549]  ? refcount_inc+0x50/0x50
[   83.379314]  ? trace_hardirqs_off+0xd/0x10
[   83.383518]  ? quarantine_put+0xeb/0x190
[   83.387553]  sctp_chunk_put+0x29c/0x420
[   83.391498]  ? sctp_chunk_hold+0x20/0x20
[   83.395530]  ? sctp_transport_dst_confirm+0x50/0x50
[   83.400516]  ? sctp_sched_fcfs_dequeue+0x198/0x290
[   83.405414]  ? sctp_sched_dequeue_common+0x5d0/0x5d0
[   83.410489]  sctp_chunk_free+0x53/0x60
[   83.414343]  __sctp_outq_teardown+0xa5b/0x1230
[   83.418898]  ? sctp_inq_set_th_handler+0x1b0/0x1b0
[   83.423798]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   83.428958]  ? __unlock_page_memcg+0x53/0x100
[   83.433420]  ? lock_downgrade+0x990/0x990
[   83.437532]  ? unlock_page_memcg+0x2c/0x40
[   83.441736]  ? trace_hardirqs_on+0xd/0x10
[   83.445859]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   83.451020]  ? lock_acquire+0x1d5/0x580
[   83.454961]  ? lock_acquire+0x1d5/0x580
[   83.458903]  ? lock_timer_base+0x1a3/0x2b0
[   83.463111]  ? lock_acquire+0x1d5/0x580
[   83.467050]  ? lock_acquire+0x1d5/0x580
[   83.470991]  ? sock_def_wakeup+0x1f9/0x350
[   83.475194]  ? lock_downgrade+0x990/0x990
[   83.479313]  ? lock_release+0xa40/0xa40
[   83.483254]  ? trace_raw_output_tick_stop+0x130/0x130
[   83.488414]  sctp_outq_free+0x15/0x20
[   83.492181]  sctp_association_free+0x2d0/0x930
[   83.496728]  ? refcount_inc+0x50/0x50
[   83.500496]  ? sctp_asconf_queue_teardown+0x700/0x700
[   83.505654]  ? sock_def_wakeup+0x222/0x350
[   83.509857]  ? sk_dst_check+0x560/0x560
[   83.513799]  ? sctp_association_put+0x74/0x2f0
[   83.518349]  ? sctp_association_hold+0x20/0x20
[   83.522897]  ? unwind_get_return_address+0x61/0xa0
[   83.527796]  sctp_do_sm+0x271b/0x6a30
[   83.531561]  ? depot_save_stack+0x12c/0x490
[   83.535859]  ? sctp_do_8_2_transport_strike.isra.16+0x8a0/0x8a0
[   83.541882]  ? kfree+0xca/0x250
[   83.545127]  ? do_exit+0x97e/0x1ad0
[   83.548723]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   83.553885]  ? __is_insn_slot_addr+0x1fc/0x330
[   83.558433]  ? lock_acquire+0x1d5/0x580
[   83.562379]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   83.567539]  ? lock_acquire+0x1d5/0x580
[   83.571482]  ? lock_acquire+0x1d5/0x580
[   83.575422]  ? skb_dequeue+0x12a/0x180
[   83.579275]  ? lock_downgrade+0x990/0x990
[   83.583392]  ? do_raw_spin_trylock+0x190/0x190
[   83.587949]  ? lock_release+0xa40/0xa40
[   83.591896]  ? trace_hardirqs_on+0xd/0x10
[   83.596016]  sctp_primitive_SHUTDOWN+0xa0/0xd0
[   83.600567]  sctp_close+0x3c6/0x980
[   83.604161]  ? is_bpf_text_address+0xa4/0x120
[   83.608627]  ? sctp_apply_peer_addr_params+0xf30/0xf30
[   83.613873]  ? __save_stack_trace+0x7e/0xd0
[   83.618164]  ? depot_save_stack+0x12c/0x490
[   83.622459]  ? free_fs_struct+0x4f/0x60
[   83.626401]  ? locks_remove_file+0x3fa/0x5a0
[   83.630777]  ? fcntl_setlk+0x10c0/0x10c0
[   83.634804]  ? kmem_cache_free+0x77/0x280
[   83.638916]  ? exit_fs+0xe1/0x120
[   83.642336]  ? do_exit+0x996/0x1ad0
[   83.645930]  ? __fsnotify_parent+0xb4/0x3a0
[   83.650219]  ? ip_mc_drop_socket+0x1ce/0x230
[   83.654596]  inet_release+0xed/0x1c0
[   83.658279]  sock_release+0x8d/0x1e0
[   83.661959]  ? sock_release+0x1e0/0x1e0
[   83.665898]  sock_close+0x16/0x20
[   83.669317]  __fput+0x327/0x7e0
[   83.672569]  ? fput+0x140/0x140
[   83.675817]  ? do_raw_spin_trylock+0x190/0x190
[   83.680367]  ____fput+0x15/0x20
[   83.683616]  task_work_run+0x199/0x270
[   83.687472]  ? task_work_cancel+0x210/0x210
[   83.691760]  ? _raw_spin_unlock+0x22/0x30
[   83.695877]  ? switch_task_namespaces+0x87/0xc0
[   83.700516]  do_exit+0x9b5/0x1ad0
[   83.703939]  ? __schedule+0x2011/0x2060
[   83.707882]  ? mm_update_next_owner+0x930/0x930
[   83.712518]  ? check_same_owner+0x320/0x320
[   83.716809]  ? lock_acquire+0x1d5/0x580
[   83.720751]  ? futex_wait_setup+0x14a/0x3d0
[   83.725042]  ? __might_sleep+0x95/0x190
[   83.728986]  ? futex_wait_queue_me+0x524/0x7e0
[   83.733539]  ? lock_acquire+0x1d5/0x580
[   83.737479]  ? futex_wait+0x402/0x990
[   83.741246]  ? lock_downgrade+0x990/0x990
[   83.745362]  ? do_raw_spin_trylock+0x190/0x190
[   83.749919]  ? drop_futex_key_refs.isra.13+0x63/0xb0
[   83.754989]  ? futex_wait+0x69e/0x990
[   83.758762]  ? __dequeue_signal+0x103/0x7b0
[   83.763050]  ? recalc_sigpending_tsk+0x117/0x150
[   83.767778]  ? get_signal+0x7ae/0x16d0
[   83.771635]  ? lock_downgrade+0x990/0x990
[   83.775748]  ? drop_futex_key_refs.isra.13+0x63/0xb0
[   83.780823]  do_group_exit+0x149/0x400
[   83.784678]  ? SyS_exit+0x30/0x30
[   83.788106]  get_signal+0x73f/0x16d0
[   83.791790]  ? ptrace_notify+0x130/0x130
[   83.795818]  ? lock_acquire+0x1d5/0x580
[   83.799761]  ? __fd_install+0x2da/0x6a0
[   83.803702]  ? lock_downgrade+0x990/0x990
[   83.807820]  ? exit_robust_list+0x240/0x240
[   83.812113]  ? __might_sleep+0x95/0x190
[   83.816061]  do_signal+0x94/0x1ee0
[   83.819569]  ? __fd_install+0x2f7/0x6a0
[   83.823509]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   83.828234]  ? get_unused_fd_flags+0x190/0x190
[   83.832784]  ? setup_sigcontext+0x7d0/0x7d0
[   83.837087]  ? copy_user_generic_unrolled+0x89/0xc0
[   83.842071]  ? _copy_to_user+0xa2/0xc0
[   83.845931]  ? fput+0xd2/0x140
[   83.849093]  ? SYSC_accept4+0x4ec/0x850
[   83.853038]  ? kernel_accept+0x2f0/0x2f0
[   83.857072]  exit_to_usermode_loop+0x214/0x310
[   83.861625]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   83.867134]  syscall_return_slowpath+0x42f/0x510
[   83.871856]  ? prepare_exit_to_usermode+0x2d0/0x2d0
[   83.876843]  ? move_addr_to_kernel+0x60/0x60
[   83.881218]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   83.885946]  entry_SYSCALL_64_fastpath+0xbc/0xbe
[   83.890670] RIP: 0033:0x452869
[   83.893828] RSP: 002b:00007f105be92ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   83.901504] RAX: fffffffffffffe00 RBX: 0000000000758100 RCX: 0000000000452869
[   83.908741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000758100
[   83.915978] RBP: 0000000000758100 R08: 0000000000000000 R09: 00000000007580d8
[   83.923214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.930449] R13: 0000000000a6f7ff R14: 00007f105be939c0 R15: 000000000000000c
[   83.938094] Dumping ftrace buffer:
[   83.941604]    (ftrace buffer empty)
[   83.945282] Kernel Offset: disabled
[   83.948876] Rebooting in 86400 seconds..