[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ 53.272086][ T6735] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6735 [ 53.281523][ T6735] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 53.287426][ T6735] CPU: 0 PID: 6735 Comm: systemd-rfkill Not tainted 5.7.0-syzkaller #0 [ 53.295635][ T6735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.305792][ T6735] Call Trace: [ 53.309064][ T6735] dump_stack+0x188/0x20d [ 53.313374][ T6735] debug_smp_processor_id.cold+0x88/0x9b [ 53.318986][ T6735] ext4_mb_new_blocks+0xa77/0x3b30 [ 53.324095][ T6735] ? ext4_ext_search_right+0x2ca/0xb20 [ 53.329534][ T6735] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 53.335240][ T6735] ext4_ext_map_blocks+0x2044/0x3410 [ 53.340516][ T6735] ? ext4_ext_release+0x10/0x10 [ 53.346057][ T6735] ? __down_timeout+0x2d0/0x2d0 [ 53.350886][ T6735] ? ext4_es_lookup_extent+0x41d/0xd30 [ 53.356323][ T6735] ext4_map_blocks+0x4cb/0x1640 [ 53.361156][ T6735] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 53.366329][ T6735] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 53.371850][ T6735] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 53.377803][ T6735] ? prandom_u32_state+0xe/0x170 [ 53.382730][ T6735] ? __brelse+0x84/0xa0 [ 53.386899][ T6735] ? __ext4_new_inode+0x144/0x57c0 [ 53.392020][ T6735] ext4_getblk+0xad/0x520 [ 53.396346][ T6735] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 53.402092][ T6735] ? ext4_free_inode+0x17e0/0x17e0 [ 53.407199][ T6735] ext4_bread+0x7c/0x380 [ 53.411452][ T6735] ? ext4_getblk+0x520/0x520 [ 53.416036][ T6735] ? dqget+0xff0/0xff0 [ 53.420087][ T6735] ext4_append+0x153/0x360 [ 53.424490][ T6735] ext4_mkdir+0x5e0/0xdf0 [ 53.428805][ T6735] ? ext4_rmdir+0xde0/0xde0 [ 53.433288][ T6735] ? security_inode_permission+0xc4/0xf0 [ 53.438915][ T6735] vfs_mkdir+0x419/0x690 [ 53.443141][ T6735] do_mkdirat+0x21e/0x280 [ 53.447452][ T6735] ? __ia32_sys_mknod+0xb0/0xb0 [ 53.452301][ T6735] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 53.458257][ T6735] ? do_syscall_64+0x21/0x7d0 [ 53.462912][ T6735] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 53.468891][ T6735] do_syscall_64+0xf6/0x7d0 [ 53.473389][ T6735] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 53.479264][ T6735] RIP: 0033:0x7f7572188687 [ 53.483701][ T6735] Code: 00 b8 ff ff ff ff c3 0f 1f 40 00 48 8b 05 09 d8 2b 00 64 c7 00 5f 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 d7 2b 00 f7 d8 64 89 01 48 [ 53.503312][ T6735] RSP: 002b:00007fffd95ef838 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 53.511712][ T6735] RAX: ffffffffffffffda RBX: 0000562967ac0985 RCX: 00007f7572188687 [ 53.519695][ T6735] RDX: 00007fffd95ef700 RSI: 00000000000001ed RDI: 0000562967ac0985 [ 53.527817][ T6735] RBP: 00007f7572188680 R08: 0000000000000100 R09: 0000000000000000 [ 53.535793][ T6735] R10: 0000562967ac0980 R11: 0000000000000246 R12: 00000000000001ed [ 53.543744][ T6735] R13: 00007fffd95ef9c0 R14: 0000000000000000 R15: 0000000000000000 [ OK ] Started Load/Save RF Kill Switch Status. [ 54.542126][ T309] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/309 [ 54.551382][ T309] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 54.557259][ T309] CPU: 1 PID: 309 Comm: kworker/u4:4 Not tainted 5.7.0-syzkaller #0 [ 54.565228][ T309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.575273][ T309] Workqueue: writeback wb_workfn (flush-8:0) [ 54.581229][ T309] Call Trace: [ 54.584521][ T309] dump_stack+0x188/0x20d [ 54.588841][ T309] debug_smp_processor_id.cold+0x88/0x9b [ 54.594449][ T309] ext4_mb_new_blocks+0xa77/0x3b30 [ 54.599557][ T309] ? __kmalloc+0x62f/0x7a0 [ 54.603982][ T309] ? ext4_ext_search_right+0x2ca/0xb20 [ 54.609415][ T309] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 54.615124][ T309] ext4_ext_map_blocks+0x2044/0x3410 [ 54.620413][ T309] ? ext4_ext_release+0x10/0x10 [ 54.625254][ T309] ? __down_timeout+0x2d0/0x2d0 [ 54.630080][ T309] ? ext4_es_lookup_extent+0x41d/0xd30 [ 54.635524][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 54.640984][ T309] ext4_map_blocks+0x4cb/0x1640 [ 54.645819][ T309] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 54.650995][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 54.656514][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 54.662196][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 54.668169][ T309] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 54.673630][ T309] ext4_writepages+0x1ab7/0x3400 [ 54.678563][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 54.684178][ T309] ? __lock_acquire+0x2224/0x48a0 [ 54.689202][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 54.695198][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 54.701311][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 54.706947][ T309] ? do_writepages+0xfa/0x2a0 [ 54.711624][ T309] do_writepages+0xfa/0x2a0 [ 54.716115][ T309] ? page_writeback_cpu_online+0x10/0x10 [ 54.721743][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 54.727185][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 54.732798][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 54.738770][ T309] ? lock_downgrade+0x840/0x840 [ 54.743602][ T309] __writeback_single_inode+0x12a/0x1410 [ 54.749233][ T309] ? _raw_spin_unlock+0x24/0x40 [ 54.754234][ T309] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 54.760229][ T309] writeback_sb_inodes+0x515/0xdd0 [ 54.765346][ T309] ? __writeback_single_inode+0x1410/0x1410 [ 54.771264][ T309] __writeback_inodes_wb+0xc3/0x250 [ 54.776467][ T309] wb_writeback+0x910/0xd90 [ 54.780956][ T309] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 54.787282][ T309] ? cpumask_next+0x3c/0x40 [ 54.791770][ T309] ? get_nr_dirty_inodes+0xd6/0x130 [ 54.796982][ T309] wb_workfn+0x9d8/0x10d0 [ 54.801348][ T309] ? inode_wait_for_writeback+0x30/0x30 [ 54.806885][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 54.812331][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 54.817857][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 54.823932][ T309] process_one_work+0x965/0x16a0 [ 54.829137][ T309] ? lock_release+0x800/0x800 [ 54.834083][ T309] ? pwq_dec_nr_in_flight+0x310/0x310 [ 54.839453][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 54.844382][ T309] worker_thread+0x96/0xe10 [ 54.848889][ T309] ? process_one_work+0x16a0/0x16a0 [ 54.854100][ T309] kthread+0x388/0x470 [ 54.858183][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 54.863907][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 54.869617][ T309] ret_from_fork+0x24/0x30 Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.29' (ECDSA) to the list of known hosts. 2020/06/10 20:57:42 fuzzer started 2020/06/10 20:57:42 connecting to host at 10.128.0.26:39425 2020/06/10 20:57:42 checking machine... 2020/06/10 20:57:42 checking revisions... 2020/06/10 20:57:42 testing simple program... syzkaller login: [ 58.768572][ T6812] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6812 [ 58.777638][ T6812] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 58.785698][ T6812] CPU: 1 PID: 6812 Comm: syz-fuzzer Not tainted 5.7.0-syzkaller #0 [ 58.793579][ T6812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.803615][ T6812] Call Trace: [ 58.806904][ T6812] dump_stack+0x188/0x20d [ 58.811234][ T6812] debug_smp_processor_id.cold+0x88/0x9b [ 58.816843][ T6812] ext4_mb_new_blocks+0xa77/0x3b30 [ 58.821957][ T6812] ? ext4_ext_search_right+0x2ca/0xb20 [ 58.827424][ T6812] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 58.833138][ T6812] ext4_ext_map_blocks+0x2044/0x3410 [ 58.838421][ T6812] ? ext4_ext_release+0x10/0x10 [ 58.843279][ T6812] ? __down_timeout+0x2d0/0x2d0 [ 58.848137][ T6812] ? ext4_es_lookup_extent+0x41d/0xd30 [ 58.853604][ T6812] ext4_map_blocks+0x4cb/0x1640 [ 58.858455][ T6812] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 58.863654][ T6812] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 58.869177][ T6812] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 58.875134][ T6812] ? prandom_u32_state+0xe/0x170 [ 58.880059][ T6812] ? __brelse+0x84/0xa0 [ 58.884194][ T6812] ? __ext4_new_inode+0x144/0x57c0 [ 58.889284][ T6812] ext4_getblk+0xad/0x520 [ 58.893619][ T6812] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 58.899376][ T6812] ? ext4_free_inode+0x17e0/0x17e0 [ 58.904479][ T6812] ext4_bread+0x7c/0x380 [ 58.908703][ T6812] ? ext4_getblk+0x520/0x520 [ 58.913271][ T6812] ? dqget+0xff0/0xff0 [ 58.917341][ T6812] ext4_append+0x153/0x360 [ 58.921754][ T6812] ext4_mkdir+0x5e0/0xdf0 [ 58.926081][ T6812] ? ext4_rmdir+0xde0/0xde0 [ 58.930629][ T6812] ? security_inode_permission+0xc4/0xf0 [ 58.936252][ T6812] vfs_mkdir+0x419/0x690 [ 58.940479][ T6812] do_mkdirat+0x21e/0x280 [ 58.944788][ T6812] ? __ia32_sys_mknod+0xb0/0xb0 [ 58.949674][ T6812] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 58.955639][ T6812] ? do_syscall_64+0x21/0x7d0 [ 58.960294][ T6812] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 58.966275][ T6812] do_syscall_64+0xf6/0x7d0 [ 58.970774][ T6812] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 58.976680][ T6812] RIP: 0033:0x4b02a0 [ 58.980558][ T6812] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.000330][ T6812] RSP: 002b:000000c0000e74b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 59.008726][ T6812] RAX: ffffffffffffffda RBX: 000000c00002e500 RCX: 00000000004b02a0 [ 59.017111][ T6812] RDX: 00000000000001c0 RSI: 000000c0002887c0 RDI: ffffffffffffff9c [ 59.025129][ T6812] RBP: 000000c0000e7510 R08: 0000000000000000 R09: 0000000000000000 [ 59.033123][ T6812] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 59.041170][ T6812] R13: 000000000000003f R14: 000000000000003e R15: 0000000000000100 [ 59.055409][ T1154] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1154 [ 59.064709][ T1154] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 59.070734][ T1154] CPU: 1 PID: 1154 Comm: khugepaged Not tainted 5.7.0-syzkaller #0 [ 59.079062][ T1154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.089205][ T1154] Call Trace: [ 59.092494][ T1154] dump_stack+0x188/0x20d [ 59.096819][ T1154] debug_smp_processor_id.cold+0x88/0x9b [ 59.102439][ T1154] ext4_mb_new_blocks+0xa77/0x3b30 [ 59.107552][ T1154] ? __kmalloc+0x62f/0x7a0 [ 59.111966][ T1154] ? ext4_ext_search_right+0x2ca/0xb20 [ 59.117412][ T1154] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 59.123140][ T1154] ext4_ext_map_blocks+0x2044/0x3410 [ 59.128424][ T1154] ? ext4_ext_release+0x10/0x10 [ 59.133280][ T1154] ? __down_timeout+0x2d0/0x2d0 [ 59.138122][ T1154] ? ext4_es_lookup_extent+0x41d/0xd30 [ 59.143587][ T1154] ext4_map_blocks+0x4cb/0x1640 [ 59.148433][ T1154] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 59.153623][ T1154] ? debug_smp_processor_id+0x2f/0x185 [ 59.159075][ T1154] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.164615][ T1154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.170583][ T1154] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 59.176035][ T1154] ext4_writepages+0x1ab7/0x3400 [ 59.180990][ T1154] ? mark_lock+0x30/0xdd0 [ 59.185323][ T1154] ? __ext4_mark_inode_dirty+0x950/0x950 [ 59.190968][ T1154] ? __ext4_mark_inode_dirty+0x950/0x950 [ 59.196589][ T1154] ? do_writepages+0xfa/0x2a0 [ 59.201254][ T1154] do_writepages+0xfa/0x2a0 [ 59.205768][ T1154] ? page_writeback_cpu_online+0x10/0x10 [ 59.211390][ T1154] ? do_raw_spin_lock+0x129/0x2e0 [ 59.216411][ T1154] ? do_raw_spin_unlock+0x171/0x260 [ 59.221617][ T1154] ? _raw_spin_unlock+0x24/0x40 [ 59.226459][ T1154] __filemap_fdatawrite_range+0x2aa/0x390 [ 59.232162][ T1154] ? collapse_file+0x3575/0x4300 [ 59.237092][ T1154] ? delete_from_page_cache_batch+0xec0/0xec0 [ 59.243243][ T1154] ? _raw_spin_unlock_irq+0x1f/0x80 [ 59.248430][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.254402][ T1154] collapse_file+0x357f/0x4300 [ 59.259170][ T1154] ? collapse_huge_page+0x4370/0x4370 [ 59.264528][ T1154] ? khugepaged+0x24fa/0x3f80 [ 59.269210][ T1154] khugepaged+0x3049/0x3f80 [ 59.273723][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 59.279343][ T1154] ? lock_downgrade+0x840/0x840 [ 59.284180][ T1154] ? finish_wait+0x260/0x260 [ 59.288780][ T1154] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 59.294576][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.300768][ T1154] ? __kthread_parkme+0x13f/0x1e0 [ 59.305811][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 59.311445][ T1154] kthread+0x388/0x470 [ 59.315507][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 59.321229][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 59.326961][ T1154] ret_from_fork+0x24/0x30 [ 59.335930][ T6817] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6817 [ 59.345385][ T6817] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 59.351483][ T6817] CPU: 1 PID: 6817 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 59.359722][ T6817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.369773][ T6817] Call Trace: [ 59.373072][ T6817] dump_stack+0x188/0x20d [ 59.377408][ T6817] debug_smp_processor_id.cold+0x88/0x9b [ 59.383050][ T6817] ext4_mb_new_blocks+0xa77/0x3b30 [ 59.388289][ T6817] ? ext4_ext_search_right+0x2ca/0xb20 [ 59.393743][ T6817] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 59.399450][ T6817] ext4_ext_map_blocks+0x2044/0x3410 [ 59.404726][ T6817] ? ext4_ext_release+0x10/0x10 [ 59.409581][ T6817] ? __down_timeout+0x2d0/0x2d0 [ 59.414436][ T6817] ? ext4_es_lookup_extent+0x41d/0xd30 [ 59.419896][ T6817] ext4_map_blocks+0x4cb/0x1640 [ 59.424732][ T6817] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 59.429931][ T6817] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.435461][ T6817] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.442142][ T6817] ? prandom_u32_state+0xe/0x170 [ 59.447079][ T6817] ? __brelse+0x84/0xa0 [ 59.451228][ T6817] ? __ext4_new_inode+0x144/0x57c0 [ 59.456335][ T6817] ext4_getblk+0xad/0x520 [ 59.460660][ T6817] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 59.466380][ T6817] ? ext4_free_inode+0x17e0/0x17e0 [ 59.471495][ T6817] ext4_bread+0x7c/0x380 [ 59.475754][ T6817] ? ext4_getblk+0x520/0x520 [ 59.480339][ T6817] ? dqget+0xff0/0xff0 [ 59.484423][ T6817] ext4_append+0x153/0x360 [ 59.488846][ T6817] ext4_mkdir+0x5e0/0xdf0 [ 59.493179][ T6817] ? ext4_rmdir+0xde0/0xde0 [ 59.497683][ T6817] ? security_inode_permission+0xc4/0xf0 [ 59.503313][ T6817] vfs_mkdir+0x419/0x690 [ 59.507543][ T6817] do_mkdirat+0x21e/0x280 [ 59.511882][ T6817] ? __ia32_sys_mknod+0xb0/0xb0 [ 59.516720][ T6817] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.522693][ T6817] ? do_syscall_64+0x21/0x7d0 [ 59.527359][ T6817] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.533394][ T6817] do_syscall_64+0xf6/0x7d0 [ 59.537894][ T6817] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.543771][ T6817] RIP: 0033:0x45bee7 [ 59.548779][ T6817] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 59.568576][ T6817] RSP: 002b:00007ffc910b71e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 59.577014][ T6817] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bee7 [ 59.585330][ T6817] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007ffc910b73c0 [ 59.593301][ T6817] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000003080 [ 59.601275][ T6817] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 59.609232][ T6817] R13: 00007ffc910b73c0 R14: 8421084210842109 R15: 00007ffc910b73cc [ 59.633127][ T1154] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1154 [ 59.642583][ T1154] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 59.648894][ T1154] CPU: 0 PID: 1154 Comm: khugepaged Not tainted 5.7.0-syzkaller #0 [ 59.656784][ T1154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.666843][ T1154] Call Trace: [ 59.670164][ T1154] dump_stack+0x188/0x20d [ 59.674503][ T1154] debug_smp_processor_id.cold+0x88/0x9b [ 59.680170][ T1154] ext4_mb_new_blocks+0xa77/0x3b30 [ 59.685300][ T1154] ? ext4_ext_search_right+0x2ca/0xb20 [ 59.690770][ T1154] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 59.696961][ T1154] ext4_ext_map_blocks+0x2044/0x3410 [ 59.702261][ T1154] ? ext4_ext_release+0x10/0x10 [ 59.707137][ T1154] ? __down_timeout+0x2d0/0x2d0 [ 59.711997][ T1154] ? ext4_es_lookup_extent+0x41d/0xd30 [ 59.716068][ T6818] IPVS: ftp: loaded support on port[0] = 21 [ 59.717507][ T1154] ext4_map_blocks+0x4cb/0x1640 [ 59.728229][ T1154] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 59.733466][ T1154] ? debug_smp_processor_id+0x2f/0x185 [ 59.738951][ T1154] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.745147][ T1154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.752442][ T1154] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 59.757930][ T1154] ext4_writepages+0x1ab7/0x3400 [ 59.762883][ T1154] ? mark_lock+0x30/0xdd0 [ 59.767240][ T1154] ? __ext4_mark_inode_dirty+0x950/0x950 [ 59.770827][ T6818] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6818 [ 59.772903][ T1154] ? __ext4_mark_inode_dirty+0x950/0x950 [ 59.782278][ T6818] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 59.787877][ T1154] ? do_writepages+0xfa/0x2a0 [ 59.787891][ T1154] do_writepages+0xfa/0x2a0 [ 59.787917][ T1154] ? page_writeback_cpu_online+0x10/0x10 [ 59.808886][ T1154] ? do_raw_spin_lock+0x129/0x2e0 [ 59.814675][ T1154] ? do_raw_spin_unlock+0x171/0x260 [ 59.819855][ T1154] ? _raw_spin_unlock+0x24/0x40 [ 59.824693][ T1154] __filemap_fdatawrite_range+0x2aa/0x390 [ 59.830412][ T1154] ? collapse_file+0x3575/0x4300 [ 59.835331][ T1154] ? delete_from_page_cache_batch+0xec0/0xec0 [ 59.841408][ T1154] ? _raw_spin_unlock_irq+0x1f/0x80 [ 59.846590][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.852565][ T1154] collapse_file+0x357f/0x4300 [ 59.857325][ T1154] ? collapse_huge_page+0x4370/0x4370 [ 59.862680][ T1154] ? khugepaged+0x24fa/0x3f80 [ 59.867516][ T1154] khugepaged+0x3049/0x3f80 [ 59.872046][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 59.877668][ T1154] ? lock_downgrade+0x840/0x840 [ 59.882597][ T1154] ? finish_wait+0x260/0x260 [ 59.887178][ T1154] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 59.892967][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.898956][ T1154] ? __kthread_parkme+0x13f/0x1e0 [ 59.903972][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 59.909677][ T1154] kthread+0x388/0x470 [ 59.913729][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 59.919443][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 59.925149][ T1154] ret_from_fork+0x24/0x30 [ 59.929569][ T6818] CPU: 1 PID: 6818 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 59.937820][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.947879][ T6818] Call Trace: [ 59.951266][ T6818] dump_stack+0x188/0x20d [ 59.955612][ T6818] debug_smp_processor_id.cold+0x88/0x9b [ 59.961339][ T6818] ext4_mb_new_blocks+0xa77/0x3b30 [ 59.966467][ T6818] ? ext4_ext_search_right+0x2ca/0xb20 [ 59.972016][ T6818] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 59.977742][ T6818] ext4_ext_map_blocks+0x2044/0x3410 [ 59.983040][ T6818] ? ext4_ext_release+0x10/0x10 [ 59.987917][ T6818] ? __down_timeout+0x2d0/0x2d0 [ 59.988284][ T1154] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1154 [ 59.992782][ T6818] ? ext4_es_lookup_extent+0x41d/0xd30 [ 59.992804][ T6818] ext4_map_blocks+0x4cb/0x1640 [ 59.992825][ T6818] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 60.001957][ T1154] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 60.007362][ T6818] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 60.007380][ T6818] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 60.043675][ T6818] ? prandom_u32_state+0xe/0x170 [ 60.048617][ T6818] ? __brelse+0x84/0xa0 [ 60.052779][ T6818] ? __ext4_new_inode+0x144/0x57c0 [ 60.057896][ T6818] ext4_getblk+0xad/0x520 [ 60.062220][ T6818] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 60.067960][ T6818] ? ext4_free_inode+0x17e0/0x17e0 [ 60.073078][ T6818] ext4_bread+0x7c/0x380 [ 60.077321][ T6818] ? ext4_getblk+0x520/0x520 [ 60.081900][ T6818] ? dqget+0xff0/0xff0 [ 60.085967][ T6818] ext4_append+0x153/0x360 [ 60.090374][ T6818] ext4_mkdir+0x5e0/0xdf0 [ 60.094709][ T6818] ? ext4_rmdir+0xde0/0xde0 [ 60.099202][ T6818] ? security_inode_permission+0xc4/0xf0 [ 60.104838][ T6818] vfs_mkdir+0x419/0x690 [ 60.109164][ T6818] do_mkdirat+0x21e/0x280 [ 60.113478][ T6818] ? __ia32_sys_mknod+0xb0/0xb0 [ 60.118314][ T6818] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 60.125145][ T6818] ? do_syscall_64+0x21/0x7d0 [ 60.129806][ T6818] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 60.136576][ T6818] do_syscall_64+0xf6/0x7d0 [ 60.141079][ T6818] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.146954][ T6818] RIP: 0033:0x45bee7 [ 60.150834][ T6818] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 60.170422][ T6818] RSP: 002b:00007ffc910b70d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 60.179336][ T6818] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bee7 [ 60.187634][ T6818] RDX: 00007ffc910b7123 RSI: 00000000000001ff RDI: 00007ffc910b7120 [ 60.195605][ T6818] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 60.203559][ T6818] R10: 0000000000000064 R11: 0000000000000206 R12: 00000000004185d0 [ 60.211876][ T6818] R13: 00007ffc910b7110 R14: 0000000000000000 R15: 00007ffc910b7120 [ 60.220829][ T1154] CPU: 0 PID: 1154 Comm: khugepaged Not tainted 5.7.0-syzkaller #0 [ 60.221714][ T309] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/309 [ 60.228715][ T1154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.228720][ T1154] Call Trace: [ 60.228742][ T1154] dump_stack+0x188/0x20d [ 60.228760][ T1154] debug_smp_processor_id.cold+0x88/0x9b [ 60.228781][ T1154] ext4_mb_new_blocks+0xa77/0x3b30 [ 60.237952][ T309] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 60.248029][ T1154] ? ext4_ext_search_right+0x2ca/0xb20 [ 60.248049][ T1154] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 60.248063][ T1154] ext4_ext_map_blocks+0x2044/0x3410 [ 60.248084][ T1154] ? ext4_ext_release+0x10/0x10 [ 60.296624][ T1154] ? __down_timeout+0x2d0/0x2d0 [ 60.301458][ T1154] ? ext4_es_lookup_extent+0x41d/0xd30 [ 60.306921][ T1154] ext4_map_blocks+0x4cb/0x1640 [ 60.311773][ T1154] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 60.316967][ T1154] ? debug_smp_processor_id+0x2f/0x185 [ 60.322411][ T1154] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 60.327940][ T1154] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 60.333920][ T1154] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 60.339367][ T1154] ext4_writepages+0x1ab7/0x3400 [ 60.344295][ T1154] ? mark_lock+0x30/0xdd0 [ 60.348624][ T1154] ? __ext4_mark_inode_dirty+0x950/0x950 [ 60.354273][ T1154] ? __ext4_mark_inode_dirty+0x950/0x950 [ 60.359893][ T1154] ? do_writepages+0xfa/0x2a0 [ 60.364552][ T1154] do_writepages+0xfa/0x2a0 [ 60.369045][ T1154] ? page_writeback_cpu_online+0x10/0x10 [ 60.375455][ T1154] ? do_raw_spin_lock+0x129/0x2e0 [ 60.380462][ T1154] ? do_raw_spin_unlock+0x171/0x260 [ 60.385643][ T1154] ? _raw_spin_unlock+0x24/0x40 [ 60.390489][ T1154] __filemap_fdatawrite_range+0x2aa/0x390 [ 60.396215][ T1154] ? collapse_file+0x3575/0x4300 [ 60.401138][ T1154] ? delete_from_page_cache_batch+0xec0/0xec0 [ 60.407207][ T1154] ? _raw_spin_unlock_irq+0x1f/0x80 [ 60.412389][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 60.418355][ T1154] collapse_file+0x357f/0x4300 [ 60.423114][ T1154] ? collapse_huge_page+0x4370/0x4370 [ 60.428481][ T1154] ? khugepaged+0x24fa/0x3f80 [ 60.433155][ T1154] khugepaged+0x3049/0x3f80 [ 60.437681][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 60.443296][ T1154] ? lock_downgrade+0x840/0x840 [ 60.448147][ T1154] ? finish_wait+0x260/0x260 [ 60.452720][ T1154] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 60.459651][ T1154] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 60.465966][ T1154] ? __kthread_parkme+0x13f/0x1e0 [ 60.470975][ T1154] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 60.476597][ T1154] kthread+0x388/0x470 [ 60.480662][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 60.487228][ T1154] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 60.492932][ T1154] ret_from_fork+0x24/0x30 [ 60.497356][ T309] CPU: 1 PID: 309 Comm: kworker/u4:4 Not tainted 5.7.0-syzkaller #0 [ 60.505356][ T309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.517411][ T309] Workqueue: writeback wb_workfn (flush-8:0) [ 60.523391][ T309] Call Trace: [ 60.526672][ T309] dump_stack+0x188/0x20d [ 60.531003][ T309] debug_smp_processor_id.cold+0x88/0x9b [ 60.537315][ T309] ext4_mb_new_blocks+0xa77/0x3b30 [ 60.542421][ T309] ? __kmalloc+0x62f/0x7a0 [ 60.546846][ T309] ? ext4_ext_search_right+0x2ca/0xb20 [ 60.552303][ T309] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 60.558026][ T309] ext4_ext_map_blocks+0x2044/0x3410 [ 60.563304][ T309] ? ext4_ext_release+0x10/0x10 [ 60.568499][ T309] ? __down_timeout+0x2d0/0x2d0 [ 60.573419][ T309] ? ext4_es_lookup_extent+0x41d/0xd30 [ 60.578875][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 60.584336][ T309] ext4_map_blocks+0x4cb/0x1640 [ 60.589176][ T309] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 60.594352][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 60.599797][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 60.605324][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 60.611286][ T309] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 60.616743][ T309] ext4_writepages+0x1ab7/0x3400 [ 60.621696][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 60.627322][ T309] ? __lock_acquire+0x2224/0x48a0 [ 60.632360][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 60.638332][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 60.644383][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 60.650018][ T309] ? do_writepages+0xfa/0x2a0 [ 60.655383][ T309] do_writepages+0xfa/0x2a0 [ 60.659876][ T309] ? page_writeback_cpu_online+0x10/0x10 [ 60.665490][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 60.670938][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 60.676465][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 60.682425][ T309] ? lock_downgrade+0x840/0x840 [ 60.687286][ T309] __writeback_single_inode+0x12a/0x1410 [ 60.692899][ T309] ? _raw_spin_unlock+0x24/0x40 [ 60.697759][ T309] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 60.703720][ T309] writeback_sb_inodes+0x515/0xdd0 [ 60.708822][ T309] ? __writeback_single_inode+0x1410/0x1410 [ 60.715144][ T309] __writeback_inodes_wb+0xc3/0x250 [ 60.720328][ T309] wb_writeback+0x910/0xd90 [ 60.724822][ T309] ? print_usage_bug+0x240/0x240 [ 60.729743][ T309] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 60.736065][ T309] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 60.741941][ T309] ? cpumask_next+0x3c/0x40 [ 60.746431][ T309] ? get_nr_dirty_inodes+0xd6/0x130 [ 60.751629][ T309] wb_workfn+0xadf/0x10d0 [ 60.757688][ T309] ? inode_wait_for_writeback+0x30/0x30 [ 60.763212][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 60.768670][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 60.774198][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 60.781033][ T309] process_one_work+0x965/0x16a0 [ 60.785959][ T309] ? lock_release+0x800/0x800 [ 60.790620][ T309] ? pwq_dec_nr_in_flight+0x310/0x310 [ 60.795988][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 60.800947][ T309] worker_thread+0x96/0xe10 [ 60.805441][ T309] ? process_one_work+0x16a0/0x16a0 [ 60.810622][ T309] kthread+0x388/0x470 [ 60.814686][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 60.820401][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 60.826191][ T309] ret_from_fork+0x24/0x30 [ 60.896495][ T309] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/309 [ 60.905870][ T309] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 60.911911][ T309] CPU: 0 PID: 309 Comm: kworker/u4:4 Not tainted 5.7.0-syzkaller #0 [ 60.925097][ T309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.935166][ T309] Workqueue: writeback wb_workfn (flush-8:0) [ 60.941145][ T309] Call Trace: [ 60.944692][ T309] dump_stack+0x188/0x20d [ 60.949113][ T309] debug_smp_processor_id.cold+0x88/0x9b [ 60.954798][ T309] ext4_mb_new_blocks+0xa77/0x3b30 [ 60.960014][ T309] ? __kmalloc+0x62f/0x7a0 [ 60.964440][ T309] ? ext4_ext_search_right+0x2ca/0xb20 [ 60.969938][ T309] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 60.975688][ T309] ext4_ext_map_blocks+0x2044/0x3410 [ 60.984902][ T309] ? ext4_ext_release+0x10/0x10 [ 60.989777][ T309] ? __down_timeout+0x2d0/0x2d0 [ 60.994871][ T309] ? ext4_es_lookup_extent+0x41d/0xd30 [ 61.000389][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.005856][ T309] ext4_map_blocks+0x4cb/0x1640 [ 61.010720][ T309] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 61.015911][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.021356][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.026974][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.033020][ T309] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 61.038474][ T309] ext4_writepages+0x1ab7/0x3400 [ 61.043419][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 61.049044][ T309] ? __lock_acquire+0x2224/0x48a0 [ 61.054125][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 61.060102][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 61.066090][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 61.071901][ T309] ? do_writepages+0xfa/0x2a0 [ 61.076566][ T309] do_writepages+0xfa/0x2a0 [ 61.081119][ T309] ? page_writeback_cpu_online+0x10/0x10 [ 61.086733][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.092210][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.097773][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.103818][ T309] ? lock_downgrade+0x840/0x840 [ 61.108652][ T309] __writeback_single_inode+0x12a/0x1410 [ 61.114267][ T309] ? _raw_spin_unlock+0x24/0x40 [ 61.119115][ T309] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 61.125074][ T309] writeback_sb_inodes+0x515/0xdd0 [ 61.130185][ T309] ? __writeback_single_inode+0x1410/0x1410 [ 61.136082][ T309] __writeback_inodes_wb+0xc3/0x250 [ 61.141278][ T309] wb_writeback+0x910/0xd90 [ 61.145868][ T309] ? print_usage_bug+0x240/0x240 [ 61.151741][ T309] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 61.158155][ T309] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 61.164047][ T309] ? cpumask_next+0x3c/0x40 [ 61.168551][ T309] ? get_nr_dirty_inodes+0xd6/0x130 [ 61.173746][ T309] wb_workfn+0xadf/0x10d0 [ 61.178076][ T309] ? inode_wait_for_writeback+0x30/0x30 [ 61.183702][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.189514][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.195048][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.201027][ T309] process_one_work+0x965/0x16a0 [ 61.206034][ T309] ? lock_release+0x800/0x800 [ 61.210731][ T309] ? pwq_dec_nr_in_flight+0x310/0x310 [ 61.216230][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 61.221169][ T309] worker_thread+0x96/0xe10 [ 61.226185][ T309] ? process_one_work+0x16a0/0x16a0 [ 61.231381][ T309] kthread+0x388/0x470 [ 61.235445][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 61.241146][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 61.246850][ T309] ret_from_fork+0x24/0x30 [ 61.254333][ T6818] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6818 [ 61.263779][ T6818] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 61.269747][ T6818] CPU: 0 PID: 6818 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 61.278154][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.288207][ T6818] Call Trace: [ 61.291502][ T6818] dump_stack+0x188/0x20d [ 61.295837][ T6818] debug_smp_processor_id.cold+0x88/0x9b [ 61.301471][ T6818] ext4_mb_new_blocks+0xa77/0x3b30 [ 61.306569][ T6818] ? ext4_ext_search_right+0x2ca/0xb20 [ 61.312012][ T6818] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 61.317715][ T6818] ext4_ext_map_blocks+0x2044/0x3410 [ 61.322983][ T6818] ? ext4_ext_release+0x10/0x10 [ 61.327921][ T6818] ? __down_timeout+0x2d0/0x2d0 [ 61.332747][ T6818] ? ext4_es_lookup_extent+0x41d/0xd30 [ 61.338185][ T6818] ext4_map_blocks+0x4cb/0x1640 [ 61.343018][ T6818] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 61.348194][ T6818] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.353729][ T6818] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.359685][ T6818] ? prandom_u32_state+0xe/0x170 [ 61.364628][ T6818] ? __brelse+0x84/0xa0 [ 61.368759][ T6818] ? __ext4_new_inode+0x144/0x57c0 [ 61.373848][ T6818] ext4_getblk+0xad/0x520 [ 61.378157][ T6818] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 61.383854][ T6818] ? ext4_free_inode+0x17e0/0x17e0 [ 61.388945][ T6818] ext4_bread+0x7c/0x380 [ 61.393177][ T6818] ? ext4_getblk+0x520/0x520 [ 61.397743][ T6818] ? dqget+0xff0/0xff0 [ 61.401792][ T6818] ext4_append+0x153/0x360 [ 61.406199][ T6818] ext4_mkdir+0x5e0/0xdf0 [ 61.410638][ T6818] ? ext4_rmdir+0xde0/0xde0 [ 61.415121][ T6818] ? security_inode_permission+0xc4/0xf0 [ 61.421270][ T6818] vfs_mkdir+0x419/0x690 [ 61.425500][ T6818] do_mkdirat+0x21e/0x280 [ 61.429834][ T6818] ? __ia32_sys_mknod+0xb0/0xb0 [ 61.434734][ T6818] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 61.440797][ T6818] ? do_syscall_64+0x21/0x7d0 [ 61.445473][ T6818] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 61.451451][ T6818] do_syscall_64+0xf6/0x7d0 [ 61.455939][ T6818] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 61.461811][ T6818] RIP: 0033:0x45bee7 [ 61.465683][ T6818] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 61.485290][ T6818] RSP: 002b:00007ffc910b70d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 executing program 2020/06/10 20:57:45 building call list... [ 61.493705][ T6818] RAX: ffffffffffffffda RBX: 000000000000edeb RCX: 000000000045bee7 [ 61.501656][ T6818] RDX: 00007ffc910b7123 RSI: 00000000000001ff RDI: 00007ffc910b7120 [ 61.509605][ T6818] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 61.517555][ T6818] R10: 0000000000000064 R11: 0000000000000206 R12: 0000000000000003 [ 61.525515][ T6818] R13: 00007ffc910b7110 R14: 000000000000ede8 R15: 00007ffc910b7120 [ 61.555827][ T309] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:4/309 [ 61.565116][ T309] caller is ext4_mb_new_blocks+0xa77/0x3b30 [ 61.571245][ T309] CPU: 0 PID: 309 Comm: kworker/u4:4 Not tainted 5.7.0-syzkaller #0 [ 61.579216][ T309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.589315][ T309] Workqueue: writeback wb_workfn (flush-8:0) [ 61.595375][ T309] Call Trace: [ 61.598667][ T309] dump_stack+0x188/0x20d [ 61.603713][ T309] debug_smp_processor_id.cold+0x88/0x9b [ 61.609352][ T309] ext4_mb_new_blocks+0xa77/0x3b30 [ 61.614471][ T309] ? __kmalloc+0x62f/0x7a0 [ 61.618935][ T309] ? ext4_ext_search_right+0x2ca/0xb20 [ 61.624391][ T309] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 61.630113][ T309] ext4_ext_map_blocks+0x2044/0x3410 [ 61.635405][ T309] ? ext4_ext_release+0x10/0x10 [ 61.640281][ T309] ? __down_timeout+0x2d0/0x2d0 [ 61.645139][ T309] ? ext4_es_lookup_extent+0x41d/0xd30 [ 61.650597][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.656064][ T309] ext4_map_blocks+0x4cb/0x1640 [ 61.660927][ T309] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 61.666131][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.671594][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.677137][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.683126][ T309] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 61.688587][ T309] ext4_writepages+0x1ab7/0x3400 [ 61.693549][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 61.699198][ T309] ? __lock_acquire+0x2224/0x48a0 [ 61.704236][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 61.710220][ T309] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 61.716203][ T309] ? __ext4_mark_inode_dirty+0x950/0x950 [ 61.721830][ T309] ? do_writepages+0xfa/0x2a0 [ 61.726507][ T309] do_writepages+0xfa/0x2a0 [ 61.731015][ T309] ? page_writeback_cpu_online+0x10/0x10 [ 61.736663][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.742140][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.747721][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.753798][ T309] ? lock_downgrade+0x840/0x840 [ 61.758662][ T309] __writeback_single_inode+0x12a/0x1410 [ 61.764816][ T309] ? _raw_spin_unlock+0x24/0x40 [ 61.769667][ T309] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 61.775671][ T309] writeback_sb_inodes+0x515/0xdd0 [ 61.780793][ T309] ? __writeback_single_inode+0x1410/0x1410 [ 61.786790][ T309] __writeback_inodes_wb+0xc3/0x250 [ 61.791993][ T309] wb_writeback+0x910/0xd90 [ 61.796497][ T309] ? print_usage_bug+0x240/0x240 [ 61.801436][ T309] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 61.807763][ T309] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 61.813665][ T309] ? cpumask_next+0x3c/0x40 [ 61.818167][ T309] ? get_nr_dirty_inodes+0xd6/0x130 [ 61.823392][ T309] wb_workfn+0xadf/0x10d0 [ 61.827856][ T309] ? inode_wait_for_writeback+0x30/0x30 [ 61.833400][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 61.838886][ T309] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.844431][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.850417][ T309] process_one_work+0x965/0x16a0 [ 61.855359][ T309] ? lock_release+0x800/0x800 [ 61.860033][ T309] ? pwq_dec_nr_in_flight+0x310/0x310 [ 61.865404][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 61.870359][ T309] worker_thread+0x96/0xe10 [ 61.874983][ T309] ? process_one_work+0x16a0/0x16a0 [ 61.880200][ T309] kthread+0x388/0x470 [ 61.884265][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 61.889979][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 61.895698][ T309] ret_from_fork+0x24/0x30 [ 62.117220][ T309] tipc: TX() has been purged, node left! [ 62.619371][ T309] ================================================================== [ 62.627586][ T309] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x7a7/0x880 [ 62.635471][ T309] Write of size 1 at addr ffff8880a2b511e4 by task kworker/u4:4/309 [ 62.643453][ T309] [ 62.645781][ T309] CPU: 0 PID: 309 Comm: kworker/u4:4 Not tainted 5.7.0-syzkaller #0 [ 62.653763][ T309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.663819][ T309] Workqueue: netns cleanup_net [ 62.668575][ T309] Call Trace: [ 62.671866][ T309] dump_stack+0x188/0x20d [ 62.676202][ T309] ? afs_wake_up_async_call+0x7a7/0x880 [ 62.681780][ T309] ? afs_wake_up_async_call+0x7a7/0x880 [ 62.687318][ T309] ? afs_put_call+0xa70/0xa70 [ 62.691999][ T309] print_address_description.constprop.0.cold+0xd3/0x413 [ 62.699287][ T309] ? vprintk_func+0x97/0x1a6 [ 62.703878][ T309] ? afs_wake_up_async_call+0x7a7/0x880 [ 62.709686][ T309] kasan_report.cold+0x1f/0x37 [ 62.714460][ T309] ? afs_wake_up_async_call+0x7a7/0x880 [ 62.721924][ T309] afs_wake_up_async_call+0x7a7/0x880 [ 62.727294][ T309] ? do_raw_spin_lock+0x129/0x2e0 [ 62.732315][ T309] ? afs_close_socket+0x320/0x320 [ 62.737331][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 62.743565][ T309] ? rcu_read_lock_held+0x9c/0xb0 [ 62.748586][ T309] ? rcu_read_lock_held_common+0xa0/0xa0 [ 62.754218][ T309] ? afs_close_socket+0x320/0x320 [ 62.759240][ T309] ? afs_put_call+0xa70/0xa70 [ 62.763923][ T309] rxrpc_notify_socket+0x1e5/0x5e0 [ 62.769038][ T309] ? afs_put_call+0xa70/0xa70 [ 62.773735][ T309] __rxrpc_set_call_completion.part.0+0x172/0x420 [ 62.780147][ T309] rxrpc_call_completed+0xca/0xf0 [ 62.785899][ T309] rxrpc_discard_prealloc+0x786/0xac0 [ 62.791461][ T309] ? lock_sock_nested+0x94/0x110 [ 62.797356][ T309] rxrpc_listen+0x147/0x360 [ 62.802239][ T309] afs_close_socket+0x95/0x320 [ 62.807435][ T309] ? afs_purge_servers+0x16d/0x300 [ 62.813425][ T309] ? afs_rx_discard_new_call+0x50/0x50 [ 62.818885][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 62.825049][ T309] ? init_wait_var_entry+0x200/0x200 [ 62.830422][ T309] ? rcu_read_lock_held_common+0xa0/0xa0 [ 62.836081][ T309] afs_net_exit+0x1bc/0x310 [ 62.840586][ T309] ? afs_net_init+0xe30/0xe30 [ 62.845431][ T309] ops_exit_list.isra.0+0xa8/0x150 [ 62.850646][ T309] cleanup_net+0x511/0xa50 [ 62.855060][ T309] ? unregister_pernet_device+0x70/0x70 [ 62.860614][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 62.866598][ T309] process_one_work+0x965/0x16a0 [ 62.871540][ T309] ? lock_release+0x800/0x800 [ 62.876211][ T309] ? pwq_dec_nr_in_flight+0x310/0x310 [ 62.881583][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 62.886528][ T309] worker_thread+0x96/0xe10 [ 62.891054][ T309] ? process_one_work+0x16a0/0x16a0 [ 62.908202][ T309] kthread+0x388/0x470 [ 62.912267][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.917980][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.923698][ T309] ret_from_fork+0x24/0x30 [ 62.928117][ T309] [ 62.930449][ T309] Allocated by task 6818: [ 62.934796][ T309] save_stack+0x1b/0x40 [ 62.938946][ T309] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 62.944851][ T309] kmem_cache_alloc_trace+0x153/0x7d0 [ 62.950648][ T309] afs_alloc_call+0x55/0x640 [ 62.955230][ T309] afs_charge_preallocation+0xe9/0x2d0 [ 62.960677][ T309] afs_open_socket+0x292/0x360 [ 62.965455][ T309] afs_net_init+0xa6c/0xe30 [ 62.969951][ T309] ops_init+0xaf/0x420 [ 62.974011][ T309] setup_net+0x2de/0x860 [ 62.978255][ T309] copy_net_ns+0x293/0x590 [ 62.982661][ T309] create_new_namespaces+0x3fb/0xb30 [ 62.987945][ T309] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 62.993579][ T309] ksys_unshare+0x43d/0x8e0 [ 62.998203][ T309] __x64_sys_unshare+0x2d/0x40 [ 63.002978][ T309] do_syscall_64+0xf6/0x7d0 [ 63.007482][ T309] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 63.013385][ T309] [ 63.015708][ T309] Freed by task 309: [ 63.019608][ T309] save_stack+0x1b/0x40 [ 63.023767][ T309] __kasan_slab_free+0xf7/0x140 [ 63.028618][ T309] kfree+0x109/0x2b0 [ 63.032518][ T309] afs_put_call+0x59b/0xa70 [ 63.037025][ T309] rxrpc_discard_prealloc+0x769/0xac0 [ 63.042395][ T309] rxrpc_listen+0x147/0x360 [ 63.046907][ T309] afs_close_socket+0x95/0x320 [ 63.051670][ T309] afs_net_exit+0x1bc/0x310 [ 63.056180][ T309] ops_exit_list.isra.0+0xa8/0x150 [ 63.061294][ T309] cleanup_net+0x511/0xa50 [ 63.065720][ T309] process_one_work+0x965/0x16a0 [ 63.070716][ T309] worker_thread+0x96/0xe10 [ 63.075371][ T309] kthread+0x388/0x470 [ 63.079419][ T309] ret_from_fork+0x24/0x30 [ 63.083804][ T309] [ 63.086111][ T309] The buggy address belongs to the object at ffff8880a2b51000 [ 63.086111][ T309] which belongs to the cache kmalloc-1k of size 1024 [ 63.100159][ T309] The buggy address is located 484 bytes inside of [ 63.100159][ T309] 1024-byte region [ffff8880a2b51000, ffff8880a2b51400) [ 63.113489][ T309] The buggy address belongs to the page: [ 63.119113][ T309] page:ffffea00028ad440 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 63.128191][ T309] flags: 0xfffe0000000200(slab) [ 63.133035][ T309] raw: 00fffe0000000200 ffffea00029ab108 ffffea000277a2c8 ffff8880aa000c40 [ 63.141625][ T309] raw: 0000000000000000 ffff8880a2b51000 0000000100000002 0000000000000000 [ 63.150186][ T309] page dumped because: kasan: bad access detected [ 63.156573][ T309] [ 63.158887][ T309] Memory state around the buggy address: [ 63.164494][ T309] ffff8880a2b51080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.172529][ T309] ffff8880a2b51100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.180568][ T309] >ffff8880a2b51180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.188611][ T309] ^ [ 63.195780][ T309] ffff8880a2b51200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.203813][ T309] ffff8880a2b51280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.211862][ T309] ================================================================== [ 63.219900][ T309] Disabling lock debugging due to kernel taint [ 63.226095][ T309] Kernel panic - not syncing: panic_on_warn set ... [ 63.232676][ T309] CPU: 0 PID: 309 Comm: kworker/u4:4 Tainted: G B 5.7.0-syzkaller #0 [ 63.242028][ T309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.252086][ T309] Workqueue: netns cleanup_net [ 63.256861][ T309] Call Trace: [ 63.260152][ T309] dump_stack+0x188/0x20d [ 63.264458][ T309] ? afs_wake_up_async_call+0x6b0/0x880 [ 63.269974][ T309] ? afs_put_call+0xa70/0xa70 [ 63.274622][ T309] panic+0x2e3/0x75c [ 63.278492][ T309] ? add_taint.cold+0x16/0x16 [ 63.283152][ T309] ? retint_kernel+0x2b/0x2b [ 63.287729][ T309] ? trace_hardirqs_on+0x55/0x230 [ 63.292753][ T309] ? afs_wake_up_async_call+0x7a7/0x880 [ 63.298277][ T309] ? afs_wake_up_async_call+0x7a7/0x880 [ 63.303806][ T309] ? afs_put_call+0xa70/0xa70 [ 63.308457][ T309] end_report+0x4d/0x53 [ 63.312598][ T309] kasan_report.cold+0xd/0x37 [ 63.317265][ T309] ? afs_wake_up_async_call+0x7a7/0x880 [ 63.322789][ T309] afs_wake_up_async_call+0x7a7/0x880 [ 63.328143][ T309] ? do_raw_spin_lock+0x129/0x2e0 [ 63.333138][ T309] ? afs_close_socket+0x320/0x320 [ 63.338134][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 63.343040][ T309] ? rcu_read_lock_held+0x9c/0xb0 [ 63.348041][ T309] ? rcu_read_lock_held_common+0xa0/0xa0 [ 63.353655][ T309] ? afs_close_socket+0x320/0x320 [ 63.358651][ T309] ? afs_put_call+0xa70/0xa70 [ 63.363298][ T309] rxrpc_notify_socket+0x1e5/0x5e0 [ 63.368383][ T309] ? afs_put_call+0xa70/0xa70 [ 63.373118][ T309] __rxrpc_set_call_completion.part.0+0x172/0x420 [ 63.379589][ T309] rxrpc_call_completed+0xca/0xf0 [ 63.384618][ T309] rxrpc_discard_prealloc+0x786/0xac0 [ 63.389967][ T309] ? lock_sock_nested+0x94/0x110 [ 63.394879][ T309] rxrpc_listen+0x147/0x360 [ 63.399372][ T309] afs_close_socket+0x95/0x320 [ 63.404119][ T309] ? afs_purge_servers+0x16d/0x300 [ 63.409222][ T309] ? afs_rx_discard_new_call+0x50/0x50 [ 63.414664][ T309] ? debug_smp_processor_id+0x2f/0x185 [ 63.420118][ T309] ? init_wait_var_entry+0x200/0x200 [ 63.425483][ T309] ? rcu_read_lock_held_common+0xa0/0xa0 [ 63.431100][ T309] afs_net_exit+0x1bc/0x310 [ 63.435581][ T309] ? afs_net_init+0xe30/0xe30 [ 63.440290][ T309] ops_exit_list.isra.0+0xa8/0x150 [ 63.445376][ T309] cleanup_net+0x511/0xa50 [ 63.449791][ T309] ? unregister_pernet_device+0x70/0x70 [ 63.455318][ T309] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.461278][ T309] process_one_work+0x965/0x16a0 [ 63.466194][ T309] ? lock_release+0x800/0x800 [ 63.470945][ T309] ? pwq_dec_nr_in_flight+0x310/0x310 [ 63.476314][ T309] ? rwlock_bug.part.0+0x90/0x90 [ 63.481241][ T309] worker_thread+0x96/0xe10 [ 63.485742][ T309] ? process_one_work+0x16a0/0x16a0 [ 63.490911][ T309] kthread+0x388/0x470 [ 63.494966][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.500656][ T309] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.506356][ T309] ret_from_fork+0x24/0x30 [ 63.511999][ T309] Kernel Offset: disabled [ 63.516313][ T309] Rebooting in 86400 seconds..