[ 57.423678][ T7] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 57.429679][ T7] writeback_sb_inodes+0x515/0xdc0 [ 57.434827][ T7] ? __writeback_single_inode+0x13d0/0x13d0 [ 57.440762][ T7] __writeback_inodes_wb+0xc3/0x250 [ 57.445989][ T7] wb_writeback+0x8db/0xd50 [ 57.450526][ T7] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 57.456880][ T7] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 57.462799][ T7] ? cpumask_next+0x3c/0x40 [ 57.467331][ T7] ? get_nr_dirty_inodes+0xd6/0x130 [ 57.472640][ T7] wb_workfn+0xab3/0x1090 [ 57.477009][ T7] ? inode_wait_for_writeback+0x30/0x30 [ 57.482584][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 57.488149][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 57.494148][ T7] process_one_work+0x965/0x1690 [ 57.499114][ T7] ? lock_release+0x800/0x800 [ 57.503806][ T7] ? pwq_dec_nr_in_flight+0x310/0x310 [ 57.509192][ T7] ? rwlock_bug.part.0+0x90/0x90 [ 57.514133][ T7] worker_thread+0x96/0xe10 [ 57.518644][ T7] ? process_one_work+0x1690/0x1690 [ 57.523837][ T7] kthread+0x3b5/0x4a0 [ 57.527928][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 57.533635][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 57.539345][ T7] ret_from_fork+0x1f/0x30 Starting Load/Save RF Kill Switch Status... [ 57.625402][ T6727] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6727 [ 57.635147][ T6727] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 57.641202][ T6727] CPU: 1 PID: 6727 Comm: systemd-rfkill Not tainted 5.8.0-rc1-syzkaller #0 [ 57.649782][ T6727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.659866][ T6727] Call Trace: [ 57.663163][ T6727] dump_stack+0x18f/0x20d [ 57.667497][ T6727] check_preemption_disabled+0x20d/0x220 [ 57.673201][ T6727] ext4_mb_new_blocks+0xa4d/0x3b70 [ 57.678441][ T6727] ? ext4_ext_search_right+0x2ca/0xb20 [ 57.683940][ T6727] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 57.689794][ T6727] ext4_ext_map_blocks+0x201b/0x33e0 [ 57.695083][ T6727] ? ext4_ext_release+0x10/0x10 [ 57.699928][ T6727] ? down_write_killable+0x170/0x170 [ 57.705194][ T6727] ? ext4_es_lookup_extent+0x41d/0xd10 [ 57.710635][ T6727] ext4_map_blocks+0x4cb/0x1640 [ 57.715475][ T6727] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 57.720673][ T6727] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 57.726231][ T6727] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 57.732190][ T6727] ? prandom_u32_state+0xe/0x170 [ 57.737147][ T6727] ? __brelse+0x84/0xa0 [ 57.741300][ T6727] ? __ext4_new_inode+0x144/0x55e0 [ 57.746761][ T6727] ext4_getblk+0xad/0x520 [ 57.751178][ T6727] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 57.757009][ T6727] ? ext4_free_inode+0x1700/0x1700 [ 57.762111][ T6727] ext4_bread+0x7c/0x380 [ 57.766340][ T6727] ? ext4_getblk+0x520/0x520 [ 57.771101][ T6727] ? dquot_get_next_dqblk+0x180/0x180 [ 57.776457][ T6727] ext4_append+0x153/0x360 [ 57.780876][ T6727] ext4_mkdir+0x5e0/0xdf0 [ 57.785207][ T6727] ? ext4_rmdir+0xde0/0xde0 [ 57.789704][ T6727] ? security_inode_permission+0xc4/0xf0 [ 57.795333][ T6727] vfs_mkdir+0x419/0x690 [ 57.799695][ T6727] do_mkdirat+0x21e/0x280 [ 57.804176][ T6727] ? __ia32_sys_mknod+0xb0/0xb0 [ 57.809039][ T6727] ? do_syscall_64+0x1c/0xe0 [ 57.813629][ T6727] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 57.819975][ T6727] do_syscall_64+0x60/0xe0 [ 57.824390][ T6727] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.830555][ T6727] RIP: 0033:0x7f7a08f1b687 [ 57.834949][ T6727] Code: Bad RIP value. [ 57.838996][ T6727] RSP: 002b:00007ffe31ddebd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 57.847386][ T6727] RAX: ffffffffffffffda RBX: 000055ea77bd4985 RCX: 00007f7a08f1b687 [ 57.855500][ T6727] RDX: 00007ffe31ddeaa0 RSI: 00000000000001ed RDI: 000055ea77bd4985 [ 57.863487][ T6727] RBP: 00007f7a08f1b680 R08: 0000000000000100 R09: 0000000000000000 [ 57.871442][ T6727] R10: 000055ea77bd4980 R11: 0000000000000246 R12: 00000000000001ed [ 57.879485][ T6727] R13: 00007ffe31dded60 R14: 0000000000000000 R15: 0000000000000000 [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.54' (ECDSA) to the list of known hosts. 2020/06/15 20:43:41 fuzzer started 2020/06/15 20:43:42 connecting to host at 10.128.0.26:37845 2020/06/15 20:43:42 checking machine... 2020/06/15 20:43:42 checking revisions... 2020/06/15 20:43:42 testing simple program... syzkaller login: [ 63.428271][ T6799] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6799 [ 63.437411][ T6799] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.443504][ T6799] CPU: 1 PID: 6799 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 63.452051][ T6799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.462101][ T6799] Call Trace: [ 63.465385][ T6799] dump_stack+0x18f/0x20d [ 63.470074][ T6799] check_preemption_disabled+0x20d/0x220 [ 63.475692][ T6799] ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.480813][ T6799] ? ext4_ext_search_right+0x2ca/0xb20 [ 63.486272][ T6799] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 63.491994][ T6799] ext4_ext_map_blocks+0x201b/0x33e0 [ 63.497271][ T6799] ? ext4_ext_release+0x10/0x10 [ 63.502228][ T6799] ? down_write_killable+0x170/0x170 [ 63.507497][ T6799] ? ext4_es_lookup_extent+0x41d/0xd10 [ 63.513134][ T6799] ext4_map_blocks+0x4cb/0x1640 [ 63.517982][ T6799] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 63.523165][ T6799] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.528699][ T6799] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.534662][ T6799] ? prandom_u32_state+0xe/0x170 [ 63.539585][ T6799] ? __brelse+0x84/0xa0 [ 63.543725][ T6799] ? __ext4_new_inode+0x144/0x55e0 [ 63.548920][ T6799] ext4_getblk+0xad/0x520 [ 63.553237][ T6799] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 63.559059][ T6799] ? ext4_free_inode+0x1700/0x1700 [ 63.564191][ T6799] ext4_bread+0x7c/0x380 [ 63.568451][ T6799] ? ext4_getblk+0x520/0x520 [ 63.573125][ T6799] ? dquot_get_next_dqblk+0x180/0x180 [ 63.578498][ T6799] ext4_append+0x153/0x360 [ 63.582993][ T6799] ext4_mkdir+0x5e0/0xdf0 [ 63.587314][ T6799] ? ext4_rmdir+0xde0/0xde0 [ 63.591804][ T6799] ? security_inode_permission+0xc4/0xf0 [ 63.597429][ T6799] vfs_mkdir+0x419/0x690 [ 63.601668][ T6799] do_mkdirat+0x21e/0x280 [ 63.606007][ T6799] ? __ia32_sys_mknod+0xb0/0xb0 [ 63.610850][ T6799] ? do_syscall_64+0x1c/0xe0 [ 63.615440][ T6799] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 63.621441][ T6799] do_syscall_64+0x60/0xe0 [ 63.625869][ T6799] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.631757][ T6799] RIP: 0033:0x4b02a0 [ 63.635637][ T6799] Code: Bad RIP value. [ 63.639690][ T6799] RSP: 002b:000000c0000e54b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 63.648083][ T6799] RAX: ffffffffffffffda RBX: 000000c00002e500 RCX: 00000000004b02a0 [ 63.656067][ T6799] RDX: 00000000000001c0 RSI: 000000c000026580 RDI: ffffffffffffff9c [ 63.664034][ T6799] RBP: 000000c0000e5510 R08: 0000000000000000 R09: 0000000000000000 [ 63.672002][ T6799] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 63.679962][ T6799] R13: 000000000000002d R14: 000000000000002c R15: 0000000000000100 [ 63.918887][ T6801] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6801 [ 63.928620][ T6801] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.934631][ T6801] CPU: 0 PID: 6801 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 63.943269][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.953306][ T6801] Call Trace: [ 63.956583][ T6801] dump_stack+0x18f/0x20d [ 63.960906][ T6801] check_preemption_disabled+0x20d/0x220 [ 63.966539][ T6801] ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.971639][ T6801] ? ext4_ext_search_right+0x2ca/0xb20 [ 63.977080][ T6801] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 63.982786][ T6801] ext4_ext_map_blocks+0x201b/0x33e0 [ 63.988229][ T6801] ? ext4_ext_release+0x10/0x10 [ 63.993097][ T6801] ? down_write_killable+0x170/0x170 [ 63.998362][ T6801] ? ext4_es_lookup_extent+0x41d/0xd10 [ 64.005285][ T6801] ext4_map_blocks+0x4cb/0x1640 [ 64.010134][ T6801] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 64.015338][ T6801] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.020865][ T6801] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.026831][ T6801] ? prandom_u32_state+0xe/0x170 [ 64.031751][ T6801] ? __brelse+0x84/0xa0 [ 64.035889][ T6801] ? __ext4_new_inode+0x144/0x55e0 [ 64.041000][ T6801] ext4_getblk+0xad/0x520 [ 64.045339][ T6801] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 64.051229][ T6801] ? ext4_free_inode+0x1700/0x1700 [ 64.056493][ T6801] ext4_bread+0x7c/0x380 [ 64.061192][ T6801] ? ext4_getblk+0x520/0x520 [ 64.065889][ T6801] ? dquot_get_next_dqblk+0x180/0x180 [ 64.071257][ T6801] ext4_append+0x153/0x360 [ 64.075685][ T6801] ext4_mkdir+0x5e0/0xdf0 [ 64.080001][ T6801] ? ext4_rmdir+0xde0/0xde0 [ 64.084494][ T6801] ? security_inode_permission+0xc4/0xf0 [ 64.090130][ T6801] vfs_mkdir+0x419/0x690 [ 64.094357][ T6801] do_mkdirat+0x21e/0x280 [ 64.098684][ T6801] ? __ia32_sys_mknod+0xb0/0xb0 [ 64.103516][ T6801] ? do_syscall_64+0x1c/0xe0 [ 64.108210][ T6801] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 64.114193][ T6801] do_syscall_64+0x60/0xe0 [ 64.118638][ T6801] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.124511][ T6801] RIP: 0033:0x45bed7 [ 64.128385][ T6801] Code: Bad RIP value. [ 64.132429][ T6801] RSP: 002b:00007ffd0a87f928 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 64.141038][ T6801] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 64.149001][ T6801] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007ffd0a87fb00 [ 64.156987][ T6801] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000003940 [ 64.164953][ T6801] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 64.172911][ T6801] R13: 00007ffd0a87fb00 R14: 8421084210842109 R15: 00007ffd0a87fb0c [ 64.259141][ T6802] IPVS: ftp: loaded support on port[0] = 21 [ 64.296726][ T6802] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6802 [ 64.306346][ T6802] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.312378][ T6802] CPU: 1 PID: 6802 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 64.321348][ T6802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.331417][ T6802] Call Trace: [ 64.334712][ T6802] dump_stack+0x18f/0x20d [ 64.339030][ T6802] check_preemption_disabled+0x20d/0x220 [ 64.344806][ T6802] ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.349935][ T6802] ? ext4_ext_search_right+0x2ca/0xb20 [ 64.355389][ T6802] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 64.361115][ T6802] ext4_ext_map_blocks+0x201b/0x33e0 [ 64.366395][ T6802] ? ext4_ext_release+0x10/0x10 [ 64.371254][ T6802] ? down_write_killable+0x170/0x170 [ 64.376798][ T6802] ? ext4_es_lookup_extent+0x41d/0xd10 [ 64.382263][ T6802] ext4_map_blocks+0x4cb/0x1640 [ 64.387712][ T6802] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 64.392901][ T6802] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.398451][ T6802] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.404442][ T6802] ? prandom_u32_state+0xe/0x170 [ 64.409461][ T6802] ? __brelse+0x84/0xa0 [ 64.413598][ T6802] ? __ext4_new_inode+0x144/0x55e0 [ 64.418692][ T6802] ext4_getblk+0xad/0x520 [ 64.423025][ T6802] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 64.428727][ T6802] ? ext4_free_inode+0x1700/0x1700 [ 64.433827][ T6802] ext4_bread+0x7c/0x380 [ 64.438070][ T6802] ? ext4_getblk+0x520/0x520 [ 64.442651][ T6802] ? dquot_get_next_dqblk+0x180/0x180 [ 64.448032][ T6802] ext4_append+0x153/0x360 [ 64.452515][ T6802] ext4_mkdir+0x5e0/0xdf0 [ 64.457428][ T6802] ? ext4_rmdir+0xde0/0xde0 [ 64.461934][ T6802] ? security_inode_permission+0xc4/0xf0 [ 64.467560][ T6802] vfs_mkdir+0x419/0x690 [ 64.471787][ T6802] do_mkdirat+0x21e/0x280 [ 64.476117][ T6802] ? __ia32_sys_mknod+0xb0/0xb0 [ 64.481061][ T6802] ? do_syscall_64+0x1c/0xe0 [ 64.485659][ T6802] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 64.491645][ T6802] do_syscall_64+0x60/0xe0 [ 64.496201][ T6802] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.502256][ T6802] RIP: 0033:0x45bed7 [ 64.506140][ T6802] Code: Bad RIP value. [ 64.510189][ T6802] RSP: 002b:00007ffd0a87f818 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 64.520337][ T6802] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 64.528376][ T6802] RDX: 00007ffd0a87f863 RSI: 00000000000001ff RDI: 00007ffd0a87f860 [ 64.536331][ T6802] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 64.544569][ T6802] R10: 0000000000000064 R11: 0000000000000206 R12: 00000000004185c0 [ 64.552524][ T6802] R13: 00007ffd0a87f850 R14: 0000000000000000 R15: 00007ffd0a87f860 [ 64.603584][ T6802] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6802 [ 64.613213][ T6802] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.619130][ T6802] CPU: 0 PID: 6802 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 64.627895][ T6802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.637959][ T6802] Call Trace: [ 64.641271][ T6802] dump_stack+0x18f/0x20d [ 64.645623][ T6802] check_preemption_disabled+0x20d/0x220 [ 64.651273][ T6802] ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.656417][ T6802] ? ext4_ext_search_right+0x2ca/0xb20 [ 64.661886][ T6802] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 64.667632][ T6802] ext4_ext_map_blocks+0x201b/0x33e0 [ 64.672943][ T6802] ? ext4_ext_release+0x10/0x10 [ 64.677919][ T6802] ? down_write_killable+0x170/0x170 [ 64.683243][ T6802] ? ext4_es_lookup_extent+0x41d/0xd10 [ 64.689671][ T6802] ext4_map_blocks+0x4cb/0x1640 [ 64.694542][ T6802] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 64.700609][ T6802] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.706167][ T6802] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.712143][ T6802] ? prandom_u32_state+0xe/0x170 [ 64.717203][ T6802] ? __brelse+0x84/0xa0 [ 64.721578][ T6802] ? __ext4_new_inode+0x144/0x55e0 [ 64.726840][ T6802] ext4_getblk+0xad/0x520 [ 64.731162][ T6802] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 64.737112][ T6802] ? ext4_free_inode+0x1700/0x1700 [ 64.742224][ T6802] ext4_bread+0x7c/0x380 [ 64.746463][ T6802] ? ext4_getblk+0x520/0x520 [ 64.751047][ T6802] ? dquot_get_next_dqblk+0x180/0x180 [ 64.756420][ T6802] ext4_append+0x153/0x360 [ 64.761101][ T6802] ext4_mkdir+0x5e0/0xdf0 [ 64.765428][ T6802] ? ext4_rmdir+0xde0/0xde0 [ 64.769919][ T6802] ? security_inode_permission+0xc4/0xf0 [ 64.775549][ T6802] vfs_mkdir+0x419/0x690 [ 64.779780][ T6802] do_mkdirat+0x21e/0x280 [ 64.784094][ T6802] ? __ia32_sys_mknod+0xb0/0xb0 [ 64.788948][ T6802] ? do_syscall_64+0x1c/0xe0 [ 64.794926][ T6802] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 2020/06/15 20:43:43 building call list... [ 64.800891][ T6802] do_syscall_64+0x60/0xe0 [ 64.805294][ T6802] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.811167][ T6802] RIP: 0033:0x45bed7 [ 64.815039][ T6802] Code: Bad RIP value. [ 64.819202][ T6802] RSP: 002b:00007ffd0a87f818 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 64.828665][ T6802] RAX: ffffffffffffffda RBX: 000000000000fc56 RCX: 000000000045bed7 [ 64.836632][ T6802] RDX: 00007ffd0a87f863 RSI: 00000000000001ff RDI: 00007ffd0a87f860 [ 64.844628][ T6802] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 64.852579][ T6802] R10: 0000000000000064 R11: 0000000000000206 R12: 0000000000000003 [ 64.860547][ T6802] R13: 00007ffd0a87f850 R14: 000000000000fc48 R15: 00007ffd0a87f860 [ 65.132159][ T26] tipc: TX() has been purged, node left! [ 65.644503][ T26] ================================================================== [ 65.652896][ T26] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 65.660828][ T26] Write of size 1 at addr ffff8880a07911e4 by task kworker/u4:2/26 [ 65.668717][ T26] [ 65.671056][ T26] CPU: 1 PID: 26 Comm: kworker/u4:2 Not tainted 5.8.0-rc1-syzkaller #0 [ 65.679425][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.689841][ T26] Workqueue: netns cleanup_net [ 65.694610][ T26] Call Trace: [ 65.697906][ T26] dump_stack+0x18f/0x20d [ 65.702421][ T26] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.708121][ T26] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.713671][ T26] ? afs_put_call+0xa40/0xa40 [ 65.718359][ T26] print_address_description.constprop.0.cold+0xd3/0x413 [ 65.725390][ T26] ? vprintk_func+0x97/0x1a6 [ 65.729984][ T26] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.735616][ T26] kasan_report.cold+0x1f/0x37 [ 65.740387][ T26] ? rcu_read_lock_held_common+0x51/0xa0 [ 65.746016][ T26] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.751568][ T26] afs_wake_up_async_call+0x6aa/0x770 [ 65.756960][ T26] ? afs_close_socket+0x320/0x320 [ 65.761994][ T26] ? afs_put_call+0xa40/0xa40 [ 65.766672][ T26] rxrpc_notify_socket+0x1db/0x5d0 [ 65.771810][ T26] ? afs_put_call+0xa40/0xa40 [ 65.776492][ T26] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 65.782962][ T26] rxrpc_call_completed+0xca/0xf0 [ 65.788001][ T26] rxrpc_discard_prealloc+0x781/0xab0 [ 65.793383][ T26] ? lock_sock_nested+0x94/0x110 [ 65.798326][ T26] rxrpc_listen+0x147/0x360 [ 65.802834][ T26] afs_close_socket+0x95/0x320 [ 65.807598][ T26] ? afs_purge_servers+0x16d/0x300 [ 65.812729][ T26] ? afs_rx_discard_new_call+0x50/0x50 [ 65.818193][ T26] ? init_wait_var_entry+0x200/0x200 [ 65.823501][ T26] ? rcu_read_lock_held_common+0xa0/0xa0 [ 65.829136][ T26] ? check_preemption_disabled+0x38/0x220 [ 65.834868][ T26] afs_net_exit+0x1bc/0x310 [ 65.839459][ T26] ? afs_net_init+0xe30/0xe30 [ 65.844136][ T26] ops_exit_list.isra.0+0xa8/0x150 [ 65.849251][ T26] cleanup_net+0x511/0xa50 [ 65.853669][ T26] ? unregister_pernet_device+0x70/0x70 [ 65.859219][ T26] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 65.865220][ T26] process_one_work+0x965/0x1690 [ 65.870171][ T26] ? lock_release+0x800/0x800 [ 65.875201][ T26] ? pwq_dec_nr_in_flight+0x310/0x310 [ 65.880687][ T26] ? rwlock_bug.part.0+0x90/0x90 [ 65.885638][ T26] worker_thread+0x96/0xe10 [ 65.890155][ T26] ? process_one_work+0x1690/0x1690 [ 65.895626][ T26] kthread+0x3b5/0x4a0 [ 65.899693][ T26] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 65.905410][ T26] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 65.911222][ T26] ret_from_fork+0x1f/0x30 [ 65.915682][ T26] [ 65.918007][ T26] Allocated by task 6802: [ 65.922343][ T26] save_stack+0x1b/0x40 [ 65.926518][ T26] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 65.932144][ T26] kmem_cache_alloc_trace+0x153/0x7d0 [ 65.937513][ T26] afs_alloc_call+0x55/0x630 [ 65.942103][ T26] afs_charge_preallocation+0xe9/0x2d0 [ 65.947600][ T26] afs_open_socket+0x292/0x360 [ 65.952372][ T26] afs_net_init+0xa6c/0xe30 [ 65.956886][ T26] ops_init+0xaf/0x420 [ 65.960960][ T26] setup_net+0x2de/0x860 [ 65.965238][ T26] copy_net_ns+0x293/0x590 [ 65.969663][ T26] create_new_namespaces+0x3fb/0xb30 [ 65.974965][ T26] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 65.980603][ T26] ksys_unshare+0x43d/0x8e0 [ 65.985107][ T26] __x64_sys_unshare+0x2d/0x40 [ 65.989869][ T26] do_syscall_64+0x60/0xe0 [ 65.994288][ T26] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 66.000175][ T26] [ 66.002508][ T26] Freed by task 26: [ 66.006329][ T26] save_stack+0x1b/0x40 [ 66.010581][ T26] __kasan_slab_free+0xf7/0x140 [ 66.015447][ T26] kfree+0x109/0x2b0 [ 66.019349][ T26] afs_put_call+0x585/0xa40 [ 66.023859][ T26] rxrpc_discard_prealloc+0x764/0xab0 [ 66.029229][ T26] rxrpc_listen+0x147/0x360 [ 66.033841][ T26] afs_close_socket+0x95/0x320 [ 66.038607][ T26] afs_net_exit+0x1bc/0x310 [ 66.043113][ T26] ops_exit_list.isra.0+0xa8/0x150 [ 66.048246][ T26] cleanup_net+0x511/0xa50 [ 66.052667][ T26] process_one_work+0x965/0x1690 [ 66.057626][ T26] worker_thread+0x96/0xe10 [ 66.062247][ T26] kthread+0x3b5/0x4a0 [ 66.066328][ T26] ret_from_fork+0x1f/0x30 [ 66.070748][ T26] [ 66.073168][ T26] The buggy address belongs to the object at ffff8880a0791000 [ 66.073168][ T26] which belongs to the cache kmalloc-1k of size 1024 [ 66.087743][ T26] The buggy address is located 484 bytes inside of [ 66.087743][ T26] 1024-byte region [ffff8880a0791000, ffff8880a0791400) [ 66.101093][ T26] The buggy address belongs to the page: [ 66.106737][ T26] page:ffffea000281e440 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 66.116710][ T26] flags: 0xfffe0000000200(slab) [ 66.121563][ T26] raw: 00fffe0000000200 ffffea0002a1d648 ffffea0002916c48 ffff8880aa000c40 [ 66.130152][ T26] raw: 0000000000000000 ffff8880a0791000 0000000100000002 0000000000000000 [ 66.138755][ T26] page dumped because: kasan: bad access detected [ 66.145166][ T26] [ 66.147619][ T26] Memory state around the buggy address: [ 66.154216][ T26] ffff8880a0791080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.162454][ T26] ffff8880a0791100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.170512][ T26] >ffff8880a0791180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.178576][ T26] ^ [ 66.185767][ T26] ffff8880a0791200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.193913][ T26] ffff8880a0791280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.201967][ T26] ================================================================== [ 66.210130][ T26] Disabling lock debugging due to kernel taint [ 66.216350][ T26] Kernel panic - not syncing: panic_on_warn set ... [ 66.222952][ T26] CPU: 1 PID: 26 Comm: kworker/u4:2 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 66.233452][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.243635][ T26] Workqueue: netns cleanup_net [ 66.248412][ T26] Call Trace: [ 66.251716][ T26] dump_stack+0x18f/0x20d [ 66.256070][ T26] ? afs_wake_up_async_call+0x670/0x770 [ 66.261628][ T26] ? afs_put_call+0xa40/0xa40 [ 66.266317][ T26] panic+0x2e3/0x75c [ 66.270231][ T26] ? __warn_printk+0xf3/0xf3 [ 66.274840][ T26] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 66.281049][ T26] ? trace_hardirqs_on+0x55/0x220 [ 66.286096][ T26] ? afs_wake_up_async_call+0x6aa/0x770 [ 66.291645][ T26] ? afs_wake_up_async_call+0x6aa/0x770 [ 66.297185][ T26] ? afs_put_call+0xa40/0xa40 [ 66.301874][ T26] end_report+0x4d/0x53 [ 66.306040][ T26] kasan_report.cold+0xd/0x37 [ 66.310720][ T26] ? rcu_read_lock_held_common+0x51/0xa0 [ 66.316350][ T26] ? afs_wake_up_async_call+0x6aa/0x770 [ 66.321891][ T26] afs_wake_up_async_call+0x6aa/0x770 [ 66.327285][ T26] ? afs_close_socket+0x320/0x320 [ 66.332301][ T26] ? afs_put_call+0xa40/0xa40 [ 66.337408][ T26] rxrpc_notify_socket+0x1db/0x5d0 [ 66.342518][ T26] ? afs_put_call+0xa40/0xa40 [ 66.347196][ T26] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 66.353610][ T26] rxrpc_call_completed+0xca/0xf0 [ 66.358651][ T26] rxrpc_discard_prealloc+0x781/0xab0 [ 66.364020][ T26] ? lock_sock_nested+0x94/0x110 [ 66.368955][ T26] rxrpc_listen+0x147/0x360 [ 66.373459][ T26] afs_close_socket+0x95/0x320 [ 66.378304][ T26] ? afs_purge_servers+0x16d/0x300 [ 66.383411][ T26] ? afs_rx_discard_new_call+0x50/0x50 [ 66.388880][ T26] ? init_wait_var_entry+0x200/0x200 [ 66.394180][ T26] ? rcu_read_lock_held_common+0xa0/0xa0 [ 66.399814][ T26] ? check_preemption_disabled+0x38/0x220 [ 66.405536][ T26] afs_net_exit+0x1bc/0x310 [ 66.411110][ T26] ? afs_net_init+0xe30/0xe30 [ 66.415794][ T26] ops_exit_list.isra.0+0xa8/0x150 [ 66.420908][ T26] cleanup_net+0x511/0xa50 [ 66.425335][ T26] ? unregister_pernet_device+0x70/0x70 [ 66.430879][ T26] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 66.436858][ T26] process_one_work+0x965/0x1690 [ 66.441794][ T26] ? lock_release+0x800/0x800 [ 66.446466][ T26] ? pwq_dec_nr_in_flight+0x310/0x310 [ 66.451863][ T26] ? rwlock_bug.part.0+0x90/0x90 [ 66.456939][ T26] worker_thread+0x96/0xe10 [ 66.461461][ T26] ? process_one_work+0x1690/0x1690 [ 66.466659][ T26] kthread+0x3b5/0x4a0 [ 66.470997][ T26] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 66.476719][ T26] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 66.482439][ T26] ret_from_fork+0x1f/0x30 [ 66.488337][ T26] Kernel Offset: disabled [ 66.493181][ T26] Rebooting in 86400 seconds..