Warning: Permanently added '10.128.0.224' (ECDSA) to the list of known hosts. 2020/06/17 18:50:42 fuzzer started 2020/06/17 18:50:42 connecting to host at 10.128.0.26:42951 2020/06/17 18:50:42 checking machine... 2020/06/17 18:50:42 checking revisions... 2020/06/17 18:50:42 testing simple program... syzkaller login: [ 66.551125][ T6785] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6785 [ 66.560326][ T6785] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.566654][ T6785] CPU: 1 PID: 6785 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 66.574924][ T6785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.585341][ T6785] Call Trace: [ 66.588660][ T6785] dump_stack+0x18f/0x20d [ 66.592979][ T6785] check_preemption_disabled+0x20d/0x220 [ 66.598607][ T6785] ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.603705][ T6785] ? ext4_ext_search_right+0x2ca/0xb20 [ 66.609146][ T6785] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 66.614878][ T6785] ext4_ext_map_blocks+0x201b/0x33e0 [ 66.620160][ T6785] ? ext4_ext_release+0x10/0x10 [ 66.625015][ T6785] ? down_write_killable+0x170/0x170 [ 66.630295][ T6785] ? ext4_es_lookup_extent+0x41d/0xd10 [ 66.635740][ T6785] ext4_map_blocks+0x4cb/0x1640 [ 66.640663][ T6785] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 66.645842][ T6785] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 66.651369][ T6785] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 66.657478][ T6785] ? prandom_u32_state+0xe/0x170 [ 66.662448][ T6785] ? __brelse+0x84/0xa0 [ 66.666602][ T6785] ? __ext4_new_inode+0x144/0x55e0 [ 66.671738][ T6785] ext4_getblk+0xad/0x520 [ 66.676074][ T6785] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 66.681820][ T6785] ? ext4_free_inode+0x1700/0x1700 [ 66.686944][ T6785] ext4_bread+0x7c/0x380 [ 66.691256][ T6785] ? ext4_getblk+0x520/0x520 [ 66.695849][ T6785] ? dquot_get_next_dqblk+0x180/0x180 [ 66.701297][ T6785] ext4_append+0x153/0x360 [ 66.705736][ T6785] ext4_mkdir+0x5e0/0xdf0 [ 66.710049][ T6785] ? ext4_rmdir+0xde0/0xde0 [ 66.714617][ T6785] ? security_inode_permission+0xc4/0xf0 [ 66.720258][ T6785] vfs_mkdir+0x419/0x690 [ 66.724488][ T6785] do_mkdirat+0x21e/0x280 [ 66.728808][ T6785] ? __ia32_sys_mknod+0xb0/0xb0 [ 66.733649][ T6785] ? do_syscall_64+0x1c/0xe0 [ 66.738229][ T6785] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 66.744286][ T6785] do_syscall_64+0x60/0xe0 [ 66.748720][ T6785] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 66.755315][ T6785] RIP: 0033:0x4b02a0 [ 66.759189][ T6785] Code: Bad RIP value. [ 66.763249][ T6785] RSP: 002b:000000c0003c34b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 66.771647][ T6785] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b02a0 [ 66.779621][ T6785] RDX: 00000000000001c0 RSI: 000000c0000265a0 RDI: ffffffffffffff9c [ 66.787724][ T6785] RBP: 000000c0003c3510 R08: 0000000000000000 R09: 0000000000000000 [ 66.795681][ T6785] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 66.803666][ T6785] R13: 000000000000002e R14: 000000000000002d R15: 0000000000000100 [ 66.829838][ T6799] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6799 [ 66.839489][ T6799] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.845536][ T6799] CPU: 0 PID: 6799 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 66.854131][ T6799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.864248][ T6799] Call Trace: [ 66.867547][ T6799] dump_stack+0x18f/0x20d [ 66.871906][ T6799] check_preemption_disabled+0x20d/0x220 [ 66.877574][ T6799] ext4_mb_new_blocks+0xa4d/0x3b70 [ 66.882705][ T6799] ? ext4_ext_search_right+0x2ca/0xb20 [ 66.888172][ T6799] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 66.893896][ T6799] ext4_ext_map_blocks+0x201b/0x33e0 [ 66.899173][ T6799] ? ext4_ext_release+0x10/0x10 [ 66.904032][ T6799] ? down_write_killable+0x170/0x170 [ 66.909295][ T6799] ? ext4_es_lookup_extent+0x41d/0xd10 [ 66.915518][ T6799] ext4_map_blocks+0x4cb/0x1640 [ 66.920368][ T6799] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 66.925565][ T6799] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 66.931089][ T6799] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 66.937045][ T6799] ? prandom_u32_state+0xe/0x170 [ 66.941978][ T6799] ? __brelse+0x84/0xa0 [ 66.946111][ T6799] ? __ext4_new_inode+0x144/0x55e0 [ 66.951209][ T6799] ext4_getblk+0xad/0x520 [ 66.955534][ T6799] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 66.961232][ T6799] ? ext4_free_inode+0x1700/0x1700 [ 66.966342][ T6799] ext4_bread+0x7c/0x380 [ 66.970578][ T6799] ? ext4_getblk+0x520/0x520 [ 66.975167][ T6799] ? dquot_get_next_dqblk+0x180/0x180 [ 66.980542][ T6799] ext4_append+0x153/0x360 [ 66.984959][ T6799] ext4_mkdir+0x5e0/0xdf0 [ 66.989311][ T6799] ? ext4_rmdir+0xde0/0xde0 [ 66.993836][ T6799] ? security_inode_permission+0xc4/0xf0 [ 66.999485][ T6799] vfs_mkdir+0x419/0x690 [ 67.003733][ T6799] do_mkdirat+0x21e/0x280 [ 67.008052][ T6799] ? __ia32_sys_mknod+0xb0/0xb0 [ 67.012893][ T6799] ? do_syscall_64+0x1c/0xe0 [ 67.017479][ T6799] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.023476][ T6799] do_syscall_64+0x60/0xe0 [ 67.027922][ T6799] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.033792][ T6799] RIP: 0033:0x45bed7 [ 67.037658][ T6799] Code: Bad RIP value. [ 67.041716][ T6799] RSP: 002b:00007fff54c1e858 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 67.050112][ T6799] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 67.058077][ T6799] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007fff54c1ea30 [ 67.066055][ T6799] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000003340 [ 67.074007][ T6799] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 67.081973][ T6799] R13: 00007fff54c1ea30 R14: 8421084210842109 R15: 00007fff54c1ea3c [ 67.104828][ T1155] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1155 [ 67.114266][ T1155] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.120322][ T1155] CPU: 1 PID: 1155 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 67.128564][ T1155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.138624][ T1155] Call Trace: [ 67.141968][ T1155] dump_stack+0x18f/0x20d [ 67.146365][ T1155] check_preemption_disabled+0x20d/0x220 [ 67.152009][ T1155] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.157139][ T1155] ? ext4_find_extent+0x81a/0xad0 [ 67.162185][ T1155] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.167658][ T1155] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 67.173395][ T1155] ext4_ext_map_blocks+0x201b/0x33e0 [ 67.178710][ T1155] ? ext4_ext_release+0x10/0x10 [ 67.183596][ T1155] ? down_write_killable+0x170/0x170 [ 67.189154][ T1155] ? ext4_es_lookup_extent+0x41d/0xd10 [ 67.194633][ T1155] ext4_map_blocks+0x4cb/0x1640 [ 67.199500][ T1155] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 67.204756][ T1155] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 67.210319][ T1155] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 67.213420][ T6800] IPVS: ftp: loaded support on port[0] = 21 [ 67.216309][ T1155] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 67.216360][ T1155] ext4_writepages+0x1a7b/0x33c0 [ 67.216387][ T1155] ? lock_release+0x7f0/0x800 [ 67.237358][ T1155] ? __ext4_mark_inode_dirty+0x940/0x940 [ 67.243043][ T1155] ? __ext4_mark_inode_dirty+0x940/0x940 [ 67.248788][ T1155] ? do_writepages+0xfa/0x2a0 [ 67.253489][ T1155] do_writepages+0xfa/0x2a0 [ 67.258033][ T1155] ? page_writeback_cpu_online+0x10/0x10 [ 67.263709][ T1155] ? do_raw_spin_lock+0x120/0x2d0 [ 67.268941][ T1155] ? do_raw_spin_unlock+0x171/0x260 [ 67.274161][ T1155] ? _raw_spin_unlock+0x24/0x40 [ 67.278165][ T6800] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6800 [ 67.279022][ T1155] __filemap_fdatawrite_range+0x2aa/0x390 [ 67.288534][ T6800] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.294096][ T1155] ? collapse_file+0x35a2/0x4330 [ 67.304904][ T1155] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 67.310974][ T1155] ? _raw_spin_unlock_irq+0x1f/0x80 [ 67.316166][ T1155] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.322181][ T1155] collapse_file+0x35ac/0x4330 [ 67.327129][ T1155] ? collapse_huge_page+0x4350/0x4350 [ 67.332510][ T1155] ? khugepaged+0x2506/0x3fc0 [ 67.338134][ T1155] ? xas_find+0x31a/0x880 [ 67.342481][ T1155] ? check_preemption_disabled+0x38/0x220 [ 67.348189][ T1155] khugepaged+0x3041/0x3fc0 [ 67.352699][ T1155] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 67.358350][ T1155] ? lock_downgrade+0x840/0x840 [ 67.363212][ T1155] ? finish_wait+0x260/0x260 [ 67.367843][ T1155] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 67.373648][ T1155] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.379643][ T1155] ? __kthread_parkme+0x13f/0x1e0 [ 67.384654][ T1155] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 67.390275][ T1155] kthread+0x3b5/0x4a0 [ 67.394327][ T1155] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 67.400044][ T1155] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 67.405752][ T1155] ret_from_fork+0x1f/0x30 [ 67.410170][ T6800] CPU: 0 PID: 6800 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 67.418763][ T6800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.429072][ T6800] Call Trace: [ 67.432561][ T6800] dump_stack+0x18f/0x20d [ 67.436878][ T6800] check_preemption_disabled+0x20d/0x220 [ 67.442493][ T6800] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.447612][ T6800] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.453058][ T6800] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 67.458778][ T6800] ext4_ext_map_blocks+0x201b/0x33e0 [ 67.464069][ T6800] ? ext4_ext_release+0x10/0x10 [ 67.468969][ T6800] ? down_write_killable+0x170/0x170 [ 67.474262][ T6800] ? ext4_es_lookup_extent+0x41d/0xd10 [ 67.479735][ T6800] ext4_map_blocks+0x4cb/0x1640 [ 67.484740][ T6800] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 67.489975][ T6800] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 67.495529][ T6800] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 67.501512][ T6800] ? prandom_u32_state+0xe/0x170 [ 67.506460][ T6800] ? __brelse+0x84/0xa0 [ 67.510627][ T6800] ? __ext4_new_inode+0x144/0x55e0 [ 67.515746][ T6800] ext4_getblk+0xad/0x520 [ 67.520098][ T6800] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 67.523285][ T1155] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1155 [ 67.525850][ T6800] ? ext4_free_inode+0x1700/0x1700 [ 67.525887][ T6800] ext4_bread+0x7c/0x380 [ 67.525914][ T6800] ? ext4_getblk+0x520/0x520 [ 67.525948][ T6800] ? dquot_get_next_dqblk+0x180/0x180 [ 67.525978][ T6800] ext4_append+0x153/0x360 [ 67.526017][ T6800] ext4_mkdir+0x5e0/0xdf0 [ 67.526049][ T6800] ? ext4_rmdir+0xde0/0xde0 [ 67.526089][ T6800] ? security_inode_permission+0xc4/0xf0 [ 67.526117][ T6800] vfs_mkdir+0x419/0x690 [ 67.526138][ T6800] do_mkdirat+0x21e/0x280 [ 67.526169][ T6800] ? __ia32_sys_mknod+0xb0/0xb0 [ 67.526210][ T6800] ? do_syscall_64+0x1c/0xe0 [ 67.526245][ T6800] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.526279][ T6800] do_syscall_64+0x60/0xe0 [ 67.536389][ T1155] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.541456][ T6800] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.614429][ T6800] RIP: 0033:0x45bed7 [ 67.618302][ T6800] Code: Bad RIP value. [ 67.622353][ T6800] RSP: 002b:00007fff54c1e748 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 67.630776][ T6800] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 67.638732][ T6800] RDX: 00007fff54c1e793 RSI: 00000000000001ff RDI: 00007fff54c1e790 [ 67.646695][ T6800] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 67.654662][ T6800] R10: 0000000000000064 R11: 0000000000000206 R12: 00000000004185c0 [ 67.662627][ T6800] R13: 00007fff54c1e780 R14: 0000000000000000 R15: 00007fff54c1e790 [ 67.670622][ T1155] CPU: 1 PID: 1155 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 67.679130][ T1155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.689185][ T1155] Call Trace: [ 67.692484][ T1155] dump_stack+0x18f/0x20d [ 67.696827][ T1155] check_preemption_disabled+0x20d/0x220 [ 67.702471][ T1155] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.707640][ T1155] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.713138][ T1155] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 67.719316][ T1155] ext4_ext_map_blocks+0x201b/0x33e0 [ 67.724617][ T1155] ? ext4_ext_release+0x10/0x10 [ 67.730105][ T1155] ? down_write_killable+0x170/0x170 [ 67.735393][ T1155] ? ext4_es_lookup_extent+0x41d/0xd10 [ 67.740861][ T1155] ext4_map_blocks+0x4cb/0x1640 [ 67.745724][ T1155] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 67.750945][ T1155] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 67.756497][ T1155] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 67.762655][ T1155] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 67.768122][ T1155] ext4_writepages+0x1a7b/0x33c0 [ 67.773066][ T1155] ? lock_release+0x7f0/0x800 [ 67.777775][ T1155] ? __ext4_mark_inode_dirty+0x940/0x940 [ 67.783455][ T1155] ? __ext4_mark_inode_dirty+0x940/0x940 [ 67.789095][ T1155] ? do_writepages+0xfa/0x2a0 [ 67.793775][ T1155] do_writepages+0xfa/0x2a0 [ 67.798304][ T1155] ? page_writeback_cpu_online+0x10/0x10 [ 67.803944][ T1155] ? do_raw_spin_lock+0x120/0x2d0 [ 67.808973][ T1155] ? do_raw_spin_unlock+0x171/0x260 [ 67.814177][ T1155] ? _raw_spin_unlock+0x24/0x40 [ 67.819036][ T1155] __filemap_fdatawrite_range+0x2aa/0x390 [ 67.824843][ T1155] ? collapse_file+0x35a2/0x4330 [ 67.826030][ T6800] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6800 [ 67.829828][ T1155] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 67.839263][ T6800] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.845246][ T1155] ? _raw_spin_unlock_irq+0x1f/0x80 [ 67.845264][ T1155] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.845289][ T1155] collapse_file+0x35ac/0x4330 [ 67.845323][ T1155] ? collapse_huge_page+0x4350/0x4350 [ 67.872824][ T1155] ? khugepaged+0x2506/0x3fc0 [ 67.877514][ T1155] ? xas_find+0x31a/0x880 [ 67.881832][ T1155] ? check_preemption_disabled+0x38/0x220 [ 67.887560][ T1155] khugepaged+0x3041/0x3fc0 [ 67.892070][ T1155] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 67.898297][ T1155] ? lock_downgrade+0x840/0x840 [ 67.903133][ T1155] ? finish_wait+0x260/0x260 [ 67.907710][ T1155] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 67.913499][ T1155] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 67.919468][ T1155] ? __kthread_parkme+0x13f/0x1e0 [ 67.924478][ T1155] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 67.930095][ T1155] kthread+0x3b5/0x4a0 [ 67.934147][ T1155] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 67.943071][ T1155] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 67.948804][ T1155] ret_from_fork+0x1f/0x30 [ 67.953242][ T6800] CPU: 0 PID: 6800 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 67.961836][ T6800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.971921][ T6800] Call Trace: [ 67.975253][ T6800] dump_stack+0x18f/0x20d [ 67.979597][ T6800] check_preemption_disabled+0x20d/0x220 [ 67.985230][ T6800] ext4_mb_new_blocks+0xa4d/0x3b70 [ 67.990409][ T6800] ? ext4_ext_search_right+0x2ca/0xb20 [ 67.995902][ T6800] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 68.001630][ T6800] ext4_ext_map_blocks+0x201b/0x33e0 [ 68.007316][ T6800] ? ext4_ext_release+0x10/0x10 [ 68.012207][ T6800] ? down_write_killable+0x170/0x170 [ 68.017495][ T6800] ? ext4_es_lookup_extent+0x41d/0xd10 [ 68.022977][ T6800] ext4_map_blocks+0x4cb/0x1640 [ 68.027859][ T6800] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 68.029094][ T1155] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1155 [ 68.033052][ T6800] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 68.033070][ T6800] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 68.033088][ T6800] ? prandom_u32_state+0xe/0x170 [ 68.042150][ T1155] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.047658][ T6800] ? __brelse+0x84/0xa0 [ 68.047674][ T6800] ? __ext4_new_inode+0x144/0x55e0 [ 68.047695][ T6800] ext4_getblk+0xad/0x520 [ 68.047713][ T6800] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 68.047735][ T6800] ? ext4_free_inode+0x1700/0x1700 [ 68.089229][ T6800] ext4_bread+0x7c/0x380 [ 68.093457][ T6800] ? ext4_getblk+0x520/0x520 [ 68.098033][ T6800] ? dquot_get_next_dqblk+0x180/0x180 [ 68.103396][ T6800] ext4_append+0x153/0x360 [ 68.107801][ T6800] ext4_mkdir+0x5e0/0xdf0 [ 68.112121][ T6800] ? ext4_rmdir+0xde0/0xde0 [ 68.116616][ T6800] ? security_inode_permission+0xc4/0xf0 [ 68.122238][ T6800] vfs_mkdir+0x419/0x690 [ 68.126495][ T6800] do_mkdirat+0x21e/0x280 [ 68.130829][ T6800] ? __ia32_sys_mknod+0xb0/0xb0 [ 68.135681][ T6800] ? do_syscall_64+0x1c/0xe0 [ 68.140257][ T6800] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 68.146233][ T6800] do_syscall_64+0x60/0xe0 [ 68.150634][ T6800] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.156511][ T6800] RIP: 0033:0x45bed7 [ 68.160497][ T6800] Code: Bad RIP value. [ 68.164544][ T6800] RSP: 002b:00007fff54c1e748 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 68.172937][ T6800] RAX: ffffffffffffffda RBX: 00000000000108e7 RCX: 000000000045bed7 [ 68.180897][ T6800] RDX: 00007fff54c1e793 RSI: 00000000000001ff RDI: 00007fff54c1e790 [ 68.188854][ T6800] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 68.196827][ T6800] R10: 0000000000000064 R11: 0000000000000206 R12: 0000000000000003 [ 68.204886][ T6800] R13: 00007fff54c1e780 R14: 000000000001087a R15: 00007fff54c1e790 [ 68.212876][ T1155] CPU: 1 PID: 1155 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 68.221138][ T1155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.231197][ T1155] Call Trace: [ 68.234507][ T1155] dump_stack+0x18f/0x20d [ 68.238856][ T1155] check_preemption_disabled+0x20d/0x220 [ 68.244498][ T1155] ext4_mb_new_blocks+0xa4d/0x3b70 [ 68.249632][ T1155] ? ext4_ext_search_right+0x2ca/0xb20 [ 68.255129][ T1155] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 68.261291][ T1155] ext4_ext_map_blocks+0x201b/0x33e0 [ 68.266591][ T1155] ? ext4_ext_release+0x10/0x10 [ 68.271468][ T1155] ? down_write_killable+0x170/0x170 [ 68.276758][ T1155] ? ext4_es_lookup_extent+0x41d/0xd10 [ 68.282568][ T1155] ext4_map_blocks+0x4cb/0x1640 [ 68.287410][ T1155] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 68.292603][ T1155] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 68.298188][ T1155] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 68.304150][ T1155] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 68.309682][ T1155] ext4_writepages+0x1a7b/0x33c0 [ 68.314605][ T1155] ? lock_release+0x7f0/0x800 [ 68.319278][ T1155] ? __ext4_mark_inode_dirty+0x940/0x940 [ 68.324915][ T1155] ? __ext4_mark_inode_dirty+0x940/0x940 [ 68.330533][ T1155] ? do_writepages+0xfa/0x2a0 [ 68.335225][ T1155] do_writepages+0xfa/0x2a0 [ 68.339732][ T1155] ? page_writeback_cpu_online+0x10/0x10 [ 68.345435][ T1155] ? do_raw_spin_lock+0x120/0x2d0 [ 68.350447][ T1155] ? do_raw_spin_unlock+0x171/0x260 [ 68.355630][ T1155] ? _raw_spin_unlock+0x24/0x40 [ 68.360480][ T1155] __filemap_fdatawrite_range+0x2aa/0x390 [ 68.366183][ T1155] ? collapse_file+0x35a2/0x4330 [ 68.371203][ T1155] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 68.377265][ T1155] ? _raw_spin_unlock_irq+0x1f/0x80 [ 68.382448][ T1155] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 68.388432][ T1155] collapse_file+0x35ac/0x4330 [ 68.393199][ T1155] ? collapse_huge_page+0x4350/0x4350 [ 68.398553][ T1155] ? khugepaged+0x2506/0x3fc0 [ 68.403228][ T1155] ? xas_find+0x31a/0x880 [ 68.407560][ T1155] ? check_preemption_disabled+0x38/0x220 [ 68.413265][ T1155] khugepaged+0x3041/0x3fc0 [ 68.417781][ T1155] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 68.423407][ T1155] ? lock_downgrade+0x840/0x840 [ 68.428336][ T1155] ? finish_wait+0x260/0x260 [ 68.432911][ T1155] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 68.438701][ T1155] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 68.444667][ T1155] ? __kthread_parkme+0x13f/0x1e0 [ 68.449676][ T1155] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 68.455308][ T1155] kthread+0x3b5/0x4a0 [ 68.459362][ T1155] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 68.465063][ T1155] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 68.470768][ T1155] ret_from_fork+0x1f/0x30 2020/06/17 18:50:45 building call list... [ 68.676096][ T356] tipc: TX() has been purged, node left! [ 69.187474][ T356] ================================================================== [ 69.195710][ T356] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 69.203699][ T356] Write of size 1 at addr ffff8880a82ff9e4 by task kworker/u4:5/356 [ 69.211663][ T356] [ 69.213994][ T356] CPU: 0 PID: 356 Comm: kworker/u4:5 Not tainted 5.8.0-rc1-syzkaller #0 [ 69.222312][ T356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.232385][ T356] Workqueue: netns cleanup_net [ 69.237141][ T356] Call Trace: [ 69.240435][ T356] dump_stack+0x18f/0x20d [ 69.244767][ T356] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.250309][ T356] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.255859][ T356] ? afs_put_call+0xa40/0xa40 [ 69.260538][ T356] print_address_description.constprop.0.cold+0xd3/0x413 [ 69.267585][ T356] ? vprintk_func+0x97/0x1a6 [ 69.272888][ T356] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.278460][ T356] kasan_report.cold+0x1f/0x37 [ 69.283229][ T356] ? rcu_read_lock_held_common+0x51/0xa0 [ 69.288855][ T356] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.294402][ T356] afs_wake_up_async_call+0x6aa/0x770 [ 69.299787][ T356] ? afs_close_socket+0x320/0x320 [ 69.304811][ T356] ? afs_put_call+0xa40/0xa40 [ 69.311569][ T356] rxrpc_notify_socket+0x1db/0x5d0 [ 69.316707][ T356] ? afs_put_call+0xa40/0xa40 [ 69.321391][ T356] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 69.327816][ T356] rxrpc_call_completed+0xca/0xf0 [ 69.332862][ T356] rxrpc_discard_prealloc+0x781/0xab0 [ 69.338247][ T356] ? lock_sock_nested+0x94/0x110 [ 69.343190][ T356] rxrpc_listen+0x147/0x360 [ 69.347694][ T356] afs_close_socket+0x95/0x320 [ 69.352466][ T356] ? afs_purge_servers+0x16d/0x300 [ 69.357578][ T356] ? afs_rx_discard_new_call+0x50/0x50 [ 69.363064][ T356] ? init_wait_var_entry+0x200/0x200 [ 69.368364][ T356] ? rcu_read_lock_held_common+0xa0/0xa0 [ 69.373997][ T356] ? check_preemption_disabled+0x38/0x220 [ 69.379805][ T356] afs_net_exit+0x1bc/0x310 [ 69.384313][ T356] ? afs_net_init+0xe30/0xe30 [ 69.389006][ T356] ops_exit_list.isra.0+0xa8/0x150 [ 69.394121][ T356] cleanup_net+0x511/0xa50 [ 69.398557][ T356] ? unregister_pernet_device+0x70/0x70 [ 69.404138][ T356] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.410135][ T356] process_one_work+0x965/0x1690 [ 69.415113][ T356] ? lock_release+0x800/0x800 [ 69.419794][ T356] ? pwq_dec_nr_in_flight+0x310/0x310 [ 69.425171][ T356] ? rwlock_bug.part.0+0x90/0x90 [ 69.430143][ T356] worker_thread+0x96/0xe10 [ 69.434662][ T356] ? process_one_work+0x1690/0x1690 [ 69.439861][ T356] kthread+0x3b5/0x4a0 [ 69.443928][ T356] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 69.449658][ T356] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 69.455489][ T356] ret_from_fork+0x1f/0x30 [ 69.459921][ T356] [ 69.462247][ T356] Allocated by task 6800: [ 69.466583][ T356] save_stack+0x1b/0x40 [ 69.470746][ T356] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 69.476377][ T356] kmem_cache_alloc_trace+0x153/0x7d0 [ 69.481744][ T356] afs_alloc_call+0x55/0x630 [ 69.486332][ T356] afs_charge_preallocation+0xe9/0x2d0 [ 69.491785][ T356] afs_open_socket+0x292/0x360 [ 69.496549][ T356] afs_net_init+0xa6c/0xe30 [ 69.501066][ T356] ops_init+0xaf/0x420 [ 69.505127][ T356] setup_net+0x2de/0x860 [ 69.509369][ T356] copy_net_ns+0x293/0x590 [ 69.513784][ T356] create_new_namespaces+0x3fb/0xb30 [ 69.519065][ T356] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 69.524692][ T356] ksys_unshare+0x43d/0x8e0 [ 69.529193][ T356] __x64_sys_unshare+0x2d/0x40 [ 69.533950][ T356] do_syscall_64+0x60/0xe0 [ 69.538367][ T356] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.544245][ T356] [ 69.546592][ T356] Freed by task 356: [ 69.550484][ T356] save_stack+0x1b/0x40 [ 69.554636][ T356] __kasan_slab_free+0xf7/0x140 [ 69.559481][ T356] kfree+0x109/0x2b0 [ 69.563561][ T356] afs_put_call+0x585/0xa40 [ 69.568086][ T356] rxrpc_discard_prealloc+0x764/0xab0 [ 69.573454][ T356] rxrpc_listen+0x147/0x360 [ 69.577977][ T356] afs_close_socket+0x95/0x320 [ 69.582751][ T356] afs_net_exit+0x1bc/0x310 [ 69.587354][ T356] ops_exit_list.isra.0+0xa8/0x150 [ 69.592545][ T356] cleanup_net+0x511/0xa50 [ 69.596957][ T356] process_one_work+0x965/0x1690 [ 69.601917][ T356] worker_thread+0x96/0xe10 [ 69.606419][ T356] kthread+0x3b5/0x4a0 [ 69.610496][ T356] ret_from_fork+0x1f/0x30 [ 69.614919][ T356] [ 69.617361][ T356] The buggy address belongs to the object at ffff8880a82ff800 [ 69.617361][ T356] which belongs to the cache kmalloc-1k of size 1024 [ 69.631502][ T356] The buggy address is located 484 bytes inside of [ 69.631502][ T356] 1024-byte region [ffff8880a82ff800, ffff8880a82ffc00) [ 69.644941][ T356] The buggy address belongs to the page: [ 69.650571][ T356] page:ffffea0002a0bfc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 69.659687][ T356] flags: 0xfffe0000000200(slab) [ 69.664537][ T356] raw: 00fffe0000000200 ffffea00027a1188 ffffea0002a44f88 ffff8880aa000c40 [ 69.673124][ T356] raw: 0000000000000000 ffff8880a82ff000 0000000100000002 0000000000000000 [ 69.681724][ T356] page dumped because: kasan: bad access detected [ 69.688119][ T356] [ 69.690438][ T356] Memory state around the buggy address: [ 69.696060][ T356] ffff8880a82ff880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.704136][ T356] ffff8880a82ff900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.712243][ T356] >ffff8880a82ff980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.720301][ T356] ^ [ 69.727507][ T356] ffff8880a82ffa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.735561][ T356] ffff8880a82ffa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.743692][ T356] ================================================================== [ 69.751762][ T356] Disabling lock debugging due to kernel taint [ 69.757954][ T356] Kernel panic - not syncing: panic_on_warn set ... [ 69.764557][ T356] CPU: 0 PID: 356 Comm: kworker/u4:5 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 69.774256][ T356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.784316][ T356] Workqueue: netns cleanup_net [ 69.789070][ T356] Call Trace: [ 69.792367][ T356] dump_stack+0x18f/0x20d [ 69.796716][ T356] ? afs_wake_up_async_call+0x690/0x770 [ 69.802263][ T356] ? afs_put_call+0xa40/0xa40 [ 69.806935][ T356] panic+0x2e3/0x75c [ 69.810827][ T356] ? __warn_printk+0xf3/0xf3 [ 69.815421][ T356] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 69.821574][ T356] ? trace_hardirqs_on+0x55/0x220 [ 69.826591][ T356] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.832124][ T356] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.837670][ T356] ? afs_put_call+0xa40/0xa40 [ 69.842373][ T356] end_report+0x4d/0x53 [ 69.846524][ T356] kasan_report.cold+0xd/0x37 [ 69.851213][ T356] ? rcu_read_lock_held_common+0x51/0xa0 [ 69.856836][ T356] ? afs_wake_up_async_call+0x6aa/0x770 [ 69.862395][ T356] afs_wake_up_async_call+0x6aa/0x770 [ 69.867861][ T356] ? afs_close_socket+0x320/0x320 [ 69.873067][ T356] ? afs_put_call+0xa40/0xa40 [ 69.877743][ T356] rxrpc_notify_socket+0x1db/0x5d0 [ 69.882847][ T356] ? afs_put_call+0xa40/0xa40 [ 69.887535][ T356] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 69.893942][ T356] rxrpc_call_completed+0xca/0xf0 [ 69.898963][ T356] rxrpc_discard_prealloc+0x781/0xab0 [ 69.904349][ T356] ? lock_sock_nested+0x94/0x110 [ 69.909279][ T356] rxrpc_listen+0x147/0x360 [ 69.913779][ T356] afs_close_socket+0x95/0x320 [ 69.918535][ T356] ? afs_purge_servers+0x16d/0x300 [ 69.923725][ T356] ? afs_rx_discard_new_call+0x50/0x50 [ 69.929188][ T356] ? init_wait_var_entry+0x200/0x200 [ 69.934474][ T356] ? rcu_read_lock_held_common+0xa0/0xa0 [ 69.940106][ T356] ? check_preemption_disabled+0x38/0x220 [ 69.945818][ T356] afs_net_exit+0x1bc/0x310 [ 69.950317][ T356] ? afs_net_init+0xe30/0xe30 [ 69.954990][ T356] ops_exit_list.isra.0+0xa8/0x150 [ 69.960093][ T356] cleanup_net+0x511/0xa50 [ 69.964502][ T356] ? unregister_pernet_device+0x70/0x70 [ 69.970244][ T356] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.976219][ T356] process_one_work+0x965/0x1690 [ 69.981150][ T356] ? lock_release+0x800/0x800 [ 69.985832][ T356] ? pwq_dec_nr_in_flight+0x310/0x310 [ 69.991216][ T356] ? rwlock_bug.part.0+0x90/0x90 [ 69.996148][ T356] worker_thread+0x96/0xe10 [ 70.000653][ T356] ? process_one_work+0x1690/0x1690 [ 70.006218][ T356] kthread+0x3b5/0x4a0 [ 70.010277][ T356] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 70.015990][ T356] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 70.021704][ T356] ret_from_fork+0x1f/0x30 [ 70.027747][ T356] Kernel Offset: disabled [ 70.032196][ T356] Rebooting in 86400 seconds..