syzkaller login: [ 38.702169][ T6766] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6766 [ 38.711734][ T6766] caller is ext4_mb_new_blocks+0x301/0x1620 [ 38.718233][ T6766] CPU: 1 PID: 6766 Comm: systemd-rfkill Not tainted 5.8.0-rc1-syzkaller #0 [ 38.727028][ T6766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.737191][ T6766] Call Trace: [ 38.740820][ T6766] dump_stack+0x1f0/0x31e [ 38.745505][ T6766] check_preemption_disabled+0x1c9/0x240 [ 38.751134][ T6766] ext4_mb_new_blocks+0x301/0x1620 [ 38.756719][ T6766] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 38.762053][ T6766] ? ext4_map_blocks+0x7ea/0x19e0 [ 38.767096][ T6766] ext4_map_blocks+0x8c1/0x19e0 [ 38.772210][ T6766] ext4_getblk+0xa4/0x460 [ 38.776638][ T6766] ext4_bread+0x48/0x330 [ 38.780976][ T6766] ext4_append+0x153/0x2d0 [ 38.785377][ T6766] ext4_mkdir+0x75f/0x14c0 [ 38.789919][ T6766] vfs_mkdir+0x42a/0x620 [ 38.794251][ T6766] do_mkdirat+0x1b9/0x310 [ 38.798570][ T6766] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.804778][ T6766] do_syscall_64+0x73/0xe0 [ 38.809427][ T6766] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.815392][ T6766] RIP: 0033:0x7fc9870ab687 [ 38.819931][ T6766] Code: Bad RIP value. [ 38.823978][ T6766] RSP: 002b:00007ffc039411e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 38.832368][ T6766] RAX: ffffffffffffffda RBX: 000055911cd89985 RCX: 00007fc9870ab687 [ 38.840320][ T6766] RDX: 00007ffc039410b0 RSI: 00000000000001ed RDI: 000055911cd89985 [ 38.848270][ T6766] RBP: 00007fc9870ab680 R08: 0000000000000100 R09: 0000000000000000 [ 38.856248][ T6766] R10: 000055911cd89980 R11: 0000000000000246 R12: 00000000000001ed [ 38.864220][ T6766] R13: 00007ffc03941370 R14: 0000000000000000 R15: 0000000000000000 Warning: Permanently added '10.128.10.30' (ECDSA) to the list of known hosts. 2020/06/14 21:09:31 fuzzer started 2020/06/14 21:09:31 connecting to host at 10.128.0.26:40091 2020/06/14 21:09:31 checking machine... 2020/06/14 21:09:31 checking revisions... 2020/06/14 21:09:31 testing simple program... [ 44.346233][ T6785] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6785 [ 44.355438][ T6785] caller is ext4_mb_new_blocks+0x301/0x1620 [ 44.361324][ T6785] CPU: 0 PID: 6785 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 44.369706][ T6785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.379954][ T6785] Call Trace: [ 44.383336][ T6785] dump_stack+0x1f0/0x31e [ 44.387672][ T6785] check_preemption_disabled+0x1c9/0x240 [ 44.393484][ T6785] ext4_mb_new_blocks+0x301/0x1620 [ 44.398796][ T6785] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 44.404674][ T6785] ? ext4_map_blocks+0x7ea/0x19e0 [ 44.410563][ T6785] ext4_map_blocks+0x8c1/0x19e0 [ 44.415589][ T6785] ext4_getblk+0xa4/0x460 [ 44.420850][ T6785] ext4_bread+0x48/0x330 [ 44.425181][ T6785] ext4_append+0x153/0x2d0 [ 44.429691][ T6785] ext4_mkdir+0x75f/0x14c0 [ 44.434411][ T6785] vfs_mkdir+0x42a/0x620 [ 44.438838][ T6785] do_mkdirat+0x1b9/0x310 [ 44.443200][ T6785] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.449720][ T6785] do_syscall_64+0x73/0xe0 [ 44.454553][ T6785] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.460713][ T6785] RIP: 0033:0x4b02a0 [ 44.464591][ T6785] Code: Bad RIP value. [ 44.468647][ T6785] RSP: 002b:000000c0000d34b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 44.477050][ T6785] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b02a0 [ 44.485026][ T6785] RDX: 00000000000001c0 RSI: 000000c000110400 RDI: ffffffffffffff9c [ 44.493338][ T6785] RBP: 000000c0000d3510 R08: 0000000000000000 R09: 0000000000000000 [ 44.501387][ T6785] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 44.509483][ T6785] R13: 0000000000000021 R14: 0000000000000020 R15: 0000000000000100 [ 44.526554][ T6797] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6797 [ 44.536911][ T6797] caller is ext4_mb_new_blocks+0x301/0x1620 [ 44.542965][ T6797] CPU: 0 PID: 6797 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 44.551896][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.562031][ T6797] Call Trace: [ 44.565318][ T6797] dump_stack+0x1f0/0x31e [ 44.569644][ T6797] check_preemption_disabled+0x1c9/0x240 [ 44.575883][ T6797] ext4_mb_new_blocks+0x301/0x1620 [ 44.580990][ T6797] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 44.589411][ T6797] ? ext4_map_blocks+0x7ea/0x19e0 [ 44.595248][ T6797] ext4_map_blocks+0x8c1/0x19e0 [ 44.601367][ T6797] ext4_getblk+0xa4/0x460 [ 44.606605][ T6797] ext4_bread+0x48/0x330 [ 44.611316][ T6797] ext4_append+0x153/0x2d0 [ 44.615829][ T6797] ext4_mkdir+0x75f/0x14c0 [ 44.622350][ T6797] vfs_mkdir+0x42a/0x620 [ 44.627126][ T6797] do_mkdirat+0x1b9/0x310 [ 44.631831][ T6797] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.638625][ T6797] do_syscall_64+0x73/0xe0 [ 44.643357][ T6797] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.650106][ T6797] RIP: 0033:0x45bee7 [ 44.654587][ T6797] Code: Bad RIP value. [ 44.658873][ T6797] RSP: 002b:00007fff5d1d9b38 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 44.668934][ T6797] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bee7 [ 44.679208][ T6797] RDX: 0000000000000002 RSI: 00000000000001c0 RDI: 00007fff5d1d9d10 [ 44.688288][ T6797] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000002980 [ 44.696646][ T6797] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 44.707580][ T6797] R13: 00007fff5d1d9d10 R14: 8421084210842109 R15: 00007fff5d1d9d1c [ 44.791257][ T6798] IPVS: ftp: loaded support on port[0] = 21 [ 44.828802][ T6798] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6798 [ 44.840897][ T6798] caller is ext4_mb_new_blocks+0x301/0x1620 [ 44.847642][ T6798] CPU: 1 PID: 6798 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 44.857201][ T6798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.868183][ T6798] Call Trace: [ 44.872007][ T6798] dump_stack+0x1f0/0x31e [ 44.877156][ T6798] check_preemption_disabled+0x1c9/0x240 [ 44.884062][ T6798] ext4_mb_new_blocks+0x301/0x1620 [ 44.890898][ T6798] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 44.900489][ T6798] ? ext4_map_blocks+0x7ea/0x19e0 [ 44.908641][ T6798] ext4_map_blocks+0x8c1/0x19e0 [ 44.915128][ T6798] ext4_getblk+0xa4/0x460 [ 44.922380][ T6798] ext4_bread+0x48/0x330 [ 44.927509][ T6798] ext4_append+0x153/0x2d0 [ 44.932642][ T6798] ext4_mkdir+0x75f/0x14c0 [ 44.937791][ T6798] vfs_mkdir+0x42a/0x620 [ 44.943232][ T6798] do_mkdirat+0x1b9/0x310 [ 44.947834][ T6798] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.955146][ T6798] do_syscall_64+0x73/0xe0 [ 44.960152][ T6798] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.968599][ T6798] RIP: 0033:0x45bee7 [ 44.973053][ T6798] Code: Bad RIP value. [ 44.978139][ T6798] RSP: 002b:00007fff5d1d9a28 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 44.988313][ T6798] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bee7 [ 44.998049][ T6798] RDX: 00007fff5d1d9a73 RSI: 00000000000001ff RDI: 00007fff5d1d9a70 [ 45.007306][ T6798] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 45.017568][ T6798] R10: 0000000000000064 R11: 0000000000000206 R12: 00000000004185d0 [ 45.030551][ T6798] R13: 00007fff5d1d9a60 R14: 0000000000000000 R15: 00007fff5d1d9a70 [ 45.079866][ T6798] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6798 [ 45.091238][ T6798] caller is ext4_mb_new_blocks+0x301/0x1620 [ 45.097876][ T6798] CPU: 0 PID: 6798 Comm: syz-executor.0 Not tainted 5.8.0-rc1-syzkaller #0 [ 45.108517][ T6798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.121544][ T6798] Call Trace: [ 45.125223][ T6798] dump_stack+0x1f0/0x31e [ 45.129855][ T6798] check_preemption_disabled+0x1c9/0x240 [ 45.135598][ T6798] ext4_mb_new_blocks+0x301/0x1620 [ 45.141860][ T6798] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 45.147241][ T6798] ? ext4_map_blocks+0x7ea/0x19e0 [ 45.153107][ T6798] ext4_map_blocks+0x8c1/0x19e0 [ 45.158789][ T6798] ext4_getblk+0xa4/0x460 [ 45.163933][ T6798] ext4_bread+0x48/0x330 [ 45.168868][ T6798] ext4_append+0x153/0x2d0 [ 45.174866][ T6798] ext4_mkdir+0x75f/0x14c0 [ 45.179475][ T6798] vfs_mkdir+0x42a/0x620 [ 45.183904][ T6798] do_mkdirat+0x1b9/0x310 [ 45.188804][ T6798] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.199194][ T6798] do_syscall_64+0x73/0xe0 [ 45.204502][ T6798] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.210981][ T6798] RIP: 0033:0x45bee7 [ 45.215300][ T6798] Code: Bad RIP value. [ 45.219498][ T6798] RSP: 002b:00007fff5d1d9a28 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 2020/06/14 21:09:32 building call list... [ 45.228052][ T6798] RAX: ffffffffffffffda RBX: 000000000000b009 RCX: 000000000045bee7 [ 45.236026][ T6798] RDX: 00007fff5d1d9a73 RSI: 00000000000001ff RDI: 00007fff5d1d9a70 [ 45.245198][ T6798] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 45.253300][ T6798] R10: 0000000000000064 R11: 0000000000000206 R12: 0000000000000003 [ 45.261357][ T6798] R13: 00007fff5d1d9a60 R14: 000000000000aff9 R15: 00007fff5d1d9a70 [ 45.511766][ T7] tipc: TX() has been purged, node left! [ 45.737301][ T1156] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1156 [ 45.746598][ T1156] caller is ext4_mb_new_blocks+0x301/0x1620 [ 45.752590][ T1156] CPU: 1 PID: 1156 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 45.760830][ T1156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.770882][ T1156] Call Trace: [ 45.774177][ T1156] dump_stack+0x1f0/0x31e [ 45.778531][ T1156] check_preemption_disabled+0x1c9/0x240 [ 45.784876][ T1156] ext4_mb_new_blocks+0x301/0x1620 [ 45.790023][ T1156] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 45.795477][ T1156] ? ext4_map_blocks+0x7ea/0x19e0 [ 45.800517][ T1156] ext4_map_blocks+0x8c1/0x19e0 [ 45.805467][ T1156] ext4_writepages+0x150c/0x3750 [ 45.810409][ T1156] ? mark_lock+0x102/0x1b00 [ 45.814912][ T1156] ? __lock_acquire+0x116c/0x2c30 [ 45.819962][ T1156] ? ext4_readpage+0x140/0x140 [ 45.824741][ T1156] do_writepages+0xda/0x1f0 [ 45.829252][ T1156] __filemap_fdatawrite_range+0x2a5/0x350 [ 45.834998][ T1156] collapse_file+0x2edc/0x39d0 [ 45.839781][ T1156] khugepaged_scan_mm_slot+0x6353/0x69a0 [ 45.845419][ T1156] ? __lock_acquire+0x116c/0x2c30 [ 45.850489][ T1156] ? lock_acquire+0x160/0x720 [ 45.855160][ T1156] ? khugepaged_do_scan+0x1ac/0x590 [ 45.860365][ T1156] khugepaged_do_scan+0x22f/0x590 [ 45.865482][ T1156] khugepaged+0xa5/0x7b0 [ 45.869721][ T1156] ? init_wait_entry+0xd0/0xd0 [ 45.874500][ T1156] kthread+0x37e/0x3a0 [ 45.878692][ T1156] ? start_stop_khugepaged+0x3b0/0x3b0 [ 45.884155][ T1156] ? kthread_blkcg+0xd0/0xd0 [ 45.888857][ T1156] ret_from_fork+0x1f/0x30 [ 45.981075][ T1156] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1156 [ 45.990342][ T1156] caller is ext4_mb_new_blocks+0x301/0x1620 [ 45.996342][ T1156] CPU: 1 PID: 1156 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 46.004810][ T1156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.016193][ T1156] Call Trace: [ 46.020056][ T1156] dump_stack+0x1f0/0x31e [ 46.024404][ T1156] check_preemption_disabled+0x1c9/0x240 [ 46.030062][ T1156] ext4_mb_new_blocks+0x301/0x1620 [ 46.035267][ T1156] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 46.040563][ T1156] ? ext4_map_blocks+0x7ea/0x19e0 [ 46.045611][ T1156] ext4_map_blocks+0x8c1/0x19e0 [ 46.050499][ T1156] ext4_writepages+0x150c/0x3750 [ 46.055714][ T1156] ? ext4_readpage+0x140/0x140 [ 46.060957][ T1156] do_writepages+0xda/0x1f0 [ 46.065582][ T1156] __filemap_fdatawrite_range+0x2a5/0x350 [ 46.071327][ T1156] collapse_file+0x2edc/0x39d0 [ 46.076353][ T1156] khugepaged_scan_mm_slot+0x6353/0x69a0 [ 46.082273][ T1156] ? __lock_acquire+0x116c/0x2c30 [ 46.087527][ T1156] ? lock_acquire+0x160/0x720 [ 46.092953][ T1156] ? khugepaged_do_scan+0x1ac/0x590 [ 46.098175][ T1156] khugepaged_do_scan+0x22f/0x590 [ 46.103207][ T1156] khugepaged+0xa5/0x7b0 [ 46.107654][ T1156] ? init_wait_entry+0xd0/0xd0 [ 46.112445][ T1156] kthread+0x37e/0x3a0 [ 46.117133][ T1156] ? start_stop_khugepaged+0x3b0/0x3b0 [ 46.123061][ T1156] ? kthread_blkcg+0xd0/0xd0 [ 46.127923][ T1156] ret_from_fork+0x1f/0x30 [ 46.178454][ T1156] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1156 [ 46.188772][ T1156] caller is ext4_mb_new_blocks+0x301/0x1620 [ 46.195592][ T1156] CPU: 1 PID: 1156 Comm: khugepaged Not tainted 5.8.0-rc1-syzkaller #0 [ 46.204180][ T1156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.214301][ T1156] Call Trace: [ 46.217715][ T1156] dump_stack+0x1f0/0x31e [ 46.222260][ T1156] check_preemption_disabled+0x1c9/0x240 [ 46.228335][ T1156] ext4_mb_new_blocks+0x301/0x1620 [ 46.233830][ T1156] ext4_ext_map_blocks+0x2ad5/0x6d20 [ 46.240629][ T1156] ? ext4_map_blocks+0x7ea/0x19e0 [ 46.245838][ T1156] ext4_map_blocks+0x8c1/0x19e0 [ 46.250705][ T1156] ext4_writepages+0x150c/0x3750 [ 46.256441][ T1156] ? ext4_readpage+0x140/0x140 [ 46.261379][ T1156] do_writepages+0xda/0x1f0 [ 46.265907][ T1156] __filemap_fdatawrite_range+0x2a5/0x350 [ 46.271805][ T1156] collapse_file+0x2edc/0x39d0 [ 46.276730][ T1156] khugepaged_scan_mm_slot+0x6353/0x69a0 [ 46.282390][ T1156] ? __lock_acquire+0x116c/0x2c30 [ 46.287531][ T1156] ? lock_acquire+0x160/0x720 [ 46.293240][ T1156] ? khugepaged_do_scan+0x1ac/0x590 [ 46.298574][ T1156] khugepaged_do_scan+0x22f/0x590 [ 46.304533][ T1156] khugepaged+0xa5/0x7b0 [ 46.309646][ T1156] ? init_wait_entry+0xd0/0xd0 [ 46.314688][ T1156] kthread+0x37e/0x3a0 [ 46.318959][ T1156] ? start_stop_khugepaged+0x3b0/0x3b0 [ 46.324550][ T1156] ? kthread_blkcg+0xd0/0xd0 [ 46.329269][ T1156] ret_from_fork+0x1f/0x30 [ 46.483084][ T7] ================================================================== [ 46.491535][ T7] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x16f/0x1c0 [ 46.499424][ T7] Write of size 1 at addr ffff88809df371e4 by task kworker/u4:0/7 [ 46.507208][ T7] [ 46.509538][ T7] CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 5.8.0-rc1-syzkaller #0 [ 46.517833][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.527882][ T7] Workqueue: netns cleanup_net [ 46.532622][ T7] Call Trace: [ 46.536023][ T7] dump_stack+0x1f0/0x31e [ 46.540484][ T7] print_address_description+0x66/0x5a0 [ 46.546039][ T7] ? vprintk_emit+0x342/0x3c0 [ 46.550703][ T7] ? printk+0x62/0x83 [ 46.554672][ T7] ? vprintk_emit+0x339/0x3c0 [ 46.559378][ T7] kasan_report+0x132/0x1d0 [ 46.563894][ T7] ? afs_wake_up_async_call+0x16f/0x1c0 [ 46.569613][ T7] ? afs_make_call+0x24f0/0x24f0 [ 46.574671][ T7] afs_wake_up_async_call+0x16f/0x1c0 [ 46.580385][ T7] ? afs_make_call+0x24f0/0x24f0 [ 46.585326][ T7] rxrpc_notify_socket+0x1e7/0x4a0 [ 46.590529][ T7] rxrpc_call_completed+0x131/0x210 [ 46.595729][ T7] ? afs_rx_new_call+0x240/0x240 [ 46.600793][ T7] rxrpc_discard_prealloc+0x60d/0x710 [ 46.606158][ T7] rxrpc_listen+0x246/0x370 [ 46.610642][ T7] afs_close_socket+0x57/0x280 [ 46.615424][ T7] ? afs_purge_servers+0x21f/0x280 [ 46.620631][ T7] ? init_wait_var_entry+0x150/0x150 [ 46.626366][ T7] afs_net_exit+0x4f/0x90 [ 46.630697][ T7] cleanup_net+0x708/0xba0 [ 46.635752][ T7] process_one_work+0x789/0xfc0 [ 46.640969][ T7] worker_thread+0xaa4/0x1460 [ 46.646457][ T7] kthread+0x37e/0x3a0 [ 46.651355][ T7] ? rcu_lock_release+0x20/0x20 [ 46.656413][ T7] ? kthread_blkcg+0xd0/0xd0 [ 46.661253][ T7] ret_from_fork+0x1f/0x30 [ 46.665668][ T7] [ 46.667994][ T7] Allocated by task 6798: [ 46.672328][ T7] __kasan_kmalloc+0x103/0x140 [ 46.677070][ T7] kmem_cache_alloc_trace+0x234/0x300 [ 46.682560][ T7] afs_alloc_call+0x89/0x2f0 [ 46.689175][ T7] afs_charge_preallocation+0xf0/0x2a0 [ 46.694751][ T7] afs_open_socket+0x3c7/0x510 [ 46.701367][ T7] afs_net_init+0x772/0x940 [ 46.706061][ T7] ops_init+0x320/0x410 [ 46.710326][ T7] setup_net+0x1cb/0x770 [ 46.714748][ T7] copy_net_ns+0x339/0x540 [ 46.719162][ T7] create_new_namespaces+0x52e/0x9f0 [ 46.724554][ T7] unshare_nsproxy_namespaces+0x123/0x190 [ 46.730426][ T7] ksys_unshare+0x463/0x950 [ 46.734941][ T7] __x64_sys_unshare+0x34/0x40 [ 46.740234][ T7] do_syscall_64+0x73/0xe0 [ 46.745049][ T7] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 46.750962][ T7] [ 46.753711][ T7] Freed by task 7: [ 46.757794][ T7] __kasan_slab_free+0x114/0x170 [ 46.762844][ T7] kfree+0x10a/0x220 [ 46.766742][ T7] afs_put_call+0x30e/0x420 [ 46.771234][ T7] rxrpc_discard_prealloc+0x5e2/0x710 [ 46.776590][ T7] rxrpc_listen+0x246/0x370 [ 46.781080][ T7] afs_close_socket+0x57/0x280 [ 46.786446][ T7] afs_net_exit+0x4f/0x90 [ 46.790772][ T7] cleanup_net+0x708/0xba0 [ 46.795304][ T7] process_one_work+0x789/0xfc0 [ 46.800350][ T7] worker_thread+0xaa4/0x1460 [ 46.805219][ T7] kthread+0x37e/0x3a0 [ 46.809397][ T7] ret_from_fork+0x1f/0x30 [ 46.813816][ T7] [ 46.816311][ T7] The buggy address belongs to the object at ffff88809df37000 [ 46.816311][ T7] which belongs to the cache kmalloc-1k of size 1024 [ 46.830595][ T7] The buggy address is located 484 bytes inside of [ 46.830595][ T7] 1024-byte region [ffff88809df37000, ffff88809df37400) [ 46.844478][ T7] The buggy address belongs to the page: [ 46.850127][ T7] page:ffffea000277cdc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 46.859467][ T7] flags: 0xfffe0000000200(slab) [ 46.864323][ T7] raw: 00fffe0000000200 ffffea00026b6c48 ffffea00029f6508 ffff8880aa400c40 [ 46.872920][ T7] raw: 0000000000000000 ffff88809df37000 0000000100000002 0000000000000000 [ 46.881922][ T7] page dumped because: kasan: bad access detected [ 46.889728][ T7] [ 46.893838][ T7] Memory state around the buggy address: [ 46.899648][ T7] ffff88809df37080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.908585][ T7] ffff88809df37100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.917341][ T7] >ffff88809df37180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.926396][ T7] ^ [ 46.933732][ T7] ffff88809df37200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.941881][ T7] ffff88809df37280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.951253][ T7] ================================================================== [ 46.959957][ T7] Disabling lock debugging due to kernel taint [ 46.966350][ T7] Kernel panic - not syncing: panic_on_warn set ... [ 46.973091][ T7] CPU: 1 PID: 7 Comm: kworker/u4:0 Tainted: G B 5.8.0-rc1-syzkaller #0 [ 46.982712][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.993046][ T7] Workqueue: netns cleanup_net [ 46.998086][ T7] Call Trace: [ 47.001542][ T7] dump_stack+0x1f0/0x31e [ 47.006139][ T7] panic+0x264/0x7a0 [ 47.010544][ T7] ? trace_hardirqs_on+0x30/0x80 [ 47.015615][ T7] ? _raw_spin_unlock_irqrestore+0xa5/0xd0 [ 47.022494][ T7] kasan_report+0x1c9/0x1d0 [ 47.028073][ T7] ? afs_wake_up_async_call+0x16f/0x1c0 [ 47.034741][ T7] ? afs_make_call+0x24f0/0x24f0 [ 47.040594][ T7] afs_wake_up_async_call+0x16f/0x1c0 [ 47.046275][ T7] ? afs_make_call+0x24f0/0x24f0 [ 47.052217][ T7] rxrpc_notify_socket+0x1e7/0x4a0 [ 47.057331][ T7] rxrpc_call_completed+0x131/0x210 [ 47.062507][ T7] ? afs_rx_new_call+0x240/0x240 [ 47.067627][ T7] rxrpc_discard_prealloc+0x60d/0x710 [ 47.073020][ T7] rxrpc_listen+0x246/0x370 [ 47.077524][ T7] afs_close_socket+0x57/0x280 [ 47.082357][ T7] ? afs_purge_servers+0x21f/0x280 [ 47.087777][ T7] ? init_wait_var_entry+0x150/0x150 [ 47.093977][ T7] afs_net_exit+0x4f/0x90 [ 47.098545][ T7] cleanup_net+0x708/0xba0 [ 47.103521][ T7] process_one_work+0x789/0xfc0 [ 47.108463][ T7] worker_thread+0xaa4/0x1460 [ 47.113250][ T7] kthread+0x37e/0x3a0 [ 47.117599][ T7] ? rcu_lock_release+0x20/0x20 [ 47.122790][ T7] ? kthread_blkcg+0xd0/0xd0 [ 47.127661][ T7] ret_from_fork+0x1f/0x30 [ 47.133854][ T7] Kernel Offset: disabled [ 47.138205][ T7] Rebooting in 86400 seconds..