[ 50.131814][ T6723] RIP: 0033:0x7eff8c240687 [ 50.136227][ T6723] Code: Bad RIP value. [ 50.140296][ T6723] RSP: 002b:00007fff3fcf2218 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 50.148827][ T6723] RAX: ffffffffffffffda RBX: 000055bfe6084985 RCX: 00007eff8c240687 [ 50.156817][ T6723] RDX: 00007fff3fcf20e0 RSI: 00000000000001ed RDI: 000055bfe6084985 [ 50.164798][ T6723] RBP: 00007eff8c240680 R08: 0000000000000100 R09: 0000000000000000 [ 50.172964][ T6723] R10: 000055bfe6084980 R11: 0000000000000246 R12: 00000000000001ed [ 50.181230][ T6723] R13: 00007fff3fcf23a0 R14: 0000000000000000 R15: 0000000000000000 [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 55.998068][ T7] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:0/7 [ 56.007025][ T7] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 56.013263][ T7] CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 5.7.0-next-20200604-syzkaller #0 [ 56.022977][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.033039][ T7] Workqueue: writeback wb_workfn (flush-8:0) [ 56.039092][ T7] Call Trace: [ 56.042365][ T7] dump_stack+0x18f/0x20d [ 56.046694][ T7] check_preemption_disabled+0x20d/0x220 [ 56.052316][ T7] ext4_mb_new_blocks+0xa4d/0x3b70 [ 56.057425][ T7] ? ext4_find_extent+0x81a/0xad0 [ 56.062458][ T7] ? ext4_ext_search_right+0x2ca/0xb20 [ 56.067925][ T7] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 56.073737][ T7] ext4_ext_map_blocks+0x201b/0x33e0 [ 56.079010][ T7] ? ext4_ext_release+0x10/0x10 [ 56.083858][ T7] ? down_write_killable+0x170/0x170 [ 56.089936][ T7] ? ext4_es_lookup_extent+0x41d/0xd10 [ 56.095408][ T7] ext4_map_blocks+0x4cb/0x1640 [ 56.100244][ T7] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 56.105425][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 56.111063][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 56.117020][ T7] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 56.122485][ T7] ext4_writepages+0x1ab5/0x3400 [ 56.127424][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 56.133058][ T7] ? __lock_acquire+0x2224/0x48b0 [ 56.138070][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 56.144039][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 56.150024][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 56.155646][ T7] ? do_writepages+0xfa/0x2a0 [ 56.160319][ T7] do_writepages+0xfa/0x2a0 [ 56.164830][ T7] ? page_writeback_cpu_online+0x10/0x10 [ 56.170456][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 56.175977][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 56.181944][ T7] ? lock_downgrade+0x840/0x840 [ 56.186867][ T7] __writeback_single_inode+0x12a/0x13d0 [ 56.192652][ T7] ? _raw_spin_unlock+0x24/0x40 [ 56.197740][ T7] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 56.203716][ T7] writeback_sb_inodes+0x515/0xdc0 [ 56.208836][ T7] ? __writeback_single_inode+0x13d0/0x13d0 [ 56.214720][ T7] __writeback_inodes_wb+0xc3/0x250 [ 56.219905][ T7] wb_writeback+0x8db/0xd50 [ 56.226314][ T7] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 56.232631][ T7] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 56.238504][ T7] ? cpumask_next+0x3c/0x40 [ 56.242994][ T7] ? get_nr_dirty_inodes+0xd6/0x130 [ 56.248519][ T7] wb_workfn+0xab3/0x1090 [ 56.252839][ T7] ? inode_wait_for_writeback+0x30/0x30 [ 56.258460][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 56.263993][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 56.269993][ T7] process_one_work+0x965/0x1690 [ 56.274924][ T7] ? lock_release+0x800/0x800 [ 56.279576][ T7] ? pwq_dec_nr_in_flight+0x310/0x310 [ 56.284932][ T7] ? rwlock_bug.part.0+0x90/0x90 [ 56.289852][ T7] worker_thread+0x96/0xe10 [ 56.294336][ T7] ? process_one_work+0x1690/0x1690 [ 56.299511][ T7] kthread+0x3b5/0x4a0 [ 56.303566][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 56.309282][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 56.314989][ T7] ret_from_fork+0x1f/0x30 Warning: Permanently added '10.128.0.234' (ECDSA) to the list of known hosts. 2020/06/05 06:17:14 fuzzer started 2020/06/05 06:17:15 connecting to host at 10.128.0.26:43177 2020/06/05 06:17:15 checking machine... 2020/06/05 06:17:15 checking revisions... 2020/06/05 06:17:15 testing simple program... [ 59.096548][ T6799] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6799 [ 59.106321][ T6799] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 59.112406][ T6799] CPU: 0 PID: 6799 Comm: syz-fuzzer Not tainted 5.7.0-next-20200604-syzkaller #0 [ 59.122412][ T6799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.132537][ T6799] Call Trace: [ 59.135908][ T6799] dump_stack+0x18f/0x20d [ 59.140244][ T6799] check_preemption_disabled+0x20d/0x220 [ 59.145872][ T6799] ext4_mb_new_blocks+0xa4d/0x3b70 [ 59.150989][ T6799] ? ext4_ext_search_right+0x2ca/0xb20 [ 59.156443][ T6799] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 59.162297][ T6799] ext4_ext_map_blocks+0x201b/0x33e0 [ 59.167602][ T6799] ? ext4_ext_release+0x10/0x10 [ 59.172469][ T6799] ? down_write_killable+0x170/0x170 [ 59.177747][ T6799] ? ext4_es_lookup_extent+0x41d/0xd10 [ 59.183203][ T6799] ext4_map_blocks+0x4cb/0x1640 [ 59.188047][ T6799] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 59.193222][ T6799] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.198776][ T6799] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.204755][ T6799] ? prandom_u32_state+0xe/0x170 [ 59.209690][ T6799] ? __brelse+0x84/0xa0 [ 59.213837][ T6799] ? __ext4_new_inode+0x144/0x55e0 [ 59.218948][ T6799] ext4_getblk+0xad/0x520 [ 59.223452][ T6799] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 59.229173][ T6799] ? ext4_free_inode+0x1700/0x1700 [ 59.234373][ T6799] ext4_bread+0x7c/0x380 [ 59.238602][ T6799] ? ext4_getblk+0x520/0x520 [ 59.243193][ T6799] ? dquot_get_next_dqblk+0x180/0x180 [ 59.248574][ T6799] ext4_append+0x153/0x360 [ 59.252975][ T6799] ext4_mkdir+0x5e0/0xdf0 [ 59.257395][ T6799] ? ext4_rmdir+0xde0/0xde0 [ 59.261891][ T6799] ? security_inode_permission+0xc4/0xf0 [ 59.267610][ T6799] vfs_mkdir+0x419/0x690 [ 59.271855][ T6799] do_mkdirat+0x21e/0x280 [ 59.276583][ T6799] ? __ia32_sys_mknod+0xb0/0xb0 [ 59.281445][ T6799] ? do_syscall_64+0x1c/0xe0 [ 59.286038][ T6799] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.292033][ T6799] do_syscall_64+0x60/0xe0 [ 59.296453][ T6799] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.302334][ T6799] RIP: 0033:0x4b02a0 [ 59.306200][ T6799] Code: Bad RIP value. [ 59.310253][ T6799] RSP: 002b:000000c0000cf4b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 59.318823][ T6799] RAX: ffffffffffffffda RBX: 000000c00002e500 RCX: 00000000004b02a0 [ 59.326776][ T6799] RDX: 00000000000001c0 RSI: 000000c000026c40 RDI: ffffffffffffff9c [ 59.334729][ T6799] RBP: 000000c0000cf510 R08: 0000000000000000 R09: 0000000000000000 [ 59.342840][ T6799] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 59.350917][ T6799] R13: 0000000000000063 R14: 0000000000000062 R15: 0000000000000100 [ 59.367526][ T6811] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6811 [ 59.377086][ T6811] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 59.383084][ T6811] CPU: 0 PID: 6811 Comm: syz-executor.0 Not tainted 5.7.0-next-20200604-syzkaller #0 [ 59.392698][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.402746][ T6811] Call Trace: [ 59.406052][ T6811] dump_stack+0x18f/0x20d [ 59.410366][ T6811] check_preemption_disabled+0x20d/0x220 [ 59.416065][ T6811] ext4_mb_new_blocks+0xa4d/0x3b70 [ 59.421186][ T6811] ? ext4_ext_search_right+0x2ca/0xb20 [ 59.426620][ T6811] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 59.432416][ T6811] ext4_ext_map_blocks+0x201b/0x33e0 [ 59.437699][ T6811] ? ext4_ext_release+0x10/0x10 [ 59.443069][ T6811] ? down_write_killable+0x170/0x170 [ 59.448352][ T6811] ? ext4_es_lookup_extent+0x41d/0xd10 [ 59.453820][ T6811] ext4_map_blocks+0x4cb/0x1640 [ 59.458688][ T6811] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 59.463886][ T6811] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.469435][ T6811] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.475415][ T6811] ? prandom_u32_state+0xe/0x170 [ 59.480346][ T6811] ? __brelse+0x84/0xa0 [ 59.484482][ T6811] ? __ext4_new_inode+0x144/0x55e0 [ 59.489580][ T6811] ext4_getblk+0xad/0x520 [ 59.493894][ T6811] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 59.499604][ T6811] ? ext4_free_inode+0x1700/0x1700 [ 59.504704][ T6811] ext4_bread+0x7c/0x380 [ 59.508924][ T6811] ? ext4_getblk+0x520/0x520 [ 59.513501][ T6811] ? dquot_get_next_dqblk+0x180/0x180 [ 59.518855][ T6811] ext4_append+0x153/0x360 [ 59.524137][ T6811] ext4_mkdir+0x5e0/0xdf0 [ 59.528449][ T6811] ? ext4_rmdir+0xde0/0xde0 [ 59.532944][ T6811] ? security_inode_permission+0xc4/0xf0 [ 59.538578][ T6811] vfs_mkdir+0x419/0x690 [ 59.542804][ T6811] do_mkdirat+0x21e/0x280 [ 59.547124][ T6811] ? __ia32_sys_mknod+0xb0/0xb0 [ 59.551955][ T6811] ? do_syscall_64+0x1c/0xe0 [ 59.556760][ T6811] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.562787][ T6811] do_syscall_64+0x60/0xe0 [ 59.567191][ T6811] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.573061][ T6811] RIP: 0033:0x45bee7 [ 59.576938][ T6811] Code: Bad RIP value. [ 59.580986][ T6811] RSP: 002b:00007ffcc5052c38 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 59.589386][ T6811] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bee7 [ 59.597541][ T6811] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007ffcc5052e10 [ 59.605501][ T6811] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 00000000000032c0 [ 59.614178][ T6811] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 59.622132][ T6811] R13: 00007ffcc5052e10 R14: 8421084210842109 R15: 00007ffcc5052e1c [ 59.710698][ T6812] IPVS: ftp: loaded support on port[0] = 21 [ 59.746894][ T6812] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6812 [ 59.756354][ T6812] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 59.762240][ T6812] CPU: 1 PID: 6812 Comm: syz-executor.0 Not tainted 5.7.0-next-20200604-syzkaller #0 [ 59.771680][ T6812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.781834][ T6812] Call Trace: [ 59.785231][ T6812] dump_stack+0x18f/0x20d [ 59.789556][ T6812] check_preemption_disabled+0x20d/0x220 [ 59.795193][ T6812] ext4_mb_new_blocks+0xa4d/0x3b70 [ 59.800314][ T6812] ? ext4_ext_search_right+0x2ca/0xb20 [ 59.805775][ T6812] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 59.811485][ T6812] ext4_ext_map_blocks+0x201b/0x33e0 [ 59.816766][ T6812] ? ext4_ext_release+0x10/0x10 [ 59.821656][ T6812] ? down_write_killable+0x170/0x170 [ 59.827038][ T6812] ? ext4_es_lookup_extent+0x41d/0xd10 [ 59.832545][ T6812] ext4_map_blocks+0x4cb/0x1640 [ 59.837378][ T6812] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 59.842593][ T6812] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.848655][ T6812] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.854616][ T6812] ? prandom_u32_state+0xe/0x170 [ 59.859564][ T6812] ? __brelse+0x84/0xa0 [ 59.863768][ T6812] ? __ext4_new_inode+0x144/0x55e0 [ 59.868943][ T6812] ext4_getblk+0xad/0x520 [ 59.873271][ T6812] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 59.878997][ T6812] ? ext4_free_inode+0x1700/0x1700 [ 59.884091][ T6812] ext4_bread+0x7c/0x380 [ 59.888325][ T6812] ? ext4_getblk+0x520/0x520 [ 59.892894][ T6812] ? dquot_get_next_dqblk+0x180/0x180 [ 59.898265][ T6812] ext4_append+0x153/0x360 [ 59.903308][ T6812] ext4_mkdir+0x5e0/0xdf0 [ 59.907631][ T6812] ? ext4_rmdir+0xde0/0xde0 [ 59.912126][ T6812] ? security_inode_permission+0xc4/0xf0 [ 59.917759][ T6812] vfs_mkdir+0x419/0x690 [ 59.921980][ T6812] do_mkdirat+0x21e/0x280 [ 59.926299][ T6812] ? __ia32_sys_mknod+0xb0/0xb0 [ 59.931293][ T6812] ? do_syscall_64+0x1c/0xe0 [ 59.935884][ T6812] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 59.941854][ T6812] do_syscall_64+0x60/0xe0 [ 59.946354][ T6812] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.952228][ T6812] RIP: 0033:0x45bee7 [ 59.956110][ T6812] Code: Bad RIP value. [ 59.960149][ T6812] RSP: 002b:00007ffcc5052b28 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 59.968535][ T6812] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bee7 [ 59.976493][ T6812] RDX: 00007ffcc5052b73 RSI: 00000000000001ff RDI: 00007ffcc5052b70 [ 59.984439][ T6812] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 59.992568][ T6812] R10: 0000000000000064 R11: 0000000000000206 R12: 00000000004185d0 [ 60.000577][ T6812] R13: 00007ffcc5052b60 R14: 0000000000000000 R15: 00007ffcc5052b70 [ 60.052303][ T6812] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6812 [ 60.061825][ T6812] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 60.068030][ T6812] CPU: 1 PID: 6812 Comm: syz-executor.0 Not tainted 5.7.0-next-20200604-syzkaller #0 [ 60.077484][ T6812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.087550][ T6812] Call Trace: [ 60.090858][ T6812] dump_stack+0x18f/0x20d [ 60.095289][ T6812] check_preemption_disabled+0x20d/0x220 [ 60.101058][ T6812] ext4_mb_new_blocks+0xa4d/0x3b70 [ 60.106195][ T6812] ? ext4_ext_search_right+0x2ca/0xb20 [ 60.111662][ T6812] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 60.117399][ T6812] ext4_ext_map_blocks+0x201b/0x33e0 [ 60.123138][ T6812] ? ext4_ext_release+0x10/0x10 [ 60.128014][ T6812] ? down_write_killable+0x170/0x170 [ 60.133305][ T6812] ? ext4_es_lookup_extent+0x41d/0xd10 [ 60.138775][ T6812] ext4_map_blocks+0x4cb/0x1640 [ 60.143620][ T6812] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 60.148970][ T6812] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 60.154592][ T6812] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 60.160550][ T6812] ? prandom_u32_state+0xe/0x170 [ 60.165466][ T6812] ? __brelse+0x84/0xa0 [ 60.169600][ T6812] ? __ext4_new_inode+0x144/0x55e0 [ 60.174700][ T6812] ext4_getblk+0xad/0x520 [ 60.179094][ T6812] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 60.184789][ T6812] ? ext4_free_inode+0x1700/0x1700 [ 60.189915][ T6812] ext4_bread+0x7c/0x380 [ 60.194200][ T6812] ? ext4_getblk+0x520/0x520 [ 60.198780][ T6812] ? dquot_get_next_dqblk+0x180/0x180 [ 60.204400][ T6812] ext4_append+0x153/0x360 [ 60.208810][ T6812] ext4_mkdir+0x5e0/0xdf0 [ 60.213205][ T6812] ? ext4_rmdir+0xde0/0xde0 [ 60.217797][ T6812] ? security_inode_permission+0xc4/0xf0 [ 60.223457][ T6812] vfs_mkdir+0x419/0x690 [ 60.227714][ T6812] do_mkdirat+0x21e/0x280 [ 60.232037][ T6812] ? __ia32_sys_mknod+0xb0/0xb0 [ 60.236880][ T6812] ? do_syscall_64+0x1c/0xe0 [ 60.241463][ T6812] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 60.247428][ T6812] do_syscall_64+0x60/0xe0 [ 60.251842][ T6812] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 60.257730][ T6812] RIP: 0033:0x45bee7 [ 60.261609][ T6812] Code: Bad RIP value. [ 60.265662][ T6812] RSP: 002b:00007ffcc5052b28 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 60.274049][ T6812] RAX: ffffffffffffffda RBX: 000000000000ea96 RCX: 000000000045bee7 [ 60.281996][ T6812] RDX: 00007ffcc5052b73 RSI: 00000000000001ff RDI: 00007ffcc5052b70 [ 60.289959][ T6812] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 60.298012][ T6812] R10: 0000000000000064 R11: 0000000000000206 R12: 0000000000000003 [ 60.306087][ T6812] R13: 00007ffcc5052b60 R14: 000000000000ea86 R15: 00007ffcc5052b70 2020/06/05 06:17:16 building call list... [ 60.566237][ T375] tipc: TX() has been purged, node left! executing program [ 61.985090][ T6838] can: request_module (can-proto-0) failed. [ 62.602589][ T6838] can: request_module (can-proto-0) failed. [ 62.614314][ T6838] can: request_module (can-proto-0) failed.