Warning: Permanently added '10.128.1.37' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   61.803130][ T7157] ------------[ cut here ]------------
[   61.808783][ T7157] refcount_t: underflow; use-after-free.
[   61.815966][ T7157] WARNING: CPU: 1 PID: 7157 at lib/refcount.c:28 refcount_warn_saturate+0x1d1/0x1e0
[   61.825325][ T7157] Kernel panic - not syncing: panic_on_warn set ...
[   61.831891][ T7157] CPU: 1 PID: 7157 Comm: syz-executor500 Not tainted 5.6.0-rc7-syzkaller #0
[   61.840541][ T7157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   61.850574][ T7157] Call Trace:
[   61.853936][ T7157]  dump_stack+0x188/0x20d
[   61.858265][ T7157]  ? refcount_warn_saturate+0x1d0/0x1e0
[   61.863803][ T7157]  panic+0x2e3/0x75c
[   61.867726][ T7157]  ? add_taint.cold+0x16/0x16
[   61.872390][ T7157]  ? __probe_kernel_read+0x188/0x1d0
[   61.877658][ T7157]  ? __warn.cold+0x14/0x35
[   61.882594][ T7157]  ? __warn+0xd5/0x1c8
[   61.886661][ T7157]  ? refcount_warn_saturate+0x1d1/0x1e0
[   61.892246][ T7157]  __warn.cold+0x2f/0x35
[   61.896477][ T7157]  ? refcount_warn_saturate+0x1d1/0x1e0
[   61.902017][ T7157]  report_bug+0x27b/0x2f0
[   61.906343][ T7157]  do_error_trap+0x12b/0x220
[   61.910921][ T7157]  ? refcount_warn_saturate+0x1d1/0x1e0
[   61.916453][ T7157]  do_invalid_op+0x32/0x40
[   61.920857][ T7157]  ? refcount_warn_saturate+0x1d1/0x1e0
[   61.926401][ T7157]  invalid_op+0x23/0x30
[   61.930538][ T7157] RIP: 0010:refcount_warn_saturate+0x1d1/0x1e0
[   61.936720][ T7157] Code: e9 db fe ff ff 48 89 df e8 ac 69 1f fe e9 8a fe ff ff e8 32 a3 e2 fd 48 c7 c7 40 a8 51 88 c6 05 c4 a8 d1 06 01 e8 17 b4 b4 fd <0f> 0b e9 af fe ff ff 0f 1f 84 00 00 00 00 00 41 56 41 55 41 54 55
[   61.956316][ T7157] RSP: 0018:ffffc900015d7698 EFLAGS: 00010286
[   61.962363][ T7157] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   61.970319][ T7157] RDX: 0000000000000000 RSI: ffffffff815c06c1 RDI: fffff520002baec5
[   61.978271][ T7157] RBP: 0000000000000003 R08: ffff888094b8e600 R09: ffffed1015ce6659
[   61.986362][ T7157] R10: ffffed1015ce6658 R11: ffff8880ae7332c7 R12: 0000000000008100
[   61.994316][ T7157] R13: ffff88809f258a04 R14: ffff88808ec52540 R15: ffff88808ec52580
[   62.002303][ T7157]  ? vprintk_func+0x81/0x17e
[   62.006891][ T7157]  ? refcount_warn_saturate+0x1d1/0x1e0
[   62.012425][ T7157]  sock_wfree+0x1e3/0x240
[   62.016741][ T7157]  sctp_wfree+0x372/0x960
[   62.021050][ T7157]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   62.027283][ T7157]  ? __sctp_write_space+0x5c0/0x5c0
[   62.032459][ T7157]  skb_release_head_state+0xe2/0x250
[   62.037726][ T7157]  skb_release_all+0x11/0x60
[   62.042308][ T7157]  consume_skb+0xf3/0x400
[   62.046617][ T7157]  sctp_chunk_put+0x1c0/0x2d0
[   62.051278][ T7157]  __sctp_outq_teardown+0x715/0xc60
[   62.056474][ T7157]  sctp_association_free+0x212/0x7e0
[   62.061754][ T7157]  sctp_do_sm+0x3911/0x4ed0
[   62.066378][ T7157]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   62.072342][ T7157]  ? sctp_do_8_2_transport_strike.isra.0+0xa60/0xa60
[   62.079007][ T7157]  ? kmem_cache_alloc_node_trace+0x3a2/0x790
[   62.084998][ T7157]  ? sctp_chunkify+0x46/0x290
[   62.089697][ T7157]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   62.095222][ T7157]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   62.101196][ T7157]  ? __kasan_kmalloc.constprop.0+0xbf/0xd0
[   62.106978][ T7157]  ? kmem_cache_alloc+0x261/0x730
[   62.112005][ T7157]  ? sctp_addto_chunk+0x290/0x290
[   62.117019][ T7157]  ? skb_put+0x15d/0x1c0
[   62.121237][ T7157]  ? memcpy+0x35/0x50
[   62.125205][ T7157]  sctp_primitive_ABORT+0x9b/0xc0
[   62.130220][ T7157]  sctp_close+0x22e/0x8a0
[   62.134545][ T7157]  ? sctp_accept+0x6a0/0x6a0
[   62.139131][ T7157]  ? down_write+0xdb/0x150
[   62.143526][ T7157]  ? ip_mc_drop_socket+0x16/0x260
[   62.148532][ T7157]  ? __sock_release+0x280/0x280
[   62.153357][ T7157]  inet_release+0xe4/0x1f0
[   62.157754][ T7157]  __sock_release+0xcd/0x280
[   62.162321][ T7157]  sock_close+0x18/0x20
[   62.166455][ T7157]  __fput+0x2da/0x850
[   62.170419][ T7157]  task_work_run+0x13f/0x1b0
[   62.174993][ T7157]  do_exit+0xb34/0x2dd0
[   62.179135][ T7157]  ? mm_update_next_owner+0x7a0/0x7a0
[   62.184492][ T7157]  ? __sys_getsockopt+0x18d/0x2e0
[   62.189494][ T7157]  ? kernel_accept+0x360/0x360
[   62.194236][ T7157]  ? down_read_non_owner+0x470/0x470
[   62.199502][ T7157]  ? handle_mm_fault+0x491/0xa10
[   62.204418][ T7157]  do_group_exit+0x125/0x340
[   62.208987][ T7157]  __x64_sys_exit_group+0x3a/0x50
[   62.214001][ T7157]  do_syscall_64+0xf6/0x7d0
[   62.218506][ T7157]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   62.224375][ T7157] RIP: 0033:0x43ef98
[   62.228255][ T7157] Code: Bad RIP value.
[   62.232311][ T7157] RSP: 002b:00007ffd72f908c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   62.240738][ T7157] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ef98
[   62.248686][ T7157] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   62.256644][ T7157] RBP: 00000000004be7a8 R08: 00000000000000e7 R09: ffffffffffffffd0
[   62.264647][ T7157] R10: 000000002059aff8 R11: 0000000000000246 R12: 0000000000000001
[   62.272617][ T7157] R13: 00000000006d01a0 R14: 0000000000000000 R15: 0000000000000000
[   62.282540][ T7157] Kernel Offset: disabled
[   62.286920][ T7157] Rebooting in 86400 seconds..