Starting Load/Save RF Kill Switch Status... [ 55.463915][ T6736] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-rfkill/6736 [ 55.473540][ T6736] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 55.481364][ T6736] CPU: 0 PID: 6736 Comm: systemd-rfkill Not tainted 5.7.0-syzkaller #0 [ 55.489804][ T6736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.500070][ T6736] Call Trace: [ 55.503373][ T6736] dump_stack+0x18f/0x20d [ 55.507719][ T6736] check_preemption_disabled+0x20d/0x220 [ 55.513398][ T6736] ext4_mb_new_blocks+0xa4d/0x3b70 [ 55.518529][ T6736] ? ext4_ext_search_right+0x2ca/0xb20 [ 55.523972][ T6736] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 55.529679][ T6736] ext4_ext_map_blocks+0x201b/0x33e0 [ 55.534981][ T6736] ? ext4_ext_release+0x10/0x10 [ 55.540016][ T6736] ? down_write_killable+0x170/0x170 [ 55.545287][ T6736] ? ext4_es_lookup_extent+0x41d/0xd10 [ 55.551003][ T6736] ext4_map_blocks+0x4cb/0x1640 [ 55.555891][ T6736] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 55.561077][ T6736] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 55.568615][ T6736] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 55.574578][ T6736] ? prandom_u32_state+0xe/0x170 [ 55.579494][ T6736] ? __brelse+0x84/0xa0 [ 55.583632][ T6736] ? __ext4_new_inode+0x144/0x55e0 [ 55.588891][ T6736] ext4_getblk+0xad/0x520 [ 55.593221][ T6736] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 55.598939][ T6736] ? ext4_free_inode+0x1700/0x1700 [ 55.604050][ T6736] ext4_bread+0x7c/0x380 [ 55.608445][ T6736] ? ext4_getblk+0x520/0x520 [ 55.613131][ T6736] ? dquot_get_next_dqblk+0x180/0x180 [ 55.618497][ T6736] ext4_append+0x153/0x360 [ 55.622961][ T6736] ext4_mkdir+0x5e0/0xdf0 [ 55.627321][ T6736] ? ext4_rmdir+0xde0/0xde0 [ 55.631846][ T6736] ? security_inode_permission+0xc4/0xf0 [ 55.637510][ T6736] vfs_mkdir+0x419/0x690 [ 55.641794][ T6736] do_mkdirat+0x21e/0x280 [ 55.646230][ T6736] ? __ia32_sys_mknod+0xb0/0xb0 [ 55.651070][ T6736] ? do_syscall_64+0x1c/0xe0 [ 55.655649][ T6736] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 55.661732][ T6736] do_syscall_64+0x60/0xe0 [ 55.666131][ T6736] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 55.672025][ T6736] RIP: 0033:0x7f7ebcfc4687 [ 55.676556][ T6736] Code: Bad RIP value. [ 55.681126][ T6736] RSP: 002b:00007ffd0137e298 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 55.689781][ T6736] RAX: ffffffffffffffda RBX: 000055b2f8b42985 RCX: 00007f7ebcfc4687 [ 55.698894][ T6736] RDX: 00007ffd0137e160 RSI: 00000000000001ed RDI: 000055b2f8b42985 [ 55.707409][ T6736] RBP: 00007f7ebcfc4680 R08: 0000000000000100 R09: 0000000000000000 [ 55.719556][ T6736] R10: 000055b2f8b42980 R11: 0000000000000246 R12: 00000000000001ed [ 55.741764][ T6736] R13: 00007ffd0137e420 R14: 0000000000000000 R15: 0000000000000000 Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 57.393885][ T4596] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:10/4596 [ 57.403293][ T4596] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 57.409386][ T4596] CPU: 0 PID: 4596 Comm: kworker/u4:10 Not tainted 5.7.0-syzkaller #0 [ 57.417540][ T4596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.427589][ T4596] Workqueue: writeback wb_workfn (flush-8:0) [ 57.433544][ T4596] Call Trace: [ 57.436833][ T4596] dump_stack+0x18f/0x20d [ 57.441144][ T4596] check_preemption_disabled+0x20d/0x220 [ 57.446756][ T4596] ext4_mb_new_blocks+0xa4d/0x3b70 [ 57.451858][ T4596] ? ext4_find_extent+0x81a/0xad0 [ 57.456878][ T4596] ? ext4_ext_search_right+0x2ca/0xb20 [ 57.462321][ T4596] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 57.468027][ T4596] ext4_ext_map_blocks+0x201b/0x33e0 [ 57.473295][ T4596] ? ext4_ext_release+0x10/0x10 [ 57.478167][ T4596] ? down_write_killable+0x170/0x170 [ 57.483433][ T4596] ? ext4_es_lookup_extent+0x41d/0xd10 [ 57.488892][ T4596] ext4_map_blocks+0x4cb/0x1640 [ 57.493737][ T4596] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 57.498925][ T4596] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 57.504448][ T4596] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 57.510404][ T4596] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 57.515843][ T4596] ext4_writepages+0x1a7b/0x33c0 [ 57.520770][ T4596] ? __ext4_mark_inode_dirty+0x940/0x940 [ 57.526379][ T4596] ? __lock_acquire+0x2224/0x48b0 [ 57.531399][ T4596] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 57.537359][ T4596] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 57.543333][ T4596] ? __ext4_mark_inode_dirty+0x940/0x940 [ 57.548952][ T4596] ? do_writepages+0xfa/0x2a0 [ 57.553605][ T4596] do_writepages+0xfa/0x2a0 [ 57.558103][ T4596] ? page_writeback_cpu_online+0x10/0x10 [ 57.563817][ T4596] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 57.569436][ T4596] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 57.575407][ T4596] ? lock_downgrade+0x840/0x840 [ 57.580237][ T4596] __writeback_single_inode+0x12a/0x13d0 [ 57.585862][ T4596] ? _raw_spin_unlock+0x24/0x40 [ 57.590700][ T4596] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 57.596658][ T4596] writeback_sb_inodes+0x515/0xdc0 [ 57.601755][ T4596] ? __writeback_single_inode+0x13d0/0x13d0 [ 57.607638][ T4596] __writeback_inodes_wb+0xc3/0x250 [ 57.612940][ T4596] wb_writeback+0x8db/0xd50 [ 57.617460][ T4596] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 57.623789][ T4596] ? _find_next_bit.constprop.0+0x1a3/0x200 [ 57.629689][ T4596] ? cpumask_next+0x3c/0x40 [ 57.634176][ T4596] ? get_nr_dirty_inodes+0xd6/0x130 [ 57.639358][ T4596] wb_workfn+0xab3/0x1090 [ 57.643696][ T4596] ? inode_wait_for_writeback+0x30/0x30 [ 57.649232][ T4596] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 57.654760][ T4596] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 57.660810][ T4596] process_one_work+0x965/0x1690 [ 57.665784][ T4596] ? lock_release+0x800/0x800 [ 57.671102][ T4596] ? pwq_dec_nr_in_flight+0x310/0x310 [ 57.676562][ T4596] ? rwlock_bug.part.0+0x90/0x90 [ 57.681515][ T4596] worker_thread+0x96/0xe10 [ 57.686025][ T4596] ? process_one_work+0x1690/0x1690 [ 57.691205][ T4596] kthread+0x3b5/0x4a0 [ 57.695425][ T4596] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 57.701139][ T4596] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 57.706945][ T4596] ret_from_fork+0x1f/0x30 Warning: Permanently added '10.128.1.39' (ECDSA) to the list of known hosts. 2020/06/15 19:25:43 fuzzer started 2020/06/15 19:25:44 connecting to host at 10.128.0.26:34821 2020/06/15 19:25:44 checking machine... 2020/06/15 19:25:44 checking revisions... 2020/06/15 19:25:44 testing simple program... [ 61.303612][ T6797] BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6797 [ 61.312909][ T6797] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 61.321584][ T6797] CPU: 1 PID: 6797 Comm: syz-fuzzer Not tainted 5.7.0-syzkaller #0 [ 61.330473][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.341608][ T6797] Call Trace: [ 61.345096][ T6797] dump_stack+0x18f/0x20d [ 61.349735][ T6797] check_preemption_disabled+0x20d/0x220 [ 61.355400][ T6797] ext4_mb_new_blocks+0xa4d/0x3b70 [ 61.360515][ T6797] ? ext4_ext_search_right+0x2ca/0xb20 [ 61.366056][ T6797] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 61.371848][ T6797] ext4_ext_map_blocks+0x201b/0x33e0 [ 61.377658][ T6797] ? ext4_ext_release+0x10/0x10 [ 61.382502][ T6797] ? down_write_killable+0x170/0x170 [ 61.387790][ T6797] ? ext4_es_lookup_extent+0x41d/0xd10 [ 61.393522][ T6797] ext4_map_blocks+0x4cb/0x1640 [ 61.398566][ T6797] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 61.404441][ T6797] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.410166][ T6797] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.417833][ T6797] ? prandom_u32_state+0xe/0x170 [ 61.424615][ T6797] ? __brelse+0x84/0xa0 [ 61.433861][ T6797] ? __ext4_new_inode+0x144/0x55e0 [ 61.439242][ T6797] ext4_getblk+0xad/0x520 [ 61.444906][ T6797] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 61.451061][ T6797] ? ext4_free_inode+0x1700/0x1700 [ 61.456836][ T6797] ext4_bread+0x7c/0x380 [ 61.461424][ T6797] ? ext4_getblk+0x520/0x520 [ 61.466643][ T6797] ? dquot_get_next_dqblk+0x180/0x180 [ 61.472200][ T6797] ext4_append+0x153/0x360 [ 61.476619][ T6797] ext4_mkdir+0x5e0/0xdf0 [ 61.481109][ T6797] ? ext4_rmdir+0xde0/0xde0 [ 61.485603][ T6797] ? security_inode_permission+0xc4/0xf0 [ 61.491241][ T6797] vfs_mkdir+0x419/0x690 [ 61.495469][ T6797] do_mkdirat+0x21e/0x280 [ 61.499779][ T6797] ? __ia32_sys_mknod+0xb0/0xb0 [ 61.504617][ T6797] ? do_syscall_64+0x1c/0xe0 [ 61.509208][ T6797] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 61.515177][ T6797] do_syscall_64+0x60/0xe0 [ 61.519584][ T6797] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.525477][ T6797] RIP: 0033:0x4b02a0 [ 61.529348][ T6797] Code: Bad RIP value. [ 61.533399][ T6797] RSP: 002b:000000c00004f4b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000102 [ 61.541811][ T6797] RAX: ffffffffffffffda RBX: 000000c00002e500 RCX: 00000000004b02a0 [ 61.549801][ T6797] RDX: 00000000000001c0 RSI: 000000c00049a7c0 RDI: ffffffffffffff9c [ 61.557761][ T6797] RBP: 000000c00004f510 R08: 0000000000000000 R09: 0000000000000000 [ 61.565714][ T6797] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 61.573760][ T6797] R13: 000000000000003f R14: 000000000000003e R15: 0000000000000100 [ 61.609558][ T6810] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6810 [ 61.619410][ T6810] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 61.625419][ T6810] CPU: 1 PID: 6810 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 61.633654][ T6810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.643711][ T6810] Call Trace: [ 61.646994][ T6810] dump_stack+0x18f/0x20d [ 61.651320][ T6810] check_preemption_disabled+0x20d/0x220 [ 61.656942][ T6810] ext4_mb_new_blocks+0xa4d/0x3b70 [ 61.662049][ T6810] ? ext4_ext_search_right+0x2ca/0xb20 [ 61.667493][ T6810] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 61.673228][ T6810] ext4_ext_map_blocks+0x201b/0x33e0 [ 61.678525][ T6810] ? ext4_ext_release+0x10/0x10 [ 61.683444][ T6810] ? lock_is_held_type+0x265/0x360 [ 61.688541][ T6810] ? down_write_killable+0x170/0x170 [ 61.693815][ T6810] ? ext4_es_lookup_extent+0x41d/0xd10 [ 61.699265][ T6810] ext4_map_blocks+0x4cb/0x1640 [ 61.704106][ T6810] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 61.709280][ T6810] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 61.714804][ T6810] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 61.720759][ T6810] ? prandom_u32_state+0xe/0x170 [ 61.725679][ T6810] ? __brelse+0x84/0xa0 [ 61.729830][ T6810] ? __ext4_new_inode+0x144/0x55e0 [ 61.734939][ T6810] ext4_getblk+0xad/0x520 [ 61.739269][ T6810] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 61.745060][ T6810] ? ext4_free_inode+0x1700/0x1700 [ 61.750154][ T6810] ext4_bread+0x7c/0x380 [ 61.754377][ T6810] ? ext4_getblk+0x520/0x520 [ 61.759404][ T6810] ? dquot_get_next_dqblk+0x180/0x180 [ 61.764863][ T6810] ext4_append+0x153/0x360 [ 61.769295][ T6810] ext4_mkdir+0x5e0/0xdf0 [ 61.773727][ T6810] ? ext4_rmdir+0xde0/0xde0 [ 61.778224][ T6810] ? security_inode_permission+0xc4/0xf0 [ 61.783879][ T6810] vfs_mkdir+0x419/0x690 [ 61.788256][ T6810] do_mkdirat+0x21e/0x280 [ 61.792611][ T6810] ? __ia32_sys_mknod+0xb0/0xb0 [ 61.797475][ T6810] ? do_syscall_64+0x1c/0xe0 [ 61.802066][ T6810] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 61.808051][ T6810] do_syscall_64+0x60/0xe0 [ 61.812475][ T6810] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.818491][ T6810] RIP: 0033:0x45bed7 [ 61.822368][ T6810] Code: Bad RIP value. [ 61.826425][ T6810] RSP: 002b:00007fff04bb7568 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 61.834824][ T6810] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 000000000045bed7 [ 61.842790][ T6810] RDX: 0000000000000003 RSI: 00000000000001c0 RDI: 00007fff04bb7740 [ 61.850756][ T6810] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000003600 [ 61.858709][ T6810] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 61.866669][ T6810] R13: 00007fff04bb7740 R14: 8421084210842109 R15: 00007fff04bb774c [ 61.966720][ T6811] IPVS: ftp: loaded support on port[0] = 21 [ 62.006596][ T6811] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6811 [ 62.016105][ T6811] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.022000][ T6811] CPU: 0 PID: 6811 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 62.030301][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.040362][ T6811] Call Trace: [ 62.043651][ T6811] dump_stack+0x18f/0x20d [ 62.047981][ T6811] check_preemption_disabled+0x20d/0x220 [ 62.053622][ T6811] ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.058722][ T6811] ? ext4_ext_search_right+0x2ca/0xb20 [ 62.064164][ T6811] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 62.069871][ T6811] ext4_ext_map_blocks+0x201b/0x33e0 [ 62.075181][ T6811] ? ext4_ext_release+0x10/0x10 [ 62.080031][ T6811] ? down_write_killable+0x170/0x170 [ 62.085298][ T6811] ? ext4_es_lookup_extent+0x41d/0xd10 [ 62.090747][ T6811] ext4_map_blocks+0x4cb/0x1640 [ 62.095613][ T6811] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 62.100802][ T6811] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 62.106548][ T6811] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 62.112676][ T6811] ? prandom_u32_state+0xe/0x170 [ 62.117616][ T6811] ? __brelse+0x84/0xa0 [ 62.121767][ T6811] ? __ext4_new_inode+0x144/0x55e0 [ 62.126907][ T6811] ext4_getblk+0xad/0x520 [ 62.131233][ T6811] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 62.136944][ T6811] ? ext4_free_inode+0x1700/0x1700 [ 62.142044][ T6811] ext4_bread+0x7c/0x380 [ 62.146272][ T6811] ? ext4_getblk+0x520/0x520 [ 62.150841][ T6811] ? dquot_get_next_dqblk+0x180/0x180 [ 62.156220][ T6811] ext4_append+0x153/0x360 [ 62.160630][ T6811] ext4_mkdir+0x5e0/0xdf0 [ 62.164954][ T6811] ? ext4_rmdir+0xde0/0xde0 [ 62.169586][ T6811] ? security_inode_permission+0xc4/0xf0 [ 62.175288][ T6811] vfs_mkdir+0x419/0x690 [ 62.179559][ T6811] do_mkdirat+0x21e/0x280 [ 62.183872][ T6811] ? __ia32_sys_mknod+0xb0/0xb0 [ 62.188703][ T6811] ? do_syscall_64+0x1c/0xe0 [ 62.193275][ T6811] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 62.199236][ T6811] do_syscall_64+0x60/0xe0 [ 62.203645][ T6811] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 62.209541][ T6811] RIP: 0033:0x45bed7 [ 62.213535][ T6811] Code: Bad RIP value. [ 62.217602][ T6811] RSP: 002b:00007fff04bb7458 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 62.226150][ T6811] RAX: ffffffffffffffda RBX: 000000000078c988 RCX: 000000000045bed7 [ 62.234128][ T6811] RDX: 00007fff04bb74a3 RSI: 00000000000001ff RDI: 00007fff04bb74a0 [ 62.242084][ T6811] RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000003 [ 62.250057][ T6811] R10: 0000000000000064 R11: 0000000000000202 R12: 00000000004185c0 [ 62.258143][ T6811] R13: 00007fff04bb7490 R14: 0000000000000000 R15: 00007fff04bb74a0 [ 62.309838][ T6811] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/6811 [ 62.319473][ T6811] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.325471][ T6811] CPU: 0 PID: 6811 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0 [ 62.333715][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.343769][ T6811] Call Trace: [ 62.347067][ T6811] dump_stack+0x18f/0x20d [ 62.351413][ T6811] check_preemption_disabled+0x20d/0x220 [ 62.357052][ T6811] ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.362891][ T6811] ? ext4_ext_search_right+0x2ca/0xb20 [ 62.368363][ T6811] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 62.374107][ T6811] ext4_ext_map_blocks+0x201b/0x33e0 [ 62.379412][ T6811] ? ext4_ext_release+0x10/0x10 [ 62.384548][ T6811] ? down_write_killable+0x170/0x170 [ 62.390363][ T6811] ? ext4_es_lookup_extent+0x41d/0xd10 [ 62.395837][ T6811] ext4_map_blocks+0x4cb/0x1640 [ 62.400722][ T6811] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 62.405949][ T6811] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 62.411497][ T6811] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 62.417509][ T6811] ? prandom_u32_state+0xe/0x170 [ 62.422455][ T6811] ? __brelse+0x84/0xa0 [ 62.426620][ T6811] ? __ext4_new_inode+0x144/0x55e0 [ 62.431735][ T6811] ext4_getblk+0xad/0x520 [ 62.436081][ T6811] ? ext4_iomap_overwrite_begin+0xa0/0xa0 [ 62.441817][ T6811] ? ext4_free_inode+0x1700/0x1700 [ 62.446929][ T6811] ext4_bread+0x7c/0x380 [ 62.451159][ T6811] ? ext4_getblk+0x520/0x520 [ 62.456529][ T6811] ? dquot_get_next_dqblk+0x180/0x180 [ 62.461903][ T6811] ext4_append+0x153/0x360 [ 62.466452][ T6811] ext4_mkdir+0x5e0/0xdf0 [ 62.470777][ T6811] ? ext4_rmdir+0xde0/0xde0 [ 62.475278][ T6811] ? security_inode_permission+0xc4/0xf0 [ 62.480918][ T6811] vfs_mkdir+0x419/0x690 [ 62.485163][ T6811] do_mkdirat+0x21e/0x280 [ 62.489493][ T6811] ? __ia32_sys_mknod+0xb0/0xb0 [ 62.494331][ T6811] ? do_syscall_64+0x1c/0xe0 [ 62.498910][ T6811] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 62.504872][ T6811] do_syscall_64+0x60/0xe0 [ 62.509510][ T6811] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 62.515489][ T6811] RIP: 0033:0x45bed7 [ 62.518378][ T1157] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1157 [ 62.519372][ T6811] Code: Bad RIP value. [ 62.519380][ T6811] RSP: 002b:00007fff04bb7458 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 62.519400][ T6811] RAX: ffffffffffffffda RBX: 000000000000f360 RCX: 000000000045bed7 [ 62.528581][ T1157] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.532538][ T6811] RDX: 00007fff04bb74a3 RSI: 00000000000001ff RDI: 00007fff04bb74a0 [ 62.532546][ T6811] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000003 [ 62.532553][ T6811] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000003 [ 62.532560][ T6811] R13: 00007fff04bb7490 R14: 000000000000f35b R15: 00007fff04bb74a0 [ 62.588348][ T1157] CPU: 1 PID: 1157 Comm: khugepaged Not tainted 5.7.0-syzkaller #0 [ 62.596279][ T1157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.607015][ T1157] Call Trace: [ 62.610298][ T1157] dump_stack+0x18f/0x20d [ 62.614635][ T1157] check_preemption_disabled+0x20d/0x220 [ 62.620252][ T1157] ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.625351][ T1157] ? ext4_find_extent+0x81a/0xad0 [ 62.630370][ T1157] ? ext4_ext_search_right+0x2ca/0xb20 [ 62.635809][ T1157] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 62.641515][ T1157] ext4_ext_map_blocks+0x201b/0x33e0 [ 62.646786][ T1157] ? ext4_ext_release+0x10/0x10 [ 62.651638][ T1157] ? down_write_killable+0x170/0x170 [ 62.656906][ T1157] ? ext4_es_lookup_extent+0x41d/0xd10 [ 62.662349][ T1157] ext4_map_blocks+0x4cb/0x1640 [ 62.667198][ T1157] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 62.672384][ T1157] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 62.677919][ T1157] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 62.683906][ T1157] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 62.690564][ T1157] ext4_writepages+0x1a7b/0x33c0 [ 62.695499][ T1157] ? lock_release+0x7c0/0x800 [ 62.700167][ T1157] ? __ext4_mark_inode_dirty+0x940/0x940 [ 62.705820][ T1157] ? __ext4_mark_inode_dirty+0x940/0x940 [ 62.711435][ T1157] ? do_writepages+0xfa/0x2a0 [ 62.716091][ T1157] do_writepages+0xfa/0x2a0 [ 62.720600][ T1157] ? page_writeback_cpu_online+0x10/0x10 [ 62.726237][ T1157] ? do_raw_spin_lock+0x120/0x2d0 [ 62.731241][ T1157] ? do_raw_spin_unlock+0x171/0x260 [ 62.736421][ T1157] ? _raw_spin_unlock+0x24/0x40 [ 62.741259][ T1157] __filemap_fdatawrite_range+0x2aa/0x390 [ 62.746970][ T1157] ? collapse_file+0x35a2/0x4330 [ 62.751897][ T1157] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 62.758038][ T1157] ? _raw_spin_unlock_irq+0x1f/0x80 [ 62.763222][ T1157] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 62.769360][ T1157] collapse_file+0x35ac/0x4330 [ 62.774129][ T1157] ? collapse_huge_page+0x4350/0x4350 [ 62.779481][ T1157] ? khugepaged+0x2506/0x3fc0 [ 62.784145][ T1157] ? xas_find+0x31a/0x880 [ 62.788459][ T1157] ? check_preemption_disabled+0x38/0x220 [ 62.794161][ T1157] khugepaged+0x3041/0x3fc0 [ 62.798923][ T1157] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 62.804539][ T1157] ? lock_downgrade+0x840/0x840 [ 62.809374][ T1157] ? finish_wait+0x260/0x260 [ 62.813954][ T1157] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 62.819747][ T1157] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 62.825718][ T1157] ? __kthread_parkme+0x13f/0x1e0 [ 62.830723][ T1157] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 62.836337][ T1157] kthread+0x3b5/0x4a0 [ 62.840386][ T1157] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.846092][ T1157] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 62.851831][ T1157] ret_from_fork+0x1f/0x30 2020/06/15 19:25:46 building call list... [ 62.865888][ T7] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:0/7 [ 62.875334][ T7] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.881287][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.7.0-syzkaller #0 [ 62.889168][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.899278][ T7] Workqueue: writeback wb_workfn (flush-8:0) [ 62.906227][ T7] Call Trace: [ 62.909603][ T7] dump_stack+0x18f/0x20d [ 62.913965][ T7] check_preemption_disabled+0x20d/0x220 [ 62.919624][ T7] ext4_mb_new_blocks+0xa4d/0x3b70 [ 62.924855][ T7] ? ext4_find_extent+0x81a/0xad0 [ 62.929996][ T7] ? ext4_ext_search_right+0x2ca/0xb20 [ 62.935494][ T7] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 62.941382][ T7] ext4_ext_map_blocks+0x201b/0x33e0 [ 62.946743][ T7] ? ext4_ext_release+0x10/0x10 [ 62.951689][ T7] ? down_write_killable+0x170/0x170 [ 62.957225][ T7] ? ext4_es_lookup_extent+0x41d/0xd10 [ 62.962779][ T7] ext4_map_blocks+0x4cb/0x1640 [ 62.967706][ T7] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 62.973067][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 62.978642][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 62.984638][ T7] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 62.990196][ T7] ext4_writepages+0x1a7b/0x33c0 [ 62.995169][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.000836][ T7] ? __lock_acquire+0x2224/0x48b0 [ 63.005887][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.011870][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.017855][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.023585][ T7] ? do_writepages+0xfa/0x2a0 [ 63.028280][ T7] do_writepages+0xfa/0x2a0 [ 63.032802][ T7] ? page_writeback_cpu_online+0x10/0x10 [ 63.038470][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.044034][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.050028][ T7] ? lock_downgrade+0x840/0x840 [ 63.054923][ T7] __writeback_single_inode+0x12a/0x13d0 [ 63.060570][ T7] ? _raw_spin_unlock+0x24/0x40 [ 63.065430][ T7] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 63.071420][ T7] writeback_sb_inodes+0x515/0xdc0 [ 63.076547][ T7] ? __writeback_single_inode+0x13d0/0x13d0 [ 63.082469][ T7] __writeback_inodes_wb+0xc3/0x250 [ 63.087710][ T7] wb_writeback+0x8db/0xd50 [ 63.092270][ T7] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 63.098620][ T7] ? cpumask_next+0x3c/0x40 [ 63.103134][ T7] ? get_nr_dirty_inodes+0xd6/0x130 [ 63.108340][ T7] wb_workfn+0x9bc/0x1090 [ 63.112679][ T7] ? inode_wait_for_writeback+0x30/0x30 [ 63.118230][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.123793][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.129778][ T7] process_one_work+0x965/0x1690 [ 63.134736][ T7] ? lock_release+0x800/0x800 [ 63.139446][ T7] ? pwq_dec_nr_in_flight+0x310/0x310 [ 63.144836][ T7] ? rwlock_bug.part.0+0x90/0x90 [ 63.149804][ T7] worker_thread+0x96/0xe10 [ 63.154368][ T7] ? process_one_work+0x1690/0x1690 [ 63.159588][ T7] kthread+0x3b5/0x4a0 [ 63.163655][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.169374][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.175226][ T7] ret_from_fork+0x1f/0x30 [ 63.183814][ T7] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:0/7 [ 63.193171][ T7] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.199082][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.7.0-syzkaller #0 [ 63.206913][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.217713][ T7] Workqueue: writeback wb_workfn (flush-8:0) [ 63.223700][ T7] Call Trace: [ 63.226997][ T7] dump_stack+0x18f/0x20d [ 63.231335][ T7] check_preemption_disabled+0x20d/0x220 [ 63.236968][ T7] ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.242087][ T7] ? ext4_find_extent+0x81a/0xad0 [ 63.247210][ T7] ? ext4_ext_search_right+0x2ca/0xb20 [ 63.252672][ T7] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 63.258406][ T7] ext4_ext_map_blocks+0x201b/0x33e0 [ 63.263708][ T7] ? ext4_ext_release+0x10/0x10 [ 63.268579][ T7] ? down_write_killable+0x170/0x170 [ 63.273864][ T7] ? ext4_es_lookup_extent+0x41d/0xd10 [ 63.279341][ T7] ext4_map_blocks+0x4cb/0x1640 [ 63.284203][ T7] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 63.289410][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.294975][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.300973][ T7] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 63.306444][ T7] ext4_writepages+0x1a7b/0x33c0 [ 63.311412][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.317156][ T7] ? __lock_acquire+0x2224/0x48b0 [ 63.322198][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.328271][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.334283][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.339933][ T7] ? do_writepages+0xfa/0x2a0 [ 63.344695][ T7] do_writepages+0xfa/0x2a0 [ 63.349207][ T7] ? page_writeback_cpu_online+0x10/0x10 [ 63.354870][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.360413][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.366394][ T7] ? lock_downgrade+0x840/0x840 [ 63.371258][ T7] __writeback_single_inode+0x12a/0x13d0 [ 63.376889][ T7] ? _raw_spin_unlock+0x24/0x40 [ 63.381740][ T7] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 63.387758][ T7] writeback_sb_inodes+0x515/0xdc0 [ 63.393017][ T7] ? __writeback_single_inode+0x13d0/0x13d0 [ 63.398954][ T7] __writeback_inodes_wb+0xc3/0x250 [ 63.404199][ T7] wb_writeback+0x8db/0xd50 [ 63.408730][ T7] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 63.415157][ T7] ? cpumask_next+0x3c/0x40 [ 63.419661][ T7] ? get_nr_dirty_inodes+0xd6/0x130 [ 63.424884][ T7] wb_workfn+0x9bc/0x1090 [ 63.429484][ T7] ? inode_wait_for_writeback+0x30/0x30 [ 63.435037][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.440580][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.446584][ T7] process_one_work+0x965/0x1690 [ 63.451544][ T7] ? lock_release+0x800/0x800 [ 63.456223][ T7] ? pwq_dec_nr_in_flight+0x310/0x310 [ 63.461595][ T7] ? rwlock_bug.part.0+0x90/0x90 [ 63.466566][ T7] worker_thread+0x96/0xe10 [ 63.471088][ T7] ? process_one_work+0x1690/0x1690 [ 63.476288][ T7] kthread+0x3b5/0x4a0 [ 63.480356][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.486244][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.491966][ T7] ret_from_fork+0x1f/0x30 [ 63.512430][ T7] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:0/7 [ 63.521429][ T7] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.527405][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.7.0-syzkaller #0 [ 63.535208][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.545454][ T7] Workqueue: writeback wb_workfn (flush-8:0) [ 63.551520][ T7] Call Trace: [ 63.554814][ T7] dump_stack+0x18f/0x20d [ 63.559172][ T7] check_preemption_disabled+0x20d/0x220 [ 63.564804][ T7] ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.569926][ T7] ? ext4_find_extent+0x81a/0xad0 [ 63.574958][ T7] ? ext4_ext_search_right+0x2ca/0xb20 [ 63.580420][ T7] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 63.586146][ T7] ext4_ext_map_blocks+0x201b/0x33e0 [ 63.591450][ T7] ? ext4_ext_release+0x10/0x10 [ 63.596317][ T7] ? down_write_killable+0x170/0x170 [ 63.601597][ T7] ? ext4_es_lookup_extent+0x41d/0xd10 [ 63.607078][ T7] ext4_map_blocks+0x4cb/0x1640 [ 63.611945][ T7] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 63.617152][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.622701][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.628685][ T7] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 63.634154][ T7] ext4_writepages+0x1a7b/0x33c0 [ 63.639124][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.644776][ T7] ? __lock_acquire+0x2224/0x48b0 [ 63.649832][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.655834][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.661820][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.667538][ T7] ? do_writepages+0xfa/0x2a0 [ 63.672212][ T7] do_writepages+0xfa/0x2a0 [ 63.676748][ T7] ? page_writeback_cpu_online+0x10/0x10 [ 63.682406][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.687968][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.693973][ T7] ? lock_downgrade+0x840/0x840 [ 63.698831][ T7] __writeback_single_inode+0x12a/0x13d0 [ 63.704471][ T7] ? _raw_spin_unlock+0x24/0x40 [ 63.709347][ T7] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 63.715417][ T7] writeback_sb_inodes+0x515/0xdc0 [ 63.720561][ T7] ? __writeback_single_inode+0x13d0/0x13d0 [ 63.726479][ T7] __writeback_inodes_wb+0xc3/0x250 [ 63.731697][ T7] wb_writeback+0x8db/0xd50 [ 63.736238][ T7] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 63.742590][ T7] ? cpumask_next+0x3c/0x40 [ 63.747202][ T7] ? get_nr_dirty_inodes+0xd6/0x130 [ 63.752409][ T7] wb_workfn+0x9bc/0x1090 [ 63.756757][ T7] ? inode_wait_for_writeback+0x30/0x30 [ 63.762408][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.768141][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.774154][ T7] process_one_work+0x965/0x1690 [ 63.779130][ T7] ? lock_release+0x800/0x800 [ 63.783831][ T7] ? pwq_dec_nr_in_flight+0x310/0x310 [ 63.789223][ T7] ? rwlock_bug.part.0+0x90/0x90 [ 63.794186][ T7] worker_thread+0x96/0xe10 [ 63.798718][ T7] ? process_one_work+0x1690/0x1690 [ 63.803922][ T7] kthread+0x3b5/0x4a0 [ 63.807987][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.813700][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 63.819433][ T7] ret_from_fork+0x1f/0x30 [ 63.827647][ T7] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u4:0/7 [ 63.836673][ T7] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.842672][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.7.0-syzkaller #0 [ 63.850466][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.860526][ T7] Workqueue: writeback wb_workfn (flush-8:0) [ 63.866508][ T7] Call Trace: [ 63.869808][ T7] dump_stack+0x18f/0x20d [ 63.874151][ T7] check_preemption_disabled+0x20d/0x220 [ 63.879795][ T7] ext4_mb_new_blocks+0xa4d/0x3b70 [ 63.884907][ T7] ? ext4_find_extent+0x81a/0xad0 [ 63.889947][ T7] ? ext4_ext_search_right+0x2ca/0xb20 [ 63.895403][ T7] ? ext4_inode_to_goal_block+0x2df/0x3f0 [ 63.901153][ T7] ext4_ext_map_blocks+0x201b/0x33e0 [ 63.906898][ T7] ? ext4_ext_release+0x10/0x10 [ 63.911774][ T7] ? down_write_killable+0x170/0x170 [ 63.917071][ T7] ? ext4_es_lookup_extent+0x41d/0xd10 [ 63.922534][ T7] ext4_map_blocks+0x4cb/0x1640 [ 63.927391][ T7] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 63.932616][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 63.938172][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 63.944164][ T7] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 63.949643][ T7] ext4_writepages+0x1a7b/0x33c0 [ 63.954623][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.960256][ T7] ? __lock_acquire+0x2224/0x48b0 [ 63.965302][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.971287][ T7] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.977275][ T7] ? __ext4_mark_inode_dirty+0x940/0x940 [ 63.982904][ T7] ? do_writepages+0xfa/0x2a0 [ 63.987585][ T7] do_writepages+0xfa/0x2a0 [ 63.992102][ T7] ? page_writeback_cpu_online+0x10/0x10 [ 63.997755][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.003316][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.009329][ T7] ? lock_downgrade+0x840/0x840 [ 64.014187][ T7] __writeback_single_inode+0x12a/0x13d0 executing program [ 64.019985][ T7] ? _raw_spin_unlock+0x24/0x40 [ 64.024849][ T7] ? wbc_attach_and_unlock_inode+0x60a/0x9c0 [ 64.030848][ T7] writeback_sb_inodes+0x515/0xdc0 [ 64.035985][ T7] ? __writeback_single_inode+0x13d0/0x13d0 [ 64.042698][ T7] __writeback_inodes_wb+0xc3/0x250 [ 64.047919][ T7] wb_writeback+0x8db/0xd50 [ 64.052458][ T7] ? writeback_inodes_wb.constprop.0+0x1a0/0x1a0 [ 64.058801][ T7] ? cpumask_next+0x3c/0x40 [ 64.063331][ T7] ? get_nr_dirty_inodes+0xd6/0x130 [ 64.068623][ T7] wb_workfn+0x9bc/0x1090 [ 64.073056][ T7] ? inode_wait_for_writeback+0x30/0x30 [ 64.078972][ T7] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.085163][ T7] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.091161][ T7] process_one_work+0x965/0x1690 [ 64.096115][ T7] ? lock_release+0x800/0x800 [ 64.100966][ T7] ? pwq_dec_nr_in_flight+0x310/0x310 [ 64.106354][ T7] ? rwlock_bug.part.0+0x90/0x90 [ 64.111311][ T7] worker_thread+0x96/0xe10 [ 64.115915][ T7] ? process_one_work+0x1690/0x1690 [ 64.121493][ T7] kthread+0x3b5/0x4a0 [ 64.125580][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.131301][ T7] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.137028][ T7] ret_from_fork+0x1f/0x30 [ 64.148225][ T1157] BUG: using smp_processor_id() in preemptible [00000000] code: khugepaged/1157 [ 64.157368][ T1157] caller is ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.163433][ T1157] CPU: 0 PID: 1157 Comm: khugepaged Not tainted 5.7.0-syzkaller #0 [ 64.171848][ T1157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.182429][ T1157] Call Trace: [ 64.185739][ T1157] dump_stack+0x18f/0x20d [ 64.190096][ T1157] check_preemption_disabled+0x20d/0x220 [ 64.195754][ T1157] ext4_mb_new_blocks+0xa4d/0x3b70 [ 64.201319][ T1157] ? ext4_ext_search_right+0x2ca/0xb20 [ 64.215588][ T1157] ? ext4_ext_next_allocated_block+0x221/0x2d0 [ 64.223767][ T1157] ext4_ext_map_blocks+0x201b/0x33e0 [ 64.229063][ T1157] ? ext4_ext_release+0x10/0x10 [ 64.234221][ T1157] ? down_write_killable+0x170/0x170 [ 64.239775][ T1157] ? ext4_es_lookup_extent+0x41d/0xd10 [ 64.245604][ T1157] ext4_map_blocks+0x4cb/0x1640 [ 64.250464][ T1157] ? ext4_issue_zeroout+0x1e0/0x1e0 [ 64.257406][ T1157] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 64.262954][ T1157] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 64.268928][ T1157] ? ext4_alloc_io_end_vec+0x145/0x1c0 [ 64.274391][ T1157] ext4_writepages+0x1a7b/0x33c0 [ 64.279341][ T1157] ? lock_release+0x7c0/0x800 [ 64.284129][ T1157] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.290089][ T1157] ? __ext4_mark_inode_dirty+0x940/0x940 [ 64.296863][ T1157] ? do_writepages+0xfa/0x2a0 [ 64.301683][ T1157] do_writepages+0xfa/0x2a0 [ 64.313513][ T1157] ? page_writeback_cpu_online+0x10/0x10 [ 64.320152][ T1157] ? do_raw_spin_lock+0x120/0x2d0 [ 64.326704][ T1157] ? do_raw_spin_unlock+0x171/0x260 [ 64.333227][ T1157] ? _raw_spin_unlock+0x24/0x40 [ 64.339148][ T1157] __filemap_fdatawrite_range+0x2aa/0x390 [ 64.344877][ T1157] ? collapse_file+0x35a2/0x4330 [ 64.350583][ T1157] ? delete_from_page_cache_batch+0xeb0/0xeb0 [ 64.357569][ T1157] ? _raw_spin_unlock_irq+0x1f/0x80 [ 64.363671][ T1157] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 64.369753][ T1157] collapse_file+0x35ac/0x4330 [ 64.374663][ T1157] ? collapse_huge_page+0x4350/0x4350 [ 64.380130][ T1157] ? khugepaged+0x2506/0x3fc0 [ 64.384827][ T1157] ? xas_find+0x31a/0x880 [ 64.389184][ T1157] ? check_preemption_disabled+0x38/0x220 [ 64.394924][ T1157] khugepaged+0x3041/0x3fc0 [ 64.399468][ T1157] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 64.405134][ T1157] ? lock_downgrade+0x840/0x840 [ 64.409996][ T1157] ? finish_wait+0x260/0x260 [ 64.414793][ T1157] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 64.420610][ T1157] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 64.427039][ T1157] ? __kthread_parkme+0x13f/0x1e0 [ 64.432089][ T1157] ? collapse_pte_mapped_thp+0xbf0/0xbf0 [ 64.438029][ T1157] kthread+0x3b5/0x4a0 [ 64.442280][ T1157] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.451223][ T1157] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 64.458501][ T1157] ret_from_fork+0x1f/0x30 [ 64.621726][ T4596] tipc: TX() has been purged, node left! [ 65.123267][ T4596] ================================================================== [ 65.131519][ T4596] BUG: KASAN: use-after-free in afs_wake_up_async_call+0x6aa/0x770 [ 65.140052][ T4596] Write of size 1 at addr ffff88809fcfa1e4 by task kworker/u4:10/4596 [ 65.149435][ T4596] [ 65.151759][ T4596] CPU: 0 PID: 4596 Comm: kworker/u4:10 Not tainted 5.7.0-syzkaller #0 [ 65.159924][ T4596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.170380][ T4596] Workqueue: netns cleanup_net [ 65.175614][ T4596] Call Trace: [ 65.178934][ T4596] dump_stack+0x18f/0x20d [ 65.183265][ T4596] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.189042][ T4596] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.194943][ T4596] ? afs_put_call+0xa40/0xa40 [ 65.200199][ T4596] print_address_description.constprop.0.cold+0xd3/0x413 [ 65.207429][ T4596] ? vprintk_func+0x97/0x1a6 [ 65.212155][ T4596] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.218476][ T4596] kasan_report.cold+0x1f/0x37 [ 65.223421][ T4596] ? rcu_read_lock_held+0x81/0xb0 [ 65.229095][ T4596] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.238764][ T4596] afs_wake_up_async_call+0x6aa/0x770 [ 65.244120][ T4596] ? afs_close_socket+0x320/0x320 [ 65.249158][ T4596] ? afs_put_call+0xa40/0xa40 [ 65.253959][ T4596] rxrpc_notify_socket+0x1db/0x5d0 [ 65.259066][ T4596] ? afs_put_call+0xa40/0xa40 [ 65.263993][ T4596] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 65.270825][ T4596] rxrpc_call_completed+0xca/0xf0 [ 65.275858][ T4596] rxrpc_discard_prealloc+0x781/0xab0 [ 65.281350][ T4596] ? lock_sock_nested+0x94/0x110 [ 65.287077][ T4596] rxrpc_listen+0x147/0x360 [ 65.291588][ T4596] afs_close_socket+0x95/0x320 [ 65.296508][ T4596] ? afs_purge_servers+0x16d/0x300 [ 65.301612][ T4596] ? afs_rx_discard_new_call+0x50/0x50 [ 65.307089][ T4596] ? init_wait_var_entry+0x200/0x200 [ 65.312566][ T4596] ? rcu_read_lock_held_common+0xa0/0xa0 [ 65.318217][ T4596] ? check_preemption_disabled+0x38/0x220 [ 65.323941][ T4596] afs_net_exit+0x1bc/0x310 [ 65.328427][ T4596] ? afs_net_init+0xe30/0xe30 [ 65.333275][ T4596] ops_exit_list.isra.0+0xa8/0x150 [ 65.338389][ T4596] cleanup_net+0x511/0xa50 [ 65.342803][ T4596] ? unregister_pernet_device+0x70/0x70 [ 65.348337][ T4596] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 65.354777][ T4596] process_one_work+0x965/0x1690 [ 65.359851][ T4596] ? lock_release+0x800/0x800 [ 65.364520][ T4596] ? pwq_dec_nr_in_flight+0x310/0x310 [ 65.370013][ T4596] ? rwlock_bug.part.0+0x90/0x90 [ 65.375140][ T4596] worker_thread+0x96/0xe10 [ 65.379687][ T4596] ? process_one_work+0x1690/0x1690 [ 65.384872][ T4596] kthread+0x3b5/0x4a0 [ 65.389021][ T4596] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 65.394832][ T4596] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 65.400621][ T4596] ret_from_fork+0x1f/0x30 [ 65.405829][ T4596] [ 65.408133][ T4596] Allocated by task 6811: [ 65.413078][ T4596] save_stack+0x1b/0x40 [ 65.417233][ T4596] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 65.422875][ T4596] kmem_cache_alloc_trace+0x153/0x7d0 [ 65.428242][ T4596] afs_alloc_call+0x55/0x630 [ 65.432987][ T4596] afs_charge_preallocation+0xe9/0x2d0 [ 65.438628][ T4596] afs_open_socket+0x292/0x360 [ 65.444440][ T4596] afs_net_init+0xa6c/0xe30 [ 65.448944][ T4596] ops_init+0xaf/0x420 [ 65.452998][ T4596] setup_net+0x2de/0x860 [ 65.457240][ T4596] copy_net_ns+0x293/0x590 [ 65.461644][ T4596] create_new_namespaces+0x3fb/0xb30 [ 65.467049][ T4596] unshare_nsproxy_namespaces+0xbd/0x1f0 [ 65.472689][ T4596] ksys_unshare+0x43d/0x8e0 [ 65.477193][ T4596] __x64_sys_unshare+0x2d/0x40 [ 65.481955][ T4596] do_syscall_64+0x60/0xe0 [ 65.486381][ T4596] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 65.492296][ T4596] [ 65.494616][ T4596] Freed by task 4596: [ 65.498598][ T4596] save_stack+0x1b/0x40 [ 65.502731][ T4596] __kasan_slab_free+0xf7/0x140 [ 65.507575][ T4596] kfree+0x109/0x2b0 [ 65.511453][ T4596] afs_put_call+0x585/0xa40 [ 65.516039][ T4596] rxrpc_discard_prealloc+0x764/0xab0 [ 65.521391][ T4596] rxrpc_listen+0x147/0x360 [ 65.525998][ T4596] afs_close_socket+0x95/0x320 [ 65.530746][ T4596] afs_net_exit+0x1bc/0x310 [ 65.535248][ T4596] ops_exit_list.isra.0+0xa8/0x150 [ 65.540338][ T4596] cleanup_net+0x511/0xa50 [ 65.544857][ T4596] process_one_work+0x965/0x1690 [ 65.549847][ T4596] worker_thread+0x96/0xe10 [ 65.554338][ T4596] kthread+0x3b5/0x4a0 [ 65.558399][ T4596] ret_from_fork+0x1f/0x30 [ 65.562813][ T4596] [ 65.565135][ T4596] The buggy address belongs to the object at ffff88809fcfa000 [ 65.565135][ T4596] which belongs to the cache kmalloc-1k of size 1024 [ 65.579165][ T4596] The buggy address is located 484 bytes inside of [ 65.579165][ T4596] 1024-byte region [ffff88809fcfa000, ffff88809fcfa400) [ 65.592512][ T4596] The buggy address belongs to the page: [ 65.598135][ T4596] page:ffffea00027f3e80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 [ 65.607240][ T4596] flags: 0xfffe0000000200(slab) [ 65.614955][ T4596] raw: 00fffe0000000200 ffffea00025b3c48 ffffea00029bcf08 ffff8880aa000c40 [ 65.623518][ T4596] raw: 0000000000000000 ffff88809fcfa000 0000000100000002 0000000000000000 [ 65.632074][ T4596] page dumped because: kasan: bad access detected [ 65.638478][ T4596] [ 65.640786][ T4596] Memory state around the buggy address: [ 65.646391][ T4596] ffff88809fcfa080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.654446][ T4596] ffff88809fcfa100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.662484][ T4596] >ffff88809fcfa180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.670524][ T4596] ^ [ 65.677703][ T4596] ffff88809fcfa200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.685889][ T4596] ffff88809fcfa280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.693949][ T4596] ================================================================== [ 65.702134][ T4596] Disabling lock debugging due to kernel taint [ 65.708526][ T4596] Kernel panic - not syncing: panic_on_warn set ... [ 65.715116][ T4596] CPU: 0 PID: 4596 Comm: kworker/u4:10 Tainted: G B 5.7.0-syzkaller #0 [ 65.724655][ T4596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.734825][ T4596] Workqueue: netns cleanup_net [ 65.739609][ T4596] Call Trace: [ 65.742878][ T4596] dump_stack+0x18f/0x20d [ 65.747293][ T4596] ? afs_wake_up_async_call+0x5f0/0x770 [ 65.752831][ T4596] ? afs_put_call+0xa40/0xa40 [ 65.757503][ T4596] panic+0x2e3/0x75c [ 65.761402][ T4596] ? __warn_printk+0xf3/0xf3 [ 65.765979][ T4596] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 65.772118][ T4596] ? trace_hardirqs_on+0x55/0x220 [ 65.777129][ T4596] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.782907][ T4596] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.788424][ T4596] ? afs_put_call+0xa40/0xa40 [ 65.793284][ T4596] end_report+0x4d/0x53 [ 65.797431][ T4596] kasan_report.cold+0xd/0x37 [ 65.802092][ T4596] ? rcu_read_lock_held+0x81/0xb0 [ 65.807103][ T4596] ? afs_wake_up_async_call+0x6aa/0x770 [ 65.812629][ T4596] afs_wake_up_async_call+0x6aa/0x770 [ 65.817979][ T4596] ? afs_close_socket+0x320/0x320 [ 65.822979][ T4596] ? afs_put_call+0xa40/0xa40 [ 65.827664][ T4596] rxrpc_notify_socket+0x1db/0x5d0 [ 65.832760][ T4596] ? afs_put_call+0xa40/0xa40 [ 65.837409][ T4596] __rxrpc_set_call_completion.part.0+0x172/0x410 [ 65.843902][ T4596] rxrpc_call_completed+0xca/0xf0 [ 65.848947][ T4596] rxrpc_discard_prealloc+0x781/0xab0 [ 65.854302][ T4596] ? lock_sock_nested+0x94/0x110 [ 65.859223][ T4596] rxrpc_listen+0x147/0x360 [ 65.863753][ T4596] afs_close_socket+0x95/0x320 [ 65.868488][ T4596] ? afs_purge_servers+0x16d/0x300 [ 65.873574][ T4596] ? afs_rx_discard_new_call+0x50/0x50 [ 65.879021][ T4596] ? init_wait_var_entry+0x200/0x200 [ 65.884280][ T4596] ? rcu_read_lock_held_common+0xa0/0xa0 [ 65.889976][ T4596] ? check_preemption_disabled+0x38/0x220 [ 65.895944][ T4596] afs_net_exit+0x1bc/0x310 [ 65.900470][ T4596] ? afs_net_init+0xe30/0xe30 [ 65.905134][ T4596] ops_exit_list.isra.0+0xa8/0x150 [ 65.910257][ T4596] cleanup_net+0x511/0xa50 [ 65.914661][ T4596] ? unregister_pernet_device+0x70/0x70 [ 65.920195][ T4596] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 65.926248][ T4596] process_one_work+0x965/0x1690 [ 65.931162][ T4596] ? lock_release+0x800/0x800 [ 65.935811][ T4596] ? pwq_dec_nr_in_flight+0x310/0x310 [ 65.941179][ T4596] ? rwlock_bug.part.0+0x90/0x90 [ 65.946090][ T4596] worker_thread+0x96/0xe10 [ 65.950584][ T4596] ? process_one_work+0x1690/0x1690 [ 65.955766][ T4596] kthread+0x3b5/0x4a0 [ 65.959826][ T4596] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 65.965535][ T4596] ? kthread_mod_delayed_work+0x1a0/0x1a0 [ 65.971229][ T4596] ret_from_fork+0x1f/0x30 [ 65.977112][ T4596] Kernel Offset: disabled [ 65.981447][ T4596] Rebooting in 86400 seconds..