INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes [ 803.913996] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.25' (ECDSA) to the list of known hosts. [ 809.398701] random: crng init done 2018/07/15 19:56:23 parsed 1 programs 2018/07/15 19:56:25 executed programs: 0 [ 811.707310] IPVS: Creating netns size=2536 id=1 [ 811.742584] IPVS: Creating netns size=2536 id=2 [ 811.767245] IPVS: Creating netns size=2536 id=3 [ 811.810323] IPVS: Creating netns size=2536 id=4 [ 811.839140] IPVS: Creating netns size=2536 id=5 [ 811.892263] IPVS: Creating netns size=2536 id=6 [ 811.945580] IPVS: Creating netns size=2536 id=7 [ 811.986771] IPVS: Creating netns size=2536 id=8 2018/07/15 19:56:30 executed programs: 452 2018/07/15 19:56:35 executed programs: 870 2018/07/15 19:56:40 executed programs: 1280 2018/07/15 19:56:45 executed programs: 1693 2018/07/15 19:56:50 executed programs: 2116 2018/07/15 19:56:55 executed programs: 2557 2018/07/15 19:57:00 executed programs: 2974 2018/07/15 19:57:05 executed programs: 3413 2018/07/15 19:57:10 executed programs: 3850 2018/07/15 19:57:15 executed programs: 4292 2018/07/15 19:57:20 executed programs: 4718 2018/07/15 19:57:25 executed programs: 5171 2018/07/15 19:57:30 executed programs: 5612 2018/07/15 19:57:35 executed programs: 6060 2018/07/15 19:57:40 executed programs: 6490 2018/07/15 19:57:45 executed programs: 6946 2018/07/15 19:57:50 executed programs: 7383 2018/07/15 19:57:55 executed programs: 7822 2018/07/15 19:58:00 executed programs: 8262 2018/07/15 19:58:05 executed programs: 8720 INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes 2018/07/15 19:58:10 executed programs: 9150 2018/07/15 19:58:15 executed programs: 9599 2018/07/15 19:58:20 executed programs: 10025 2018/07/15 19:58:25 executed programs: 10452 2018/07/15 19:58:30 executed programs: 10889 2018/07/15 19:58:35 executed programs: 11329 2018/07/15 19:58:40 executed programs: 11770 2018/07/15 19:58:45 executed programs: 12207 2018/07/15 19:58:50 executed programs: 12640 2018/07/15 19:58:55 executed programs: 13071 2018/07/15 19:59:00 executed programs: 13511 2018/07/15 19:59:05 executed programs: 13950 2018/07/15 19:59:10 executed programs: 14408 2018/07/15 19:59:15 executed programs: 14848 2018/07/15 19:59:20 executed programs: 15302 2018/07/15 19:59:25 executed programs: 15735 2018/07/15 19:59:30 executed programs: 16170 2018/07/15 19:59:35 executed programs: 16605 2018/07/15 19:59:40 executed programs: 17039 [ 1010.249916] ================================================================== [ 1010.257484] BUG: KASAN: use-after-free in p9_poll_workfn+0x2ea/0x330 [ 1010.264079] Read of size 4 at addr ffff8801c082b704 by task kworker/0:1/24 [ 1010.271078] [ 1010.272701] CPU: 0 PID: 24 Comm: kworker/0:1 Not tainted 4.9.112-g9e79039 #7 [ 1010.279878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1010.289239] Workqueue: events p9_poll_workfn [ 1010.293832] ffff8801d940fb60 ffffffff81eb3249 ffffea0007020a80 ffff8801c082b704 [ 1010.301899] 0000000000000000 ffff8801c082b704 0000000000000004 ffff8801d940fb98 [ 1010.309952] ffffffff81567bd9 ffff8801c082b704 0000000000000004 0000000000000000 [ 1010.318086] Call Trace: [ 1010.320714] [] dump_stack+0xc1/0x128 [ 1010.326114] [] print_address_description+0x6c/0x234 [ 1010.332761] [] kasan_report.cold.6+0x242/0x2fe [ 1010.338974] [] ? p9_poll_workfn+0x2ea/0x330 [ 1010.344969] [] __asan_report_load4_noabort+0x14/0x20 [ 1010.351703] [] p9_poll_workfn+0x2ea/0x330 [ 1010.357554] [] process_one_work+0x7e1/0x1500 [ 1010.363592] [] ? process_one_work+0x728/0x1500 [ 1010.369816] [] ? pwq_dec_nr_in_flight+0x2e0/0x2e0 [ 1010.376302] [] worker_thread+0xd6/0x10a0 [ 1010.382044] [] ? __schedule+0x655/0x1bd0 [ 1010.387743] [] kthread+0x26d/0x300 [ 1010.392925] [] ? process_one_work+0x1500/0x1500 [ 1010.399223] [] ? kthread_park+0xa0/0xa0 [ 1010.404840] [] ? kthread_park+0xa0/0xa0 [ 1010.410452] [] ? kthread_park+0xa0/0xa0 [ 1010.416092] [] ret_from_fork+0x5c/0x70 [ 1010.421601] [ 1010.423204] Allocated by task 14501: [ 1010.426928] save_stack_trace+0x16/0x20 [ 1010.430877] save_stack+0x43/0xd0 [ 1010.434310] kasan_kmalloc+0xc7/0xe0 [ 1010.438043] kmem_cache_alloc_trace+0xfd/0x2b0 [ 1010.442598] p9_fd_create+0xf3/0x330 [ 1010.446307] p9_client_create+0x6ff/0x10a0 [ 1010.450581] v9fs_session_init+0x333/0x13a0 [ 1010.454879] v9fs_mount+0x7d/0x810 [ 1010.458408] mount_fs+0x28c/0x370 [ 1010.461885] vfs_kern_mount.part.29+0xd1/0x3d0 [ 1010.466455] do_mount+0x3c9/0x2740 [ 1010.469993] SyS_mount+0xfe/0x110 [ 1010.473457] do_syscall_64+0x1a6/0x490 [ 1010.477325] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1010.482419] [ 1010.484023] Freed by task 14501: [ 1010.487371] save_stack_trace+0x16/0x20 [ 1010.491345] save_stack+0x43/0xd0 [ 1010.494785] kasan_slab_free+0x72/0xc0 [ 1010.498655] kfree+0xfb/0x310 [ 1010.501745] p9_fd_close+0x298/0x330 [ 1010.505442] p9_client_destroy+0x73/0x570 [ 1010.509565] v9fs_session_close+0x46/0x110 [ 1010.513778] v9fs_kill_super+0x4e/0xa0 [ 1010.517667] deactivate_locked_super+0x75/0xd0 [ 1010.522232] v9fs_mount+0x3c6/0x810 [ 1010.525846] mount_fs+0x28c/0x370 [ 1010.529277] vfs_kern_mount.part.29+0xd1/0x3d0 [ 1010.533883] do_mount+0x3c9/0x2740 [ 1010.537403] SyS_mount+0xfe/0x110 [ 1010.540836] do_syscall_64+0x1a6/0x490 [ 1010.544706] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1010.549788] [ 1010.551401] The buggy address belongs to the object at ffff8801c082b680 [ 1010.551401] which belongs to the cache kmalloc-512 of size 512 [ 1010.564035] The buggy address is located 132 bytes inside of [ 1010.564035] 512-byte region [ffff8801c082b680, ffff8801c082b880) [ 1010.575902] The buggy address belongs to the page: [ 1010.580820] page:ffffea0007020a80 count:1 mapcount:0 mapping: (null) index:0x0 compound_mapcount: 0 [ 1010.591033] flags: 0x8000000000004080(slab|head) [ 1010.595775] page dumped because: kasan: bad access detected [ 1010.601463] [ 1010.603082] Memory state around the buggy address: [ 1010.607987] ffff8801c082b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1010.615332] ffff8801c082b680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1010.622672] >ffff8801c082b700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1010.630007] ^ [ 1010.633347] ffff8801c082b780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1010.640694] ffff8801c082b800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1010.648029] ================================================================== [ 1010.655366] Disabling lock debugging due to kernel taint [ 1010.663320] Kernel panic - not syncing: panic_on_warn set ... [ 1010.663320] [ 1010.670708] CPU: 0 PID: 24 Comm: kworker/0:1 Tainted: G B 4.9.112-g9e79039 #7 [ 1010.679100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1010.688471] Workqueue: events p9_poll_workfn [ 1010.692978] ffff8801d940fac0 ffffffff81eb3249 ffffffff843c775f 00000000ffffffff [ 1010.701016] 0000000000000000 0000000000000000 0000000000000004 ffff8801d940fb80 [ 1010.709014] ffffffff81421a55 0000000041b58ab3 ffffffff843bae78 ffffffff81421896 [ 1010.717032] Call Trace: [ 1010.719609] [] dump_stack+0xc1/0x128 [ 1010.725019] [] panic+0x1bf/0x3bc [ 1010.730027] [] ? add_taint.cold.6+0x16/0x16 [ 1010.735993] [] ? ___preempt_schedule+0x16/0x18 [ 1010.742202] [] kasan_end_report+0x47/0x4f [ 1010.747986] [] kasan_report.cold.6+0x76/0x2fe [ 1010.754107] [] ? p9_poll_workfn+0x2ea/0x330 [ 1010.760071] [] __asan_report_load4_noabort+0x14/0x20 [ 1010.766800] [] p9_poll_workfn+0x2ea/0x330 [ 1010.772579] [] process_one_work+0x7e1/0x1500 [ 1010.778625] [] ? process_one_work+0x728/0x1500 [ 1010.784853] [] ? pwq_dec_nr_in_flight+0x2e0/0x2e0 [ 1010.791334] [] worker_thread+0xd6/0x10a0 [ 1010.797021] [] ? __schedule+0x655/0x1bd0 [ 1010.802717] [] kthread+0x26d/0x300 [ 1010.807902] [] ? process_one_work+0x1500/0x1500 [ 1010.814209] [] ? kthread_park+0xa0/0xa0 [ 1010.819814] [] ? kthread_park+0xa0/0xa0 [ 1010.825429] [] ? kthread_park+0xa0/0xa0 [ 1010.831030] [] ret_from_fork+0x5c/0x70 [ 1010.837116] Dumping ftrace buffer: [ 1010.840636] (ftrace buffer empty) [ 1010.844330] Kernel Offset: disabled [ 1010.847933] Rebooting in 86400 seconds..