Warning: Permanently added '10.128.0.198' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 44.948480][ T6796] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 45.146777][ T21] ------------[ cut here ]------------ [ 45.152344][ T21] refcount_t: addition on 0; use-after-free. [ 45.158611][ T21] WARNING: CPU: 1 PID: 21 at lib/refcount.c:25 refcount_warn_saturate+0x13d/0x1a0 [ 45.167788][ T21] Kernel panic - not syncing: panic_on_warn set ... [ 45.174345][ T21] CPU: 1 PID: 21 Comm: kworker/u4:1 Not tainted 5.9.0-rc3-syzkaller #0 [ 45.182662][ T21] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.192692][ T21] Workqueue: qrtr_ns_handler qrtr_ns_worker [ 45.198552][ T21] Call Trace: [ 45.201833][ T21] dump_stack+0x1d6/0x29e [ 45.206150][ T21] panic+0x2c0/0x800 [ 45.210020][ T21] ? __warn+0x102/0x250 [ 45.214147][ T21] ? refcount_warn_saturate+0x13d/0x1a0 [ 45.219764][ T21] ? refcount_warn_saturate+0x13d/0x1a0 [ 45.225382][ T21] __warn+0x227/0x250 [ 45.229345][ T21] ? refcount_warn_saturate+0x13d/0x1a0 [ 45.234878][ T21] report_bug+0x1b1/0x2e0 [ 45.239285][ T21] handle_bug+0x42/0x80 [ 45.243420][ T21] exc_invalid_op+0x16/0x40 [ 45.247893][ T21] asm_exc_invalid_op+0x12/0x20 [ 45.252713][ T21] RIP: 0010:refcount_warn_saturate+0x13d/0x1a0 [ 45.258836][ T21] Code: c7 83 96 15 89 31 c0 e8 b1 34 a6 fd 0f 0b eb a3 e8 a8 94 d4 fd c6 05 04 8e ea 05 01 48 c7 c7 ba 96 15 89 31 c0 e8 93 34 a6 fd <0f> 0b eb 85 e8 8a 94 d4 fd c6 05 e7 8d ea 05 01 48 c7 c7 e6 96 15 [ 45.278410][ T21] RSP: 0018:ffffc90000dd79c0 EFLAGS: 00010046 [ 45.284444][ T21] RAX: eb7b51afe96d3100 RBX: 0000000000000002 RCX: ffff8880a9bf6580 [ 45.292388][ T21] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000 [ 45.300347][ T21] RBP: 0000000000000002 R08: ffffffff815e27d0 R09: ffffed1015d241c3 [ 45.308295][ T21] R10: ffffed1015d241c3 R11: 0000000000000000 R12: ffff8880a761a898 [ 45.316252][ T21] R13: 1ffff1101517fa56 R14: 0000000000000286 R15: ffff8880a761a800 [ 45.324297][ T21] ? vprintk_emit+0x2f0/0x370 [ 45.329645][ T21] qrtr_node_lookup+0xc0/0xd0 [ 45.334310][ T21] qrtr_recvmsg+0x429/0xa80 [ 45.338805][ T21] qrtr_ns_worker+0x176/0x45f0 [ 45.343555][ T21] ? __lock_acquire+0x110b/0x2ae0 [ 45.348666][ T21] ? rcu_read_lock_sched_held+0x2f/0xa0 [ 45.354186][ T21] ? lock_acquire+0x140/0x6f0 [ 45.358850][ T21] ? process_one_work+0x733/0xfc0 [ 45.363846][ T21] ? lock_is_held_type+0xb3/0xe0 [ 45.368763][ T21] process_one_work+0x789/0xfc0 [ 45.373595][ T21] worker_thread+0xaa4/0x1460 [ 45.378271][ T21] kthread+0x37e/0x3a0 [ 45.382332][ T21] ? rcu_lock_release+0x20/0x20 [ 45.387168][ T21] ? kthread_blkcg+0xd0/0xd0 [ 45.391734][ T21] ret_from_fork+0x1f/0x30 [ 46.521439][ T21] Shutting down cpus with NMI [ 46.527449][ T21] Kernel Offset: disabled [ 46.531811][ T21] Rebooting in 86400 seconds..