Warning: Permanently added '10.128.0.107' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 75.707698][ T9593] ------------[ cut here ]------------ [ 75.713378][ T9593] refcount_t: underflow; use-after-free. [ 75.719210][ T9593] WARNING: CPU: 1 PID: 9593 at lib/refcount.c:28 refcount_warn_saturate+0x1d1/0x1e0 [ 75.728555][ T9593] Kernel panic - not syncing: panic_on_warn set ... [ 75.735151][ T9593] CPU: 1 PID: 9593 Comm: syz-executor038 Not tainted 5.6.0-rc5-syzkaller #0 [ 75.743818][ T9593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.753858][ T9593] Call Trace: [ 75.757177][ T9593] dump_stack+0x188/0x20d [ 75.761503][ T9593] ? refcount_warn_saturate+0x190/0x1e0 [ 75.767039][ T9593] panic+0x2e3/0x75c [ 75.770914][ T9593] ? add_taint.cold+0x16/0x16 [ 75.775645][ T9593] ? __probe_kernel_read+0x188/0x1d0 [ 75.780914][ T9593] ? __warn.cold+0x14/0x35 [ 75.785311][ T9593] ? __warn+0xd5/0x1c8 [ 75.789362][ T9593] ? refcount_warn_saturate+0x1d1/0x1e0 [ 75.794886][ T9593] __warn.cold+0x2f/0x35 [ 75.799110][ T9593] ? refcount_warn_saturate+0x1d1/0x1e0 [ 75.804635][ T9593] report_bug+0x27b/0x2f0 [ 75.808947][ T9593] do_error_trap+0x12b/0x220 [ 75.813526][ T9593] ? refcount_warn_saturate+0x1d1/0x1e0 [ 75.819073][ T9593] do_invalid_op+0x32/0x40 [ 75.823479][ T9593] ? refcount_warn_saturate+0x1d1/0x1e0 [ 75.829003][ T9593] invalid_op+0x23/0x30 [ 75.833138][ T9593] RIP: 0010:refcount_warn_saturate+0x1d1/0x1e0 [ 75.839271][ T9593] Code: e9 db fe ff ff 48 89 df e8 9c 10 20 fe e9 8a fe ff ff e8 62 52 e3 fd 48 c7 c7 00 aa 51 88 c6 05 85 68 d2 06 01 e8 d7 62 b5 fd <0f> 0b e9 af fe ff ff 0f 1f 84 00 00 00 00 00 41 56 41 55 41 54 55 [ 75.858859][ T9593] RSP: 0018:ffffc900020b7688 EFLAGS: 00010282 [ 75.864901][ T9593] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.872901][ T9593] RDX: 0000000000000000 RSI: ffffffff815bf511 RDI: fffff52000416ec3 [ 75.880861][ T9593] RBP: 0000000000000003 R08: ffff888094536180 R09: ffffed1015ce45c9 [ 75.888825][ T9593] R10: ffffed1015ce45c8 R11: ffff8880ae722e43 R12: 0000000000008100 [ 75.896777][ T9593] R13: ffff8880962eca04 R14: ffff88808e263540 R15: ffff88808e263580 [ 75.904873][ T9593] ? vprintk_func+0x81/0x17e [ 75.909449][ T9593] ? refcount_warn_saturate+0x1d1/0x1e0 [ 75.914981][ T9593] sock_wfree+0x1e3/0x240 [ 75.919293][ T9593] sctp_wfree+0x372/0x960 [ 75.923611][ T9593] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 75.929131][ T9593] ? __sctp_write_space+0x5c0/0x5c0 [ 75.934305][ T9593] skb_release_head_state+0xe2/0x250 [ 75.939595][ T9593] skb_release_all+0x11/0x60 [ 75.944184][ T9593] consume_skb+0xf3/0x400 [ 75.948521][ T9593] sctp_chunk_put+0x1c0/0x2d0 [ 75.953186][ T9593] __sctp_outq_teardown+0x715/0xc60 [ 75.958368][ T9593] sctp_association_free+0x212/0x7e0 [ 75.963650][ T9593] sctp_do_sm+0x3911/0x4ed0 [ 75.968141][ T9593] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 75.974115][ T9593] ? sctp_do_8_2_transport_strike.isra.0+0xa60/0xa60 [ 75.980783][ T9593] ? kmem_cache_alloc_node_trace+0x3a2/0x790 [ 75.986769][ T9593] ? sctp_chunkify+0x46/0x290 [ 75.991426][ T9593] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 75.996949][ T9593] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 76.002910][ T9593] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 76.008691][ T9593] ? kmem_cache_alloc+0x261/0x730 [ 76.013705][ T9593] ? sctp_addto_chunk+0x290/0x290 [ 76.018704][ T9593] ? skb_put+0x15d/0x1c0 [ 76.022925][ T9593] ? memcpy+0x35/0x50 [ 76.026891][ T9593] sctp_primitive_ABORT+0x9b/0xc0 [ 76.031898][ T9593] sctp_close+0x22e/0x8a0 [ 76.036233][ T9593] ? sctp_accept+0x6a0/0x6a0 [ 76.040807][ T9593] ? down_write+0xdb/0x150 [ 76.045199][ T9593] ? ip_mc_drop_socket+0x16/0x260 [ 76.050202][ T9593] ? __sock_release+0x280/0x280 [ 76.055027][ T9593] inet_release+0xe4/0x1f0 [ 76.059424][ T9593] __sock_release+0xcd/0x280 [ 76.063994][ T9593] sock_close+0x18/0x20 [ 76.068127][ T9593] __fput+0x2da/0x850 [ 76.072095][ T9593] task_work_run+0x13f/0x1b0 [ 76.076679][ T9593] do_exit+0xb34/0x2dd0 [ 76.080814][ T9593] ? ksys_dup3+0x3a1/0x3c0 [ 76.085215][ T9593] ? compat_sock_common_getsockopt+0xf6/0x120 [ 76.091262][ T9593] ? mm_update_next_owner+0x7a0/0x7a0 [ 76.096610][ T9593] ? fput_many+0x2f/0x1a0 [ 76.100920][ T9593] ? __compat_sys_getsockopt+0x188/0x290 [ 76.106530][ T9593] ? sock_common_getsockopt+0xb0/0xb0 [ 76.111883][ T9593] ? get_compat_bpf_fprog+0x130/0x130 [ 76.117238][ T9593] do_group_exit+0x125/0x340 [ 76.121807][ T9593] __ia32_sys_exit_group+0x3a/0x50 [ 76.126894][ T9593] do_fast_syscall_32+0x270/0xe8f [ 76.131899][ T9593] entry_SYSENTER_compat+0x70/0x7f [ 76.138261][ T9593] Kernel Offset: disabled [ 76.142650][ T9593] Rebooting in 86400 seconds..