[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts.
syzkaller login: [   53.537299][ T8476] IPVS: ftp: loaded support on port[0] = 21
[   53.541316][ T8481] IPVS: ftp: loaded support on port[0] = 21
[   53.553193][ T8483] IPVS: ftp: loaded support on port[0] = 21
[   53.553519][ T8479] IPVS: ftp: loaded support on port[0] = 21
[   53.562552][ T8482] IPVS: ftp: loaded support on port[0] = 21
[   53.571711][ T8480] IPVS: ftp: loaded support on port[0] = 21
executing program
executing program
[   53.704573][ T8580] FAULT_INJECTION: forcing a failure.
[   53.704573][ T8580] name failslab, interval 1, probability 0, space 0, times 1
[   53.717629][ T8580] CPU: 1 PID: 8580 Comm: syz-executor034 Not tainted 5.11.0-rc4-syzkaller #0
[   53.726406][ T8580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   53.736479][ T8580] Call Trace:
[   53.739773][ T8580]  dump_stack+0x107/0x163
[   53.744134][ T8580]  should_fail.cold+0x5/0xa
[   53.748650][ T8580]  ? radix_tree_node_alloc.constprop.0+0x1e4/0x350
executing program
executing program
executing program
[   53.755168][ T8580]  should_failslab+0x5/0x10
[   53.759687][ T8580]  kmem_cache_alloc+0x5b/0x440
[   53.764469][ T8580]  radix_tree_node_alloc.constprop.0+0x1e4/0x350
[   53.770817][ T8580]  idr_get_free+0x554/0xa60
[   53.775785][ T8580]  idr_alloc_u32+0x170/0x2d0
[   53.780401][ T8580]  ? __fprop_inc_percpu_max+0x120/0x120
[   53.780558][ T8588] FAULT_INJECTION: forcing a failure.
[   53.780558][ T8588] name failslab, interval 1, probability 0, space 0, times 1
[   53.785965][ T8580]  ? lock_release+0x710/0x710
[   53.786037][ T8580]  idr_alloc+0xc2/0x130
[   53.786060][ T8580]  ? idr_alloc_u32+0x2d0/0x2d0
[   53.786078][ T8580]  ? rwlock_bug.part.0+0x90/0x90
[   53.817627][ T8580]  p9_client_prepare_req.part.0+0x696/0xc20
[   53.823893][ T8580]  p9_client_rpc+0x21c/0x1240
[   53.828668][ T8580]  ? _raw_spin_unlock_irqrestore+0x42/0x50
[   53.834514][ T8580]  ? lockdep_hardirqs_on+0x79/0x100
[   53.839905][ T8580]  ? p9_client_prepare_req.part.0+0xc20/0xc20
[   53.846076][ T8580]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   53.852350][ T8580]  ? pipe_poll+0x1dd/0x7a0
[   53.856958][ T8580]  ? p9_fd_poll+0x2c0/0x2c0
[   53.861484][ T8580]  ? anon_pipe_buf_release+0x380/0x380
[   53.866992][ T8580]  ? p9_fd_poll+0x1db/0x2c0
[   53.871514][ T8580]  ? p9_fd_create+0x2eb/0x420
[   53.876214][ T8580]  ? p9_conn_create+0x520/0x520
[   53.881084][ T8580]  ? kfree+0xdb/0x3b0
[   53.885077][ T8580]  ? p9_client_create+0xa46/0x1110
[   53.890201][ T8580]  p9_client_create+0xae1/0x1110
[   53.895163][ T8580]  ? p9_client_flush+0x430/0x430
[   53.900120][ T8580]  ? lockdep_init_map_waits+0x26a/0x720
[   53.905683][ T8580]  ? __raw_spin_lock_init+0x34/0x100
[   53.910994][ T8580]  v9fs_session_init+0x1dd/0x1770
[   53.916227][ T8580]  ? v9fs_show_options+0x780/0x780
[   53.921633][ T8580]  ? unpoison_range+0x3a/0x60
[   53.926340][ T8580]  v9fs_mount+0x79/0x9c0
[   53.930637][ T8580]  ? v9fs_write_inode+0x60/0x60
[   53.935506][ T8580]  legacy_get_tree+0x105/0x220
[   53.940292][ T8580]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   53.946816][ T8580]  vfs_get_tree+0x89/0x2f0
[   53.951339][ T8580]  path_mount+0x13ad/0x20c0
[   53.955869][ T8580]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   53.962119][ T8580]  ? strncpy_from_user+0x2a0/0x3e0
[   53.967245][ T8580]  ? finish_automount+0xac0/0xac0
[   53.972466][ T8580]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   53.978752][ T8580]  ? getname_flags.part.0+0x1dd/0x4f0
[   53.984153][ T8580]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   53.990439][ T8580]  __x64_sys_mount+0x27f/0x300
[   53.995207][ T8580]  ? copy_mnt_ns+0xae0/0xae0
[   53.999821][ T8580]  ? syscall_enter_from_user_mode+0x1d/0x50
[   54.005745][ T8580]  do_syscall_64+0x2d/0x70
[   54.010166][ T8580]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   54.016067][ T8580] RIP: 0033:0x447579
[   54.019966][ T8580] Code: e8 ac e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   54.039677][ T8580] RSP: 002b:00007fda7a63bd88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   54.048108][ T8580] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447579
executing program
[   54.056087][ T8580] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[   54.064071][ T8580] RBP: 00000000006dcc60 R08: 0000000020000480 R09: 0000000000003333
[   54.072046][ T8580] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   54.080019][ T8580] R13: 00007fda7a63bd90 R14: 0000000000000007 R15: 0000000000000064
[   54.088013][ T8588] CPU: 0 PID: 8588 Comm: syz-executor034 Not tainted 5.11.0-rc4-syzkaller #0
[   54.096829][ T8588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.106903][ T8588] Call Trace:
[   54.110185][ T8588]  dump_stack+0x107/0x163
[   54.114531][ T8588]  should_fail.cold+0x5/0xa
[   54.119039][ T8588]  ? __kmem_cache_create+0x12f/0x5a0
[   54.124586][ T8588]  should_failslab+0x5/0x10
[   54.129099][ T8588]  kmem_cache_alloc_node+0x55/0x470
[   54.134537][ T8588]  __kmem_cache_create+0x12f/0x5a0
[   54.140066][ T8588]  kmem_cache_create_usercopy+0x1ed/0x300
[   54.145946][ T8588]  p9_client_create+0xc9f/0x1110
[   54.150874][ T8588]  ? p9_client_flush+0x430/0x430
[   54.156022][ T8588]  ? lockdep_init_map_waits+0x26a/0x720
[   54.161853][ T8588]  ? __raw_spin_lock_init+0x34/0x100
[   54.167617][ T8588]  v9fs_session_init+0x1dd/0x1770
[   54.172636][ T8588]  ? v9fs_show_options+0x780/0x780
[   54.178269][ T8588]  ? unpoison_range+0x3a/0x60
[   54.182939][ T8588]  v9fs_mount+0x79/0x9c0
[   54.187453][ T8588]  ? v9fs_write_inode+0x60/0x60
[   54.192307][ T8588]  legacy_get_tree+0x105/0x220
[   54.197084][ T8588]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   54.203531][ T8588]  vfs_get_tree+0x89/0x2f0
[   54.208129][ T8588]  path_mount+0x13ad/0x20c0
[   54.212656][ T8588]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   54.218906][ T8588]  ? strncpy_from_user+0x2a0/0x3e0
[   54.224025][ T8588]  ? finish_automount+0xac0/0xac0
[   54.229229][ T8588]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   54.235492][ T8588]  ? getname_flags.part.0+0x1dd/0x4f0
[   54.240870][ T8588]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   54.247120][ T8588]  __x64_sys_mount+0x27f/0x300
[   54.252067][ T8588]  ? copy_mnt_ns+0xae0/0xae0
[   54.256670][ T8588]  ? syscall_enter_from_user_mode+0x1d/0x50
[   54.262569][ T8588]  do_syscall_64+0x2d/0x70
[   54.266990][ T8588]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   54.272974][ T8588] RIP: 0033:0x447579
[   54.276858][ T8588] Code: e8 ac e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   54.296475][ T8588] RSP: 002b:00007fda7a63bd88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   54.304900][ T8588] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447579
[   54.313041][ T8588] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[   54.321003][ T8588] RBP: 00000000006dcc60 R08: 0000000020000480 R09: 0000000000003333
[   54.328964][ T8588] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   54.336924][ T8588] R13: 00007fda7a63bd90 R14: 0000000000000007 R15: 0000000000000064
[   54.350774][ T8594] FAULT_INJECTION: forcing a failure.
[   54.350774][ T8594] name failslab, interval 1, probability 0, space 0, times 0
[   54.356026][ T8588] kmem_cache_create(9p-fcall-cache) failed with error -22
[   54.363880][ T8594] CPU: 0 PID: 8594 Comm: syz-executor034 Not tainted 5.11.0-rc4-syzkaller #0
[   54.363905][ T8594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.389791][ T8594] Call Trace:
[   54.393064][ T8594]  dump_stack+0x107/0x163
[   54.397391][ T8594]  should_fail.cold+0x5/0xa
[   54.401885][ T8594]  ? __kernfs_new_node+0xd4/0x8b0
[   54.406908][ T8594]  should_failslab+0x5/0x10
[   54.411404][ T8594]  kmem_cache_alloc+0x5b/0x440
[   54.416170][ T8594]  __kernfs_new_node+0xd4/0x8b0
[   54.421029][ T8594]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[   54.426492][ T8594]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   54.432508][ T8594]  kernfs_create_dir_ns+0x9c/0x220
[   54.437816][ T8594]  sysfs_create_dir_ns+0x127/0x290
[   54.443007][ T8594]  ? sysfs_create_mount_point+0xb0/0xb0
[   54.448550][ T8594]  ? rwlock_bug.part.0+0x90/0x90
[   54.453489][ T8594]  ? do_raw_spin_unlock+0x171/0x230
[   54.458688][ T8594]  kobject_add_internal+0x2d2/0xa60
[   54.463888][ T8594]  kobject_init_and_add+0x101/0x160
[   54.469083][ T8594]  ? kobject_create_and_add+0xb0/0xb0
[   54.474455][ T8594]  ? wait_for_completion_io+0x260/0x260
[   54.480173][ T8594]  ? kernfs_find_ns+0x256/0x370
[   54.485049][ T8594]  sysfs_slab_add+0x64/0x1d0
[   54.489637][ T8594]  __kmem_cache_create+0x471/0x5a0
[   54.494755][ T8594]  kmem_cache_create_usercopy+0x1ed/0x300
[   54.500586][ T8594]  p9_client_create+0xc9f/0x1110
[   54.505612][ T8594]  ? p9_client_flush+0x430/0x430
[   54.510631][ T8594]  ? lockdep_init_map_waits+0x26a/0x720
[   54.516199][ T8594]  ? __raw_spin_lock_init+0x34/0x100
[   54.521503][ T8594]  v9fs_session_init+0x1dd/0x1770
[   54.526552][ T8594]  ? v9fs_show_options+0x780/0x780
[   54.531669][ T8594]  ? unpoison_range+0x3a/0x60
[   54.536369][ T8594]  v9fs_mount+0x79/0x9c0
[   54.540607][ T8594]  ? v9fs_write_inode+0x60/0x60
[   54.545536][ T8594]  legacy_get_tree+0x105/0x220
[   54.550314][ T8594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   54.556569][ T8594]  vfs_get_tree+0x89/0x2f0
[   54.560980][ T8594]  path_mount+0x13ad/0x20c0
[   54.565503][ T8594]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   54.571742][ T8594]  ? strncpy_from_user+0x2a0/0x3e0
[   54.576849][ T8594]  ? finish_automount+0xac0/0xac0
[   54.581870][ T8594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   54.588103][ T8594]  ? getname_flags.part.0+0x1dd/0x4f0
[   54.593475][ T8594]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   54.599817][ T8594]  __x64_sys_mount+0x27f/0x300
[   54.604602][ T8594]  ? copy_mnt_ns+0xae0/0xae0
[   54.609194][ T8594]  ? syscall_enter_from_user_mode+0x1d/0x50
[   54.615112][ T8594]  do_syscall_64+0x2d/0x70
[   54.619527][ T8594]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   54.625420][ T8594] RIP: 0033:0x447579
[   54.629308][ T8594] Code: e8 ac e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   54.649005][ T8594] RSP: 002b:00007fda7a63bd88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   54.657421][ T8594] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447579
[   54.665393][ T8594] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[   54.673370][ T8594] RBP: 00000000006dcc60 R08: 0000000020000480 R09: 0000000000003333
[   54.681346][ T8594] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   54.689319][ T8594] R13: 00007fda7a63bd90 R14: 0000000000000007 R15: 0000000000000064
[   54.697322][ T8588] CPU: 1 PID: 8588 Comm: syz-executor034 Not tainted 5.11.0-rc4-syzkaller #0
[   54.701341][ T8594] kobject_add_internal failed for 9p-fcall-cache (error: -12 parent: slab)
[   54.706118][ T8588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.706131][ T8588] Call Trace:
[   54.706140][ T8588]  dump_stack+0x107/0x163
[   54.706171][ T8588]  kmem_cache_create_usercopy.cold+0x1a/0x6b
[   54.706207][ T8588]  p9_client_create+0xc9f/0x1110
[   54.706242][ T8588]  ? p9_client_flush+0x430/0x430
[   54.715252][ T8594] ==================================================================
[   54.724871][ T8588]  ? lockdep_init_map_waits+0x26a/0x720
[   54.724908][ T8588]  ? __raw_spin_lock_init+0x34/0x100
[   54.724935][ T8588]  v9fs_session_init+0x1dd/0x1770
[   54.728284][ T8594] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x82/0x350
[   54.732608][ T8588]  ? v9fs_show_options+0x780/0x780
[   54.739032][ T8594] 
[   54.788365][ T8588]  ? unpoison_range+0x3a/0x60
[   54.793062][ T8588]  v9fs_mount+0x79/0x9c0
[   54.797298][ T8588]  ? v9fs_write_inode+0x60/0x60
[   54.802138][ T8588]  legacy_get_tree+0x105/0x220
[   54.806896][ T8588]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   54.813137][ T8588]  vfs_get_tree+0x89/0x2f0
[   54.817557][ T8588]  path_mount+0x13ad/0x20c0
[   54.822062][ T8588]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   54.828302][ T8588]  ? strncpy_from_user+0x2a0/0x3e0
[   54.833497][ T8588]  ? finish_automount+0xac0/0xac0
[   54.838516][ T8588]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   54.844751][ T8588]  ? getname_flags.part.0+0x1dd/0x4f0
[   54.850133][ T8588]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   54.856461][ T8588]  __x64_sys_mount+0x27f/0x300
[   54.861221][ T8588]  ? copy_mnt_ns+0xae0/0xae0
[   54.865807][ T8588]  ? syscall_enter_from_user_mode+0x1d/0x50
[   54.871695][ T8588]  do_syscall_64+0x2d/0x70
[   54.876101][ T8588]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   54.881990][ T8588] RIP: 0033:0x447579
[   54.886156][ T8588] Code: e8 ac e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   54.906409][ T8588] RSP: 002b:00007fda7a63bd88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   54.914818][ T8588] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447579
[   54.922886][ T8588] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[   54.930949][ T8588] RBP: 00000000006dcc60 R08: 0000000020000480 R09: 0000000000003333
[   54.938908][ T8588] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   54.946866][ T8588] R13: 00007fda7a63bd90 R14: 0000000000000007 R15: 0000000000000064
[   54.954862][ T8594] CPU: 0 PID: 8594 Comm: syz-executor034 Not tainted 5.11.0-rc4-syzkaller #0
[   54.963678][ T8594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.973859][ T8594] Call Trace:
[   54.977139][ T8594]  dump_stack+0x107/0x163
[   54.981478][ T8594]  ? kmem_cache_free+0x82/0x350
[   54.986338][ T8594]  print_address_description.constprop.0.cold+0x5b/0x2f8
[   54.993375][ T8594]  ? kmem_cache_free+0x82/0x350
[   54.998234][ T8594]  ? kmem_cache_free+0x82/0x350
[   55.003081][ T8594]  kasan_report_invalid_free+0x51/0x80
[   55.008683][ T8594]  ____kasan_slab_free+0xfd/0x110
[   55.014032][ T8594]  slab_free_freelist_hook+0x5d/0x150
[   55.019919][ T8594]  ? kmem_cache_create_usercopy+0x2ab/0x300
[   55.025982][ T8594]  kmem_cache_free+0x82/0x350
[   55.030733][ T8594]  kmem_cache_create_usercopy+0x2ab/0x300
[   55.036711][ T8594]  p9_client_create+0xc9f/0x1110
[   55.041641][ T8594]  ? p9_client_flush+0x430/0x430
[   55.046567][ T8594]  ? lockdep_init_map_waits+0x26a/0x720
[   55.052186][ T8594]  ? __raw_spin_lock_init+0x34/0x100
[   55.057457][ T8594]  v9fs_session_init+0x1dd/0x1770
[   55.062486][ T8594]  ? v9fs_show_options+0x780/0x780
[   55.067603][ T8594]  ? unpoison_range+0x3a/0x60
[   55.072282][ T8594]  v9fs_mount+0x79/0x9c0
[   55.076526][ T8594]  ? v9fs_write_inode+0x60/0x60
[   55.081358][ T8594]  legacy_get_tree+0x105/0x220
[   55.086122][ T8594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   55.092347][ T8594]  vfs_get_tree+0x89/0x2f0
[   55.096747][ T8594]  path_mount+0x13ad/0x20c0
[   55.101233][ T8594]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   55.107456][ T8594]  ? strncpy_from_user+0x2a0/0x3e0
[   55.112551][ T8594]  ? finish_automount+0xac0/0xac0
[   55.117733][ T8594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   55.123973][ T8594]  ? getname_flags.part.0+0x1dd/0x4f0
[   55.129345][ T8594]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   55.135574][ T8594]  __x64_sys_mount+0x27f/0x300
[   55.140335][ T8594]  ? copy_mnt_ns+0xae0/0xae0
[   55.144909][ T8594]  ? syscall_enter_from_user_mode+0x1d/0x50
[   55.150789][ T8594]  do_syscall_64+0x2d/0x70
[   55.155206][ T8594]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   55.161086][ T8594] RIP: 0033:0x447579
[   55.164962][ T8594] Code: e8 ac e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   55.184724][ T8594] RSP: 002b:00007fda7a63bd88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   55.193133][ T8594] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447579
[   55.201102][ T8594] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[   55.209073][ T8594] RBP: 00000000006dcc60 R08: 0000000020000480 R09: 0000000000003333
[   55.217023][ T8594] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   55.225162][ T8594] R13: 00007fda7a63bd90 R14: 0000000000000007 R15: 0000000000000064
[   55.233124][ T8594] 
[   55.235427][ T8594] Allocated by task 8594:
[   55.239729][ T8594]  kasan_save_stack+0x1b/0x40
[   55.244390][ T8594]  ____kasan_kmalloc.constprop.0+0x82/0xa0
[   55.250174][ T8594]  kmem_cache_alloc+0x1c6/0x440
[   55.255019][ T8594]  kmem_cache_create_usercopy+0x1a6/0x300
[   55.261084][ T8594]  p9_client_create+0xc9f/0x1110
[   55.266002][ T8594]  v9fs_session_init+0x1dd/0x1770
[   55.271008][ T8594]  v9fs_mount+0x79/0x9c0
[   55.275229][ T8594]  legacy_get_tree+0x105/0x220
[   55.279993][ T8594]  vfs_get_tree+0x89/0x2f0
[   55.284409][ T8594]  path_mount+0x13ad/0x20c0
[   55.288908][ T8594]  __x64_sys_mount+0x27f/0x300
[   55.293652][ T8594]  do_syscall_64+0x2d/0x70
[   55.298062][ T8594]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   55.303938][ T8594] 
[   55.306245][ T8594] Freed by task 8594:
[   55.310198][ T8594]  kasan_save_stack+0x1b/0x40
[   55.314870][ T8594]  kasan_set_track+0x1c/0x30
[   55.319455][ T8594]  kasan_set_free_info+0x20/0x30
[   55.324375][ T8594]  ____kasan_slab_free+0xe1/0x110
[   55.329378][ T8594]  slab_free_freelist_hook+0x5d/0x150
[   55.334733][ T8594]  kmem_cache_free+0x82/0x350
[   55.339391][ T8594]  kobject_put+0x1c8/0x540
[   55.343981][ T8594]  sysfs_slab_add+0x164/0x1d0
[   55.348639][ T8594]  __kmem_cache_create+0x471/0x5a0
[   55.353748][ T8594]  kmem_cache_create_usercopy+0x1ed/0x300
[   55.359461][ T8594]  p9_client_create+0xc9f/0x1110
[   55.364567][ T8594]  v9fs_session_init+0x1dd/0x1770
[   55.369574][ T8594]  v9fs_mount+0x79/0x9c0
[   55.373796][ T8594]  legacy_get_tree+0x105/0x220
[   55.378718][ T8594]  vfs_get_tree+0x89/0x2f0
[   55.383114][ T8594]  path_mount+0x13ad/0x20c0
[   55.387613][ T8594]  __x64_sys_mount+0x27f/0x300
[   55.392372][ T8594]  do_syscall_64+0x2d/0x70
[   55.396768][ T8594]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   55.402730][ T8594] 
[   55.405048][ T8594] The buggy address belongs to the object at ffff888021cf28c0
[   55.405048][ T8594]  which belongs to the cache kmem_cache of size 224
[   55.418997][ T8594] The buggy address is located 0 bytes inside of
[   55.418997][ T8594]  224-byte region [ffff888021cf28c0, ffff888021cf29a0)
[   55.432619][ T8594] The buggy address belongs to the page:
[   55.438312][ T8594] page:00000000b5194f0f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21cf2
[   55.448443][ T8594] flags: 0xfff00000000200(slab)
[   55.453281][ T8594] raw: 00fff00000000200 dead000000000100 dead000000000122 ffff888010041000
[   55.461933][ T8594] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[   55.470509][ T8594] page dumped because: kasan: bad access detected
[   55.476987][ T8594] 
[   55.479292][ T8594] Memory state around the buggy address:
[   55.484914][ T8594]  ffff888021cf2780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.492954][ T8594]  ffff888021cf2800: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   55.501099][ T8594] >ffff888021cf2880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   55.509157][ T8594]                                            ^
[   55.515546][ T8594]  ffff888021cf2900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.523602][ T8594]  ffff888021cf2980: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[   55.531638][ T8594] ==================================================================
[   55.539673][ T8594] Disabling lock debugging due to kernel taint
[   55.547010][ T8594] Kernel panic - not syncing: panic_on_warn set ...
[   55.553601][ T8594] CPU: 0 PID: 8594 Comm: syz-executor034 Tainted: G    B             5.11.0-rc4-syzkaller #0
[   55.563755][ T8594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.573808][ T8594] Call Trace:
[   55.577078][ T8594]  dump_stack+0x107/0x163
[   55.581393][ T8594]  panic+0x306/0x73d
[   55.585285][ T8594]  ? __warn_printk+0xf3/0xf3
[   55.589876][ T8594]  ? preempt_schedule_common+0x59/0xc0
[   55.595313][ T8594]  ? kmem_cache_free+0x82/0x350
[   55.600142][ T8594]  ? kmem_cache_free+0x82/0x350
[   55.604972][ T8594]  ? preempt_schedule_thunk+0x16/0x18
[   55.610334][ T8594]  ? trace_hardirqs_on+0x38/0x1c0
[   55.615368][ T8594]  ? trace_hardirqs_on+0x51/0x1c0
[   55.620375][ T8594]  ? kmem_cache_free+0x82/0x350
[   55.625307][ T8594]  ? kmem_cache_free+0x82/0x350
[   55.630137][ T8594]  end_report+0x58/0x5e
[   55.634273][ T8594]  kasan_report_invalid_free+0x6d/0x80
[   55.639711][ T8594]  ____kasan_slab_free+0xfd/0x110
[   55.644713][ T8594]  slab_free_freelist_hook+0x5d/0x150
[   55.650066][ T8594]  ? kmem_cache_create_usercopy+0x2ab/0x300
[   55.655939][ T8594]  kmem_cache_free+0x82/0x350
[   55.660689][ T8594]  kmem_cache_create_usercopy+0x2ab/0x300
[   55.666494][ T8594]  p9_client_create+0xc9f/0x1110
[   55.671414][ T8594]  ? p9_client_flush+0x430/0x430
[   55.676611][ T8594]  ? lockdep_init_map_waits+0x26a/0x720
[   55.682156][ T8594]  ? __raw_spin_lock_init+0x34/0x100
[   55.687427][ T8594]  v9fs_session_init+0x1dd/0x1770
[   55.692448][ T8594]  ? v9fs_show_options+0x780/0x780
[   55.697540][ T8594]  ? unpoison_range+0x3a/0x60
[   55.702196][ T8594]  v9fs_mount+0x79/0x9c0
[   55.706417][ T8594]  ? v9fs_write_inode+0x60/0x60
[   55.711264][ T8594]  legacy_get_tree+0x105/0x220
[   55.716008][ T8594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   55.722231][ T8594]  vfs_get_tree+0x89/0x2f0
[   55.726900][ T8594]  path_mount+0x13ad/0x20c0
[   55.731384][ T8594]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   55.737606][ T8594]  ? strncpy_from_user+0x2a0/0x3e0
[   55.742701][ T8594]  ? finish_automount+0xac0/0xac0
[   55.747708][ T8594]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   55.753928][ T8594]  ? getname_flags.part.0+0x1dd/0x4f0
[   55.759282][ T8594]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   55.765506][ T8594]  __x64_sys_mount+0x27f/0x300
[   55.770250][ T8594]  ? copy_mnt_ns+0xae0/0xae0
[   55.774822][ T8594]  ? syscall_enter_from_user_mode+0x1d/0x50
[   55.780705][ T8594]  do_syscall_64+0x2d/0x70
[   55.785101][ T8594]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   55.791079][ T8594] RIP: 0033:0x447579
[   55.794950][ T8594] Code: e8 ac e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   55.814621][ T8594] RSP: 002b:00007fda7a63bd88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   55.823199][ T8594] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000447579
[   55.831152][ T8594] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[   55.839100][ T8594] RBP: 00000000006dcc60 R08: 0000000020000480 R09: 0000000000003333
[   55.847150][ T8594] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc6c
[   55.855098][ T8594] R13: 00007fda7a63bd90 R14: 0000000000000007 R15: 0000000000000064
[   55.866563][ T8594] Kernel Offset: disabled
[   55.870888][ T8594] Rebooting in 86400 seconds..