================================================================== BUG: KASAN: null-ptr-deref in atomic_read include/asm-generic/atomic-instrumented.h:21 [inline] BUG: KASAN: null-ptr-deref in refcount_sub_and_test_checked+0x9d/0x310 lib/refcount.c:179 Read of size 4 at addr 000000000000002e by task kworker/u4:6/10720 CPU: 1 PID: 10720 Comm: kworker/u4:6 Not tainted 4.19.0-rc6+ #245 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 IPVS: ftp: loaded support on port[0] = 21 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c4/0x2b4 lib/dump_stack.c:113 kasan_report_error mm/kasan/report.c:352 [inline] kasan_report.cold.9+0x6d/0x309 mm/kasan/report.c:412 check_memory_region_inline mm/kasan/kasan.c:260 [inline] check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267 kasan_check_read+0x11/0x20 mm/kasan/kasan.c:272 atomic_read include/asm-generic/atomic-instrumented.h:21 [inline] refcount_sub_and_test_checked+0x9d/0x310 lib/refcount.c:179 refcount_dec_and_test_checked+0x1a/0x20 lib/refcount.c:212 ip_fib_metrics_put include/net/ip.h:428 [inline] fib6_info_destroy_rcu+0x2ef/0x3e0 net/ipv6/ip6_fib.c:204 __rcu_reclaim kernel/rcu/rcu.h:236 [inline] rcu_do_batch kernel/rcu/tree.c:2576 [inline] invoke_rcu_callbacks kernel/rcu/tree.c:2880 [inline] __rcu_process_callbacks kernel/rcu/tree.c:2847 [inline] rcu_process_callbacks+0xf23/0x2670 kernel/rcu/tree.c:2864 __do_softirq+0x30b/0xad8 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:372 [inline] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x1cb/0x760 arch/x86/kernel/apic/apic.c:1056 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:864 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:788 [inline] RIP: 0010:lock_release+0x4d2/0x970 kernel/locking/lockdep.c:3922 Code: 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 6a 03 00 00 48 83 3d 95 1b d1 07 00 0f 84 c5 02 00 00 48 8b bd e0 fe ff ff 57 9d <0f> 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 RSP: 0018:ffff8801d2677a00 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 RAX: dffffc0000000000 RBX: 1ffff1003a4cef44 RCX: ffff8801c64de2c0 RDX: 1ffffffff1263e41 RSI: 0000000000000001 RDI: 0000000000000286 RBP: ffff8801d2677b28 R08: 0000000000000000 R09: ffffed0038bcf551 R10: ffffed0038bcf551 R11: ffff8801c5e7aa8b R12: ffff8801c5e7a300 R13: ffff8801d2677b00 R14: ffff8801bb558bc0 R15: ffff8801c5e7a300 __raw_spin_unlock include/linux/spinlock_api_smp.h:150 [inline] _raw_spin_unlock+0x1a/0x50 kernel/locking/spinlock.c:176 spin_unlock include/linux/spinlock.h:369 [inline] task_unlock include/linux/sched/task.h:150 [inline] bprm_mm_init fs/exec.c:416 [inline] __do_execve_file.isra.33+0xf6c/0x2540 fs/exec.c:1788 do_execveat_common fs/exec.c:1866 [inline] do_execve+0x33/0x40 fs/exec.c:1883 call_usermodehelper_exec_async+0x6cf/0xa80 kernel/umh.c:107 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:413 ==================================================================