Warning: Permanently added '10.128.10.62' (ECDSA) to the list of known hosts. 2019/11/23 22:12:34 parsed 1 programs 2019/11/23 22:12:35 executed programs: 0 [ 40.048179] IPVS: ftp: loaded support on port[0] = 21 [ 40.211256] IPVS: ftp: loaded support on port[0] = 21 [ 40.283143] IPVS: ftp: loaded support on port[0] = 21 [ 40.337462] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.343969] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.351443] device bridge_slave_0 entered promiscuous mode [ 40.381729] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.388424] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.396669] device bridge_slave_1 entered promiscuous mode [ 40.403763] IPVS: ftp: loaded support on port[0] = 21 [ 40.432119] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 40.464731] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 40.492291] IPVS: ftp: loaded support on port[0] = 21 [ 40.553686] IPVS: ftp: loaded support on port[0] = 21 [ 40.605218] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.666607] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.920865] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.930889] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.938341] device bridge_slave_0 entered promiscuous mode [ 40.955968] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 40.963775] team0: Port device team_slave_0 added [ 40.987821] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.994359] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.002096] device bridge_slave_0 entered promiscuous mode [ 41.010572] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.020333] team0: Port device team_slave_1 added [ 41.029749] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.037649] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.046982] device bridge_slave_1 entered promiscuous mode [ 41.067660] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.077530] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.088725] device bridge_slave_1 entered promiscuous mode [ 41.109446] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 41.125392] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.154271] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 41.175212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 41.183815] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 41.208289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 41.237792] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 41.256147] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.268438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.281935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 41.314974] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.322855] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.330605] device bridge_slave_0 entered promiscuous mode [ 41.339938] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.374266] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.386815] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.397558] device bridge_slave_1 entered promiscuous mode [ 41.421364] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.436604] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.445142] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.455679] device bridge_slave_0 entered promiscuous mode [ 41.473071] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.486648] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 41.499494] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.506997] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.514845] device bridge_slave_1 entered promiscuous mode [ 41.522576] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 41.539929] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 41.553371] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.561842] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 41.581896] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 41.606581] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.624154] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.632135] device bridge_slave_0 entered promiscuous mode [ 41.641362] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 41.699584] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.706781] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.713958] device bridge_slave_1 entered promiscuous mode [ 41.736876] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.756548] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 41.770460] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.785542] team0: Port device team_slave_0 added [ 41.803940] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.815735] team0: Port device team_slave_0 added [ 41.823844] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.836120] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 41.850356] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.864302] team0: Port device team_slave_1 added [ 41.871978] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.880820] team0: Port device team_slave_1 added [ 41.891803] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.915320] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.929915] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.936950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.943609] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.950042] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.957884] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 41.979739] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.995973] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.005701] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.016826] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.028240] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.044914] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.059653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.071547] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.084344] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.096477] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.107823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.120786] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.129905] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.141340] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.148743] team0: Port device team_slave_0 added [ 42.155545] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.165479] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.177704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.186144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.194110] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.219650] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.234000] team0: Port device team_slave_1 added [ 42.265491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 42.276203] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 42.294272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.307933] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 42.322579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.331220] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 42.354393] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 42.365256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.375835] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.394634] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.403290] team0: Port device team_slave_0 added [ 42.418676] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.435356] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.447992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.469625] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.483826] team0: Port device team_slave_1 added [ 42.493771] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.504821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.517255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.526158] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.533701] team0: Port device team_slave_0 added [ 42.544630] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 42.559728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.568983] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 42.584610] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.592141] team0: Port device team_slave_1 added [ 42.611276] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.640907] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 42.667520] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.680325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.688471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.707688] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.728726] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.742475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.751634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.763178] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.772966] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.779371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.786051] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.792397] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.800188] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.815627] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.824420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.838844] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.852099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.868980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.884210] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.890607] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.897255] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.903646] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.911690] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.099905] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.106313] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.112980] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.119392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.128533] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.271214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.280947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.295638] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.305976] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.312381] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.319037] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.325392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.333603] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.395421] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.401845] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.408511] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.414912] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.424194] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.046283] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.206980] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.319440] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.327965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.392346] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.408150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.419904] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.550794] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.566511] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.690088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.751280] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.820740] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.834313] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.920099] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.936820] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.949626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.957544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.999888] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.017909] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.035149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.045769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.091880] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.102351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.111908] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.175344] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.203276] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.216558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.226080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.280846] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.302480] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.314376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.327547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.385857] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.451648] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.472557] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.482471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.494435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.633066] 8021q: adding VLAN 0 to HW filter on device team0 2019/11/23 22:12:41 executed programs: 6 2019/11/23 22:12:47 executed programs: 43 2019/11/23 22:12:52 executed programs: 80 2019/11/23 22:12:57 executed programs: 117 2019/11/23 22:13:02 executed programs: 153 2019/11/23 22:13:07 executed programs: 190 2019/11/23 22:13:12 executed programs: 227 2019/11/23 22:13:17 executed programs: 264 2019/11/23 22:13:22 executed programs: 301 2019/11/23 22:13:28 executed programs: 339 2019/11/23 22:13:33 executed programs: 376 2019/11/23 22:13:38 executed programs: 412 2019/11/23 22:13:43 executed programs: 449 2019/11/23 22:13:48 executed programs: 486 2019/11/23 22:13:53 executed programs: 523 2019/11/23 22:13:58 executed programs: 561 2019/11/23 22:14:03 executed programs: 598 2019/11/23 22:14:08 executed programs: 634 2019/11/23 22:14:13 executed programs: 670 2019/11/23 22:14:18 executed programs: 707 2019/11/23 22:14:23 executed programs: 744 2019/11/23 22:14:29 executed programs: 781 2019/11/23 22:14:34 executed programs: 818 2019/11/23 22:14:39 executed programs: 855 2019/11/23 22:14:44 executed programs: 892 2019/11/23 22:14:49 executed programs: 929 2019/11/23 22:14:54 executed programs: 966 2019/11/23 22:15:00 executed programs: 1003 2019/11/23 22:15:05 executed programs: 1040 2019/11/23 22:15:10 executed programs: 1077 2019/11/23 22:15:15 executed programs: 1114 2019/11/23 22:15:20 executed programs: 1150 [ 206.085294] ================================================================== [ 206.092727] BUG: KASAN: use-after-free in work_is_static_object+0x31/0x40 [ 206.100764] Read of size 8 at addr ffff8801c96dd8e0 by task kworker/0:0/3 [ 206.100766] [ 206.100772] CPU: 0 PID: 3 Comm: kworker/0:0 Not tainted 4.15.0-rc1-syzkaller #0 [ 206.100775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.100787] Workqueue: events p9_poll_workfn [ 206.100791] Call Trace: [ 206.100801] dump_stack+0x145/0x1e7 [ 206.100806] ? arch_local_irq_restore+0x43/0x43 [ 206.100811] ? printk+0x91/0xab [ 206.100815] ? log_store.cold.32+0x22/0x22 [ 206.100824] print_address_description+0x6c/0x20b [ 206.100829] ? work_is_static_object+0x31/0x40 [ 206.100833] kasan_report.cold.7+0x11a/0x2d3 [ 206.100839] __asan_report_load8_noabort+0x14/0x20 [ 206.100843] work_is_static_object+0x31/0x40 [ 206.100851] debug_object_activate+0x2bd/0x5c0 [ 206.100858] ? debug_object_assert_init+0x4b0/0x4b0 [ 206.100868] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 206.100875] __queue_work+0x18b/0x11d0 [ 206.100880] ? __wake_up+0xe/0x10 [ 206.100886] ? p9_client_cb+0x57/0x80 [ 206.100890] ? p9_conn_cancel+0x77d/0xc70 [ 206.100896] ? flush_work+0x8d0/0x8d0 [ 206.100901] ? p9_fd_cancelled+0x2f0/0x2f0 [ 206.100906] ? lock_acquire+0x1dc/0x520 [ 206.100909] ? inotify_poll+0x7a/0xc0 [ 206.100916] ? lock_release+0xd60/0xd60 [ 206.100920] ? p9_poll_workfn+0xb0/0x740 [ 206.100925] ? do_raw_spin_unlock+0x1ec/0x2d0 [ 206.100928] ? do_raw_spin_trylock+0x190/0x190 [ 206.100933] ? lock_release+0xd60/0xd60 [ 206.100941] ? _raw_spin_unlock+0x22/0x30 [ 206.100948] queue_work_on+0x146/0x180 [ 206.100953] p9_poll_workfn+0x493/0x740 [ 206.100957] ? find_held_lock+0x3a/0x1d0 [ 206.100964] ? p9_read_work+0x1100/0x1100 [ 206.100971] ? lock_acquire+0x1dc/0x520 [ 206.100975] ? process_one_work+0x90c/0x1a40 [ 206.100980] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 206.100988] ? __lock_is_held+0xbb/0x140 [ 206.100999] process_one_work+0x9c9/0x1a40 [ 206.101003] ? _raw_spin_unlock_irq+0x27/0x70 [ 206.101008] ? finish_task_switch+0x1d4/0x6f0 [ 206.101017] ? pwq_dec_nr_in_flight+0x510/0x510 [ 206.101029] ? find_held_lock+0x3a/0x1d0 [ 206.101037] ? pci_mmcfg_check_reserved+0x120/0x120 [ 206.101042] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 206.101049] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 206.101060] ? find_held_lock+0x3a/0x1d0 [ 206.101070] ? lock_acquire+0x1dc/0x520 [ 206.101074] ? worker_thread+0x457/0x1a30 [ 206.101081] ? lock_release+0xd60/0xd60 [ 206.101086] ? do_raw_spin_unlock+0x1ec/0x2d0 [ 206.101090] ? do_raw_spin_trylock+0x190/0x190 [ 206.101101] worker_thread+0x215/0x1a30 [ 206.101116] ? process_one_work+0x1a40/0x1a40 [ 206.101119] ? do_raw_spin_trylock+0x190/0x190 [ 206.101124] ? lock_downgrade+0x8e0/0x8e0 [ 206.101127] ? _raw_spin_unlock_irq+0x27/0x70 [ 206.101133] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 206.101137] ? trace_hardirqs_on+0xd/0x10 [ 206.101141] ? _raw_spin_unlock_irq+0x27/0x70 [ 206.101145] ? finish_task_switch+0x1d4/0x6f0 [ 206.101149] ? finish_task_switch+0x1a2/0x6f0 [ 206.101155] ? preempt_notifier_register+0x1e0/0x1e0 [ 206.101165] ? __schedule+0x83f/0x1f70 [ 206.101168] ? copy_trace+0x140/0x140 [ 206.101184] ? find_held_lock+0x3a/0x1d0 [ 206.101194] ? lock_downgrade+0x8e0/0x8e0 [ 206.101199] ? check_prev_add+0x15d0/0x15d0 [ 206.101207] ? __schedule+0x1f70/0x1f70 [ 206.101210] ? wait_woken+0x280/0x280 [ 206.101214] ? do_raw_spin_unlock+0x1ec/0x2d0 [ 206.101218] ? do_raw_spin_trylock+0x190/0x190 [ 206.101223] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 206.101228] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 206.101233] ? trace_hardirqs_on+0xd/0x10 [ 206.101239] kthread+0x355/0x410 [ 206.101243] ? process_one_work+0x1a40/0x1a40 [ 206.101246] ? kthread_stop+0x6e0/0x6e0 [ 206.101252] ret_from_fork+0x24/0x30 [ 206.101263] [ 206.101266] Allocated by task 10435: [ 206.101271] save_stack+0x43/0xd0 [ 206.101275] kasan_kmalloc+0xc4/0xe0 [ 206.101278] kmem_cache_alloc_trace+0x152/0x780 [ 206.101281] p9_fd_create+0x165/0x380 [ 206.101284] p9_client_create+0x78e/0x1343 [ 206.101288] v9fs_session_init+0x1ee/0x1820 [ 206.101292] v9fs_mount+0x73/0x7a0 [ 206.101296] mount_fs+0x7f/0x2a9 [ 206.101299] vfs_kern_mount.part.34+0xbf/0x5c0 [ 206.101302] do_mount+0x38b/0x2f30 [ 206.101305] SyS_mount+0xb8/0xd0 [ 206.101309] entry_SYSCALL_64_fastpath+0x23/0x9a [ 206.101310] [ 206.101312] Freed by task 10435: [ 206.101316] save_stack+0x43/0xd0 [ 206.101319] kasan_slab_free+0x71/0xc0 [ 206.101322] kfree+0xd6/0x250 [ 206.101325] p9_fd_close+0x3ac/0x5b0 [ 206.101328] p9_client_create+0x8e2/0x1343 [ 206.101331] v9fs_session_init+0x1ee/0x1820 [ 206.101334] v9fs_mount+0x73/0x7a0 [ 206.101337] mount_fs+0x7f/0x2a9 [ 206.101340] vfs_kern_mount.part.34+0xbf/0x5c0 [ 206.101343] do_mount+0x38b/0x2f30 [ 206.101345] SyS_mount+0xb8/0xd0 [ 206.101349] entry_SYSCALL_64_fastpath+0x23/0x9a [ 206.101350] [ 206.101353] The buggy address belongs to the object at ffff8801c96dd7c0 [ 206.101353] which belongs to the cache kmalloc-512 of size 512 [ 206.101357] The buggy address is located 288 bytes inside of [ 206.101357] 512-byte region [ffff8801c96dd7c0, ffff8801c96dd9c0) [ 206.101358] The buggy address belongs to the page: [ 206.101362] page:ffffea000725b740 count:1 mapcount:0 mapping:ffff8801c96dd040 index:0x0 [ 206.101367] flags: 0x2fffc0000000100(slab) [ 206.101372] raw: 02fffc0000000100 ffff8801c96dd040 0000000000000000 0000000100000006 [ 206.101376] raw: ffffea000705ffe0 ffffea000731d960 ffff8801da800940 0000000000000000 [ 206.101378] page dumped because: kasan: bad access detected [ 206.101380] [ 206.101381] Memory state around the buggy address: [ 206.101385] ffff8801c96dd780: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 206.101387] ffff8801c96dd800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 206.101390] >ffff8801c96dd880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 206.101392] ^ [ 206.101395] ffff8801c96dd900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 206.101397] ffff8801c96dd980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 206.101399] ================================================================== [ 206.101401] Disabling lock debugging due to kernel taint [ 206.101404] Kernel panic - not syncing: panic_on_warn set ... [ 206.101404] [ 206.101407] CPU: 0 PID: 3 Comm: kworker/0:0 Tainted: G B 4.15.0-rc1-syzkaller #0 [ 206.101409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.101412] Workqueue: events p9_poll_workfn [ 206.101414] Call Trace: [ 206.101418] dump_stack+0x145/0x1e7 [ 206.101422] ? arch_local_irq_restore+0x43/0x43 [ 206.101427] ? work_is_static_object+0x31/0x40 [ 206.101430] ? work_is_static_object+0x31/0x40 [ 206.101434] panic+0x1a9/0x34e [ 206.101438] ? add_taint.cold.5+0x11/0x11 [ 206.101441] ? do_raw_spin_trylock+0x190/0x190 [ 206.101445] ? print_shadow_for_address+0xab/0xf3 [ 206.101449] ? work_is_static_object+0x31/0x40 [ 206.101452] kasan_end_report+0x47/0x4f [ 206.101455] kasan_report.cold.7+0x76/0x2d3 [ 206.101459] __asan_report_load8_noabort+0x14/0x20 [ 206.101462] work_is_static_object+0x31/0x40 [ 206.101466] debug_object_activate+0x2bd/0x5c0 [ 206.101470] ? debug_object_assert_init+0x4b0/0x4b0 [ 206.101476] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 206.101480] __queue_work+0x18b/0x11d0 [ 206.101483] ? __wake_up+0xe/0x10 [ 206.101486] ? p9_client_cb+0x57/0x80 [ 206.101489] ? p9_conn_cancel+0x77d/0xc70 [ 206.101493] ? flush_work+0x8d0/0x8d0 [ 206.101496] ? p9_fd_cancelled+0x2f0/0x2f0 [ 206.101499] ? lock_acquire+0x1dc/0x520 [ 206.101502] ? inotify_poll+0x7a/0xc0 [ 206.101507] ? lock_release+0xd60/0xd60 [ 206.101509] ? p9_poll_workfn+0xb0/0x740 [ 206.101512] ? do_raw_spin_unlock+0x1ec/0x2d0 [ 206.101515] ? do_raw_spin_trylock+0x190/0x190 [ 206.101518] ? lock_release+0xd60/0xd60 [ 206.101524] ? _raw_spin_unlock+0x22/0x30 [ 206.101528] queue_work_on+0x146/0x180 [ 206.101532] p9_poll_workfn+0x493/0x740 [ 206.101535] ? find_held_lock+0x3a/0x1d0 [ 206.101539] ? p9_read_work+0x1100/0x1100 [ 206.101544] ? lock_acquire+0x1dc/0x520 [ 206.101547] ? process_one_work+0x90c/0x1a40 [ 206.101551] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 206.101556] ? __lock_is_held+0xbb/0x140 [ 206.101563] process_one_work+0x9c9/0x1a40 [ 206.101566] ? _raw_spin_unlock_irq+0x27/0x70 [ 206.101569] ? finish_task_switch+0x1d4/0x6f0 [ 206.101575] ? pwq_dec_nr_in_flight+0x510/0x510 [ 206.101580] ? find_held_lock+0x3a/0x1d0 [ 206.101585] ? pci_mmcfg_check_reserved+0x120/0x120 [ 206.101589] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 206.101592] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 206.101598] ? find_held_lock+0x3a/0x1d0 [ 206.101605] ? lock_acquire+0x1dc/0x520 [ 206.101608] ? worker_thread+0x457/0x1a30 [ 206.101613] ? lock_release+0xd60/0xd60 [ 206.101616] ? do_raw_spin_unlock+0x1ec/0x2d0 [ 206.101619] ? do_raw_spin_trylock+0x190/0x190 [ 206.101626] worker_thread+0x215/0x1a30 [ 206.101634] ? process_one_work+0x1a40/0x1a40 [ 206.101637] ? do_raw_spin_trylock+0x190/0x190 [ 206.101640] ? lock_downgrade+0x8e0/0x8e0 [ 206.101643] ? _raw_spin_unlock_irq+0x27/0x70 [ 206.101647] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 206.101650] ? trace_hardirqs_on+0xd/0x10 [ 206.101654] ? _raw_spin_unlock_irq+0x27/0x70 [ 206.101657] ? finish_task_switch+0x1d4/0x6f0 [ 206.101660] ? finish_task_switch+0x1a2/0x6f0 [ 206.101665] ? preempt_notifier_register+0x1e0/0x1e0 [ 206.101671] ? __schedule+0x83f/0x1f70 [ 206.101673] ? copy_trace+0x140/0x140 [ 206.101683] ? find_held_lock+0x3a/0x1d0 [ 206.101689] ? lock_downgrade+0x8e0/0x8e0 [ 206.101692] ? check_prev_add+0x15d0/0x15d0 [ 206.101698] ? __schedule+0x1f70/0x1f70 [ 206.101700] ? wait_woken+0x280/0x280 [ 206.101703] ? do_raw_spin_unlock+0x1ec/0x2d0 [ 206.101706] ? do_raw_spin_trylock+0x190/0x190 [ 206.101710] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 206.101714] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 206.101717] ? trace_hardirqs_on+0xd/0x10 [ 206.101722] kthread+0x355/0x410 [ 206.101725] ? process_one_work+0x1a40/0x1a40 [ 206.101727] ? kthread_stop+0x6e0/0x6e0 [ 206.101736] ret_from_fork+0x24/0x30 [ 206.108478] Kernel Offset: disabled [ 207.082904] Rebooting in 86400 seconds..