------------[ cut here ]------------
refcount_t: underflow; use-after-free.
WARNING: CPU: 1 PID: 10503 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x140 lib/refcount.c:28
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 10503 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x128/0x182 lib/dump_stack.c:118
 panic+0x22a/0x4e3 kernel/panic.c:221
 __warn.cold.10+0x25/0x26 kernel/panic.c:582
 report_bug+0x1ad/0x270 lib/bug.c:195
 fixup_bug arch/x86/kernel/traps.c:174 [inline]
 do_error_trap+0x123/0x210 arch/x86/kernel/traps.c:267
 do_invalid_op+0x31/0x40 arch/x86/kernel/traps.c:286
 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:refcount_warn_saturate+0x12b/0x140 lib/refcount.c:28
Code: 78 ff fd 0f 0b e9 53 ff ff ff 48 89 df e8 fd b1 5b fe e9 23 ff ff ff 48 c7 c7 e0 0d 8d 87 c6 05 5f ee 2c 06 01 e8 11 78 ff fd <0f> 0b e9 2c ff ff ff 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 41
RSP: 0018:ffffc90002737ce8 EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff8880a789387c RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff8b3d2360
RBP: 0000000000000003 R08: ffffed1015d26621 R09: ffffed1015d26621
R10: ffffed1015d26620 R11: ffff8880ae933107 R12: ffff8880a040e600
R13: 0000000000000000 R14: ffff8880a040e618 R15: ffff8880a040e610
 refcount_sub_and_test include/linux/refcount.h:261 [inline]
 refcount_dec_and_test include/linux/refcount.h:281 [inline]
 crypto_alg_put crypto/internal.h:93 [inline]
 crypto_mod_put crypto/api.c:45 [inline]
 crypto_destroy_tfm+0x226/0x2a0 crypto/api.c:564
 crypto_exit_ops crypto/api.c:306 [inline]
 crypto_destroy_tfm+0x9a/0x2a0 crypto/api.c:563
 crypto_free_aead include/crypto/aead.h:185 [inline]
 aead_release+0x27/0x40 crypto/algif_aead.c:506
 alg_do_release crypto/af_alg.c:114 [inline]
 alg_sock_destruct+0x75/0xc0 crypto/af_alg.c:358
 __sk_destruct+0x42/0x640 net/core/sock.c:1695
 sock_put include/net/sock.h:1729 [inline]
 af_alg_release+0x87/0xb0 crypto/af_alg.c:121
 __sock_release+0xbb/0x270 net/socket.c:592
 sock_close+0xf/0x20 net/socket.c:1270
 __fput+0x256/0x780 fs/file_table.c:280
 task_work_run+0x103/0x180 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_usermode_loop+0x23d/0x2d0 arch/x86/entry/common.c:164
 prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:278 [inline]
 do_syscall_64+0x4f8/0x5e0 arch/x86/entry/common.c:304
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4163e1
Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:00007ffc7fbcba70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004163e1
RDX: 0000001b2f420000 RSI: 0000000000000001 RDI: 0000000000000003
RBP: 0000000000000001 R08: 00ffffffffffffff R09: 00ffffffffffffff
R10: 00007ffc7fbcbb50 R11: 0000000000000293 R12: 000000000076c900
R13: 000000000076c900 R14: 0000000000010183 R15: 000000000076bf0c
Kernel Offset: disabled
Rebooting in 86400 seconds..