[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 86.961653][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 86.961665][ T27] audit: type=1800 audit(1580309583.591:29): pid=10180 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 86.988695][ T27] audit: type=1800 audit(1580309583.591:30): pid=10180 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.84' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 97.316361][T10333] general protection fault, probably for non-canonical address 0xdffffc00060e8d2f: 0000 [#1] PREEMPT SMP KASAN [ 97.328094][T10333] KASAN: probably user-memory-access in range [0x0000000030746978-0x000000003074697f] [ 97.337788][T10333] CPU: 1 PID: 10333 Comm: syz-executor039 Not tainted 5.5.0-syzkaller #0 [ 97.346390][T10333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.356493][T10333] RIP: 0010:nf_flow_table_offload_setup+0x4dc/0x6d0 [ 97.363173][T10333] Code: bc 24 50 ff ff ff 48 ba 00 00 00 00 00 fc ff df 4d 8b ae 00 02 00 00 4d 8b a4 24 58 ff ff ff 49 8d 7f 08 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 cd 01 00 00 4c 89 e2 49 89 47 08 48 b8 00 00 00 [ 97.382897][T10333] RSP: 0018:ffffc900020b7228 EFLAGS: 00010202 [ 97.389093][T10333] RAX: ffff8880a9376250 RBX: 1ffff92000416e49 RCX: 00000000060e8d2f [ 97.397245][T10333] RDX: dffffc0000000000 RSI: ffffffff867501ce RDI: 000000003074697b [ 97.405219][T10333] RBP: ffffc900020b7370 R08: ffff8880a21361c0 R09: fffff52000416e55 [ 97.413200][T10333] R10: fffff52000416e54 R11: ffffc900020b72a6 R12: 0000000000000000 [ 97.421379][T10333] R13: ffff8880a9376250 R14: ffff8880a9376050 R15: 0000000030746973 [ 97.429361][T10333] FS: 0000000001697880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 97.438279][T10333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.445113][T10333] CR2: 0000000020000104 CR3: 00000000a4a04000 CR4: 00000000001406e0 [ 97.453128][T10333] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 97.461101][T10333] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 97.469066][T10333] Call Trace: [ 97.472350][T10333] ? flow_offload_queue_work+0x130/0x130 [ 97.477982][T10333] ? nft_netdev_hook_alloc+0xfb/0x170 [ 97.483382][T10333] ? nf_tables_init_net+0x1e0/0x1e0 [ 97.488606][T10333] ? nla_memcpy+0xb0/0xb0 [ 97.492942][T10333] ? wait_for_completion+0x440/0x440 [ 97.498231][T10333] ? trace_hardirqs_on+0x67/0x240 [ 97.503331][T10333] ? nf_tables_parse_netdev_hooks+0x70/0x660 [ 97.509321][T10333] nf_tables_newflowtable+0x1352/0x1d90 [ 97.514865][T10333] ? nf_tables_newrule+0x2400/0x2400 [ 97.520765][T10333] ? __nla_parse+0x43/0x60 [ 97.525276][T10333] nfnetlink_rcv_batch+0x8c8/0x1790 [ 97.530518][T10333] ? nf_tables_newrule+0x2400/0x2400 [ 97.535810][T10333] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 97.542307][T10333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.548550][T10333] ? apparmor_capable+0x497/0x900 [ 97.553599][T10333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.559846][T10333] ? __nla_validate_parse+0x2d0/0x1ee0 [ 97.565294][T10333] ? cap_capable+0x205/0x270 [ 97.569875][T10333] ? nla_memcpy+0xb0/0xb0 [ 97.574214][T10333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.580457][T10333] ? ns_capable_common+0x93/0x100 [ 97.585909][T10333] ? __nla_parse+0x43/0x60 [ 97.590313][T10333] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 97.596033][T10333] nfnetlink_rcv+0x3e7/0x460 [ 97.600612][T10333] ? nfnetlink_rcv_batch+0x1790/0x1790 [ 97.606224][T10333] ? netlink_deliver_tap+0x248/0xbf0 [ 97.611558][T10333] ? __kasan_check_write+0x14/0x20 [ 97.616840][T10333] netlink_unicast+0x59e/0x7e0 [ 97.621869][T10333] ? netlink_attachskb+0x870/0x870 [ 97.627056][T10333] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 97.632776][T10333] ? __check_object_size+0x3d/0x437 [ 97.638080][T10333] netlink_sendmsg+0x91c/0xea0 [ 97.642867][T10333] ? netlink_unicast+0x7e0/0x7e0 [ 97.647819][T10333] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 97.653366][T10333] ? apparmor_socket_sendmsg+0x2a/0x30 [ 97.658823][T10333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.665082][T10333] ? security_socket_sendmsg+0x8d/0xc0 [ 97.670532][T10333] ? netlink_unicast+0x7e0/0x7e0 [ 97.675666][T10333] sock_sendmsg+0xd7/0x130 [ 97.680108][T10333] ____sys_sendmsg+0x753/0x880 [ 97.684869][T10333] ? kernel_sendmsg+0x50/0x50 [ 97.689585][T10333] ___sys_sendmsg+0x100/0x170 [ 97.694462][T10333] ? sendmsg_copy_msghdr+0x70/0x70 [ 97.699618][T10333] ? do_huge_pmd_anonymous_page+0xceb/0x1a50 [ 97.705725][T10333] ? prep_transhuge_page+0xa0/0xa0 [ 97.710902][T10333] ? do_page_fault+0x579/0x12e1 [ 97.715757][T10333] ? find_held_lock+0x35/0x130 [ 97.720531][T10333] ? do_page_fault+0x579/0x12e1 [ 97.725389][T10333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 97.731617][T10333] ? __fget_light+0x1a9/0x230 [ 97.736306][T10333] ? __fdget+0x1b/0x20 [ 97.740393][T10333] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 97.746642][T10333] __sys_sendmsg+0x105/0x1d0 [ 97.751277][T10333] ? __sys_sendmsg_sock+0xc0/0xc0 [ 97.756304][T10333] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 97.761764][T10333] ? do_syscall_64+0x26/0x790 [ 97.766442][T10333] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 97.772508][T10333] ? do_syscall_64+0x26/0x790 [ 97.777241][T10333] __x64_sys_sendmsg+0x78/0xb0 [ 97.782021][T10333] do_syscall_64+0xfa/0x790 [ 97.786614][T10333] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 97.792492][T10333] RIP: 0033:0x440689 [ 97.796378][T10333] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 97.816232][T10333] RSP: 002b:00007ffd54365398 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.824724][T10333] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440689 [ 97.832695][T10333] RDX: 0000000000000000 RSI: 0000000020003e00 RDI: 0000000000000003 [ 97.840709][T10333] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 97.849112][T10333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401f10 [ 97.857071][T10333] R13: 0000000000401fa0 R14: 0000000000000000 R15: 0000000000000000 [ 97.865138][T10333] Modules linked in: [ 97.870738][T10333] ---[ end trace 1af558b9d5a3ad7e ]--- [ 97.876488][T10333] RIP: 0010:nf_flow_table_offload_setup+0x4dc/0x6d0 [ 97.883259][T10333] Code: bc 24 50 ff ff ff 48 ba 00 00 00 00 00 fc ff df 4d 8b ae 00 02 00 00 4d 8b a4 24 58 ff ff ff 49 8d 7f 08 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 cd 01 00 00 4c 89 e2 49 89 47 08 48 b8 00 00 00 [ 97.903037][T10333] RSP: 0018:ffffc900020b7228 EFLAGS: 00010202 [ 97.909179][T10333] RAX: ffff8880a9376250 RBX: 1ffff92000416e49 RCX: 00000000060e8d2f [ 97.917248][T10333] RDX: dffffc0000000000 RSI: ffffffff867501ce RDI: 000000003074697b [ 97.925267][T10333] RBP: ffffc900020b7370 R08: ffff8880a21361c0 R09: fffff52000416e55 [ 97.933262][T10333] R10: fffff52000416e54 R11: ffffc900020b72a6 R12: 0000000000000000 [ 97.941467][T10333] R13: ffff8880a9376250 R14: ffff8880a9376050 R15: 0000000030746973 [ 97.949567][T10333] FS: 0000000001697880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 97.958613][T10333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.965258][T10333] CR2: 0000000020000104 CR3: 00000000a4a04000 CR4: 00000000001406e0 [ 97.973257][T10333] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 97.981237][T10333] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 97.989258][T10333] Kernel panic - not syncing: Fatal exception [ 97.996789][T10333] Kernel Offset: disabled [ 98.001126][T10333] Rebooting in 86400 seconds..