[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 16.324889] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 55.569041] random: sshd: uninitialized urandom read (32 bytes read) [ 55.850842] random: sshd: uninitialized urandom read (32 bytes read) [ 56.201689] random: sshd: uninitialized urandom read (32 bytes read) [ 74.176316] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.53' (ECDSA) to the list of known hosts. [ 79.655801] random: sshd: uninitialized urandom read (32 bytes read) [ 79.737922] IPVS: ftp: loaded support on port[0] = 21 [ 79.831851] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.838219] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.845105] device bridge_slave_0 entered promiscuous mode [ 79.858038] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.864377] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.871205] device bridge_slave_1 entered promiscuous mode [ 79.883584] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 79.896880] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 79.929421] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 79.944225] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 79.990589] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 79.997633] team0: Port device team_slave_0 added [ 80.010236] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 80.017265] team0: Port device team_slave_1 added [ 80.029463] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.043214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.056836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 80.071680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported [ 80.156346] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.162718] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.169307] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.175647] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 80.472529] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 80.478627] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.511445] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 80.544321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.551360] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 80.580469] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 80.586565] 8021q: adding VLAN 0 to HW filter on device team0 executing program executing program executing program executing program [ 80.791237] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 81.821278] dst_release: dst:(____ptrval____) refcnt:-1 [ 81.830050] ================================================================== [ 81.830452] kasan: CONFIG_KASAN_INLINE enabled [ 81.837445] BUG: KASAN: use-after-free in dst_release+0x2a/0xb0 [ 81.837455] Write of size 4 at addr ffff8801adc77a40 by task swapper/1/0 [ 81.837465] [ 81.842056] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 81.848094] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.18.0-rc7+ #167 [ 81.848106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.848109] Call Trace: [ 81.848115] [ 81.848133] dump_stack+0x1c9/0x2b4 [ 81.848152] ? dump_stack_print_info.cold.2+0x52/0x52 [ 81.855011] general protection fault: 0000 [#1] SMP KASAN [ 81.856605] ? printk+0xa7/0xcf [ 81.863999] CPU: 0 PID: 4672 Comm: syz-executor444 Not tainted 4.18.0-rc7+ #167 [ 81.870653] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 81.879982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.880004] RIP: 0010:sk_setup_caps+0xc2/0x680 [ 81.882565] ? dst_release+0x2a/0xb0 [ 81.884684] Code: 48 [ 81.888312] print_address_description+0x6c/0x20b [ 81.893472] c1 [ 81.899002] ? dst_release+0x2a/0xb0 [ 81.902260] ea [ 81.909702] kasan_report.cold.7+0x242/0x2fe [ 81.914429] 03 [ 81.923780] check_memory_region+0x13e/0x1b0 [ 81.928328] 80 [ 81.932034] kasan_check_write+0x14/0x20 [ 81.934417] 3c [ 81.939250] dst_release+0x2a/0xb0 [ 81.941111] 02 [ 81.944816] inet_sock_destruct+0x6ae/0x9c0 [ 81.946690] 00 [ 81.951091] ? ipv4_mib_init_net+0x580/0x580 [ 81.952949] 0f [ 81.957352] ? __save_stack_trace+0x7d/0xf0 [ 81.959211] 85 [ 81.963263] ? secondary_startup_64+0xa5/0xb0 [ 81.965124] 6e [ 81.968669] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 81.970522] 05 00 [ 81.974844] ? udp_rmem_release+0x323/0x490 [ 81.976706] 00 [ 81.981118] udp_destruct_sock+0x350/0x4a0 [ 81.982972] 48 [ 81.987285] ? dst_destroy+0x267/0x3c0 [ 81.989148] b8 [ 81.993629] ? dst_destroy_rcu+0x16/0x20 [ 81.995490] 00 00 [ 82.001037] ? rcu_process_callbacks+0xed5/0x1850 [ 82.003158] 00 [ 82.007472] ? udp_skb_dtor_locked+0x70/0x70 [ 82.009327] 00 [ 82.013553] l2tp_tunnel_destruct+0x174/0x290 [ 82.015413] 00 [ 82.019288] ? l2tp_build_l2tpv3_header+0x360/0x360 [ 82.021147] fc [ 82.025196] __sk_destruct+0x107/0xa60 [ 82.027315] ff [ 82.032146] ? sock_warn_obsolete_bsdism+0xb0/0xb0 [ 82.033999] df 4d [ 82.038409] ? lock_downgrade+0x8f0/0x8f0 [ 82.040266] 8b [ 82.044768] ? kasan_check_read+0x11/0x20 [ 82.046627] 26 [ 82.051636] ? do_raw_spin_unlock+0xa7/0x2f0 [ 82.053495] 49 [ 82.057375] ? lock_acquire+0x1e4/0x540 [ 82.059235] 8d [ 82.064153] ? rcu_process_callbacks+0xfc6/0x1850 [ 82.066274] bc [ 82.070415] ? trace_hardirqs_on+0xd/0x10 [ 82.072273] 24 [ 82.076424] ? lock_release+0xa30/0xa30 [ 82.078280] d0 [ 82.083291] ? debug_stats_show+0x100/0x100 [ 82.085150] 00 [ 82.089138] ? trace_hardirqs_on+0xd/0x10 [ 82.089157] ? kmem_cache_free+0x22e/0x2d0 [ 82.091019] 00 00 [ 82.095874] ? dst_destroy+0x283/0x3c0 [ 82.097741] 48 [ 82.101888] ? sock_warn_obsolete_bsdism+0xb0/0xb0 [ 82.103750] 89 [ 82.107726] rcu_process_callbacks+0xed5/0x1850 [ 82.109586] fa [ 82.113905] ? call_rcu_sched+0x20/0x20 [ 82.115769] 48 [ 82.119916] ? timerqueue_add+0x204/0x2b0 [ 82.124123] c1 [ 82.126275] ? enqueue_hrtimer+0x18e/0x540 [ 82.130129] ea 03 [ 82.132034] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 82.136937] <80> [ 82.138830] ? kasan_check_write+0x14/0x20 [ 82.143468] 3c [ 82.145364] ? do_raw_spin_lock+0xc1/0x200 [ 82.149303] 02 00 [ 82.151205] ? clockevents_program_event+0x158/0x370 [ 82.155320] 0f [ 82.157209] ? lock_downgrade+0x8f0/0x8f0 [ 82.161412] 85 [ 82.163562] ? pvclock_read_flags+0x160/0x160 [ 82.168719] 34 [ 82.170784] ? hrtimer_start_range_ns+0xd20/0xd20 [ 82.174981] 05 00 [ 82.176878] __do_softirq+0x2e8/0xb17 [ 82.181077] 00 [ 82.183223] ? __irqentry_text_end+0x1f97a8/0x1f97a8 [ 82.188297] 48 [ 82.190188] ? kasan_check_read+0x11/0x20 [ 82.194296] 8d bb [ 82.196201] ? do_raw_spin_unlock+0xa7/0x2f0 [ 82.200684] 30 [ 82.202576] ? native_apic_msr_write+0x5b/0x80 [ 82.207393] 03 [ 82.209550] ? lapic_next_event+0x5a/0x90 [ 82.213314] 00 00 [ 82.215211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.220272] 4d 8b [ 82.222168] ? clockevents_program_event+0x140/0x370 [ 82.226276] a4 24 [ 82.228438] ? tick_program_event+0xb2/0x130 [ 82.232815] d0 [ 82.234707] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.241151] ? hrtimer_interrupt+0x57e/0x750 [ 82.245266] RSP: 0018:ffff8801c8e977f8 EFLAGS: 00010202 [ 82.247422] irq_exit+0x1d4/0x210 [ 82.252938] RAX: dffffc0000000000 RBX: ffff8801c88df780 RCX: ffffffff8506b17c [ 82.255081] smp_apic_timer_interrupt+0x186/0x730 [ 82.260159] RDX: 000000000000001a RSI: 0000000000000008 RDI: 00000000000000d0 [ 82.262303] ? smp_call_function_single_interrupt+0x660/0x660 [ 82.266686] RBP: ffff8801c8e97828 R08: 1ffff100391d2ee8 R09: 0000000000000000 [ 82.268569] ? _raw_spin_unlock+0x22/0x30 [ 82.274083] R10: fffff5200022c3ca R11: ffffc90001161e53 R12: 0000000000000000 [ 82.278494] ? handle_edge_irq+0x330/0x870 [ 82.283836] R13: ffff8801adc77a00 R14: ffff8801adc77a00 R15: 0000000000000000 [ 82.287282] ? task_prio+0x50/0x50 [ 82.294538] FS: 00007ff4b3163700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000 [ 82.299378] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 82.306623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.312493] apic_timer_interrupt+0xf/0x20 [ 82.319741] CR2: 0000000020000080 CR3: 00000001c70e8000 CR4: 00000000001406f0 [ 82.323869] [ 82.331127] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.335355] RIP: 0010:native_safe_halt+0x6/0x10 [ 82.342604] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.346119] Code: [ 82.354330] Call Trace: [ 82.359154] c7 [ 82.365036] ip6_sk_dst_store_flow+0x566/0xa70 [ 82.369233] 48 89 [ 82.376518] ? ip6_blackhole_route+0x750/0x750 [ 82.378732] 45 [ 82.386001] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 82.390632] d8 e8 [ 82.397911] ? xfrm_lookup_route+0x74/0x200 [ 82.400029] 7a [ 82.402617] ? ip6_dst_lookup_flow+0x1ce/0x270 [ 82.404469] 5f [ 82.409064] ? udp_v6_rehash+0x12f/0x360 [ 82.411181] 0a [ 82.415756] ? udpv6_sendmsg+0x36b0/0x36b0 [ 82.417617] fb [ 82.423150] ip6_datagram_dst_update+0x7ad/0xf80 [ 82.425269] 48 [ 82.429585] ? ip6_datagram_send_ctl+0x14d0/0x14d0 [ 82.431442] 8b [ 82.436021] ? lock_release+0xa30/0xa30 [ 82.437872] 45 d8 [ 82.441933] ? release_sock+0x1ec/0x2c0 [ 82.443794] e9 [ 82.448025] ? lock_downgrade+0x8f0/0x8f0 [ 82.449875] d2 fe [ 82.454649] ? ip6_datagram_connect+0x21/0x50 [ 82.456507] ff [ 82.461428] __ip6_datagram_connect+0x5fe/0x1470 [ 82.463282] ff [ 82.467253] ? __ip6_datagram_connect+0x5fe/0x1470 [ 82.469369] 48 [ 82.473337] ? ip6_datagram_release_cb+0x640/0x640 [ 82.475192] 89 [ 82.479330] ? lock_sock_nested+0x9f/0x120 [ 82.481447] df [ 82.485942] ? trace_hardirqs_on+0xd/0x10 [ 82.487793] e8 69 [ 82.492553] ? __local_bh_enable_ip+0x161/0x230 [ 82.494403] 5f 0a [ 82.499341] ip6_datagram_connect+0x2f/0x50 [ 82.501198] fb [ 82.506119] ? ip6_datagram_connect+0x2f/0x50 [ 82.506145] inet_dgram_connect+0x154/0x2e0 [ 82.508011] eb [ 82.512238] __sys_connect+0x37d/0x4c0 [ 82.514099] 8a [ 82.518256] ? __ia32_sys_accept+0xb0/0xb0 [ 82.520374] 90 [ 82.525038] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.527158] 90 [ 82.531472] ? __do_page_fault+0x449/0xe50 [ 82.533332] 90 [ 82.537820] ? mm_fault_error+0x380/0x380 [ 82.542109] 90 90 [ 82.544002] ? move_addr_to_kernel+0x70/0x70 [ 82.547850] 90 90 [ 82.549750] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 82.553968] 55 [ 82.555853] __x64_sys_connect+0x73/0xb0 [ 82.561358] 48 [ 82.563240] do_syscall_64+0x1b9/0x820 [ 82.567454] 89 [ 82.569343] ? finish_task_switch+0x1d3/0x870 [ 82.573479] e5 [ 82.575629] ? syscall_return_slowpath+0x5e0/0x5e0 [ 82.580007] fb [ 82.582156] ? syscall_return_slowpath+0x31d/0x5e0 [ 82.586706] f4 [ 82.588588] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 82.592618] <5d> [ 82.594502] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.598357] c3 [ 82.600242] ? prepare_exit_to_usermode+0x291/0x3b0 [ 82.604705] 0f [ 82.606592] ? perf_trace_sys_enter+0xb10/0xb10 [ 82.611483] 1f 84 [ 82.613371] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 82.618269] 00 [ 82.620154] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.625127] 00 00 [ 82.627188] RIP: 0033:0x446a29 [ 82.632697] 00 [ 82.634569] Code: [ 82.639559] 00 55 [ 82.641439] e8 [ 82.646255] 48 89 [ 82.648389] ac b8 [ 82.653221] e5 [ 82.655091] 02 [ 82.660255] f4 5d [ 82.662391] 00 48 [ 82.665576] c3 [ 82.667447] 83 [ 82.669572] 90 90 [ 82.671714] c4 [ 82.673578] 90 90 [ 82.675721] 18 [ 82.677948] 90 [ 82.679819] c3 [ 82.683820] 0f [ 82.685955] RSP: 0018:ffff8801d9eefc38 EFLAGS: 00000282 [ 82.687818] 1f [ 82.689689] ORIG_RAX: ffffffffffffff13 [ 82.691819] 80 [ 82.693701] RAX: dffffc0000000000 RBX: 1ffff1003b3ddf8a RCX: ffffffff816685b2 [ 82.695824] 00 [ 82.697696] RDX: 1ffffffff0fe3618 RSI: 0000000000000004 RDI: ffffffff87f1b0c0 [ 82.699560] 00 [ 82.701435] RBP: ffff8801d9eefc38 R08: ffffed003b6246d7 R09: ffffed003b6246d6 [ 82.703300] 00 [ 82.708648] R10: ffffed003b6246d6 R11: ffff8801db1236b3 R12: 0000000000000001 [ 82.710513] 00 [ 82.714472] R13: ffff8801d9eefcf0 R14: ffffffff888a60a0 R15: 0000000000000000 [ 82.716338] 48 [ 82.723604] ? rcu_dynticks_eqs_enter+0x22/0x30 [ 82.725462] 89 [ 82.732727] ? trace_hardirqs_on+0xd/0x10 [ 82.734586] f8 [ 82.741849] default_idle+0xc7/0x450 [ 82.743709] 48 [ 82.750973] ? __sched_text_end+0x3/0x3 [ 82.752832] 89 [ 82.760102] ? rcu_idle_enter+0x30a/0x480 [ 82.761955] f7 [ 82.766617] ? rcu_eqs_special_set+0x1b0/0x1b0 [ 82.768489] 48 [ 82.772631] ? tsc_verify_tsc_adjust+0x109/0x380 [ 82.774509] 89 [ 82.778212] ? mark_tsc_async_resets+0x20/0x20 [ 82.780070] d6 [ 82.784035] ? sched_set_stop_task+0x290/0x290 [ 82.785893] 48 [ 82.790034] ? update_ts_time_stats+0xb3/0x1e0 [ 82.791894] 89 [ 82.796467] arch_cpu_idle+0x10/0x20 [ 82.798326] ca [ 82.803075] default_idle_call+0x6d/0x90 [ 82.804933] 4d [ 82.809508] do_idle+0x3aa/0x570 [ 82.811369] 89 [ 82.815950] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 82.817815] c2 [ 82.822389] ? arch_cpu_idle_exit+0x70/0x70 [ 82.824248] 4d [ 82.827956] ? trace_hardirqs_on+0xd/0x10 [ 82.829811] 89 [ 82.833877] ? complete+0x62/0x80 [ 82.835737] c8 [ 82.839092] cpu_startup_entry+0x10c/0x120 [ 82.840952] 4c [ 82.846048] ? cpu_in_idle+0x20/0x20 [ 82.847909] 8b [ 82.852227] start_secondary+0x433/0x5d0 [ 82.854084] 4c [ 82.858229] ? set_cpu_sibling_map+0x18b0/0x18b0 [ 82.860085] 24 [ 82.863538] secondary_startup_64+0xa5/0xb0 [ 82.865397] 08 [ 82.869614] [ 82.871475] 0f 05 [ 82.875179] Allocated by task 4564: [ 82.877048] <48> [ 82.881108] save_stack+0x43/0xd0 [ 82.882954] 3d 01 [ 82.887709] kasan_kmalloc+0xc4/0xe0 [ 82.889574] f0 [ 82.893882] kasan_slab_alloc+0x12/0x20 [ 82.895745] ff [ 82.897363] kmem_cache_alloc+0x12e/0x760 [ 82.899478] ff 0f [ 82.903105] dst_alloc+0xbb/0x1d0 [ 82.905137] 83 [ 82.908582] ip6_dst_alloc+0x35/0xa0 [ 82.910698] eb [ 82.914401] ip6_pol_route+0x83f/0x1250 [ 82.916264] 08 [ 82.920230] ip6_pol_route_output+0x54/0x70 [ 82.922089] fc [ 82.926253] fib6_rule_lookup+0x26e/0x700 [ 82.928380] ff [ 82.931823] ip6_route_output_flags+0x2c5/0x350 [ 82.933682] c3 [ 82.937414] ip6_dst_lookup_tail+0xe3f/0x1da0 [ 82.939303] 66 [ 82.943270] ip6_dst_lookup_flow+0xc8/0x270 [ 82.945129] 2e [ 82.949441] ip6_datagram_dst_update+0x75b/0xf80 [ 82.951298] 0f [ 82.955434] __ip6_datagram_connect+0x5fe/0x1470 [ 82.957292] 1f [ 82.961952] ip6_datagram_connect+0x2f/0x50 [ 82.961970] inet_dgram_connect+0x154/0x2e0 [ 82.963832] 84 [ 82.968318] __sys_connect+0x37d/0x4c0 [ 82.970173] 00 [ 82.974486] __x64_sys_connect+0x73/0xb0 [ 82.976345] 00 [ 82.981094] do_syscall_64+0x1b9/0x820 [ 82.982952] 00 [ 82.987700] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.989558] 00 [ 82.993859] [ 83.000037] Freed by task 0: [ 83.003926] RSP: 002b:00007ff4b3162db8 EFLAGS: 00000297 [ 83.005809] save_stack+0x43/0xd0 [ 83.009834] ORIG_RAX: 000000000000002a [ 83.011711] __kasan_slab_free+0x11a/0x170 [ 83.015572] RAX: ffffffffffffffda RBX: 00000000006dcc28 RCX: 0000000000446a29 [ 83.017458] kasan_slab_free+0xe/0x10 [ 83.022622] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 83.024498] kmem_cache_free+0x86/0x2d0 [ 83.026099] RBP: 00000000006dcc20 R08: 0000000000000000 R09: 0000000000000000 [ 83.029108] dst_destroy+0x267/0x3c0 [ 83.034436] R10: 0000000000000000 R11: 0000000000000297 R12: 00000000006dcc2c [ 83.034448] R13: 00007ffc9691d9bf R14: 00007ff4b31639c0 R15: 0000000000000000 [ 83.037888] dst_destroy_rcu+0x16/0x20 [ 83.041837] Modules linked in: [ 83.046061] rcu_process_callbacks+0xed5/0x1850 [ 83.057089] __do_softirq+0x2e8/0xb17 [ 83.064332] Dumping ftrace buffer: [ 83.068289] [ 83.075542] (ftrace buffer empty) [ 83.079243] The buggy address belongs to the object at ffff8801adc77a00 [ 83.079243] which belongs to the cache ip6_dst_cache of size 240 [ 83.086538] ---[ end trace e3368128835efb12 ]--- [ 83.093749] The buggy address is located 64 bytes inside of [ 83.093749] 240-byte region [ffff8801adc77a00, ffff8801adc77af0) [ 83.093753] The buggy address belongs to the page: [ 83.093770] page:ffffea0006b71dc0 count:1 mapcount:0 mapping:ffff8801cde87640 index:0x0 [ 83.097838] RIP: 0010:sk_setup_caps+0xc2/0x680 [ 83.100988] flags: 0x2fffc0000000100(slab) [ 83.101006] raw: 02fffc0000000100 ffffea00075b2848 ffffea000742b048 ffff8801cde87640 [ 83.105684] Code: [ 83.109463] raw: 0000000000000000 ffff8801adc77000 000000010000000c 0000000000000000 [ 83.109473] page dumped because: kasan: bad access detected [ 83.113018] 48 [ 83.114599] [ 83.114602] Memory state around the buggy address: [ 83.114613] ffff8801adc77900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 83.114626] ffff8801adc77980: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc [ 83.118326] c1 [ 83.131138] >ffff8801adc77a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 83.131143] ^ [ 83.131150] ffff8801adc77a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 83.131159] ffff8801adc77b00: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 83.131169] ================================================================== [ 83.135918] ea [ 83.147755] Kernel panic - not syncing: panic_on_warn set ... [ 83.147755] [ 83.153546] 03 [ 83.161155] Dumping ftrace buffer: [ 83.161161] (ftrace buffer empty) [ 83.161165] Kernel Offset: disabled [ 83.275179] Rebooting in 86400 seconds..