Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.213' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 33.703236] kasan: CONFIG_KASAN_INLINE enabled [ 33.707904] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 33.715563] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 33.721806] CPU: 1 PID: 8123 Comm: syz-executor166 Not tainted 4.19.211-syzkaller #0 [ 33.729681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 33.739029] RIP: 0010:__list_del_entry_valid+0x81/0xf0 [ 33.744286] Code: 0f 84 30 52 85 04 48 b8 00 02 00 00 00 00 ad de 49 39 c4 0f 84 31 52 85 04 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 51 49 8b 14 24 48 39 ea 0f 85 e8 51 85 04 49 8d 7d [ 33.763163] RSP: 0018:ffff8880b136f4e8 EFLAGS: 00010246 [ 33.768503] RAX: dffffc0000000000 RBX: ffff8880b261fb40 RCX: ffffffff814bdebb [ 33.775749] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880b261fe68 [ 33.782996] RBP: ffff8880b261fe60 R08: 0000000000000001 R09: fffffbfff15cead8 [ 33.790245] R10: ffffffff8ae756c3 R11: 0000000000000000 R12: 0000000000000000 [ 33.797494] R13: 0000000000000000 R14: ffff8880b261fdc0 R15: ffff8880b261fe68 [ 33.804740] FS: 0000555557435300(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 33.812941] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 33.818800] CR2: 0000000020000080 CR3: 00000000997b0000 CR4: 00000000003406e0 [ 33.826048] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 33.833297] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 33.840543] Call Trace: [ 33.843116] cbs_destroy+0x81/0x280 [ 33.846729] ? cbs_init+0x244/0x420 [ 33.850337] ? cbs_dequeue_soft+0x810/0x810 [ 33.854639] qdisc_create+0xb70/0x1130 [ 33.858506] ? qdisc_tree_reduce_backlog+0x5d0/0x5d0 [ 33.863588] ? nla_parse+0x1b2/0x290 [ 33.867284] tc_modify_qdisc+0x50d/0x1a80 [ 33.871446] ? apparmor_capable+0x147/0x750 [ 33.875771] ? tc_get_qdisc+0xb60/0xb60 [ 33.879726] ? rtnetlink_rcv_msg+0x3fe/0xb80 [ 33.884122] ? tc_get_qdisc+0xb60/0xb60 [ 33.888081] rtnetlink_rcv_msg+0x453/0xb80 [ 33.892303] ? rtnl_calcit.isra.0+0x430/0x430 [ 33.896777] ? __netlink_lookup+0x3fc/0x730 [ 33.901082] ? lock_downgrade+0x720/0x720 [ 33.905212] ? check_preemption_disabled+0x41/0x280 [ 33.910206] netlink_rcv_skb+0x160/0x440 [ 33.914270] ? rtnl_calcit.isra.0+0x430/0x430 [ 33.918750] ? netlink_ack+0xae0/0xae0 [ 33.922623] netlink_unicast+0x4d5/0x690 [ 33.926664] ? netlink_sendskb+0x110/0x110 [ 33.930875] ? _copy_from_iter_full+0x229/0x7c0 [ 33.935524] ? __phys_addr_symbol+0x2c/0x70 [ 33.939826] ? __check_object_size+0x17b/0x3e0 [ 33.944388] netlink_sendmsg+0x6c3/0xc50 [ 33.948429] ? aa_af_perm+0x230/0x230 [ 33.952210] ? nlmsg_notify+0x1f0/0x1f0 [ 33.956159] ? kernel_recvmsg+0x220/0x220 [ 33.960289] ? nlmsg_notify+0x1f0/0x1f0 [ 33.964244] sock_sendmsg+0xc3/0x120 [ 33.967937] ___sys_sendmsg+0x7bb/0x8e0 [ 33.971888] ? copy_msghdr_from_user+0x440/0x440 [ 33.976627] ? __lockdep_init_map+0x100/0x5a0 [ 33.981105] ? sock_ioctl+0x30e/0x5d0 [ 33.984885] ? dlci_ioctl_set+0x30/0x30 [ 33.988841] ? alloc_empty_file+0xd7/0x170 [ 33.993053] ? errseq_sample+0x56/0x70 [ 33.996918] ? alloc_file+0x326/0x4d0 [ 34.000698] ? dlci_ioctl_set+0x30/0x30 [ 34.004650] ? do_vfs_ioctl+0x110/0x12e0 [ 34.008695] ? lock_downgrade+0x720/0x720 [ 34.012821] ? ioctl_preallocate+0x200/0x200 [ 34.017225] ? check_preemption_disabled+0x41/0x280 [ 34.022223] ? __fdget+0x1a0/0x230 [ 34.025751] __x64_sys_sendmsg+0x132/0x220 [ 34.029990] ? __sys_sendmsg+0x1b0/0x1b0 [ 34.034041] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 34.039392] ? trace_hardirqs_off_caller+0x6e/0x210 [ 34.044392] ? do_syscall_64+0x21/0x620 [ 34.048346] do_syscall_64+0xf9/0x620 [ 34.052132] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.057298] RIP: 0033:0x7ff39bae7209 [ 34.060990] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 34.079870] RSP: 002b:00007fff9dabd858 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 34.087555] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff39bae7209 [ 34.094805] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 34.102051] RBP: 00007ff39baab1f0 R08: 00000000ffffffff R09: 0000000000000000 [ 34.109300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ff39baab280 [ 34.116546] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 34.123802] Modules linked in: [ 34.127077] ---[ end trace c6497066a36c39ef ]--- [ 34.131979] RIP: 0010:__list_del_entry_valid+0x81/0xf0 [ 34.137260] Code: 0f 84 30 52 85 04 48 b8 00 02 00 00 00 00 ad de 49 39 c4 0f 84 31 52 85 04 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 51 49 8b 14 24 48 39 ea 0f 85 e8 51 85 04 49 8d 7d [ 34.156201] RSP: 0018:ffff8880b136f4e8 EFLAGS: 00010246 [ 34.161608] RAX: dffffc0000000000 RBX: ffff8880b261fb40 RCX: ffffffff814bdebb [ 34.168871] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880b261fe68 [ 34.176161] RBP: ffff8880b261fe60 R08: 0000000000000001 R09: fffffbfff15cead8 [ 34.183466] R10: ffffffff8ae756c3 R11: 0000000000000000 R12: 0000000000000000 [ 34.190761] R13: 0000000000000000 R14: ffff8880b261fdc0 R15: ffff8880b261fe68 [ 34.198027] FS: 0000555557435300(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 34.206355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.212266] CR2: 0000000020000080 CR3: 00000000997b0000 CR4: 00000000003406e0 [ 34.219527] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.226814] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.234121] Kernel panic - not syncing: Fatal exception [ 34.239656] Kernel Offset: disabled [ 34.243266] Rebooting in 86400 seconds..