Starting mcstransd: [ 101.564843][ T28] audit: type=1400 audit(1579668349.643:37): avc: denied { watch } for pid=10402 comm="restorecond" path="/root/.ssh" dev="sda1" ino=16179 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:object_r:ssh_home_t:s0 tclass=dir permissive=1 [ 101.589417][ T28] audit: type=1400 audit(1579668349.663:38): avc: denied { watch } for pid=10402 comm="restorecond" path="/etc/selinux/restorecond.conf" dev="sda1" ino=2232 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 101.960738][ T28] audit: type=1800 audit(1579668350.043:39): pid=10314 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.253' (ECDSA) to the list of known hosts. syzkaller login: [ 111.247593][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 111.247610][ T28] audit: type=1400 audit(1579668359.323:42): avc: denied { map } for pid=10504 comm="syz-executor221" path="/root/syz-executor221094327" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 111.278423][T10512] IPVS: ftp: loaded support on port[0] = 21 [ 111.297060][T10513] IPVS: ftp: loaded support on port[0] = 21 [ 111.298270][T10515] IPVS: ftp: loaded support on port[0] = 21 [ 111.304123][T10511] IPVS: ftp: loaded support on port[0] = 21 [ 111.322627][T10514] IPVS: ftp: loaded support on port[0] = 21 [ 111.332027][T10516] IPVS: ftp: loaded support on port[0] = 21 executing program executing program [ 111.394817][ T28] audit: type=1400 audit(1579668359.473:43): avc: denied { create } for pid=10517 comm="syz-executor221" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 111.418579][T10520] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. [ 111.430917][T10518] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. executing program executing program [ 111.431346][ T28] audit: type=1400 audit(1579668359.493:44): avc: denied { write } for pid=10519 comm="syz-executor221" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 executing program [ 111.505832][T10527] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. [ 111.516730][T10528] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. executing program executing program executing program executing program executing program [ 111.552129][T10533] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. [ 111.557413][T10536] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. executing program executing program [ 111.620131][T10539] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. [ 111.620332][T10541] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. [ 111.639856][T10548] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. [ 111.645799][T10553] netlink: 20 bytes leftover after parsing attributes in process `syz-executor221'. [ 111.652524][T10539] list_del corruption, ffff888095d6c400->prev is LIST_POISON2 (dead000000000122) [ 111.691625][T10539] ------------[ cut here ]------------ [ 111.697125][T10539] kernel BUG at lib/list_debug.c:48! [ 111.706075][T10541] ================================================================== [ 111.706459][T10547] list_del corruption, ffff88809441c800->prev is LIST_POISON2 (dead000000000122) [ 111.714464][T10541] BUG: KASAN: use-after-free in __list_del_entry_valid+0xd2/0xf5 [ 111.714481][T10541] Read of size 8 at addr ffff8880a6f41408 by task syz-executor221/10541 [ 111.714485][T10541] [ 111.714502][T10541] CPU: 0 PID: 10541 Comm: syz-executor221 Not tainted 5.5.0-rc7-syzkaller #0 [ 111.714512][T10541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.714517][T10541] Call Trace: [ 111.714538][T10541] dump_stack+0x197/0x210 [ 111.714552][T10541] ? __list_del_entry_valid+0xd2/0xf5 [ 111.714571][T10541] print_address_description.constprop.0.cold+0xd4/0x30b [ 111.714584][T10541] ? __list_del_entry_valid+0xd2/0xf5 [ 111.714599][T10541] ? __list_del_entry_valid+0xd2/0xf5 [ 111.714614][T10541] __kasan_report.cold+0x1b/0x41 [ 111.714632][T10541] ? __list_del_entry_valid+0xd2/0xf5 [ 111.714649][T10541] kasan_report+0x12/0x20 [ 111.714663][T10541] __asan_report_load8_noabort+0x14/0x20 [ 111.714682][T10541] __list_del_entry_valid+0xd2/0xf5 [ 111.724555][T10539] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 111.735970][T10541] __nf_tables_abort+0x1e53/0x2a50 [ 111.744282][T10539] CPU: 1 PID: 10539 Comm: syz-executor221 Not tainted 5.5.0-rc7-syzkaller #0 [ 111.746601][T10541] ? nfnl_err_del+0x115/0x170 [ 111.755426][T10539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.765573][T10541] nf_tables_abort+0x17/0x30 [ 111.768855][T10539] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 111.773179][T10541] nfnetlink_rcv_batch+0xa5d/0x17a0 [ 111.778601][T10539] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 60 69 71 88 e8 e0 de be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 c0 69 71 88 e8 cc de be fd <0f> 0b 4c 89 f6 48 c7 c7 80 6a 71 88 e8 bb de be fd 0f 0b cc cc cc [ 111.785554][T10541] ? nf_tables_delobj+0x8f0/0x8f0 [ 111.790905][T10539] RSP: 0018:ffffc90002037478 EFLAGS: 00010282 [ 111.796282][T10541] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 111.801376][T10539] RAX: 000000000000004e RBX: ffff888095d6c400 RCX: 0000000000000000 [ 111.806753][T10541] ? selinux_sb_eat_lsm_opts+0x700/0x700 [ 111.811228][T10539] RDX: 0000000000000000 RSI: ffffffff815e5326 RDI: fffff52000406e81 [ 111.816861][T10541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.822053][T10539] RBP: ffffc90002037490 R08: 000000000000004e R09: ffffed1015d26621 [ 111.828129][T10541] ? __nla_validate_parse+0x2d0/0x1ee0 [ 111.833333][T10539] R10: ffffed1015d26620 R11: ffff8880ae933107 R12: dead000000000122 [ 111.842210][T10541] ? selinux_capable+0x36/0x40 [ 111.846870][T10539] R13: ffff88809441c400 R14: ffff888095d6c400 R15: ffff8880a9a95a00 [ 111.857297][T10541] ? nla_memcpy+0xb0/0xb0 [ 111.861878][T10539] FS: 00007f1a8ff2f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 111.868297][T10541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.873860][T10539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.893609][T10541] ? ns_capable_common+0x93/0x100 [ 111.898618][T10539] CR2: 00007fff35ee1b40 CR3: 0000000094070000 CR4: 00000000001406e0 [ 111.904686][T10541] ? __nla_parse+0x43/0x60 [ 111.910474][T10539] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 111.918450][T10541] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 111.924082][T10539] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 111.932074][T10541] nfnetlink_rcv+0x3e7/0x460 [ 111.938294][T10539] Call Trace: [ 111.946408][T10541] ? nfnetlink_rcv_batch+0x17a0/0x17a0 [ 111.951848][T10539] __nf_tables_abort+0x1e53/0x2a50 [ 111.960034][T10541] ? netlink_deliver_tap+0x24a/0xbe0 [ 111.964799][T10539] ? nfnl_err_del+0x115/0x170 [ 111.972778][T10541] ? __kasan_check_write+0x14/0x20 [ 111.977141][T10539] nf_tables_abort+0x17/0x30 [ 111.986085][T10541] netlink_unicast+0x58c/0x7d0 [ 111.992397][T10539] nfnetlink_rcv_batch+0xa5d/0x17a0 [ 111.998978][T10541] ? netlink_attachskb+0x870/0x870 [ 112.004031][T10539] ? nf_tables_delobj+0x8f0/0x8f0 [ 112.012095][T10541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.016513][T10539] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 112.024506][T10541] netlink_sendmsg+0x91c/0xea0 [ 112.030223][T10539] ? selinux_sb_eat_lsm_opts+0x700/0x700 [ 112.038311][T10541] ? netlink_unicast+0x7d0/0x7d0 [ 112.042903][T10539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.046336][T10541] ? tomoyo_socket_sendmsg+0x26/0x30 [ 112.051861][T10539] ? __nla_validate_parse+0x2d0/0x1ee0 [ 112.056966][T10541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.062244][T10539] ? selinux_capable+0x36/0x40 [ 112.067079][T10541] ? security_socket_sendmsg+0x8d/0xc0 [ 112.072729][T10539] ? nla_memcpy+0xb0/0xb0 [ 112.077302][T10541] ? netlink_unicast+0x7d0/0x7d0 [ 112.082062][T10539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.087546][T10541] sock_sendmsg+0xd7/0x130 [ 112.092921][T10539] ? ns_capable_common+0x93/0x100 [ 112.098271][T10541] ____sys_sendmsg+0x753/0x880 [ 112.104612][T10539] ? __nla_parse+0x43/0x60 [ 112.110706][T10541] ? kernel_sendmsg+0x50/0x50 [ 112.115660][T10539] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 112.121439][T10541] ? __fget+0x35d/0x550 [ 112.126725][T10539] nfnetlink_rcv+0x3e7/0x460 [ 112.133162][T10541] ? find_held_lock+0x35/0x130 [ 112.138540][T10539] ? nfnetlink_rcv_batch+0x17a0/0x17a0 [ 112.144216][T10541] ___sys_sendmsg+0x100/0x170 [ 112.150718][T10539] ? netlink_deliver_tap+0x24a/0xbe0 [ 112.155573][T10541] ? sendmsg_copy_msghdr+0x70/0x70 [ 112.161097][T10539] ? __kasan_check_write+0x14/0x20 [ 112.165635][T10541] ? __kasan_check_read+0x11/0x20 [ 112.170648][T10539] netlink_unicast+0x58c/0x7d0 [ 112.177088][T10541] ? __fget+0x37f/0x550 [ 112.181502][T10539] ? netlink_attachskb+0x870/0x870 [ 112.186518][T10541] ? ksys_dup3+0x3e0/0x3e0 [ 112.191279][T10539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.195688][T10541] ? __do_page_fault+0x56a/0xd80 [ 112.200388][T10539] netlink_sendmsg+0x91c/0xea0 [ 112.206090][T10541] ? __fget_light+0x1a9/0x230 [ 112.210244][T10539] ? netlink_unicast+0x7d0/0x7d0 [ 112.214859][T10541] ? __fdget+0x1b/0x20 [ 112.219707][T10539] ? tomoyo_socket_sendmsg+0x26/0x30 [ 112.225272][T10541] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 112.229956][T10539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.235261][T10541] __sys_sendmsg+0x105/0x1d0 [ 112.240565][T10539] ? security_socket_sendmsg+0x8d/0xc0 [ 112.246286][T10541] ? __sys_sendmsg_sock+0xc0/0xc0 [ 112.251660][T10539] ? netlink_unicast+0x7d0/0x7d0 [ 112.256542][T10541] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 112.260681][T10539] sock_sendmsg+0xd7/0x130 [ 112.265929][T10541] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 112.270475][T10539] ____sys_sendmsg+0x753/0x880 [ 112.276709][T10541] ? do_syscall_64+0x26/0x790 [ 112.281784][T10539] ? kernel_sendmsg+0x50/0x50 [ 112.286547][T10541] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 112.291318][T10539] ? __fget+0x35d/0x550 [ 112.296618][T10541] ? do_syscall_64+0x26/0x790 [ 112.300775][T10539] ? find_held_lock+0x35/0x130 [ 112.306256][T10541] __x64_sys_sendmsg+0x78/0xb0 [ 112.312564][T10539] ___sys_sendmsg+0x100/0x170 [ 112.319116][T10541] do_syscall_64+0xfa/0x790 [ 112.323696][T10539] ? sendmsg_copy_msghdr+0x70/0x70 [ 112.329279][T10541] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 112.334308][T10539] ? __kasan_check_read+0x11/0x20 [ 112.339470][T10541] RIP: 0033:0x446b79 [ 112.346187][T10539] ? __fget+0x37f/0x550 [ 112.350760][T10541] Code: e8 8c e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 112.356448][T10539] ? ksys_dup3+0x3e0/0x3e0 [ 112.361320][T10541] RSP: 002b:00007f1a8ff2eda8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.365992][T10539] ? __do_page_fault+0x56a/0xd80 [ 112.370770][T10541] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 0000000000446b79 [ 112.370775][T10541] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 112.370788][T10541] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 112.370794][T10541] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c [ 112.370799][T10541] R13: 00000000200002c0 R14: 00000000004aeb60 R15: 0000000000000000 [ 112.370810][T10541] [ 112.370818][T10541] Allocated by task 10541: [ 112.370832][T10541] save_stack+0x23/0x90 [ 112.370849][T10541] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 112.377026][T10539] ? __fget_light+0x1a9/0x230 [ 112.381264][T10541] kasan_kmalloc+0x9/0x10 [ 112.385949][T10539] ? __fdget+0x1b/0x20 [ 112.390712][T10541] kmem_cache_alloc_trace+0x158/0x790 [ 112.395481][T10539] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 112.400136][T10541] nf_tables_newtable+0xa4d/0x1510 [ 112.404752][T10539] __sys_sendmsg+0x105/0x1d0 [ 112.409982][T10541] nfnetlink_rcv_batch+0xf42/0x17a0 [ 112.415871][T10539] ? __sys_sendmsg_sock+0xc0/0xc0 [ 112.420886][T10541] nfnetlink_rcv+0x3e7/0x460 [ 112.424754][T10539] ? down_read_non_owner+0x490/0x490 [ 112.428899][T10541] netlink_unicast+0x58c/0x7d0 [ 112.448507][T10539] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 112.452896][T10541] netlink_sendmsg+0x91c/0xea0 [ 112.461318][T10539] ? do_syscall_64+0x26/0x790 [ 112.466241][T10541] sock_sendmsg+0xd7/0x130 [ 112.474334][T10539] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 112.482304][T10541] ____sys_sendmsg+0x753/0x880 [ 112.490372][T10539] ? do_syscall_64+0x26/0x790 [ 112.490394][T10539] __x64_sys_sendmsg+0x78/0xb0 [ 112.498364][T10541] ___sys_sendmsg+0x100/0x170 [ 112.506453][T10539] do_syscall_64+0xfa/0x790 [ 112.508791][T10541] __sys_sendmsg+0x105/0x1d0 [ 112.513194][T10539] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 112.517348][T10541] __x64_sys_sendmsg+0x78/0xb0 [ 112.522974][T10539] RIP: 0033:0x446b79 [ 112.527750][T10541] do_syscall_64+0xfa/0x790 [ 112.532059][T10539] Code: e8 8c e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 112.536122][T10541] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 112.541661][T10539] RSP: 002b:00007f1a8ff2eda8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.547975][T10541] [ 112.553073][T10539] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 0000000000446b79 [ 112.557636][T10541] Freed by task 2800: [ 112.562821][T10539] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 112.567842][T10541] save_stack+0x23/0x90 [ 112.572523][T10539] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 112.578092][T10541] __kasan_slab_free+0x102/0x150 [ 112.582829][T10539] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c [ 112.588280][T10541] kasan_slab_free+0xe/0x10 [ 112.593034][T10539] R13: 00000000200002c0 R14: 00000000004aeb60 R15: 0000000000000000 [ 112.597697][T10541] kfree+0x10a/0x2c0 [ 112.602182][T10539] Modules linked in: [ 112.608971][T10541] nf_tables_table_destroy.isra.0+0xef/0x150 [ 112.618242][T10547] ------------[ cut here ]------------ [ 112.619276][T10541] nf_tables_trans_destroy_work+0x406/0x7c0 [ 112.624106][T10547] kernel BUG at lib/list_debug.c:48! [ 112.628784][T10541] process_one_work+0x9af/0x1740 [ 112.633720][T10547] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 112.637907][T10541] worker_thread+0x98/0xe40 [ 112.643905][T10547] CPU: 1 PID: 10547 Comm: syz-executor221 Tainted: G D 5.5.0-rc7-syzkaller #0 [ 112.643910][T10547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.643927][T10547] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 112.643940][T10547] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 60 69 71 88 e8 e0 de be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 c0 69 71 88 e8 cc de be fd <0f> 0b 4c 89 f6 48 c7 c7 80 6a 71 88 e8 bb de be fd 0f 0b cc cc cc [ 112.643946][T10547] RSP: 0018:ffffc90001f57478 EFLAGS: 00010282 [ 112.643955][T10547] RAX: 000000000000004e RBX: ffff88809441c800 RCX: 0000000000000000 [ 112.643962][T10547] RDX: 0000000000000000 RSI: ffffffff815e5326 RDI: fffff520003eae81 [ 112.643976][T10547] RBP: ffffc90001f57490 R08: 000000000000004e R09: ffffed1015d26621 [ 112.648758][T10541] kthread+0x361/0x430 [ 112.652642][T10547] R10: ffffed1015d26620 R11: ffff8880ae933107 R12: dead000000000122 [ 112.657169][T10541] ret_from_fork+0x24/0x30 [ 112.676782][T10547] R13: ffff8880a7496000 R14: ffff88809441c800 R15: ffff8880a9a95800 [ 112.682668][T10541] [ 112.691087][T10547] FS: 00007f1a8ff2f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 112.693416][T10541] The buggy address belongs to the object at ffff8880a6f41400 [ 112.693416][T10541] which belongs to the cache kmalloc-512 of size 512 [ 112.701390][T10547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.705365][T10541] The buggy address is located 8 bytes inside of [ 112.705365][T10541] 512-byte region [ffff8880a6f41400, ffff8880a6f41600) [ 112.705377][T10541] The buggy address belongs to the page: [ 112.713443][T10547] CR2: 00007fff35ee1b40 CR3: 00000000a20e2000 CR4: 00000000001406e0 [ 112.717604][T10541] page:ffffea00029bd040 refcount:1 mapcount:0 mapping:ffff8880aa400a80 index:0x0 [ 112.725567][T10547] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 112.730647][T10541] raw: 00fffe0000000200 ffffea0002513008 ffffea00027644c8 ffff8880aa400a80 [ 112.738604][T10547] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 112.743271][T10541] raw: 0000000000000000 ffff8880a6f41000 0000000100000004 0000000000000000 [ 112.751238][T10547] Call Trace: [ 112.755126][T10541] page dumped because: kasan: bad access detected [ 112.759016][T10547] __nf_tables_abort+0x1e53/0x2a50 [ 112.764973][T10541] [ 112.770433][T10547] ? nfnl_err_del+0x115/0x170 [ 112.776290][T10541] Memory state around the buggy address: [ 112.781573][T10547] nf_tables_abort+0x17/0x30 [ 112.786507][T10541] ffff8880a6f41300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 112.792574][T10547] nfnetlink_rcv_batch+0xa5d/0x17a0 [ 112.797059][T10541] ffff8880a6f41380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 112.807330][T10547] ? nf_tables_delobj+0x8f0/0x8f0 [ 112.817525][T10541] >ffff8880a6f41400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.824052][T10547] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 112.844075][T10541] ^ [ 112.850149][T10547] ? selinux_sb_eat_lsm_opts+0x700/0x700 [ 112.858212][T10541] ffff8880a6f41480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.867257][T10547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.876276][T10541] ffff8880a6f41500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 112.880695][T10547] ? __nla_validate_parse+0x2d0/0x1ee0 [ 112.889149][T10541] ================================================================== [ 112.893584][T10547] ? selinux_capable+0x36/0x40 [ 112.904204][T10541] Kernel panic - not syncing: panic_on_warn set ... [ 112.914121][T10547] ? nla_memcpy+0xb0/0xb0 [ 113.144556][T10547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 113.150841][T10547] ? ns_capable_common+0x93/0x100 [ 113.155988][T10547] ? __nla_parse+0x43/0x60 [ 113.160422][T10547] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 113.166938][T10547] nfnetlink_rcv+0x3e7/0x460 [ 113.171549][T10547] ? nfnetlink_rcv_batch+0x17a0/0x17a0 [ 113.177000][T10547] ? netlink_deliver_tap+0x24a/0xbe0 [ 113.182298][T10547] ? __kasan_check_write+0x14/0x20 [ 113.187424][T10547] netlink_unicast+0x58c/0x7d0 [ 113.192395][T10547] ? netlink_attachskb+0x870/0x870 [ 113.197517][T10547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 113.203969][T10547] netlink_sendmsg+0x91c/0xea0 [ 113.208758][T10547] ? netlink_unicast+0x7d0/0x7d0 [ 113.213705][T10547] ? tomoyo_socket_sendmsg+0x26/0x30 [ 113.220831][T10547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 113.227088][T10547] ? security_socket_sendmsg+0x8d/0xc0 [ 113.232893][T10547] ? netlink_unicast+0x7d0/0x7d0 [ 113.238083][T10547] sock_sendmsg+0xd7/0x130 [ 113.242501][T10547] ____sys_sendmsg+0x753/0x880 [ 113.247293][T10547] ? kernel_sendmsg+0x50/0x50 [ 113.251979][T10547] ? __fget+0x35d/0x550 [ 113.256141][T10547] ? find_held_lock+0x35/0x130 [ 113.260914][T10547] ___sys_sendmsg+0x100/0x170 [ 113.265686][T10547] ? sendmsg_copy_msghdr+0x70/0x70 [ 113.270916][T10547] ? __kasan_check_read+0x11/0x20 [ 113.275983][T10547] ? __fget+0x37f/0x550 [ 113.280132][T10547] ? ksys_dup3+0x3e0/0x3e0 [ 113.284559][T10547] ? __do_page_fault+0x56a/0xd80 [ 113.289716][T10547] ? __fget_light+0x1a9/0x230 [ 113.294454][T10547] ? __fdget+0x1b/0x20 [ 113.298634][T10547] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 113.304885][T10547] __sys_sendmsg+0x105/0x1d0 [ 113.309579][T10547] ? __sys_sendmsg_sock+0xc0/0xc0 [ 113.314608][T10547] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 113.320161][T10547] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 113.325759][T10547] ? do_syscall_64+0x26/0x790 [ 113.330615][T10547] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 113.336781][T10547] ? do_syscall_64+0x26/0x790 [ 113.341461][T10547] __x64_sys_sendmsg+0x78/0xb0 [ 113.346236][T10547] do_syscall_64+0xfa/0x790 [ 113.350806][T10547] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 113.356699][T10547] RIP: 0033:0x446b79 [ 113.360625][T10547] Code: e8 8c e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 113.380374][T10547] RSP: 002b:00007f1a8ff2eda8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 113.388960][T10547] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 0000000000446b79 [ 113.396937][T10547] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 113.405005][T10547] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 113.412981][T10547] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c [ 113.421121][T10547] R13: 00000000200002c0 R14: 00000000004aeb60 R15: 0000000000000000 [ 113.429099][T10547] Modules linked in: [ 113.434656][T10541] Kernel Offset: disabled [ 113.439022][T10541] Rebooting in 86400 seconds..