[ 83.879878][ T27] audit: type=1400 audit(1584905258.536:37): avc: denied { watch } for pid=10754 comm="restorecond" path="/root/.ssh" dev="sda1" ino=16179 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:object_r:ssh_home_t:s0 tclass=dir permissive=1 [ 83.904065][ T27] audit: type=1400 audit(1584905258.536:38): avc: denied { watch } for pid=10754 comm="restorecond" path="/etc/selinux/restorecond.conf" dev="sda1" ino=2232 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 84.198438][ T27] audit: type=1800 audit(1584905258.856:39): pid=10667 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 88.680832][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 88.680845][ T27] audit: type=1400 audit(1584905263.336:41): avc: denied { map } for pid=10842 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.131' (ECDSA) to the list of known hosts. [ 95.878714][ T27] audit: type=1400 audit(1584905270.536:42): avc: denied { map } for pid=10854 comm="syz-executor401" path="/root/syz-executor401636306" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 95.906698][T10855] IPVS: ftp: loaded support on port[0] = 21 [ 95.939009][ T27] audit: type=1400 audit(1584905270.596:43): avc: denied { create } for pid=10855 comm="syz-executor401" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 95.964060][ T27] audit: type=1400 audit(1584905270.596:44): avc: denied { write } for pid=10855 comm="syz-executor401" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 95.988924][ T27] audit: type=1400 audit(1584905270.596:45): avc: denied { read } for pid=10855 comm="syz-executor401" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 96.018506][T10855] chnl_net:caif_netlink_parms(): no params data found [ 96.061259][T10855] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.068943][T10855] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.076945][T10855] device bridge_slave_0 entered promiscuous mode [ 96.086647][T10855] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.093735][T10855] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.101680][T10855] device bridge_slave_1 entered promiscuous mode [ 96.121377][T10855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.133144][T10855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.155483][T10855] team0: Port device team_slave_0 added [ 96.164468][T10855] team0: Port device team_slave_1 added [ 96.180895][T10855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.187897][T10855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.213829][T10855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.227399][T10855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.234583][T10855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.260982][T10855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.347212][T10855] device hsr_slave_0 entered promiscuous mode [ 96.384794][T10855] device hsr_slave_1 entered promiscuous mode [ 96.514553][T10855] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 96.587937][T10855] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 96.647618][T10855] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 96.708085][T10855] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 96.783464][T10855] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.790842][T10855] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.798865][T10855] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.806028][T10855] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.867307][T10855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.883564][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 96.895097][ T2687] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.903115][ T2687] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.912034][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 96.926659][T10855] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.940236][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 96.949230][ T2687] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.956469][ T2687] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.970294][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 96.978979][ T2845] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.986236][ T2845] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.009091][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 97.019498][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 97.029399][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 97.040998][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 97.051241][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 97.070637][T10855] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 97.081651][T10855] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 97.094110][ T3218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 97.103060][ T3218] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 97.112082][ T3218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 97.121816][ T3218] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 97.137915][ T3218] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 97.154154][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 97.161766][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 97.179403][T10855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.202355][ T3218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 97.212965][ T3218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 97.236367][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 97.246546][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 97.257946][T10855] device veth0_vlan entered promiscuous mode [ 97.265408][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 97.273328][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 97.289615][T10855] device veth1_vlan entered promiscuous mode [ 97.317233][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 97.327315][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 97.335930][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 97.344369][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 97.356769][T10855] device veth0_macvtap entered promiscuous mode [ 97.369661][T10855] device veth1_macvtap entered promiscuous mode [ 97.390277][T10855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.399623][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 97.408391][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 97.417101][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 97.426091][ T2845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 97.439481][T10855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.447518][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 97.456922][ T2687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 97.624682][T10855] ================================================================== [ 97.632949][T10855] BUG: KASAN: use-after-free in tcindex_set_parms+0x17fd/0x1a00 [ 97.640725][T10855] Write of size 16 at addr ffff88809eaf5530 by task syz-executor401/10855 [ 97.649210][T10855] [ 97.651562][T10855] CPU: 1 PID: 10855 Comm: syz-executor401 Not tainted 5.6.0-rc6-syzkaller #0 [ 97.660425][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.670535][T10855] Call Trace: [ 97.673831][T10855] dump_stack+0x188/0x20d [ 97.678175][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 97.683449][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 97.688724][T10855] print_address_description.constprop.0.cold+0xd3/0x315 [ 97.695741][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 97.701006][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 97.706270][T10855] __kasan_report.cold+0x1a/0x32 [ 97.711189][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 97.716470][T10855] kasan_report+0xe/0x20 [ 97.720718][T10855] tcindex_set_parms+0x17fd/0x1a00 [ 97.725822][T10855] ? tcindex_alloc_perfect_hash+0x320/0x320 [ 97.731704][T10855] ? mark_held_locks+0xe0/0xe0 [ 97.736468][T10855] ? nla_memcpy+0xa0/0xa0 [ 97.741022][T10855] ? tcindex_change+0x203/0x2e0 [ 97.745864][T10855] tcindex_change+0x203/0x2e0 [ 97.750528][T10855] ? tcindex_set_parms+0x1a00/0x1a00 [ 97.755822][T10855] tc_new_tfilter+0xa59/0x20b0 [ 97.760599][T10855] ? tcindex_set_parms+0x1a00/0x1a00 [ 97.765886][T10855] ? tc_del_tfilter+0x1430/0x1430 [ 97.770902][T10855] ? __lock_acquire+0x80b/0x3ca0 [ 97.775856][T10855] ? rcu_read_lock_held+0x9c/0xb0 [ 97.780953][T10855] ? tc_del_tfilter+0x1430/0x1430 [ 97.785976][T10855] rtnetlink_rcv_msg+0x810/0xad0 [ 97.790919][T10855] ? rtnl_bridge_getlink+0x880/0x880 [ 97.796208][T10855] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 97.801492][T10855] ? __copy_skb_header+0x280/0x5b0 [ 97.806815][T10855] ? skb_splice_bits+0x1a0/0x1a0 [ 97.811748][T10855] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 97.817566][T10855] ? kmem_cache_alloc+0x261/0x730 [ 97.822602][T10855] netlink_rcv_skb+0x15a/0x410 [ 97.827358][T10855] ? rtnl_bridge_getlink+0x880/0x880 [ 97.832642][T10855] ? netlink_ack+0xa80/0xa80 [ 97.837229][T10855] netlink_unicast+0x537/0x740 [ 97.842104][T10855] ? netlink_attachskb+0x810/0x810 [ 97.847299][T10855] ? _copy_from_iter_full+0x25c/0x870 [ 97.852666][T10855] netlink_sendmsg+0x882/0xe10 [ 97.857521][T10855] ? netlink_unicast+0x740/0x740 [ 97.862473][T10855] ? netlink_unicast+0x740/0x740 [ 97.867427][T10855] sock_sendmsg+0xcf/0x120 [ 97.871830][T10855] ____sys_sendmsg+0x6b9/0x7d0 [ 97.876679][T10855] ? kernel_sendmsg+0x50/0x50 [ 97.881360][T10855] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 97.886910][T10855] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 97.893043][T10855] ___sys_sendmsg+0x100/0x170 [ 97.897730][T10855] ? sendmsg_copy_msghdr+0x70/0x70 [ 97.902965][T10855] ? lock_downgrade+0x7f0/0x7f0 [ 97.907816][T10855] ? lock_acquire+0x197/0x420 [ 97.912512][T10855] ? __might_fault+0xef/0x1d0 [ 97.917329][T10855] ? __might_fault+0x190/0x1d0 [ 97.922169][T10855] ? _copy_to_user+0x107/0x150 [ 97.927002][T10855] ? move_addr_to_user+0xb3/0x200 [ 97.932159][T10855] ? __fget_light+0x1a5/0x270 [ 97.936882][T10855] __sys_sendmsg+0xec/0x1b0 [ 97.941374][T10855] ? __sys_sendmsg_sock+0xb0/0xb0 [ 97.946501][T10855] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 97.952469][T10855] ? mark_held_locks+0x9f/0xe0 [ 97.957259][T10855] ? trace_hardirqs_off_caller+0x55/0x230 [ 97.963170][T10855] ? do_syscall_64+0x21/0x7d0 [ 97.967858][T10855] do_syscall_64+0xf6/0x7d0 [ 97.972369][T10855] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 97.978372][T10855] RIP: 0033:0x443ea9 [ 97.982262][T10855] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 98.002085][T10855] RSP: 002b:00007ffdba01b678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 98.010499][T10855] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443ea9 [ 98.018613][T10855] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 98.026580][T10855] RBP: 00007ffdba01b690 R08: 00000000bb1414ac R09: 00000000bb1414ac [ 98.034541][T10855] R10: 00000000bb1414ac R11: 0000000000000246 R12: 00007ffdba01b6c0 [ 98.042689][T10855] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 98.050668][T10855] [ 98.052981][T10855] Allocated by task 12: [ 98.057126][T10855] save_stack+0x1b/0x80 [ 98.061274][T10855] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 98.066898][T10855] __kmalloc+0x161/0x7a0 [ 98.071254][T10855] usb_alloc_urb+0x65/0xb0 [ 98.075707][T10855] usb_control_msg+0x1c9/0x4a0 [ 98.081209][T10855] hub_ext_port_status+0x125/0x460 [ 98.086513][T10855] hub_activate+0x4f4/0x1640 [ 98.091101][T10855] process_one_work+0x94b/0x1690 [ 98.096035][T10855] worker_thread+0x96/0xe20 [ 98.100542][T10855] kthread+0x357/0x430 [ 98.104645][T10855] ret_from_fork+0x24/0x30 [ 98.109147][T10855] [ 98.111503][T10855] Freed by task 12: [ 98.115461][T10855] save_stack+0x1b/0x80 [ 98.119622][T10855] __kasan_slab_free+0xf7/0x140 [ 98.124476][T10855] kfree+0x109/0x2b0 [ 98.128370][T10855] usb_free_urb.part.0+0xaf/0x110 [ 98.133422][T10855] usb_free_urb+0x1b/0x30 [ 98.137736][T10855] usb_start_wait_urb+0x1e5/0x2b0 [ 98.142792][T10855] usb_control_msg+0x31c/0x4a0 [ 98.147566][T10855] hub_ext_port_status+0x125/0x460 [ 98.152741][T10855] hub_activate+0x4f4/0x1640 [ 98.157446][T10855] process_one_work+0x94b/0x1690 [ 98.162400][T10855] worker_thread+0x96/0xe20 [ 98.166910][T10855] kthread+0x357/0x430 [ 98.170981][T10855] ret_from_fork+0x24/0x30 [ 98.175375][T10855] [ 98.177692][T10855] The buggy address belongs to the object at ffff88809eaf5500 [ 98.177692][T10855] which belongs to the cache kmalloc-192 of size 192 [ 98.191752][T10855] The buggy address is located 48 bytes inside of [ 98.191752][T10855] 192-byte region [ffff88809eaf5500, ffff88809eaf55c0) [ 98.204922][T10855] The buggy address belongs to the page: [ 98.210545][T10855] page:ffffea00027abd40 refcount:1 mapcount:0 mapping:ffff8880aa000000 index:0x0 [ 98.219645][T10855] flags: 0xfffe0000000200(slab) [ 98.224492][T10855] raw: 00fffe0000000200 ffffea00027a8ac8 ffffea00027ac048 ffff8880aa000000 [ 98.233255][T10855] raw: 0000000000000000 ffff88809eaf5000 0000000100000010 0000000000000000 [ 98.241930][T10855] page dumped because: kasan: bad access detected [ 98.248369][T10855] [ 98.250693][T10855] Memory state around the buggy address: [ 98.256473][T10855] ffff88809eaf5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 98.264529][T10855] ffff88809eaf5480: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 98.272588][T10855] >ffff88809eaf5500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 98.280703][T10855] ^ [ 98.286445][T10855] ffff88809eaf5580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 98.294612][T10855] ffff88809eaf5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 98.302670][T10855] ================================================================== [ 98.310735][T10855] Disabling lock debugging due to kernel taint [ 98.320039][T10855] Kernel panic - not syncing: panic_on_warn set ... [ 98.326752][T10855] CPU: 1 PID: 10855 Comm: syz-executor401 Tainted: G B 5.6.0-rc6-syzkaller #0 [ 98.336902][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.346946][T10855] Call Trace: [ 98.350232][T10855] dump_stack+0x188/0x20d [ 98.354676][T10855] panic+0x2e3/0x75c [ 98.358669][T10855] ? add_taint.cold+0x16/0x16 [ 98.363751][T10855] ? preempt_schedule_common+0x5e/0xc0 [ 98.369231][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 98.374523][T10855] ? ___preempt_schedule+0x16/0x18 [ 98.380091][T10855] ? trace_hardirqs_on+0x55/0x220 [ 98.385129][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 98.390425][T10855] end_report+0x43/0x49 [ 98.394582][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 98.399967][T10855] __kasan_report.cold+0xd/0x32 [ 98.404951][T10855] ? tcindex_set_parms+0x17fd/0x1a00 [ 98.410377][T10855] kasan_report+0xe/0x20 [ 98.414621][T10855] tcindex_set_parms+0x17fd/0x1a00 [ 98.419749][T10855] ? tcindex_alloc_perfect_hash+0x320/0x320 [ 98.425648][T10855] ? mark_held_locks+0xe0/0xe0 [ 98.430443][T10855] ? nla_memcpy+0xa0/0xa0 [ 98.434772][T10855] ? tcindex_change+0x203/0x2e0 [ 98.439617][T10855] tcindex_change+0x203/0x2e0 [ 98.444280][T10855] ? tcindex_set_parms+0x1a00/0x1a00 [ 98.449566][T10855] tc_new_tfilter+0xa59/0x20b0 [ 98.454433][T10855] ? tcindex_set_parms+0x1a00/0x1a00 [ 98.459748][T10855] ? tc_del_tfilter+0x1430/0x1430 [ 98.464780][T10855] ? __lock_acquire+0x80b/0x3ca0 [ 98.469963][T10855] ? rcu_read_lock_held+0x9c/0xb0 [ 98.475052][T10855] ? tc_del_tfilter+0x1430/0x1430 [ 98.480074][T10855] rtnetlink_rcv_msg+0x810/0xad0 [ 98.485019][T10855] ? rtnl_bridge_getlink+0x880/0x880 [ 98.490507][T10855] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 98.495785][T10855] ? __copy_skb_header+0x280/0x5b0 [ 98.500882][T10855] ? skb_splice_bits+0x1a0/0x1a0 [ 98.505829][T10855] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 98.511621][T10855] ? kmem_cache_alloc+0x261/0x730 [ 98.516734][T10855] netlink_rcv_skb+0x15a/0x410 [ 98.521529][T10855] ? rtnl_bridge_getlink+0x880/0x880 [ 98.526828][T10855] ? netlink_ack+0xa80/0xa80 [ 98.531405][T10855] netlink_unicast+0x537/0x740 [ 98.536151][T10855] ? netlink_attachskb+0x810/0x810 [ 98.541247][T10855] ? _copy_from_iter_full+0x25c/0x870 [ 98.546625][T10855] netlink_sendmsg+0x882/0xe10 [ 98.551390][T10855] ? netlink_unicast+0x740/0x740 [ 98.556308][T10855] ? netlink_unicast+0x740/0x740 [ 98.561240][T10855] sock_sendmsg+0xcf/0x120 [ 98.565651][T10855] ____sys_sendmsg+0x6b9/0x7d0 [ 98.570431][T10855] ? kernel_sendmsg+0x50/0x50 [ 98.575094][T10855] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 98.580633][T10855] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 98.586810][T10855] ___sys_sendmsg+0x100/0x170 [ 98.591506][T10855] ? sendmsg_copy_msghdr+0x70/0x70 [ 98.596609][T10855] ? lock_downgrade+0x7f0/0x7f0 [ 98.601509][T10855] ? lock_acquire+0x197/0x420 [ 98.606187][T10855] ? __might_fault+0xef/0x1d0 [ 98.610859][T10855] ? __might_fault+0x190/0x1d0 [ 98.615606][T10855] ? _copy_to_user+0x107/0x150 [ 98.620453][T10855] ? move_addr_to_user+0xb3/0x200 [ 98.625461][T10855] ? __fget_light+0x1a5/0x270 [ 98.630140][T10855] __sys_sendmsg+0xec/0x1b0 [ 98.634626][T10855] ? __sys_sendmsg_sock+0xb0/0xb0 [ 98.639661][T10855] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 98.645651][T10855] ? mark_held_locks+0x9f/0xe0 [ 98.650406][T10855] ? trace_hardirqs_off_caller+0x55/0x230 [ 98.656107][T10855] ? do_syscall_64+0x21/0x7d0 [ 98.660777][T10855] do_syscall_64+0xf6/0x7d0 [ 98.665264][T10855] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 98.671223][T10855] RIP: 0033:0x443ea9 [ 98.675109][T10855] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 98.694705][T10855] RSP: 002b:00007ffdba01b678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 98.703094][T10855] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443ea9 [ 98.711045][T10855] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 98.719035][T10855] RBP: 00007ffdba01b690 R08: 00000000bb1414ac R09: 00000000bb1414ac [ 98.727110][T10855] R10: 00000000bb1414ac R11: 0000000000000246 R12: 00007ffdba01b6c0 [ 98.735316][T10855] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 98.744577][T10855] Kernel Offset: disabled [ 98.749000][T10855] Rebooting in 86400 seconds..