[....] Starting enhanced syslogd: rsyslogd[ 13.981949] audit: type=1400 audit(1538295919.081:4): avc: denied { syslog } for pid=1917 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.94' (ECDSA) to the list of known hosts. RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported Error: argument "bridge0" is wrong: Device does not exist Error: argument "bridge0" is wrong: Device does not exist Cannot find device "veth0_to_bridge" Cannot find device "veth1_to_bridge" RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported Error: argument "bond0" is wrong: Device does not exist Error: argument "bond0" is wrong: Device does not exist Cannot find device "veth0_to_bond" Cannot find device "veth1_to_bond" RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported Error: argument "team0" is wrong: Device does not exist Error: argument "team0" is wrong: Device does not exist Cannot find device "veth0_to_team" Cannot find device "veth1_to_team" Cannot find device "bridge_slave_0" Cannot find device "bridge_slave_1" RTNETLINK answers: Operation not supported Cannot find device "bridge0" Cannot find device "bridge0" Cannot find device "bridge0" Cannot find device "bridge0" Cannot find device "vcan0" Cannot find device "vcan0" Cannot find device "vcan0" Cannot find device "vcan0" Cannot find device "tunl0" Cannot find device "tunl0" Cannot find device "tunl0" Cannot find device "tunl0" Cannot find device "gre0" Cannot find device "gre0" Cannot find device "gre0" Cannot find device "gre0" Cannot find device "gretap0" Cannot find device "gretap0" Cannot find device "gretap0" Cannot find device "gretap0" RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument Cannot find device "ip6gre0" Cannot find device "ip6gre0" Cannot find device "ip6gre0" Cannot find device "ip6gre0" Cannot find device "ip6gretap0" Cannot find device "ip6gretap0" Cannot find device "ip6gretap0" Cannot find device "ip6gretap0" Cannot find device "erspan0" Cannot find device "erspan0" Cannot find device "erspan0" Cannot find device "erspan0" Cannot find device "bond0" Cannot find device "bond0" Cannot find device "bond0" Cannot find device "bond0" Cannot find device "veth0" Cannot find device "veth0" Cannot find device "veth0" Cannot find device "veth0" Cannot find device "veth1" Cannot find device "veth1" Cannot find device "veth1" Cannot find device "veth1" Cannot find device "team0" Cannot find device "team0" Cannot find device "team0" Cannot find device "team0" Cannot find device "veth0_to_bridge" Cannot find device "veth0_to_bridge" Cannot find device "veth0_to_bridge" Cannot find device "veth0_to_bridge" Cannot find device "veth1_to_bridge" Cannot find device "veth1_to_bridge" Cannot find device "veth1_to_bridge" Cannot find device "veth1_to_bridge" Cannot find device "veth0_to_bond" Cannot find device "veth0_to_bond" Cannot find device "veth0_to_bond" Cannot find device "veth0_to_bond" Cannot find device "veth1_to_bond" Cannot find device "veth1_to_bond" Cannot find device "veth1_to_bond" Cannot find device "veth1_to_bond" Cannot find device "veth0_to_team" Cannot find device "veth0_to_team" Cannot find device "veth0_to_team" Cannot find device "veth0_to_team" Cannot find device "veth1_to_team" Cannot find device "veth1_to_team" Cannot find device "veth1_to_team" Cannot find device "veth1_to_team" executing program executing program syzkaller login: [ 33.630245] ================================================================== [ 33.637734] BUG: KASAN: slab-out-of-bounds in ip6_tnl_xmit2+0x229d/0x2350 [ 33.644634] Read of size 16 at addr ffff8800b4e0ddb0 by task syz-executor296/2493 [ 33.652225] [ 33.653833] CPU: 1 PID: 2493 Comm: syz-executor296 Not tainted 4.4.159+ #106 [ 33.660992] 0000000000000000 548cb03a94ee5a49 ffff8801d1c36ca0 ffffffff81a9949d [ 33.668993] ffffea0002d38300 ffff8800b4e0ddb0 0000000000000000 ffff8800b4e0ddb8 [ 33.677033] ffff8800b73a4400 ffff8801d1c36cd8 ffffffff8148a809 ffff8800b4e0ddb0 [ 33.685028] Call Trace: [ 33.687592] [] dump_stack+0xc1/0x124 [ 33.693073] [] print_address_description+0x6c/0x217 [ 33.699718] [] kasan_report.cold.6+0x175/0x2f7 [ 33.705975] [] ? ip6_tnl_xmit2+0x229d/0x2350 [ 33.712033] [] __asan_report_load_n_noabort+0xf/0x20 [ 33.718766] [] ip6_tnl_xmit2+0x229d/0x2350 [ 33.724628] [] ? ip6_tnl_create2+0x2d0/0x2d0 [ 33.730670] [] ? __lock_acquire+0xa85/0x5f10 [ 33.736708] [] ? trace_hardirqs_on+0x10/0x10 [ 33.742743] [] ? trace_hardirqs_on+0x10/0x10 [ 33.748778] [] ? make_kuid+0xf0/0x180 [ 33.754216] [] ip6_tnl_xmit+0x91a/0xc70 [ 33.759817] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 33.766550] [] ? ip6ip6_dscp_ecn_decapsulate+0x7c0/0x7c0 [ 33.773630] [] ? trace_hardirqs_on+0x10/0x10 [ 33.779672] [] ? trace_hardirqs_on+0x10/0x10 [ 33.785721] [] ? netlink_has_listeners+0x1da/0x330 [ 33.792291] [] dev_hard_start_xmit+0x7bd/0x11c0 [ 33.798587] [] __dev_queue_xmit+0x16f5/0x1c30 [ 33.804710] [] ? __dev_queue_xmit+0x1d7/0x1c30 [ 33.810923] [] ? trace_hardirqs_on+0x10/0x10 [ 33.816968] [] ? check_preemption_disabled+0x3b/0x170 [ 33.823793] [] ? netdev_pick_tx+0x2c0/0x2c0 [ 33.829759] [] ? nf_ct_deliver_cached_events+0x335/0x560 [ 33.836840] [] ? nf_ct_deliver_cached_events+0x83/0x560 [ 33.843832] [] ? check_preemption_disabled+0x3b/0x170 [ 33.850687] [] dev_queue_xmit+0x17/0x20 [ 33.856299] [] neigh_direct_output+0x15/0x20 [ 33.862346] [] ip_finish_output2+0x8f0/0x1100 [ 33.868476] [] ? ip_finish_output2+0x20b/0x1100 [ 33.874784] [] ? ip_send_check+0xb0/0xb0 [ 33.880476] [] ? nf_hook_slow+0x202/0x340 [ 33.886252] [] ip_finish_output+0x882/0xc00 [ 33.892201] [] ip_output+0x219/0x4c0 [ 33.897546] [] ? ip_mc_output+0x980/0x980 [ 33.903323] [] ? ip_make_skb+0x116/0x210 [ 33.909015] [] ? ip_fragment.constprop.5+0x200/0x200 [ 33.915759] [] ? ip_flush_pending_frames+0x30/0x30 [ 33.922317] [] ip_local_out+0x9b/0x180 [ 33.927829] [] ip_send_skb+0x3c/0xc0 [ 33.933166] [] udp_send_skb+0x503/0xc70 [ 33.938767] [] udp_sendmsg+0x16c9/0x1c70 [ 33.944450] [] ? ip_reply_glue_bits+0xc0/0xc0 [ 33.950570] [] ? udp_lib_unhash+0x630/0x630 [ 33.956519] [] ? mark_held_locks+0xc7/0x130 [ 33.962465] [] ? __lock_acquire+0xa85/0x5f10 [ 33.968505] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 33.975354] [] udpv6_sendmsg+0x12cd/0x24c0 [ 33.981405] [] ? avc_has_perm+0x15a/0x3a0 [ 33.987358] [] ? udp_v6_flush_pending_frames+0xe0/0xe0 [ 33.994271] [] ? avc_has_perm_noaudit+0x2f0/0x2f0 [ 34.000746] [] ? trace_hardirqs_on+0x10/0x10 [ 34.006778] [] ? sock_has_perm+0x1c1/0x3f0 [ 34.012635] [] ? sock_has_perm+0x2a1/0x3f0 [ 34.018497] [] ? sock_has_perm+0x9f/0x3f0 [ 34.024362] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 34.031935] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 34.038673] [] ? check_preemption_disabled+0x3b/0x170 [ 34.045508] [] ? inet_sendmsg+0x143/0x4d0 [ 34.051279] [] inet_sendmsg+0x203/0x4d0 [ 34.057008] [] ? inet_sendmsg+0x73/0x4d0 [ 34.062703] [] ? inet_recvmsg+0x4c0/0x4c0 [ 34.068499] [] sock_sendmsg+0xbb/0x110 [ 34.074032] [] ___sys_sendmsg+0x745/0x880 [ 34.079848] [] ? copy_msghdr_from_user+0x550/0x550 [ 34.086418] [] ? prandom_u32+0x71/0xa0 [ 34.092055] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 34.098933] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 34.105234] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 34.112050] [] ? release_sock+0x3b6/0x500 [ 34.117822] [] ? trace_hardirqs_on+0xd/0x10 [ 34.123796] [] ? __fget_light+0x9f/0x1f0 [ 34.129487] [] ? __fdget+0x18/0x20 [ 34.134653] [] __sys_sendmsg+0xd6/0x190 [ 34.140254] [] ? SyS_shutdown+0x1b0/0x1b0 [ 34.146028] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 34.152843] [] SyS_sendmsg+0x2d/0x50 [ 34.158186] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 34.164739] [ 34.166352] Allocated by task 2493: [ 34.169949] [] save_stack_trace+0x26/0x50 [ 34.175872] [] kasan_kmalloc.part.1+0x62/0xf0 [ 34.182110] [] kasan_kmalloc+0xaf/0xc0 [ 34.187742] [] __kmalloc+0x13d/0x330 [ 34.193199] [] __neigh_create+0x1d6/0x1b20 [ 34.199248] [] ipv4_neigh_lookup+0x4de/0x700 [ 34.205402] [] ip6_tnl_xmit2+0x28a/0x2350 [ 34.211292] [] ip6_tnl_xmit+0x91a/0xc70 [ 34.217011] [] dev_hard_start_xmit+0x7bd/0x11c0 [ 34.223423] [] __dev_queue_xmit+0x16f5/0x1c30 [ 34.229677] [] dev_queue_xmit+0x17/0x20 [ 34.235400] [] neigh_direct_output+0x15/0x20 [ 34.241551] [] ip_finish_output2+0x8f0/0x1100 [ 34.247793] [] ip_finish_output+0x882/0xc00 [ 34.253858] [] ip_output+0x219/0x4c0 [ 34.259699] [] ip_local_out+0x9b/0x180 [ 34.265346] [] ip_send_skb+0x3c/0xc0 [ 34.270804] [] udp_send_skb+0x503/0xc70 [ 34.276537] [] udp_sendmsg+0x16c9/0x1c70 [ 34.282352] [] udpv6_sendmsg+0x12cd/0x24c0 [ 34.288331] [] inet_sendmsg+0x203/0x4d0 [ 34.294055] [] sock_sendmsg+0xbb/0x110 [ 34.299714] [] ___sys_sendmsg+0x745/0x880 [ 34.305622] [] __sys_sendmsg+0xd6/0x190 [ 34.311355] [] SyS_sendmsg+0x2d/0x50 [ 34.316813] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 34.323494] [ 34.325095] Freed by task 783: [ 34.328260] [] save_stack_trace+0x26/0x50 [ 34.334177] [] kasan_slab_free+0xac/0x190 [ 34.340075] [] kfree+0xf4/0x310 [ 34.345096] [] free_pipe_info+0x210/0x2c0 [ 34.350984] [] put_pipe_info+0xb8/0xe0 [ 34.356616] [] pipe_release+0x1af/0x250 [ 34.362333] [] __fput+0x235/0x6f0 [ 34.368068] [] ____fput+0x15/0x20 [ 34.373283] [] task_work_run+0x10f/0x190 [ 34.379093] [] do_exit+0x9c5/0x28d0 [ 34.384489] [] do_group_exit+0x111/0x300 [ 34.390314] [] SyS_exit_group+0x1d/0x20 [ 34.396049] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 34.402739] [ 34.404344] The buggy address belongs to the object at ffff8800b4e0db00 [ 34.404344] which belongs to the cache kmalloc-1024 of size 1024 [ 34.417148] The buggy address is located 688 bytes inside of [ 34.417148] 1024-byte region [ffff8800b4e0db00, ffff8800b4e0df00) [ 34.429088] The buggy address belongs to the page: [ 35.226164] kasan: CONFIG_KASAN_INLINE enabled [ 35.230668] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 35.243638] Modules linked in: [ 35.246969] CPU: 0 PID: 1 Comm: init Not tainted 4.4.159+ #106 [ 35.252929] task: ffff8801da5f0000 task.stack: ffff8801da5f8000 [ 35.258982] RIP: 0010:[] [] depot_save_stack+0x15f/0x5eb [ 35.267798] RSP: 0018:ffff8801da5ffa28 EFLAGS: 00010293 [ 35.273236] RAX: ffff8801da5f0000 RBX: 0000000089b034d0 RCX: 0000000050b4b35b [ 35.280497] RDX: 0000000000000000 RSI: ffffffff81b3499f RDI: ffff8801da5ffa90 [ 35.287762] RBP: ffff8801da5ffa80 R08: ffff8801da5ffa90 R09: 0000000000000000 [ 35.295027] R10: 0000000000000000 R11: 0000000000000003 R12: 4f5f4755425f4d56 [ 35.302296] R13: 0000000000000003 R14: 0000000000000048 R15: 00000000000034d0 [ 35.309589] FS: 00007feebda8e7a0(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 [ 35.317863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.323742] CR2: 00007feebd418834 CR3: 00000001d7753000 CR4: 00000000001606b0 [ 35.331010] Stack: [ 35.333150] 024080c0da5f08c0 ffff8801da5ffaa8 ffff8801da5ffa90 ffff880100000009 [ 35.341267] 0000000000000000 d067a1184c7f6081 ffff8800b2569740 00000000024080c0 [ 35.349346] 0000000000000000 ffff8800b2569640 ffff8800b256973f ffff8801da5ffcb8 [ 35.357432] Call Trace: [ 35.360019] [] kasan_kmalloc.part.1+0xc9/0xf0 [ 35.366160] [] ? save_stack_trace+0x26/0x50 [ 35.372316] [] ? kasan_kmalloc.part.1+0x62/0xf0 [ 35.378724] [] ? kasan_kmalloc+0xaf/0xc0 [ 35.384461] [] ? kasan_slab_alloc+0x12/0x20 [ 35.390427] [] ? kmem_cache_alloc+0xdc/0x2c0 [ 35.396490] [] ? locks_alloc_lock+0x1d/0x160 [ 35.402543] [] ? fcntl_setlk+0x93/0x9d0 [ 35.408166] [] ? SyS_fcntl+0x71c/0xca0 [ 35.413709] [] ? entry_SYSCALL_64_fastpath+0x1e/0x9a [ 35.420463] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 35.427212] [] ? avc_has_perm+0x15a/0x3a0 [ 35.433002] [] ? avc_has_perm+0x1cc/0x3a0 [ 35.438797] [] ? avc_has_perm+0x9e/0x3a0 [ 35.444521] [] ? avc_has_perm_noaudit+0x2f0/0x2f0 [ 35.451007] [] ? kasan_unpoison_shadow+0x35/0x50 [ 35.457493] [] kasan_kmalloc+0xaf/0xc0 [ 35.463024] [] ? locks_alloc_lock+0x1d/0x160 [ 35.469081] [] kasan_slab_alloc+0x12/0x20 [ 35.474876] [] kmem_cache_alloc+0xdc/0x2c0 [ 35.480758] [] locks_alloc_lock+0x1d/0x160 [ 35.486654] [] fcntl_setlk+0x93/0x9d0 [ 35.492121] [] ? fcntl_getlk+0x320/0x320 [ 35.497830] [] ? _raw_spin_unlock_irq+0x38/0x50 [ 35.504144] [] ? selinux_file_fcntl+0xec/0x140 [ 35.510374] [] ? security_file_fcntl+0x8f/0xc0 [ 35.516604] [] SyS_fcntl+0x71c/0xca0 [ 35.521988] [] ? f_getown+0xb0/0xb0 [ 35.527265] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 35.533768] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 35.540348] Code: 00 00 e8 05 25 7d ff 48 63 45 c0 48 c1 e0 03 49 89 c6 eb 12 e8 f3 24 7d ff 4d 8b 24 24 4d 85 e4 0f 84 8d 00 00 00 e8 e1 24 7d ff <41> 3b 5c 24 08 75 e2 e8 d5 24 7d ff 8b 45 c0 41 3b 44 24 0c 75 [ 35.568727] RIP [] depot_save_stack+0x15f/0x5eb [ 35.575208] RSP [ 35.578889] BUG: unable to handle kernel paging request at fffffffd2a20f580 [ 35.586255] IP: [] cpuacct_charge+0x155/0x380 [ 35.592460] PGD 2e0d067 PUD 0 [ 35.595932] Oops: 0000 [#2] PREEMPT SMP KASAN [ 35.601120] Modules linked in: [ 35.604464] CPU: 0 PID: 1 Comm: init Tainted: G D 4.4.159+ #106 [ 35.611640] task: ffff8801da5f0000 task.stack: ffff8801da5f8000 [ 35.617688] RIP: 0010:[] [] cpuacct_charge+0x155/0x380 [ 35.626333] RSP: 0018:ffff8801db607968 EFLAGS: 00010046 [ 35.631781] RAX: 1ffffffff05d2a0b RBX: 00000000000181a8 RCX: ffffffff831a1d80 [ 35.639042] RDX: fffffbffa5441eb0 RSI: fffffffd2a20f580 RDI: ffffffff82e95058 [ 35.646308] RBP: ffff8801db6079a8 R08: 0000000000000000 R09: 0000000000000001 [ 35.653572] R10: ffff8801da5f0000 R11: 0000000000000000 R12: ffffffff82e94f80 [ 35.660834] R13: dffffc0000000000 R14: 000000007430814b R15: ffffffffb4e0db00 [ 35.668101] FS: 00007feebda8e7a0(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 [ 35.676323] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.682196] CR2: fffffffd2a20f580 CR3: 00000001d7753000 CR4: 00000000001606b0 [ 35.689495] Stack: [ 35.691635] ffffffff811f0b60 0000000082e15aa9 ffffffff82e15ab0 ffff8800b4e147a0 [ 35.699725] ffff8800b4e14740 000000007430814b ffff8800b4e147f0 0000000000000000 [ 35.707816] ffff8801db6079f0 ffffffff8117c439 ffffffff82c47bf0 ffffffff811fb4b0 [ 35.715895] Call Trace: [ 35.718477] [ 35.720572] [] ? cpuacct_charge+0x60/0x380 [ 35.726781] [] update_curr+0x2c9/0x6d0 [ 35.732313] [] ? trace_hardirqs_on+0x10/0x10 [ 35.738392] [] enqueue_task_fair+0x12a/0xab90 [ 35.744540] [] ? select_task_rq_fair+0x4ba/0x2d10 [ 35.751029] [] ? kvm_sched_clock_read+0x9/0x20 [ 35.757283] [] activate_task+0x1dd/0x280 [ 35.763007] [] ttwu_do_activate.constprop.29+0xbf/0x1e0 [ 35.770010] [] try_to_wake_up+0x6dd/0x1120 [ 35.775899] [] ? update_fast_timekeeper+0x5c/0x70 [ 35.782386] [] default_wake_function+0x35/0x50 [ 35.788616] [] autoremove_wake_function+0x11/0x40 [ 35.795107] [] __wake_up_common+0xb6/0x150 [ 35.800990] [] __wake_up+0x34/0x50 [ 35.806174] [] wake_up_klogd_work_func+0x80/0x90 [ 35.812574] [] irq_work_run_list+0xd7/0x140 [ 35.818544] [] irq_work_tick+0x116/0x170 [ 35.824260] [] update_process_times+0x69/0x70 [ 35.830403] [] tick_sched_handle.isra.6+0x4a/0xf0 [ 35.836919] [] tick_sched_timer+0x76/0x130 [ 35.842796] [] ? tick_sched_handle.isra.6+0xf0/0xf0 [ 35.849462] [] __hrtimer_run_queues+0x390/0xfc0 [ 35.855772] [] ? hrtimer_fixup_init+0x70/0x70 [ 35.861911] [] ? kvm_clock_read+0x23/0x40 [ 35.867713] [] ? kvm_clock_get_cycles+0x9/0x10 [ 35.873965] [] ? hrtimer_interrupt+0x12d/0x430 [ 35.880196] [] hrtimer_interrupt+0x1b1/0x430 [ 35.886248] [] local_apic_timer_interrupt+0x74/0xa0 [ 35.892914] [] smp_apic_timer_interrupt+0x7c/0xa0 [ 35.899416] [] apic_timer_interrupt+0x9d/0xb0 [ 35.905552] [ 35.907610] [] ? add_taint+0x1c/0x50 [ 35.913290] [] ? oops_end+0x48/0x90 [ 35.918566] [] die.cold.1+0x21/0x2a [ 35.923840] [] do_general_protection+0x227/0x2b0 [ 35.930239] [] general_protection+0x25/0x30 [ 35.936205] [] ? depot_save_stack+0x15f/0x5eb [ 35.942346] [] ? depot_save_stack+0x15f/0x5eb [ 35.948512] [] ? depot_save_stack+0x15f/0x5eb [ 35.954681] [] kasan_kmalloc.part.1+0xc9/0xf0 [ 35.960843] [] ? save_stack_trace+0x26/0x50 [ 35.966806] [] ? kasan_kmalloc.part.1+0x62/0xf0 [ 35.973119] [] ? kasan_kmalloc+0xaf/0xc0 [ 35.978828] [] ? kasan_slab_alloc+0x12/0x20 [ 35.984799] [] ? kmem_cache_alloc+0xdc/0x2c0 [ 35.990859] [] ? locks_alloc_lock+0x1d/0x160 [ 35.996913] [] ? fcntl_setlk+0x93/0x9d0 [ 36.002529] [] ? SyS_fcntl+0x71c/0xca0 [ 36.008077] [] ? entry_SYSCALL_64_fastpath+0x1e/0x9a [ 36.014833] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 36.021614] [] ? avc_has_perm+0x15a/0x3a0 [ 36.027419] [] ? avc_has_perm+0x1cc/0x3a0 [ 36.033434] [] ? avc_has_perm+0x9e/0x3a0 [ 36.039137] [] ? avc_has_perm_noaudit+0x2f0/0x2f0 [ 36.045633] [] ? kasan_unpoison_shadow+0x35/0x50 [ 36.052052] [] kasan_kmalloc+0xaf/0xc0 [ 36.057583] [] ? locks_alloc_lock+0x1d/0x160 [ 36.063637] [] kasan_slab_alloc+0x12/0x20 [ 36.069452] [] kmem_cache_alloc+0xdc/0x2c0 [ 36.075343] [] locks_alloc_lock+0x1d/0x160 [ 36.081220] [] fcntl_setlk+0x93/0x9d0 [ 36.086707] [] ? fcntl_getlk+0x320/0x320 [ 36.092417] [] ? _raw_spin_unlock_irq+0x38/0x50 [ 36.098731] [] ? selinux_file_fcntl+0xec/0x140 [ 36.104967] [] ? security_file_fcntl+0x8f/0xc0 [ 36.111197] [] SyS_fcntl+0x71c/0xca0 [ 36.116555] [] ? f_getown+0xb0/0xb0 [ 36.121839] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 36.128329] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 36.134902] Code: 49 8d bc 24 d8 00 00 00 48 89 f8 48 c1 e8 03 42 80 3c 28 00 0f 85 c4 01 00 00 49 8b 9c 24 d8 00 00 00 80 3a 00 0f 85 8f 01 00 00 <4a> 03 1c f9 48 89 d8 48 c1 e8 03 42 80 3c 28 00 0f 85 be 01 00 [ 36.162941] RIP [] cpuacct_charge+0x155/0x380 [ 36.169211] RSP [ 36.172817] CR2: fffffffd2a20f580 [ 36.176255] ---[ end trace 1941ddaf4f409ca2 ]--- [ 36.176268] double fault: 0000 [#3] PREEMPT SMP KASAN [ 36.176272] Modules linked in: [ 36.176280] CPU: 1 PID: 2493 Comm: syz-executor296 Tainted: G D 4.4.159+ #106 [ 36.176284] task: ffff8800b4e14740 task.stack: ffff8801d1c30000 [ 36.176297] RIP: 0010:[] [] dump_page+0x4/0x30 [ 36.176301] RSP: 0018:ffff880100000000 EFLAGS: 00010093 [ 36.176305] RAX: ffff8800b4e14740 RBX: ffffea0002d38300 RCX: 0000000000000000 [ 36.176310] RDX: 0000000000000000 RSI: ffffffff828912a0 RDI: ffffea0002d38300 [ 36.176314] RBP: ffff880100000000 R08: 0000000000000001 R09: 0000000000000000 [ 36.176318] R10: 0000000000000001 R11: ffffffff83fd7174 R12: 0000000000000000 [ 36.176322] R13: ffffffff828912a0 R14: ffff8800b4e0db00 R15: ffff8800b4e0df00 [ 36.176329] FS: 0000000001336880(0063) GS:ffff8801db700000(0000) knlGS:0000000000000000 [ 36.176333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 36.176337] CR2: ffff8800fffffff8 CR3: 00000001d2029000 CR4: 00000000001606b0 [ 36.176344] Stack: [ 36.176345] [ 36.176347] Call Trace: [ 36.176350] [ 36.176481] Code: a0 12 89 82 48 89 df e8 1b 00 00 00 0f 0b 48 89 df e8 d1 96 05 00 eb d5 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 <41> 54 49 89 f4 53 48 89 fb e8 9e 0d ee ff 4c 89 e6 48 89 df 31 [ 36.176488] RIP [] dump_page+0x4/0x30 [ 36.176490] RSP [ 36.176494] ---[ end trace 1941ddaf4f409ca3 ]--- [ 36.176498] Kernel panic - not syncing: Fatal exception in interrupt [ 37.348409] Shutting down cpus with NMI [ 37.352689] Kernel Offset: disabled [ 37.356306] Rebooting in 86400 seconds..