[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 28.818501] kauditd_printk_skb: 7 callbacks suppressed [ 28.818513] audit: type=1800 audit(1544633564.977:29): pid=5894 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 28.844120] audit: type=1800 audit(1544633564.977:30): pid=5894 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.286165] sshd (6033) used greatest stack depth: 15600 bytes left Warning: Permanently added '10.128.0.108' (ECDSA) to the list of known hosts. 2018/12/12 16:52:57 fuzzer started 2018/12/12 16:52:59 dialing manager at 10.128.0.26:45517 2018/12/12 16:53:04 syscalls: 1 2018/12/12 16:53:04 code coverage: enabled 2018/12/12 16:53:04 comparison tracing: enabled 2018/12/12 16:53:04 setuid sandbox: enabled 2018/12/12 16:53:04 namespace sandbox: enabled 2018/12/12 16:53:04 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/12 16:53:04 fault injection: enabled 2018/12/12 16:53:04 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/12 16:53:04 net packet injection: enabled 2018/12/12 16:53:04 net device setup: enabled 16:54:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000080)="0a5c2d0240316285717070") r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@flushpolicy={0x10, 0x1d, 0x11}, 0x10}}, 0x0) [ 155.955701] IPVS: ftp: loaded support on port[0] = 21 16:54:52 executing program 1: r0 = socket$kcm(0x2, 0x1000000000005, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0xb, &(0x7f0000000040), 0x4) sendmsg$kcm(r0, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) recvmsg$kcm(r0, &(0x7f0000000640)={&(0x7f0000000440)=@generic, 0x80, &(0x7f0000000600)=[{&(0x7f0000000500)=""/24, 0x18}], 0x1}, 0x0) [ 156.221996] IPVS: ftp: loaded support on port[0] = 21 16:54:52 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0x0, 0x0) r1 = dup2(r0, r0) ioctl$RTC_IRQP_READ(r1, 0x8008700b, 0x0) [ 156.541991] IPVS: ftp: loaded support on port[0] = 21 16:54:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000080)="dbe08fe9b0987a000f57be00000000b9800000c00f3235000800000f30b8010000000f01d966b8d3008ed80f320f35c4e3bd7ffef20f01c9", 0x38}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x14000}) setxattr$security_smack_entry(0x0, &(0x7f0000000040)='security.SMACK64IPIN\x00', 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0xd9) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 157.039377] IPVS: ftp: loaded support on port[0] = 21 16:54:53 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/wireless\x00') sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=ANY=[]}, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000) [ 157.595381] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.601875] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.619027] IPVS: ftp: loaded support on port[0] = 21 [ 157.644756] device bridge_slave_0 entered promiscuous mode [ 157.784624] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.791384] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.814385] device bridge_slave_1 entered promiscuous mode 16:54:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_GET_CPUID2(r3, 0xc008ae91, &(0x7f0000000080)) [ 157.923220] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 158.132322] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 158.151622] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.188853] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.196877] device bridge_slave_0 entered promiscuous mode [ 158.204697] IPVS: ftp: loaded support on port[0] = 21 [ 158.285695] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.292189] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.307439] device bridge_slave_1 entered promiscuous mode [ 158.465822] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 158.524792] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 158.654979] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 158.664358] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 158.732059] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.747143] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.755625] device bridge_slave_0 entered promiscuous mode [ 158.919361] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.932886] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.953810] device bridge_slave_1 entered promiscuous mode [ 159.012427] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 159.090506] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 159.138097] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 159.194399] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 159.299010] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 159.313160] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 159.366245] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 159.383902] team0: Port device team_slave_0 added [ 159.431160] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 159.483624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 159.534011] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 159.541801] team0: Port device team_slave_1 added [ 159.590249] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.604483] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.611880] device bridge_slave_0 entered promiscuous mode [ 159.643842] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 159.678883] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 159.782624] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 159.812818] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.819217] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.836623] device bridge_slave_1 entered promiscuous mode [ 159.858125] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 159.891038] team0: Port device team_slave_0 added [ 159.904686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 159.925036] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 159.932846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 159.943606] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.949986] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.958732] device bridge_slave_0 entered promiscuous mode [ 159.996452] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 160.008360] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 160.026839] team0: Port device team_slave_1 added [ 160.032386] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 160.046893] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 160.057401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 160.080977] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 160.089819] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.097252] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.111842] device bridge_slave_1 entered promiscuous mode [ 160.131859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 160.158215] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 160.173053] ================================================================== [ 160.180603] BUG: KASAN: use-after-free in __list_add_valid+0x8f/0xac [ 160.187113] Read of size 8 at addr ffff8881c68f6b70 by task sh/6371 [ 160.193519] [ 160.195165] CPU: 0 PID: 6371 Comm: sh Not tainted 4.20.0-rc6-next-20181210+ #164 [ 160.202703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.212062] Call Trace: [ 160.214647] [ 160.216817] dump_stack+0x244/0x39d [ 160.219245] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 160.220466] ? dump_stack_print_info.cold.1+0x20/0x20 [ 160.231981] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 160.232579] ? printk+0xa7/0xcf [ 160.242607] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 160.247397] print_address_description.cold.4+0x9/0x1ff [ 160.252789] ? __list_add_valid+0x8f/0xac [ 160.256951] kasan_report.cold.5+0x1b/0x39 [ 160.261197] ? __list_add_valid+0x8f/0xac [ 160.265356] ? __list_add_valid+0x8f/0xac [ 160.269522] __asan_report_load8_noabort+0x14/0x20 [ 160.274464] __list_add_valid+0x8f/0xac [ 160.278465] ___neigh_create+0x14b7/0x2600 [ 160.282725] ? neigh_remove_one+0x5a0/0x5a0 [ 160.287055] ? print_usage_bug+0xc0/0xc0 [ 160.291122] ? graph_lock+0x270/0x270 [ 160.294924] ? find_held_lock+0x36/0x1c0 [ 160.298976] ? ipv6_chk_mcast_addr+0x350/0x940 [ 160.303545] ? lock_downgrade+0x900/0x900 [ 160.307680] ? check_preemption_disabled+0x48/0x280 [ 160.312697] ? kasan_check_read+0x11/0x20 [ 160.316842] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 160.322105] ? lock_acquire+0x1ed/0x520 [ 160.326067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.331598] ? check_preemption_disabled+0x48/0x280 [ 160.336607] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 160.342159] ? rcu_pm_notify+0xc0/0xc0 [ 160.346058] __neigh_create+0x30/0x40 [ 160.349850] ip6_finish_output2+0xa64/0x2940 [ 160.354241] ? irq_exit+0x17f/0x1c0 [ 160.357853] ? smp_apic_timer_interrupt+0x1cb/0x760 [ 160.362859] ? find_held_lock+0x36/0x1c0 [ 160.366915] ? ip6_forward_finish+0x560/0x560 [ 160.371399] ? ip6_mtu+0x39c/0x520 [ 160.374928] ? lock_downgrade+0x900/0x900 [ 160.379062] ? check_preemption_disabled+0x48/0x280 [ 160.384068] ? kasan_check_read+0x11/0x20 [ 160.388197] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 160.393458] ? rcu_read_unlock_special+0x370/0x370 [ 160.398378] ? ip6_mtu+0x160/0x520 [ 160.401904] ? find_match+0x10a0/0x10a0 [ 160.405868] ? kasan_check_read+0x11/0x20 [ 160.410002] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 160.415268] ip6_finish_output+0x58c/0xc60 [ 160.419489] ? ip6_finish_output+0x58c/0xc60 [ 160.423883] ip6_output+0x232/0x9d0 [ 160.427524] ? ip6_finish_output+0xc60/0xc60 [ 160.431918] ? ip6_fragment+0x38b0/0x38b0 [ 160.436048] ? ip6_mtu_from_fib6+0x770/0x770 [ 160.440446] mld_sendpack+0xad5/0xfa0 [ 160.444232] ? nf_hook.constprop.40+0x860/0x860 [ 160.448886] ? _raw_read_unlock_bh+0x30/0x40 [ 160.453282] ? trace_hardirqs_off_caller+0x310/0x310 [ 160.458385] ? __local_bh_enable_ip+0x160/0x260 [ 160.463040] mld_ifc_timer_expire+0x447/0x8a0 [ 160.467525] call_timer_fn+0x272/0x920 [ 160.471397] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 160.476051] ? process_timeout+0x40/0x40 [ 160.480124] ? mark_held_locks+0xc7/0x130 [ 160.484265] ? _raw_spin_unlock_irq+0x27/0x80 [ 160.488743] ? _raw_spin_unlock_irq+0x27/0x80 [ 160.493238] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 160.497894] ? lockdep_hardirqs_on+0x296/0x5b0 [ 160.502463] ? trace_hardirqs_on+0xbd/0x310 [ 160.506776] ? kasan_check_read+0x11/0x20 [ 160.510906] ? __run_timers+0x7da/0xc70 [ 160.514866] ? trace_hardirqs_off_caller+0x310/0x310 [ 160.519962] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 160.524618] __run_timers+0x7e5/0xc70 [ 160.528408] ? timer_fixup_init+0x70/0x70 [ 160.532544] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 160.537546] ? graph_lock+0x270/0x270 [ 160.541331] ? print_usage_bug+0xc0/0xc0 [ 160.545432] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 160.550612] ? find_held_lock+0x36/0x1c0 [ 160.554664] ? graph_lock+0x270/0x270 [ 160.558468] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.563994] ? check_preemption_disabled+0x48/0x280 [ 160.569000] ? __lock_is_held+0xb5/0x140 [ 160.573048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.578574] ? check_preemption_disabled+0x48/0x280 [ 160.583581] run_timer_softirq+0x52/0xb0 [ 160.587628] ? rcu_read_lock_sched_held+0x14f/0x180 [ 160.592631] __do_softirq+0x308/0xb7e [ 160.596424] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 160.600905] ? lock_downgrade+0x900/0x900 [ 160.605043] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 160.610140] ? pvclock_read_flags+0x160/0x160 [ 160.614625] ? lapic_next_event+0x5a/0x90 [ 160.618762] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.624299] ? kvm_clock_read+0x18/0x30 [ 160.628254] ? kvm_sched_clock_read+0x9/0x20 [ 160.632648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.638180] ? check_preemption_disabled+0x48/0x280 [ 160.643188] irq_exit+0x17f/0x1c0 [ 160.646645] smp_apic_timer_interrupt+0x1cb/0x760 [ 160.651471] ? smp_reschedule_interrupt+0x109/0x650 [ 160.656475] ? smp_call_function_single_interrupt+0x650/0x650 [ 160.662353] ? interrupt_entry+0xb5/0xc0 [ 160.666428] ? trace_hardirqs_off_caller+0xbb/0x310 [ 160.671430] ? trace_hardirqs_off_caller+0xbb/0x310 [ 160.676440] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 160.681268] ? trace_hardirqs_on_caller+0x310/0x310 [ 160.686269] ? trace_hardirqs_on_caller+0x310/0x310 [ 160.691272] ? task_prio+0x50/0x50 [ 160.694803] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 160.700340] ? check_preemption_disabled+0x48/0x280 [ 160.705352] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 160.710187] apic_timer_interrupt+0xf/0x20 [ 160.714402] [ 160.716628] RIP: 0010:lock_acquire+0x268/0x520 [ 160.721200] Code: 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 44 02 00 00 48 83 3d f7 2d 10 08 00 0f 84 c3 01 00 00 48 8b bd 20 ff ff ff 57 9d <0f> 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 [ 160.740090] RSP: 0000:ffff888192816dd0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 160.747788] RAX: dffffc0000000000 RBX: 1ffff11032502dbf RCX: 0000000000000000 [ 160.755046] RDX: 1ffffffff12e4816 RSI: 0000000000000000 RDI: 0000000000000282 [ 160.762581] RBP: ffff888192816ec0 R08: ffff8881ba856d58 R09: 0000000000000008 [ 160.769838] R10: 0000000000000078 R11: ffff8881ba856440 R12: ffff8881ba856440 [ 160.777097] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000 [ 160.784374] ? find_held_lock+0x36/0x1c0 [ 160.788427] ? lock_release+0xa00/0xa00 [ 160.792392] ? __unlock_page_memcg+0x53/0x100 [ 160.796875] ? lock_downgrade+0x900/0x900 [ 160.801007] ? check_preemption_disabled+0x48/0x280 [ 160.806012] lock_page_memcg+0x95/0x350 [ 160.810003] ? mem_cgroup_hierarchy_write+0x230/0x230 [ 160.815181] ? rcu_read_unlock_special+0x370/0x370 [ 160.820122] ? mem_cgroup_hierarchy_write+0x230/0x230 [ 160.825328] ? __lock_acquire+0x62f/0x4c20 [ 160.829558] page_add_file_rmap+0x127/0x1470 [ 160.833958] ? page_add_new_anon_rmap+0xb70/0xb70 [ 160.838809] ? mark_held_locks+0x130/0x130 [ 160.843054] ? __lock_acquire+0x62f/0x4c20 [ 160.847279] ? mark_held_locks+0x130/0x130 [ 160.851502] ? __lock_acquire+0x62f/0x4c20 [ 160.855755] ? mark_held_locks+0x130/0x130 [ 160.859980] ? __lock_acquire+0x62f/0x4c20 [ 160.864204] ? lock_acquire+0x1ed/0x520 [ 160.868162] ? alloc_set_pte+0x1447/0x1f00 [ 160.872388] ? kasan_check_write+0x14/0x20 [ 160.876612] ? do_raw_spin_lock+0x14f/0x350 [ 160.880920] ? rwlock_bug.part.2+0x90/0x90 [ 160.885166] ? __lock_is_held+0xb5/0x140 [ 160.889217] alloc_set_pte+0xd32/0x1f00 [ 160.893177] ? xas_descend+0x201/0x510 [ 160.897057] ? do_swap_page+0x3660/0x3660 [ 160.901208] ? alloc_set_pte+0x1447/0x1f00 [ 160.905436] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 160.910960] ? graph_lock+0x270/0x270 [ 160.914748] ? graph_lock+0x270/0x270 [ 160.918539] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 160.924062] ? unlock_page+0x2c2/0x4c0 [ 160.927934] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.933465] ? check_preemption_disabled+0x48/0x280 [ 160.938470] ? __lock_is_held+0xb5/0x140 [ 160.942524] filemap_map_pages+0x164b/0x1a20 [ 160.946930] ? find_get_entries_tag+0x1400/0x1400 [ 160.951793] ? lock_page_memcg+0x350/0x350 [ 160.956030] ? __this_cpu_preempt_check+0x1c/0x20 [ 160.960865] ? mark_held_locks+0xc7/0x130 [ 160.965003] ? mem_cgroup_commit_charge+0x2c1/0xa50 [ 160.970005] ? print_usage_bug+0xc0/0xc0 [ 160.974053] ? graph_lock+0x270/0x270 [ 160.977842] ? lru_cache_add+0xa50/0xa50 [ 160.981890] ? lock_downgrade+0x900/0x900 [ 160.986027] ? check_preemption_disabled+0x48/0x280 [ 160.991039] ? __lock_acquire+0x62f/0x4c20 [ 160.995264] ? __handle_mm_fault+0x46ee/0x5b70 [ 160.999836] ? mark_held_locks+0x130/0x130 [ 161.004056] ? mark_held_locks+0x130/0x130 [ 161.008272] ? do_raw_spin_unlock+0xa7/0x330 [ 161.012665] ? do_raw_spin_trylock+0x270/0x270 [ 161.017251] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 161.022867] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 161.028394] __handle_mm_fault+0x456b/0x5b70 [ 161.032798] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 161.037628] ? vm_mmap_pgoff+0x222/0x2c0 [ 161.041681] ? lock_downgrade+0x900/0x900 [ 161.045815] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 161.050823] ? graph_lock+0x270/0x270 [ 161.054609] ? graph_lock+0x270/0x270 [ 161.058413] ? userfaultfd_unmap_prep+0x660/0x660 [ 161.063245] ? find_held_lock+0x36/0x1c0 [ 161.067296] ? handle_mm_fault+0x42a/0xc70 [ 161.071518] ? lock_downgrade+0x900/0x900 [ 161.075652] ? check_preemption_disabled+0x48/0x280 [ 161.080659] ? kasan_check_read+0x11/0x20 [ 161.084798] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 161.090058] ? rcu_read_unlock_special+0x370/0x370 [ 161.094978] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 161.100502] ? check_preemption_disabled+0x48/0x280 [ 161.105510] handle_mm_fault+0x54f/0xc70 [ 161.109574] ? __handle_mm_fault+0x5b70/0x5b70 [ 161.114144] ? find_vma+0x34/0x190 [ 161.117674] __do_page_fault+0x5f6/0xd70 [ 161.121718] ? mprotect_fixup+0xc60/0xc60 [ 161.125863] do_page_fault+0xf2/0x7e0 [ 161.129651] ? vmalloc_sync_all+0x30/0x30 [ 161.133788] ? error_entry+0x70/0xd0 [ 161.137507] ? trace_hardirqs_off_caller+0xbb/0x310 [ 161.142509] ? trace_hardirqs_on_caller+0xc0/0x310 [ 161.147427] ? syscall_return_slowpath+0x5e0/0x5e0 [ 161.152343] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 161.157173] ? trace_hardirqs_on_caller+0x310/0x310 [ 161.162196] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 161.167636] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 161.172640] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 161.178171] ? prepare_exit_to_usermode+0x291/0x3b0 [ 161.183172] ? page_fault+0x8/0x30 [ 161.186701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 161.191532] ? page_fault+0x8/0x30 [ 161.195056] page_fault+0x1e/0x30 [ 161.198495] RIP: 0033:0x7f4552dd87d0 [ 161.202205] Code: Bad RIP value. [ 161.205553] RSP: 002b:00007ffce4127748 EFLAGS: 00010202 [ 161.210896] RAX: 00007f4552dd87d0 RBX: 00007f45533004c0 RCX: 0000000000000001 [ 161.218156] RDX: 00000000000000c0 RSI: 0000000000000025 RDI: 0000000000000002 [ 161.225412] RBP: 00007ffce4127830 R08: 0000000000000001 R09: 000000000000002f [ 161.232696] R10: 00007f4552d73af0 R11: 00007ffce4127580 R12: 00007f4552d55000 [ 161.239964] R13: 00007f45530dc038 R14: 00007f4552d73ac0 R15: 00007f45530dcd98 [ 161.247227] [ 161.248841] Allocated by task 6370: [ 161.252457] save_stack+0x43/0xd0 [ 161.255896] kasan_kmalloc+0xcb/0xd0 [ 161.259593] __kmalloc+0x15d/0x760 [ 161.263118] ___neigh_create+0x13fc/0x2600 [ 161.267337] __neigh_create+0x30/0x40 [ 161.271122] ip6_finish_output2+0xa64/0x2940 [ 161.275515] ip6_finish_output+0x58c/0xc60 [ 161.279732] ip6_output+0x232/0x9d0 [ 161.283347] mld_sendpack+0xad5/0xfa0 [ 161.287144] mld_ifc_timer_expire+0x447/0x8a0 [ 161.291627] call_timer_fn+0x272/0x920 [ 161.295500] __run_timers+0x7e5/0xc70 [ 161.299283] run_timer_softirq+0x52/0xb0 [ 161.303328] __do_softirq+0x308/0xb7e [ 161.307125] [ 161.308740] Freed by task 16: [ 161.311856] save_stack+0x43/0xd0 [ 161.315295] __kasan_slab_free+0x102/0x150 [ 161.319530] kasan_slab_free+0xe/0x10 [ 161.323313] kfree+0xcf/0x230 [ 161.326403] rcu_process_callbacks+0xd91/0x15f0 [ 161.331053] __do_softirq+0x308/0xb7e [ 161.334829] [ 161.336444] The buggy address belongs to the object at ffff8881c68f6900 [ 161.336444] which belongs to the cache kmalloc-1k of size 1024 [ 161.349098] The buggy address is located 624 bytes inside of [ 161.349098] 1024-byte region [ffff8881c68f6900, ffff8881c68f6d00) [ 161.361047] The buggy address belongs to the page: [ 161.365966] page:ffffea00071a3d80 count:1 mapcount:0 mapping:ffff8881da800ac0 index:0x0 compound_mapcount: 0 [ 161.375920] flags: 0x2fffc0000010200(slab|head) [ 161.380576] raw: 02fffc0000010200 ffffea0006f93108 ffffea0006d04a08 ffff8881da800ac0 [ 161.388444] raw: 0000000000000000 ffff8881c68f6000 0000000100000007 0000000000000000 [ 161.396304] page dumped because: kasan: bad access detected [ 161.401993] [ 161.403602] Memory state around the buggy address: [ 161.408513] ffff8881c68f6a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 161.415857] ffff8881c68f6a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 161.423199] >ffff8881c68f6b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 161.430539] ^ [ 161.437536] ffff8881c68f6b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 161.444879] ffff8881c68f6c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 161.452216] ================================================================== [ 161.459557] Disabling lock debugging due to kernel taint [ 161.465060] Kernel panic - not syncing: panic_on_warn set ... [ 161.470958] CPU: 0 PID: 6371 Comm: sh Tainted: G B 4.20.0-rc6-next-20181210+ #164 [ 161.479879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.489214] Call Trace: [ 161.491782] [ 161.493924] dump_stack+0x244/0x39d [ 161.497537] ? dump_stack_print_info.cold.1+0x20/0x20 [ 161.502742] ? __list_add_valid+0x10/0xac [ 161.506898] panic+0x2ad/0x632 [ 161.510074] ? add_taint.cold.5+0x16/0x16 [ 161.514208] ? trace_hardirqs_on+0xb4/0x310 [ 161.518510] ? __list_add_valid+0x8f/0xac [ 161.522642] end_report+0x47/0x4f [ 161.526099] kasan_report.cold.5+0xe/0x39 [ 161.530233] ? __list_add_valid+0x8f/0xac [ 161.534364] ? __list_add_valid+0x8f/0xac [ 161.538496] __asan_report_load8_noabort+0x14/0x20 [ 161.543409] __list_add_valid+0x8f/0xac [ 161.547392] ___neigh_create+0x14b7/0x2600 [ 161.551614] ? neigh_remove_one+0x5a0/0x5a0 [ 161.555925] ? print_usage_bug+0xc0/0xc0 [ 161.559967] ? graph_lock+0x270/0x270 [ 161.563754] ? find_held_lock+0x36/0x1c0 [ 161.567804] ? ipv6_chk_mcast_addr+0x350/0x940 [ 161.572367] ? lock_downgrade+0x900/0x900 [ 161.576501] ? check_preemption_disabled+0x48/0x280 [ 161.581527] ? kasan_check_read+0x11/0x20 [ 161.585680] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 161.590941] ? lock_acquire+0x1ed/0x520 [ 161.594922] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 161.600449] ? check_preemption_disabled+0x48/0x280 [ 161.605447] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 161.610967] ? rcu_pm_notify+0xc0/0xc0 [ 161.614863] __neigh_create+0x30/0x40 [ 161.618650] ip6_finish_output2+0xa64/0x2940 [ 161.623040] ? irq_exit+0x17f/0x1c0 [ 161.626648] ? smp_apic_timer_interrupt+0x1cb/0x760 [ 161.631654] ? find_held_lock+0x36/0x1c0 [ 161.635701] ? ip6_forward_finish+0x560/0x560 [ 161.640178] ? ip6_mtu+0x39c/0x520 [ 161.643701] ? lock_downgrade+0x900/0x900 [ 161.647831] ? check_preemption_disabled+0x48/0x280 [ 161.652832] ? kasan_check_read+0x11/0x20 [ 161.656963] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 161.662251] ? rcu_read_unlock_special+0x370/0x370 [ 161.667179] ? ip6_mtu+0x160/0x520 [ 161.670700] ? find_match+0x10a0/0x10a0 [ 161.674661] ? kasan_check_read+0x11/0x20 [ 161.678792] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 161.684051] ip6_finish_output+0x58c/0xc60 [ 161.688268] ? ip6_finish_output+0x58c/0xc60 [ 161.692667] ip6_output+0x232/0x9d0 [ 161.696284] ? ip6_finish_output+0xc60/0xc60 [ 161.700677] ? ip6_fragment+0x38b0/0x38b0 [ 161.704807] ? ip6_mtu_from_fib6+0x770/0x770 [ 161.709220] mld_sendpack+0xad5/0xfa0 [ 161.713011] ? nf_hook.constprop.40+0x860/0x860 [ 161.717666] ? _raw_read_unlock_bh+0x30/0x40 [ 161.722059] ? trace_hardirqs_off_caller+0x310/0x310 [ 161.727155] ? __local_bh_enable_ip+0x160/0x260 [ 161.731806] mld_ifc_timer_expire+0x447/0x8a0 [ 161.736286] call_timer_fn+0x272/0x920 [ 161.740152] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 161.744806] ? process_timeout+0x40/0x40 [ 161.748852] ? mark_held_locks+0xc7/0x130 [ 161.752997] ? _raw_spin_unlock_irq+0x27/0x80 [ 161.757476] ? _raw_spin_unlock_irq+0x27/0x80 [ 161.761965] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 161.766620] ? lockdep_hardirqs_on+0x296/0x5b0 [ 161.771188] ? trace_hardirqs_on+0xbd/0x310 [ 161.775492] ? kasan_check_read+0x11/0x20 [ 161.779621] ? __run_timers+0x7da/0xc70 [ 161.783579] ? trace_hardirqs_off_caller+0x310/0x310 [ 161.788666] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 161.793317] __run_timers+0x7e5/0xc70 [ 161.797105] ? timer_fixup_init+0x70/0x70 [ 161.801239] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 161.806261] ? graph_lock+0x270/0x270 [ 161.810045] ? print_usage_bug+0xc0/0xc0 [ 161.814092] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 161.819266] ? find_held_lock+0x36/0x1c0 [ 161.823317] ? graph_lock+0x270/0x270 [ 161.827119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 161.832651] ? check_preemption_disabled+0x48/0x280 [ 161.837663] ? __lock_is_held+0xb5/0x140 [ 161.841713] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 161.847257] ? check_preemption_disabled+0x48/0x280 [ 161.852258] run_timer_softirq+0x52/0xb0 [ 161.856314] ? rcu_read_lock_sched_held+0x14f/0x180 [ 161.861325] __do_softirq+0x308/0xb7e [ 161.865109] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 161.869617] ? lock_downgrade+0x900/0x900 [ 161.873750] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 161.878845] ? pvclock_read_flags+0x160/0x160 [ 161.883328] ? lapic_next_event+0x5a/0x90 [ 161.887479] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 161.893002] ? kvm_clock_read+0x18/0x30 [ 161.896958] ? kvm_sched_clock_read+0x9/0x20 [ 161.901353] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 161.907119] ? check_preemption_disabled+0x48/0x280 [ 161.912122] irq_exit+0x17f/0x1c0 [ 161.915567] smp_apic_timer_interrupt+0x1cb/0x760 [ 161.920390] ? smp_reschedule_interrupt+0x109/0x650 [ 161.925388] ? smp_call_function_single_interrupt+0x650/0x650 [ 161.931257] ? interrupt_entry+0xb5/0xc0 [ 161.935304] ? trace_hardirqs_off_caller+0xbb/0x310 [ 161.940310] ? trace_hardirqs_off_caller+0xbb/0x310 [ 161.945315] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 161.950146] ? trace_hardirqs_on_caller+0x310/0x310 [ 161.955163] ? trace_hardirqs_on_caller+0x310/0x310 [ 161.960162] ? task_prio+0x50/0x50 [ 161.963687] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 161.969211] ? check_preemption_disabled+0x48/0x280 [ 161.974228] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 161.979063] apic_timer_interrupt+0xf/0x20 [ 161.983275] [ 161.985514] RIP: 0010:lock_acquire+0x268/0x520 [ 161.990082] Code: 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 44 02 00 00 48 83 3d f7 2d 10 08 00 0f 84 c3 01 00 00 48 8b bd 20 ff ff ff 57 9d <0f> 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 [ 162.008972] RSP: 0000:ffff888192816dd0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 162.016678] RAX: dffffc0000000000 RBX: 1ffff11032502dbf RCX: 0000000000000000 [ 162.023930] RDX: 1ffffffff12e4816 RSI: 0000000000000000 RDI: 0000000000000282 [ 162.031178] RBP: ffff888192816ec0 R08: ffff8881ba856d58 R09: 0000000000000008 [ 162.038427] R10: 0000000000000078 R11: ffff8881ba856440 R12: ffff8881ba856440 [ 162.045696] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000 [ 162.052967] ? find_held_lock+0x36/0x1c0 [ 162.057015] ? lock_release+0xa00/0xa00 [ 162.060976] ? __unlock_page_memcg+0x53/0x100 [ 162.065455] ? lock_downgrade+0x900/0x900 [ 162.069614] ? check_preemption_disabled+0x48/0x280 [ 162.074619] lock_page_memcg+0x95/0x350 [ 162.078588] ? mem_cgroup_hierarchy_write+0x230/0x230 [ 162.083758] ? rcu_read_unlock_special+0x370/0x370 [ 162.088674] ? mem_cgroup_hierarchy_write+0x230/0x230 [ 162.093848] ? __lock_acquire+0x62f/0x4c20 [ 162.098069] page_add_file_rmap+0x127/0x1470 [ 162.102460] ? page_add_new_anon_rmap+0xb70/0xb70 [ 162.107287] ? mark_held_locks+0x130/0x130 [ 162.111504] ? __lock_acquire+0x62f/0x4c20 [ 162.115723] ? mark_held_locks+0x130/0x130 [ 162.119944] ? __lock_acquire+0x62f/0x4c20 [ 162.124164] ? mark_held_locks+0x130/0x130 [ 162.128379] ? __lock_acquire+0x62f/0x4c20 [ 162.132598] ? lock_acquire+0x1ed/0x520 [ 162.136556] ? alloc_set_pte+0x1447/0x1f00 [ 162.140781] ? kasan_check_write+0x14/0x20 [ 162.144998] ? do_raw_spin_lock+0x14f/0x350 [ 162.149312] ? rwlock_bug.part.2+0x90/0x90 [ 162.153530] ? __lock_is_held+0xb5/0x140 [ 162.157574] alloc_set_pte+0xd32/0x1f00 [ 162.161541] ? xas_descend+0x201/0x510 [ 162.165411] ? do_swap_page+0x3660/0x3660 [ 162.169543] ? alloc_set_pte+0x1447/0x1f00 [ 162.173766] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 162.179293] ? graph_lock+0x270/0x270 [ 162.183074] ? graph_lock+0x270/0x270 [ 162.186859] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 162.192379] ? unlock_page+0x2c2/0x4c0 [ 162.196248] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 162.201777] ? check_preemption_disabled+0x48/0x280 [ 162.206786] ? __lock_is_held+0xb5/0x140 [ 162.210833] filemap_map_pages+0x164b/0x1a20 [ 162.215230] ? find_get_entries_tag+0x1400/0x1400 [ 162.220055] ? lock_page_memcg+0x350/0x350 [ 162.224276] ? __this_cpu_preempt_check+0x1c/0x20 [ 162.229104] ? mark_held_locks+0xc7/0x130 [ 162.233237] ? mem_cgroup_commit_charge+0x2c1/0xa50 [ 162.238235] ? print_usage_bug+0xc0/0xc0 [ 162.242276] ? graph_lock+0x270/0x270 [ 162.246081] ? lru_cache_add+0xa50/0xa50 [ 162.250127] ? lock_downgrade+0x900/0x900 [ 162.254263] ? check_preemption_disabled+0x48/0x280 [ 162.259264] ? __lock_acquire+0x62f/0x4c20 [ 162.263484] ? __handle_mm_fault+0x46ee/0x5b70 [ 162.268077] ? mark_held_locks+0x130/0x130 [ 162.272304] ? mark_held_locks+0x130/0x130 [ 162.276521] ? do_raw_spin_unlock+0xa7/0x330 [ 162.280910] ? do_raw_spin_trylock+0x270/0x270 [ 162.285481] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 162.291089] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 162.296641] __handle_mm_fault+0x456b/0x5b70 [ 162.301037] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 162.305865] ? vm_mmap_pgoff+0x222/0x2c0 [ 162.309906] ? lock_downgrade+0x900/0x900 [ 162.314038] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 162.319050] ? graph_lock+0x270/0x270 [ 162.322848] ? graph_lock+0x270/0x270 [ 162.326634] ? userfaultfd_unmap_prep+0x660/0x660 [ 162.331458] ? find_held_lock+0x36/0x1c0 [ 162.335512] ? handle_mm_fault+0x42a/0xc70 [ 162.339727] ? lock_downgrade+0x900/0x900 [ 162.343860] ? check_preemption_disabled+0x48/0x280 [ 162.348861] ? kasan_check_read+0x11/0x20 [ 162.352993] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 162.358251] ? rcu_read_unlock_special+0x370/0x370 [ 162.363168] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 162.368699] ? check_preemption_disabled+0x48/0x280 [ 162.373704] handle_mm_fault+0x54f/0xc70 [ 162.377749] ? __handle_mm_fault+0x5b70/0x5b70 [ 162.382320] ? find_vma+0x34/0x190 [ 162.385841] __do_page_fault+0x5f6/0xd70 [ 162.389887] ? mprotect_fixup+0xc60/0xc60 [ 162.394021] do_page_fault+0xf2/0x7e0 [ 162.397819] ? vmalloc_sync_all+0x30/0x30 [ 162.401953] ? error_entry+0x70/0xd0 [ 162.405653] ? trace_hardirqs_off_caller+0xbb/0x310 [ 162.410654] ? trace_hardirqs_on_caller+0xc0/0x310 [ 162.415568] ? syscall_return_slowpath+0x5e0/0x5e0 [ 162.420505] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 162.425333] ? trace_hardirqs_on_caller+0x310/0x310 [ 162.430332] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 162.435774] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 162.440782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 162.446305] ? prepare_exit_to_usermode+0x291/0x3b0 [ 162.451304] ? page_fault+0x8/0x30 [ 162.454828] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 162.459655] ? page_fault+0x8/0x30 [ 162.463190] page_fault+0x1e/0x30 [ 162.466625] RIP: 0033:0x7f4552dd87d0 [ 162.470330] Code: Bad RIP value. [ 162.473678] RSP: 002b:00007ffce4127748 EFLAGS: 00010202 [ 162.479018] RAX: 00007f4552dd87d0 RBX: 00007f45533004c0 RCX: 0000000000000001 [ 162.486269] RDX: 00000000000000c0 RSI: 0000000000000025 RDI: 0000000000000002 [ 162.493522] RBP: 00007ffce4127830 R08: 0000000000000001 R09: 000000000000002f [ 162.500792] R10: 00007f4552d73af0 R11: 00007ffce4127580 R12: 00007f4552d55000 [ 162.508066] R13: 00007f45530dc038 R14: 00007f4552d73ac0 R15: 00007f45530dcd98 [ 162.516384] Kernel Offset: disabled [ 162.520010] Rebooting in 86400 seconds..