[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 11.176082] random: crng init done [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.129' (ECDSA) to the list of known hosts. 2019/02/07 00:27:32 fuzzer started 2019/02/07 00:27:35 dialing manager at 10.128.0.26:46209 2019/02/07 00:27:35 syscalls: 1 2019/02/07 00:27:35 code coverage: enabled 2019/02/07 00:27:35 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/02/07 00:27:35 extra coverage: extra coverage is not supported by the kernel 2019/02/07 00:27:35 setuid sandbox: enabled 2019/02/07 00:27:35 namespace sandbox: enabled 2019/02/07 00:27:35 Android sandbox: /sys/fs/selinux/policy does not exist 2019/02/07 00:27:35 fault injection: kernel does not have systematic fault injection support 2019/02/07 00:27:35 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/02/07 00:27:35 net packet injection: enabled 2019/02/07 00:27:35 net device setup: enabled 00:28:38 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) fcntl$setstatus(r1, 0x4, 0x2000) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\xd1\x00\x00\x00\x00\x00\xe9\xff\a\x00\x00\x00\x00\x00\x00T\xfa\aBJ\xde\xe9\x16\xd2\xdau\xaf\xe7[\x1f\xe8\xaf\xb4N\xe8\xdf\v5\xa0\xfdj\x1f\x02\x00\xd3\xab&\xd7\xa0q\xfb53\x1c\xe3\x9cZehd\x10\x06\xd7\xc0 jt\x00\x00') setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0xa82, 0x4) sendfile(r1, r2, &(0x7f0000000180), 0x100000001) 00:28:38 executing program 5: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2f) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="39000029054740777b9b821aa13b8381b9000093bc7fa2bdc522f2dada9a8c971c060000b75c7a104bf7a86f9239a3c4b5fa9b10a31f264559"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x1f, r0, 0x0, 0x0) 00:28:38 executing program 1: socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f000000dff8)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)='\x00', 0x1}], 0x1) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000785000), 0x34a) close(r0) 00:28:38 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x805, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) r1 = dup(r0) ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x3) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) 00:28:38 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x1ff) 00:28:38 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'ifb0\x00', 0x43732e5398416f16}) r2 = socket$nl_route(0x10, 0x3, 0x0) pread64(r1, &(0x7f0000000340)=""/39, 0x27, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) dup2(r0, r1) syzkaller login: [ 106.384128] audit: type=1400 audit(1549499320.197:5): avc: denied { associate } for pid=2136 comm="syz-executor3" name="syz3" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 106.450169] input: syz1 as /devices/virtual/input/input4 [ 106.488168] input: syz1 as /devices/virtual/input/input5 00:28:40 executing program 3: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="737461636b203a3a00d09cd372c2ef5509db8ab24e300d5944df8f346497da98f0b453ad6d8a2fcb127375b2ae8bfc030e9a230514289d300b06774494f1ee8ad5379dfed204dd4ee8d1bb83d594cc2086c675750d4c2e9af281fa937d1b0100008000000000baec736202c183a1a0689c60948f3cd9c5f318fe02a98cbefad7c7e6f3f4cd05f5f1e0d23b6e3d245fc76153e613ae187a22e4d5f2352378cf0443fcd24b9a4c42931dc0bc58c3bf53ca2b0f34d84557f9ba4d79a9e877734d42aa63a9d670026ea166ae325820354f616deb57144f837f5839b0b3901c315f72c8733dc6b5b3"], 0x1) 00:28:40 executing program 3: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @remote, @dev}, @icmp=@parameter_prob={0x8, 0x4, 0x0, 0x0, 0x0, 0x0, {0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @dev}}}}}}, 0x0) 00:28:40 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f0000000040)=0x200) 00:28:40 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x4007ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000640)={0x2, 0x4e23, @local}, 0x10) connect(r0, &(0x7f0000000480)=@nl=@unspec, 0x80) [ 106.555998] ================================================================== [ 106.563409] BUG: KASAN: use-after-free in ipv4_conntrack_defrag+0x2ae/0x2f0 [ 106.570510] Write of size 4 at addr ffff8801cc113448 by task syz-executor0/3012 [ 106.577949] [ 106.579579] CPU: 0 PID: 3012 Comm: syz-executor0 Not tainted 4.9.154+ #25 [ 106.586507] ffff8801d04ff110 ffffffff81b47411 0000000000000001 ffffea00073044c0 [ 106.594575] ffff8801cc113448 0000000000000004 ffffffff826028de ffff8801d04ff148 00:28:40 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f00000003c0)=0x400100000001, 0x4) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) syz_execute_func(&(0x7f0000000040)="64ff0941c3c4e2c9975842c0c27d794e0066d7424224e2e3e30f1110c442019dccc4c105d0da3e470f01d4") clone(0x2002102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000380)=[@window={0x3, 0x0, 0x800}, @mss], 0x2037) write$P9_RWALK(r1, 0x0, 0x0) [ 106.602666] ffffffff81502615 0000000000000001 ffff8801cc113448 ffff8801cc113448 [ 106.610744] Call Trace: [ 106.613327] [] dump_stack+0xc1/0x120 [ 106.618689] [] ? ipv4_conntrack_defrag+0x2ae/0x2f0 [ 106.625265] [] print_address_description+0x6f/0x238 [ 106.631930] [] ? ipv4_conntrack_defrag+0x2ae/0x2f0 [ 106.638511] [] kasan_report.cold+0x8c/0x2ba [ 106.644481] [] ? nf_defrag_ipv4_enable+0x10/0x10 [ 106.650883] [] __asan_report_store4_noabort+0x17/0x20 [ 106.657720] [] ipv4_conntrack_defrag+0x2ae/0x2f0 [ 106.664121] [] nf_iterate+0x12e/0x310 [ 106.669568] [] nf_hook_slow+0x114/0x1f0 [ 106.675191] [] ? nf_iterate+0x310/0x310 [ 106.680809] [] raw_sendmsg+0x1ccc/0x23e0 [ 106.686509] [] ? raw_sendmsg+0x1851/0x23e0 [ 106.692383] [] ? avc_has_perm+0x164/0x3a0 [ 106.698174] [] ? compat_raw_setsockopt+0xd0/0xd0 00:28:40 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xaf\x00\x0e\xe9\xa9\xf3x\x80XC\x9e\xd5T\xfa\aBJ\xdau\xaf\x1f\x02\xac\x06\xed\xbc\xd7\xa0q\xfb53\x1c\xe3\x9cZ\x00\x00\x00\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) flistxattr(r0, 0x0, 0x0) [ 106.704569] [] ? __lock_acquire+0x5e5/0x4350 [ 106.710626] [] ? check_preemption_disabled+0x3c/0x200 [ 106.717461] [] ? ip4_datagram_release_cb+0x970/0x970 [ 106.724206] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 106.731729] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 106.738472] [] ? check_preemption_disabled+0x3c/0x200 [ 106.745307] [] ? check_preemption_disabled+0x3c/0x200 [ 106.752146] [] ? check_preemption_disabled+0x3c/0x200 [ 106.758985] [] ? inet_sendmsg+0x143/0x4d0 [ 106.764781] [] inet_sendmsg+0x202/0x4d0 [ 106.770404] [] ? inet_sendmsg+0x76/0x4d0 [ 106.776115] [] ? inet_recvmsg+0x4d0/0x4d0 [ 106.781913] [] sock_sendmsg+0xbe/0x110 [ 106.787444] [] kernel_sendmsg+0x44/0x50 [ 106.793067] [] sock_no_sendpage+0x116/0x150 [ 106.799026] [] ? skb_page_frag_refill+0x3e0/0x3e0 [ 106.805509] [] ? timespec_trunc+0xc1/0x160 [ 106.811371] [] ? nsecs_to_jiffies+0x30/0x30 [ 106.817320] [] ? check_preemption_disabled+0x3c/0x200 [ 106.824135] [] ? inet_sendpage+0x14a/0x520 [ 106.830002] [] inet_sendpage+0x3bc/0x520 [ 106.835687] [] ? inet_sendpage+0x7c/0x520 [ 106.841467] [] kernel_sendpage+0x95/0xf0 [ 106.847166] [] ? inet_getname+0x3b0/0x3b0 [ 106.852939] [] sock_sendpage+0x8b/0xc0 [ 106.858452] [] ? kernel_sendpage+0xf0/0xf0 [ 106.864316] [] pipe_to_sendpage+0x28d/0x3d0 [ 106.870263] [] ? direct_splice_actor+0x1a0/0x1a0 [ 106.876645] [] ? splice_from_pipe_next.part.0+0x1e9/0x290 [ 106.883810] [] __splice_from_pipe+0x351/0x790 [ 106.889933] [] ? direct_splice_actor+0x1a0/0x1a0 [ 106.896348] [] ? direct_splice_actor+0x1a0/0x1a0 [ 106.902732] [] splice_from_pipe+0x108/0x170 [ 106.908686] [] ? splice_shrink_spd+0xb0/0xb0 [ 106.914721] [] ? security_file_permission+0x8f/0x1f0 [ 106.921453] [] generic_splice_sendpage+0x3c/0x50 [ 106.927832] [] ? splice_from_pipe+0x170/0x170 [ 106.933954] [] direct_splice_actor+0x126/0x1a0 [ 106.940174] [] splice_direct_to_actor+0x2c8/0x820 [ 106.946650] [] ? generic_pipe_buf_nosteal+0x10/0x10 [ 106.953291] [] ? do_splice_to+0x170/0x170 [ 106.959101] [] ? security_file_permission+0x8f/0x1f0 [ 106.965834] [] ? rw_verify_area+0xea/0x2b0 [ 106.971694] [] do_splice_direct+0x1a5/0x260 [ 106.977643] [] ? splice_direct_to_actor+0x820/0x820 [ 106.984296] [] ? selinux_file_permission+0x85/0x470 [ 106.990952] [] ? security_file_permission+0x8f/0x1f0 [ 106.998739] [] ? rw_verify_area+0xea/0x2b0 [ 107.004609] [] do_sendfile+0x503/0xc00 [ 107.010128] [] ? do_compat_pwritev64+0x180/0x180 [ 107.016509] [] ? __might_fault+0x114/0x1d0 [ 107.022371] [] SyS_sendfile64+0xd1/0x160 [ 107.028061] [] ? SyS_sendfile+0x160/0x160 [ 107.033858] [] ? do_syscall_64+0x4a/0x570 [ 107.039643] [] ? SyS_sendfile+0x160/0x160 [ 107.045470] [] do_syscall_64+0x1ad/0x570 [ 107.051169] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 107.058074] [ 107.059688] Allocated by task 3012: [ 107.063294] save_stack_trace+0x16/0x20 [ 107.067253] kasan_kmalloc.part.0+0x62/0xf0 [ 107.071549] kasan_kmalloc+0xb7/0xd0 [ 107.075244] kasan_slab_alloc+0xf/0x20 [ 107.079115] kmem_cache_alloc+0xd5/0x2b0 [ 107.083168] __alloc_skb+0xe7/0x5e0 [ 107.086787] alloc_skb_with_frags+0xb0/0x4f0 [ 107.091178] sock_alloc_send_pskb+0x5ec/0x760 [ 107.095658] sock_alloc_send_skb+0x32/0x40 [ 107.099878] raw_sendmsg+0x10ed/0x23e0 [ 107.103743] inet_sendmsg+0x202/0x4d0 [ 107.107519] sock_sendmsg+0xbe/0x110 [ 107.111216] kernel_sendmsg+0x44/0x50 [ 107.115001] sock_no_sendpage+0x116/0x150 [ 107.119125] inet_sendpage+0x3bc/0x520 [ 107.122991] kernel_sendpage+0x95/0xf0 [ 107.126852] sock_sendpage+0x8b/0xc0 [ 107.130540] pipe_to_sendpage+0x28d/0x3d0 [ 107.134735] __splice_from_pipe+0x351/0x790 [ 107.139045] splice_from_pipe+0x108/0x170 [ 107.143172] generic_splice_sendpage+0x3c/0x50 [ 107.147739] direct_splice_actor+0x126/0x1a0 [ 107.152132] splice_direct_to_actor+0x2c8/0x820 [ 107.156784] do_splice_direct+0x1a5/0x260 [ 107.160908] do_sendfile+0x503/0xc00 [ 107.164603] SyS_sendfile64+0xd1/0x160 [ 107.168472] do_syscall_64+0x1ad/0x570 [ 107.172343] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 107.177416] [ 107.179020] Freed by task 3012: [ 107.182276] save_stack_trace+0x16/0x20 [ 107.186230] kasan_slab_free+0xb0/0x190 [ 107.190183] kmem_cache_free+0xbe/0x310 [ 107.194134] kfree_skbmem+0x9f/0x100 [ 107.197824] kfree_skb+0xd4/0x350 [ 107.201255] ip_defrag+0x620/0x3bc0 [ 107.204862] ipv4_conntrack_defrag+0x1b4/0x2f0 [ 107.209421] nf_iterate+0x12e/0x310 [ 107.213024] nf_hook_slow+0x114/0x1f0 [ 107.216808] raw_sendmsg+0x1ccc/0x23e0 [ 107.220672] inet_sendmsg+0x202/0x4d0 [ 107.224451] sock_sendmsg+0xbe/0x110 [ 107.228140] kernel_sendmsg+0x44/0x50 [ 107.231917] sock_no_sendpage+0x116/0x150 [ 107.236048] inet_sendpage+0x3bc/0x520 [ 107.239910] kernel_sendpage+0x95/0xf0 [ 107.243770] sock_sendpage+0x8b/0xc0 [ 107.247461] pipe_to_sendpage+0x28d/0x3d0 [ 107.251710] __splice_from_pipe+0x351/0x790 [ 107.256017] splice_from_pipe+0x108/0x170 [ 107.260141] generic_splice_sendpage+0x3c/0x50 [ 107.264700] direct_splice_actor+0x126/0x1a0 [ 107.269084] splice_direct_to_actor+0x2c8/0x820 [ 107.273731] do_splice_direct+0x1a5/0x260 [ 107.277857] do_sendfile+0x503/0xc00 [ 107.281558] SyS_sendfile64+0xd1/0x160 [ 107.285428] do_syscall_64+0x1ad/0x570 [ 107.289298] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 107.294375] [ 107.295984] The buggy address belongs to the object at ffff8801cc1133c0 [ 107.295984] which belongs to the cache skbuff_head_cache of size 224 [ 107.309137] The buggy address is located 136 bytes inside of [ 107.309137] 224-byte region [ffff8801cc1133c0, ffff8801cc1134a0) [ 107.320990] The buggy address belongs to the page: [ 107.325903] page:ffffea00073044c0 count:1 mapcount:0 mapping: (null) index:0x0 [ 107.334154] flags: 0x4000000000000080(slab) [ 107.338451] page dumped because: kasan: bad access detected [ 107.344133] [ 107.345737] Memory state around the buggy address: [ 107.350640] ffff8801cc113300: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 107.357984] ffff8801cc113380: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 107.365328] >ffff8801cc113400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.372677] ^ [ 107.378367] ffff8801cc113480: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 107.385703] ffff8801cc113500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.393038] ================================================================== [ 107.400395] Disabling lock debugging due to kernel taint [ 107.409774] Kernel panic - not syncing: panic_on_warn set ... [ 107.409774] [ 107.417157] CPU: 0 PID: 3012 Comm: syz-executor0 Tainted: G B 4.9.154+ #25 [ 107.425281] ffff8801d04ff050 ffffffff81b47411 ffff8801d04ff100 ffffffff82e439da [ 107.433344] 00000000ffffffff 0000000000000000 ffffffff826028de ffff8801d04ff130 [ 107.441360] ffffffff813f725a 0000000041b58ab3 ffffffff82e35b02 ffffffff813f7081 [ 107.449362] Call Trace: [ 107.451928] [] dump_stack+0xc1/0x120 [ 107.457270] [] ? ipv4_conntrack_defrag+0x2ae/0x2f0 [ 107.463826] [] panic+0x1d9/0x3bd [ 107.468823] [] ? add_taint.cold+0x16/0x16 [ 107.474597] [] ? preempt_schedule_common+0x4f/0xe0 [ 107.481326] [] ? ipv4_conntrack_defrag+0x2ae/0x2f0 [ 107.487882] [] ? preempt_schedule+0x26/0x30 [ 107.493829] [] ? ___preempt_schedule+0x16/0x18 [ 107.500052] [] kasan_end_report+0x47/0x4f [ 107.505843] [] kasan_report.cold+0xa9/0x2ba [ 107.511808] [] ? nf_defrag_ipv4_enable+0x10/0x10 [ 107.518193] [] __asan_report_store4_noabort+0x17/0x20 [ 107.525008] [] ipv4_conntrack_defrag+0x2ae/0x2f0 [ 107.531683] [] nf_iterate+0x12e/0x310 [ 107.537113] [] nf_hook_slow+0x114/0x1f0 [ 107.542716] [] ? nf_iterate+0x310/0x310 [ 107.548316] [] raw_sendmsg+0x1ccc/0x23e0 [ 107.554003] [] ? raw_sendmsg+0x1851/0x23e0 [ 107.559871] [] ? avc_has_perm+0x164/0x3a0 [ 107.565661] [] ? compat_raw_setsockopt+0xd0/0xd0 [ 107.572052] [] ? __lock_acquire+0x5e5/0x4350 [ 107.578098] [] ? check_preemption_disabled+0x3c/0x200 [ 107.584917] [] ? ip4_datagram_release_cb+0x970/0x970 [ 107.591747] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 107.599260] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 107.605993] [] ? check_preemption_disabled+0x3c/0x200 [ 107.612806] [] ? check_preemption_disabled+0x3c/0x200 [ 107.619621] [] ? check_preemption_disabled+0x3c/0x200 [ 107.626438] [] ? inet_sendmsg+0x143/0x4d0 [ 107.632212] [] inet_sendmsg+0x202/0x4d0 [ 107.637813] [] ? inet_sendmsg+0x76/0x4d0 [ 107.643508] [] ? inet_recvmsg+0x4d0/0x4d0 [ 107.649284] [] sock_sendmsg+0xbe/0x110 [ 107.654798] [] kernel_sendmsg+0x44/0x50 [ 107.660419] [] sock_no_sendpage+0x116/0x150 [ 107.666365] [] ? skb_page_frag_refill+0x3e0/0x3e0 [ 107.672833] [] ? timespec_trunc+0xc1/0x160 [ 107.678709] [] ? nsecs_to_jiffies+0x30/0x30 [ 107.684754] [] ? check_preemption_disabled+0x3c/0x200 [ 107.691571] [] ? inet_sendpage+0x14a/0x520 [ 107.697432] [] inet_sendpage+0x3bc/0x520 [ 107.703121] [] ? inet_sendpage+0x7c/0x520 [ 107.708895] [] kernel_sendpage+0x95/0xf0 [ 107.714617] [] ? inet_getname+0x3b0/0x3b0 [ 107.720391] [] sock_sendpage+0x8b/0xc0 [ 107.725905] [] ? kernel_sendpage+0xf0/0xf0 [ 107.731766] [] pipe_to_sendpage+0x28d/0x3d0 [ 107.737713] [] ? direct_splice_actor+0x1a0/0x1a0 [ 107.744097] [] ? splice_from_pipe_next.part.0+0x1e9/0x290 [ 107.751352] [] __splice_from_pipe+0x351/0x790 [ 107.757476] [] ? direct_splice_actor+0x1a0/0x1a0 [ 107.763875] [] ? direct_splice_actor+0x1a0/0x1a0 [ 107.770257] [] splice_from_pipe+0x108/0x170 [ 107.776203] [] ? splice_shrink_spd+0xb0/0xb0 [ 107.782253] [] ? security_file_permission+0x8f/0x1f0 [ 107.788984] [] generic_splice_sendpage+0x3c/0x50 [ 107.795364] [] ? splice_from_pipe+0x170/0x170 [ 107.801484] [] direct_splice_actor+0x126/0x1a0 [ 107.807705] [] splice_direct_to_actor+0x2c8/0x820 [ 107.814185] [] ? generic_pipe_buf_nosteal+0x10/0x10 [ 107.820836] [] ? do_splice_to+0x170/0x170 [ 107.826633] [] ? security_file_permission+0x8f/0x1f0 [ 107.833381] [] ? rw_verify_area+0xea/0x2b0 [ 107.839242] [] do_splice_direct+0x1a5/0x260 [ 107.845191] [] ? splice_direct_to_actor+0x820/0x820 [ 107.851835] [] ? selinux_file_permission+0x85/0x470 [ 107.858495] [] ? security_file_permission+0x8f/0x1f0 [ 107.865223] [] ? rw_verify_area+0xea/0x2b0 [ 107.871084] [] do_sendfile+0x503/0xc00 [ 107.876600] [] ? do_compat_pwritev64+0x180/0x180 [ 107.882986] [] ? __might_fault+0x114/0x1d0 [ 107.888848] [] SyS_sendfile64+0xd1/0x160 [ 107.894540] [] ? SyS_sendfile+0x160/0x160 [ 107.900313] [] ? do_syscall_64+0x4a/0x570 [ 107.906087] [] ? SyS_sendfile+0x160/0x160 [ 107.911862] [] do_syscall_64+0x1ad/0x570 [ 107.917553] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 107.924948] Kernel Offset: disabled [ 107.928644] Rebooting in 86400 seconds..