[ 31.492173] audit: type=1800 audit(1538095410.090:25): pid=5857 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 31.511247] audit: type=1800 audit(1538095410.090:26): pid=5857 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 31.552734] audit: type=1800 audit(1538095410.090:27): pid=5857 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 32.550352] sshd (5992) used greatest stack depth: 16200 bytes left Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.32' (ECDSA) to the list of known hosts. syzkaller login: [ 38.881518] IPVS: ftp: loaded support on port[0] = 21 [ 39.000416] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.006955] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.013712] device bridge_slave_0 entered promiscuous mode [ 39.028046] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.034514] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.041298] device bridge_slave_1 entered promiscuous mode [ 39.055561] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 39.070398] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 39.107148] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 39.124453] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 39.132773] ip (6045) used greatest stack depth: 14744 bytes left [ 39.180829] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 39.187907] team0: Port device team_slave_0 added [ 39.201410] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 39.208477] team0: Port device team_slave_1 added [ 39.221776] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.237251] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.252443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.267892] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 39.370259] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.376671] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.383244] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.389609] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 39.746754] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 39.752835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.790641] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.829346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.836710] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 39.876337] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 39.882412] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.964348] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 40.115700] ================================================================== [ 40.123100] BUG: KASAN: use-after-free in tcf_block_find+0x9d1/0xb90 [ 40.129576] Read of size 4 at addr ffff8801d2734cf8 by task syz-executor350/6262 [ 40.137091] [ 40.138720] CPU: 1 PID: 6262 Comm: syz-executor350 Not tainted 4.19.0-rc5-next-20180927+ #82 [ 40.147283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.156619] Call Trace: [ 40.159192] dump_stack+0x1d3/0x2c4 [ 40.162808] ? dump_stack_print_info.cold.2+0x52/0x52 [ 40.167989] ? printk+0xa7/0xcf [ 40.171262] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 40.176018] print_address_description.cold.8+0x9/0x1ff [ 40.181419] kasan_report.cold.9+0x242/0x309 [ 40.185810] ? tcf_block_find+0x9d1/0xb90 [ 40.189942] __asan_report_load4_noabort+0x14/0x20 [ 40.194853] tcf_block_find+0x9d1/0xb90 [ 40.198810] tc_del_tfilter+0x42b/0x1290 [ 40.202859] ? tc_get_tfilter+0xa90/0xa90 [ 40.206995] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 40.212524] ? apparmor_capable+0x355/0x6c0 [ 40.216838] ? apparmor_cred_transfer+0x590/0x590 [ 40.221666] ? rtnetlink_rcv_msg+0x3d3/0xc20 [ 40.226063] ? lock_downgrade+0x900/0x900 [ 40.230198] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 40.235717] ? rtnl_get_link+0x170/0x370 [ 40.239766] ? tc_get_tfilter+0xa90/0xa90 [ 40.243913] rtnetlink_rcv_msg+0x46a/0xc20 [ 40.248132] ? rtnetlink_put_metrics+0x690/0x690 [ 40.252878] netlink_rcv_skb+0x172/0x440 [ 40.256936] ? rtnetlink_put_metrics+0x690/0x690 [ 40.261681] ? netlink_ack+0xb80/0xb80 [ 40.265568] rtnetlink_rcv+0x1c/0x20 [ 40.269267] netlink_unicast+0x5a5/0x760 [ 40.273312] ? netlink_attachskb+0x9a0/0x9a0 [ 40.277703] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.283222] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 40.288222] netlink_sendmsg+0xa18/0xfc0 [ 40.292270] ? netlink_unicast+0x760/0x760 [ 40.296486] ? aa_sock_msg_perm.isra.12+0xba/0x160 [ 40.301397] ? apparmor_socket_sendmsg+0x29/0x30 [ 40.306143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.311664] ? security_socket_sendmsg+0x94/0xc0 [ 40.316401] ? netlink_unicast+0x760/0x760 [ 40.320620] sock_sendmsg+0xd5/0x120 [ 40.324319] ___sys_sendmsg+0x7fd/0x930 [ 40.328276] ? copy_msghdr_from_user+0x580/0x580 [ 40.333027] ? lock_downgrade+0x900/0x900 [ 40.337165] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 40.342343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.347862] ? __fget_light+0x2e9/0x430 [ 40.351819] ? fget_raw+0x20/0x20 [ 40.355271] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.360791] ? __fd_install+0x2f9/0x8f0 [ 40.364755] ? routing_ioctl+0x890/0x890 [ 40.368819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.374342] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 40.379862] ? sockfd_lookup_light+0xc5/0x160 [ 40.384339] __sys_sendmsg+0x11d/0x280 [ 40.388211] ? __ia32_sys_shutdown+0x80/0x80 [ 40.392604] ? up_read+0x225/0x2c0 [ 40.396128] ? fd_install+0x4d/0x60 [ 40.399741] ? trace_hardirqs_off_caller+0x300/0x300 [ 40.404826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.410343] ? ksys_ioctl+0x81/0xd0 [ 40.413953] __x64_sys_sendmsg+0x78/0xb0 [ 40.417997] do_syscall_64+0x1b9/0x820 [ 40.421877] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 40.427223] ? syscall_return_slowpath+0x5e0/0x5e0 [ 40.432140] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 40.436967] ? trace_hardirqs_off+0x310/0x310 [ 40.441445] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 40.446445] ? prepare_exit_to_usermode+0x291/0x3b0 [ 40.451455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 40.456297] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.461483] RIP: 0033:0x441aa9 [ 40.464667] Code: e8 0c ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 04 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 40.483551] RSP: 002b:00007ffce95a28a8 EFLAGS: 00000213 ORIG_RAX: 000000000000002e [ 40.491241] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441aa9 [ 40.498510] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 40.505815] RBP: 0000000000009c97 R08: 0000000000000000 R09: 0000000000000000 [ 40.513074] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000000000 [ 40.520370] R13: 00000000004024c0 R14: 0000000000000000 R15: 0000000000000000 [ 40.527624] [ 40.529231] Allocated by task 6162: [ 40.532840] save_stack+0x43/0xd0 [ 40.536277] kasan_kmalloc+0xc7/0xe0 [ 40.539973] __kmalloc_node+0x47/0x70 [ 40.543757] qdisc_alloc+0x10f/0xb50 [ 40.547470] qdisc_create_dflt+0x7a/0x1e0 [ 40.551602] dev_activate+0x82f/0xcb0 [ 40.555383] __dev_open+0x2cb/0x410 [ 40.558992] __dev_change_flags+0x730/0x9b0 [ 40.563304] dev_change_flags+0x89/0x150 [ 40.567356] do_setlink+0xb5f/0x3f20 [ 40.571057] rtnl_newlink+0x136f/0x1d40 [ 40.575029] rtnetlink_rcv_msg+0x46a/0xc20 [ 40.579255] netlink_rcv_skb+0x172/0x440 [ 40.583298] rtnetlink_rcv+0x1c/0x20 [ 40.587023] netlink_unicast+0x5a5/0x760 [ 40.591071] netlink_sendmsg+0xa18/0xfc0 [ 40.595114] sock_sendmsg+0xd5/0x120 [ 40.598806] ___sys_sendmsg+0x7fd/0x930 [ 40.602793] __sys_sendmsg+0x11d/0x280 [ 40.606664] __x64_sys_sendmsg+0x78/0xb0 [ 40.610706] do_syscall_64+0x1b9/0x820 [ 40.614583] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.619746] [ 40.621354] Freed by task 16: [ 40.624449] save_stack+0x43/0xd0 [ 40.627895] __kasan_slab_free+0x102/0x150 [ 40.632139] kasan_slab_free+0xe/0x10 [ 40.635953] kfree+0xcf/0x230 [ 40.639046] qdisc_free+0x89/0x100 [ 40.642569] qdisc_free_cb+0x19/0x20 [ 40.646266] rcu_process_callbacks+0xff9/0x1ad0 [ 40.650919] __do_softirq+0x30b/0xb03 [ 40.654696] [ 40.656312] The buggy address belongs to the object at ffff8801d2734cc0 [ 40.656312] which belongs to the cache kmalloc-2k of size 2048 [ 40.668965] The buggy address is located 56 bytes inside of [ 40.668965] 2048-byte region [ffff8801d2734cc0, ffff8801d27354c0) [ 40.680829] The buggy address belongs to the page: [ 40.685738] page:ffffea000749cd00 count:1 mapcount:0 mapping:ffff8801da800c40 index:0x0 compound_mapcount: 0 [ 40.695687] flags: 0x2fffc0000010200(slab|head) [ 40.700339] raw: 02fffc0000010200 ffffea000746e888 ffffea000747fb88 ffff8801da800c40 [ 40.708202] raw: 0000000000000000 ffff8801d2734440 0000000100000003 0000000000000000 [ 40.716060] page dumped because: kasan: bad access detected [ 40.721744] [ 40.723351] Memory state around the buggy address: [ 40.728263] ffff8801d2734b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 40.735603] ffff8801d2734c00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 40.742940] >ffff8801d2734c80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 40.750284] ^ [ 40.757544] ffff8801d2734d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 40.764884] ffff8801d2734d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 40.772229] ================================================================== [ 40.780543] kernel tried to execute NX-protected page - exploit attempt? (uid: 0) [ 40.788171] BUG: unable to handle kernel paging request at ffff8801ce1b5600 [ 40.795252] PGD c201067 P4D c201067 PUD 1d9bca063 PMD 80000001ce0001e3 [ 40.801997] Oops: 0011 [#1] PREEMPT SMP KASAN [ 40.806487] CPU: 1 PID: 6262 Comm: syz-executor350 Tainted: G B 4.19.0-rc5-next-20180927+ #82 [ 40.816444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.825789] RIP: 0010:0xffff8801ce1b5600 [ 40.829836] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 52 cf ce 01 88 ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ff ff [ 40.848720] RSP: 0018:ffff8801dad06c78 EFLAGS: 00010292 [ 40.854067] RAX: ffff8801ce1b5600 RBX: ffff8801ce94cc80 RCX: ffffffff8619506f [ 40.861319] RDX: ffff8801dad06e20 RSI: ffff8801d2734cc0 RDI: ffff8801ce94cc80 [ 40.868572] RBP: ffff8801dad071d0 R08: ffff8801cf3fc0c0 R09: 0000000000000000 [ 40.875823] R10: ffff8801dad071e8 R11: 0000000000000000 R12: 0000000000000000 [ 40.883074] R13: ffff8801d2734cc0 R14: 0000000000000100 R15: 0000000000000000 [ 40.890329] FS: 0000000001a63880(0000) GS:ffff8801dad00000(0000) knlGS:0000000000000000 [ 40.898542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.904411] CR2: ffff8801ce1b5600 CR3: 00000001cd5c2000 CR4: 00000000001406e0 [ 40.911665] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.918915] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.926165] Call Trace: [ 40.928727] [ 40.930881] ? __dev_queue_xmit+0x1837/0x3950 [ 40.935362] ? mark_held_locks+0x130/0x130 [ 40.939581] ? __kmalloc_node_track_caller+0x47/0x70 [ 40.944668] ? __kmalloc_reserve.isra.39+0x41/0xe0 [ 40.949581] ? netdev_pick_tx+0x2d0/0x2d0 [ 40.953713] ? mark_held_locks+0x50/0x130 [ 40.957848] ? lock_downgrade+0x900/0x900 [ 40.961983] ? tcf_block_find+0x9d1/0xb90 [ 40.966126] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 40.971045] ? ___sys_sendmsg+0x7fd/0x930 [ 40.975250] ? __x64_sys_sendmsg+0x78/0xb0 [ 40.979471] ? do_syscall_64+0x1b9/0x820 [ 40.983542] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.988893] ? kasan_check_write+0x14/0x20 [ 40.993115] ? mark_held_locks+0x130/0x130 [ 40.997336] ? fib_rules_lookup+0x54c/0xcc0 [ 41.001642] ? fib_rules_net_exit+0x120/0x120 [ 41.006122] ? update_stack_state+0x1a5/0x690 [ 41.010601] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 41.016125] ? ipv6_skip_exthdr+0x416/0x760 [ 41.020435] ? ipv6_find_tlv+0x260/0x260 [ 41.024476] ? memcpy+0x45/0x50 [ 41.027756] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.033285] ? ip6mr_fib_lookup.isra.21+0x1f0/0x2b0 [ 41.038291] ? ipv6_chk_mcast_addr+0x350/0x940 [ 41.042856] ? lock_downgrade+0x900/0x900 [ 41.046987] ? trace_hardirqs_on+0xbd/0x310 [ 41.051300] ? lock_release+0x970/0x970 [ 41.055263] ? _raw_read_unlock_bh+0x30/0x40 [ 41.059672] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 41.064588] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 41.070112] ? ip6_finish_output+0x4de/0xbc0 [ 41.074508] ? lock_downgrade+0x900/0x900 [ 41.078641] ? trace_hardirqs_on+0xbd/0x310 [ 41.082978] ? trace_hardirqs_off_caller+0x300/0x300 [ 41.088075] dev_queue_xmit+0x17/0x20 [ 41.091858] ? dev_queue_xmit+0x17/0x20 [ 41.095815] ip6_finish_output2+0x1342/0x27a0 [ 41.100302] ? ip6_copy_metadata+0xe30/0xe30 [ 41.104700] ? ip6_mtu+0x39c/0x520 [ 41.108240] ? lock_downgrade+0x900/0x900 [ 41.112384] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 41.117299] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 41.122830] ? ipv6_confirm+0x46e/0x680 [ 41.126786] ? ipv6_helper+0x3c7/0x570 [ 41.130659] ? ip6_mtu+0x160/0x520 [ 41.134182] ? dst_hold+0x2f0/0x2f0 [ 41.137793] ip6_finish_output+0x4de/0xbc0 [ 41.142023] ? ip6_finish_output+0x4de/0xbc0 [ 41.146420] ip6_output+0x23e/0x9f0 [ 41.150034] ? ip6_finish_output+0xbc0/0xbc0 [ 41.154449] ? ip6_fragment+0x38e0/0x38e0 [ 41.158583] ? ip6_mtu_from_fib6+0x770/0x770 [ 41.162975] mld_sendpack+0xae7/0xfb0 [ 41.166760] ? nf_hook.constprop.41+0x960/0x960 [ 41.171435] ? _raw_read_unlock_bh+0x30/0x40 [ 41.175830] ? trace_hardirqs_off_caller+0x300/0x300 [ 41.180919] ? __local_bh_enable_ip+0x160/0x260 [ 41.185571] mld_ifc_timer_expire+0x447/0x8a0 [ 41.190054] call_timer_fn+0x26d/0x920 [ 41.193923] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 41.198576] ? process_timeout+0x40/0x40 [ 41.202621] ? trace_hardirqs_off+0xb8/0x310 [ 41.207049] ? kasan_check_read+0x11/0x20 [ 41.211195] ? do_raw_spin_unlock+0xa7/0x2f0 [ 41.215591] ? trace_hardirqs_on_caller+0x310/0x310 [ 41.220589] ? __run_timers+0x7d5/0xc60 [ 41.224555] ? lock_downgrade+0x900/0x900 [ 41.228697] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 41.233802] ? trace_hardirqs_on+0xbd/0x310 [ 41.238116] ? kasan_check_read+0x11/0x20 [ 41.242275] ? __run_timers+0x7d5/0xc60 [ 41.246345] ? trace_hardirqs_off_caller+0x300/0x300 [ 41.251431] ? kasan_check_write+0x14/0x20 [ 41.255650] ? do_raw_spin_lock+0xc1/0x200 [ 41.259886] ? mld_dad_timer_expire+0x1b0/0x1b0 [ 41.264553] __run_timers+0x7e0/0xc60 [ 41.268340] ? __bpf_trace_timer_expire_entry+0x30/0x30 [ 41.273693] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 41.278707] ? timerqueue_add+0x207/0x2b0 [ 41.282840] ? enqueue_hrtimer+0x1a0/0x560 [ 41.287060] ? lock_release+0x970/0x970 [ 41.291023] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 41.296202] ? kasan_check_write+0x14/0x20 [ 41.300433] ? pvclock_read_flags+0x160/0x160 [ 41.304911] ? lock_downgrade+0x900/0x900 [ 41.309049] ? trace_hardirqs_on+0xbd/0x310 [ 41.313353] ? kvm_sched_clock_read+0x9/0x20 [ 41.317745] ? irq_exit+0x17f/0x1c0 [ 41.321358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.326879] ? check_preemption_disabled+0x48/0x200 [ 41.331880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.337421] run_timer_softirq+0x52/0xb0 [ 41.341479] ? __this_cpu_preempt_check+0x1c/0x1f [ 41.346305] __do_softirq+0x30b/0xb03 [ 41.350093] ? __irqentry_text_end+0x1f9698/0x1f9698 [ 41.355180] ? pvclock_read_flags+0x160/0x160 [ 41.359655] ? lapic_next_event+0x5a/0x90 [ 41.363785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.369305] ? clockevents_program_event+0x140/0x370 [ 41.374393] ? kvm_clock_read+0x18/0x30 [ 41.378349] ? kvm_sched_clock_read+0x9/0x20 [ 41.382740] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.388259] ? check_preemption_disabled+0x48/0x200 [ 41.393260] irq_exit+0x17f/0x1c0 [ 41.396701] smp_apic_timer_interrupt+0x1cb/0x750 [ 41.401527] ? smp_reschedule_interrupt+0x109/0x650 [ 41.406546] ? smp_call_function_single_interrupt+0x640/0x640 [ 41.412438] ? interrupt_entry+0xb5/0xc0 [ 41.416486] ? trace_hardirqs_off_caller+0xbb/0x300 [ 41.421488] ? trace_hardirqs_off_caller+0xbb/0x300 [ 41.426492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 41.431317] ? trace_hardirqs_off+0x310/0x310 [ 41.435793] ? trace_hardirqs_off+0x310/0x310 [ 41.440272] ? task_prio+0x50/0x50 [ 41.443797] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.449317] ? check_preemption_disabled+0x48/0x200 [ 41.454320] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 41.459150] apic_timer_interrupt+0xf/0x20 [ 41.463361] [ 41.465583] RIP: 0010:_raw_spin_unlock_irqrestore+0xaf/0xd0 [ 41.471278] Code: d0 36 72 89 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 28 48 83 3d 98 39 ad 01 00 74 15 48 89 df 57 9d <0f> 1f 44 00 00 eb ad e8 ec 81 3b f9 eb bb 0f 0b 0f 0b e8 4a 00 fc [ 41.490181] RSP: 0018:ffff8801bab672a0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 41.497871] RAX: dffffc0000000000 RBX: 0000000000000282 RCX: ffffffff8183725a [ 41.505122] RDX: 1ffffffff12e46da RSI: ffffffff81837274 RDI: 0000000000000282 [ 41.512373] RBP: ffff8801bab672b0 R08: ffff8801cf3fc0c0 R09: fffffbfff1307cec [ 41.519629] R10: fffffbfff1307cec R11: ffffffff8983e763 R12: ffffffff8983e760 [ 41.526890] R13: 0000000000000000 R14: ffff8801d2734cf8 R15: ffff8801bab674d0 [ 41.534163] ? trace_hardirqs_on+0x9a/0x310 [ 41.538469] ? trace_hardirqs_on+0xb4/0x310 [ 41.542778] kasan_end_report+0x32/0x4f [ 41.546742] kasan_report.cold.9+0x76/0x309 [ 41.551049] ? tcf_block_find+0x9d1/0xb90 [ 41.555182] __asan_report_load4_noabort+0x14/0x20 [ 41.560094] tcf_block_find+0x9d1/0xb90 [ 41.564055] tc_del_tfilter+0x42b/0x1290 [ 41.568102] ? tc_get_tfilter+0xa90/0xa90 [ 41.572238] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 41.577764] ? apparmor_capable+0x355/0x6c0 [ 41.582083] ? apparmor_cred_transfer+0x590/0x590 [ 41.586912] ? rtnetlink_rcv_msg+0x3d3/0xc20 [ 41.591306] ? lock_downgrade+0x900/0x900 [ 41.595438] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 41.600960] ? rtnl_get_link+0x170/0x370 [ 41.605019] ? tc_get_tfilter+0xa90/0xa90 [ 41.609154] rtnetlink_rcv_msg+0x46a/0xc20 [ 41.613372] ? rtnetlink_put_metrics+0x690/0x690 [ 41.618114] netlink_rcv_skb+0x172/0x440 [ 41.622160] ? rtnetlink_put_metrics+0x690/0x690 [ 41.626899] ? netlink_ack+0xb80/0xb80 [ 41.630775] rtnetlink_rcv+0x1c/0x20 [ 41.634471] netlink_unicast+0x5a5/0x760 [ 41.638517] ? netlink_attachskb+0x9a0/0x9a0 [ 41.642914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.648434] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 41.653435] netlink_sendmsg+0xa18/0xfc0 [ 41.657483] ? netlink_unicast+0x760/0x760 [ 41.661701] ? aa_sock_msg_perm.isra.12+0xba/0x160 [ 41.666616] ? apparmor_socket_sendmsg+0x29/0x30 [ 41.671354] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.676873] ? security_socket_sendmsg+0x94/0xc0 [ 41.681611] ? netlink_unicast+0x760/0x760 [ 41.685828] sock_sendmsg+0xd5/0x120 [ 41.689524] ___sys_sendmsg+0x7fd/0x930 [ 41.693508] ? copy_msghdr_from_user+0x580/0x580 [ 41.698256] ? lock_downgrade+0x900/0x900 [ 41.702386] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 41.707561] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.713079] ? __fget_light+0x2e9/0x430 [ 41.717036] ? fget_raw+0x20/0x20 [ 41.720487] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.726026] ? __fd_install+0x2f9/0x8f0 [ 41.730013] ? routing_ioctl+0x890/0x890 [ 41.734083] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.739632] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 41.745157] ? sockfd_lookup_light+0xc5/0x160 [ 41.749638] __sys_sendmsg+0x11d/0x280 [ 41.753511] ? __ia32_sys_shutdown+0x80/0x80 [ 41.757906] ? up_read+0x225/0x2c0 [ 41.761429] ? fd_install+0x4d/0x60 [ 41.765048] ? trace_hardirqs_off_caller+0x300/0x300 [ 41.770134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.775828] ? ksys_ioctl+0x81/0xd0 [ 41.779437] __x64_sys_sendmsg+0x78/0xb0 [ 41.783483] do_syscall_64+0x1b9/0x820 [ 41.787356] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 41.792701] ? syscall_return_slowpath+0x5e0/0x5e0 [ 41.797611] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 41.802440] ? trace_hardirqs_off+0x310/0x310 [ 41.806919] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 41.811920] ? prepare_exit_to_usermode+0x291/0x3b0 [ 41.816919] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 41.821745] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.826922] RIP: 0033:0x441aa9 [ 41.830113] Code: e8 0c ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 04 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 41.849026] RSP: 002b:00007ffce95a28a8 EFLAGS: 00000213 ORIG_RAX: 000000000000002e [ 41.856721] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441aa9 [ 41.863971] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 41.871220] RBP: 0000000000009c97 R08: 0000000000000000 R09: 0000000000000000 [ 41.878472] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000000000 [ 41.885730] R13: 00000000004024c0 R14: 0000000000000000 R15: 0000000000000000 [ 41.892982] Modules linked in: [ 41.896166] CR2: ffff8801ce1b5600 [ 41.899603] ---[ end trace cd47256cd17c2985 ]--- [ 41.904340] RIP: 0010:0xffff8801ce1b5600 [ 41.908386] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 52 cf ce 01 88 ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ff ff [ 41.927267] RSP: 0018:ffff8801dad06c78 EFLAGS: 00010292 [ 41.932616] RAX: ffff8801ce1b5600 RBX: ffff8801ce94cc80 RCX: ffffffff8619506f [ 41.939870] RDX: ffff8801dad06e20 RSI: ffff8801d2734cc0 RDI: ffff8801ce94cc80 [ 41.947126] RBP: ffff8801dad071d0 R08: ffff8801cf3fc0c0 R09: 0000000000000000 [ 41.954377] R10: ffff8801dad071e8 R11: 0000000000000000 R12: 0000000000000000 [ 41.961631] R13: ffff8801d2734cc0 R14: 0000000000000100 R15: 0000000000000000 [ 41.968882] FS: 0000000001a63880(0000) GS:ffff8801dad00000(0000) knlGS:0000000000000000 [ 41.977090] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.982952] CR2: ffff8801ce1b5600 CR3: 00000001cd5c2000 CR4: 00000000001406e0 [ 41.990204] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.997456] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.005404] Kernel panic - not syncing: Fatal exception in interrupt [ 42.012851] Kernel Offset: disabled [ 42.016473] Rebooting in 86400 seconds..