[info] Using makefile-style concurrent boot in runlevel 2. [ 24.371185] audit: type=1800 audit(1544542458.791:21): pid=5805 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [ 24.424922] audit: type=1800 audit(1544542458.791:22): pid=5805 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.47' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 53.390923] Started in network mode [ 53.395004] Own node identity 00000000000000000000000000000001, cluster identity 4711 [ 53.403555] New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa [ 53.410897] ================================================================== [ 53.418336] BUG: KASAN: use-after-free in kfree_skb+0xb7/0x580 [ 53.424290] Read of size 4 at addr ffff8881cbf35f24 by task syz-executor257/5962 [ 53.431817] [ 53.433456] CPU: 1 PID: 5962 Comm: syz-executor257 Not tainted 4.20.0-rc6+ #338 [ 53.440889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.450337] Call Trace: [ 53.452930] dump_stack+0x244/0x39d [ 53.456576] ? dump_stack_print_info.cold.1+0x20/0x20 [ 53.461750] ? printk+0xa7/0xcf [ 53.465013] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 53.469765] print_address_description.cold.7+0x9/0x1ff [ 53.475125] kasan_report.cold.8+0x242/0x309 [ 53.479524] ? kfree_skb+0xb7/0x580 [ 53.483311] check_memory_region+0x13e/0x1b0 [ 53.487713] kasan_check_read+0x11/0x20 [ 53.491672] kfree_skb+0xb7/0x580 [ 53.495114] ? __kfree_skb+0x20/0x20 [ 53.498822] ? skb_tstamp_tx+0x50/0x50 [ 53.502705] tipc_udp_send_msg+0x5af/0x680 [ 53.507241] ? tipc_udp_xmit.isra.14+0xee0/0xee0 [ 53.511985] ? bearer_get+0x2f8/0x4e0 [ 53.515773] ? __tipc_nl_add_media+0xca0/0xca0 [ 53.520340] ? kasan_check_read+0x11/0x20 [ 53.524473] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 53.529731] ? rcu_softirq_qs+0x20/0x20 [ 53.533689] ? tipc_disc_remove_dest+0x120/0x120 [ 53.538429] ? tipc_enable_bearer+0x90d/0xf10 [ 53.543046] ? rcu_read_lock_sched_held+0x14f/0x180 [ 53.548063] tipc_bearer_xmit_skb+0x171/0x350 [ 53.552545] tipc_enable_bearer+0xc5e/0xf10 [ 53.556852] ? mutex_trylock+0x2b0/0x2b0 [ 53.560909] ? tipc_bearer_xmit_skb+0x350/0x350 [ 53.565577] ? nla_memcmp+0x90/0x90 [ 53.569203] ? lock_release+0xa00/0xa00 [ 53.573165] ? perf_trace_sched_process_exec+0x860/0x860 [ 53.578593] ? mark_held_locks+0x130/0x130 [ 53.582813] ? check_preemption_disabled+0x48/0x280 [ 53.587832] __tipc_nl_bearer_enable+0x37c/0x4a0 [ 53.592568] ? __tipc_nl_bearer_enable+0x37c/0x4a0 [ 53.597482] ? tipc_nl_bearer_disable+0x30/0x30 [ 53.602305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.607836] ? __nla_parse+0x12c/0x3e0 [ 53.611712] tipc_nl_bearer_enable+0x22/0x30 [ 53.616232] genl_family_rcv_msg+0x8a7/0x11a0 [ 53.620731] ? genl_unregister_family+0x8a0/0x8a0 [ 53.625574] ? lock_downgrade+0x900/0x900 [ 53.629709] ? check_preemption_disabled+0x48/0x280 [ 53.634709] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 53.639626] ? kasan_check_read+0x11/0x20 [ 53.643757] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 53.649016] ? rcu_softirq_qs+0x20/0x20 [ 53.652981] genl_rcv_msg+0xc6/0x168 [ 53.656779] netlink_rcv_skb+0x172/0x440 [ 53.660845] ? genl_family_rcv_msg+0x11a0/0x11a0 [ 53.665599] ? netlink_ack+0xb80/0xb80 [ 53.669471] ? down_read+0x8d/0x120 [ 53.673097] genl_rcv+0x28/0x40 [ 53.676502] netlink_unicast+0x5a5/0x760 [ 53.680560] ? netlink_attachskb+0x9a0/0x9a0 [ 53.684972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.690497] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 53.695501] netlink_sendmsg+0xa18/0xfc0 [ 53.699559] ? netlink_unicast+0x760/0x760 [ 53.703779] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 53.708699] ? apparmor_socket_sendmsg+0x29/0x30 [ 53.713440] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.719041] ? security_socket_sendmsg+0x94/0xc0 [ 53.723802] ? netlink_unicast+0x760/0x760 [ 53.728023] sock_sendmsg+0xd5/0x120 [ 53.731724] ___sys_sendmsg+0x7fd/0x930 [ 53.735695] ? copy_msghdr_from_user+0x580/0x580 [ 53.740454] ? blkcg_maybe_throttle_current+0xa38/0x1080 [ 53.745897] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.751419] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.756947] ? __fget_light+0x2e9/0x430 [ 53.760908] ? fget_raw+0x20/0x20 [ 53.764347] ? task_work_run+0x1af/0x2a0 [ 53.768393] ? _raw_spin_unlock_irq+0x27/0x80 [ 53.772875] ? _raw_spin_unlock_irq+0x27/0x80 [ 53.777357] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 53.781928] ? trace_hardirqs_on+0xbd/0x310 [ 53.786229] ? kasan_check_read+0x11/0x20 [ 53.790362] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 53.795881] ? sockfd_lookup_light+0xc5/0x160 [ 53.800364] __sys_sendmsg+0x11d/0x280 [ 53.804244] ? __ia32_sys_shutdown+0x80/0x80 [ 53.808639] ? do_syscall_64+0x6be/0x820 [ 53.812684] ? trace_hardirqs_on+0x310/0x310 [ 53.817076] ? do_syscall_64+0x9a/0x820 [ 53.821038] ? do_syscall_64+0x9a/0x820 [ 53.825005] ? trace_hardirqs_off_caller+0x310/0x310 [ 53.830091] __x64_sys_sendmsg+0x78/0xb0 [ 53.834133] do_syscall_64+0x1b9/0x820 [ 53.838001] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 53.843342] ? syscall_return_slowpath+0x5e0/0x5e0 [ 53.848251] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 53.853073] ? trace_hardirqs_on_caller+0x310/0x310 [ 53.858067] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 53.863073] ? prepare_exit_to_usermode+0x291/0x3b0 [ 53.868076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 53.872918] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 53.878091] RIP: 0033:0x4446f9 [ 53.881270] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 53.900148] RSP: 002b:00007ffdb2814ca8 EFLAGS: 00000213 ORIG_RAX: 000000000000002e [ 53.907834] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 00000000004446f9 [ 53.915090] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 0000000000000003 [ 53.922341] RBP: 00000000006cf018 R08: 0000000000000000 R09: 00000000004002e0 [ 53.929592] R10: 0000000000000000 R11: 0000000000000213 R12: 00000000004023a0 [ 53.936874] R13: 0000000000402430 R14: 0000000000000000 R15: 0000000000000000 [ 53.944138] [ 53.945752] Allocated by task 5962: [ 53.949381] save_stack+0x43/0xd0 [ 53.952813] kasan_kmalloc+0xc7/0xe0 [ 53.956511] kasan_slab_alloc+0x12/0x20 [ 53.960525] kmem_cache_alloc_node+0x144/0x730 [ 53.965094] __alloc_skb+0x119/0x770 [ 53.968795] __pskb_copy_fclone+0x16b/0xeb0 [ 53.973104] tipc_udp_send_msg+0x457/0x680 [ 53.977320] tipc_bearer_xmit_skb+0x171/0x350 [ 53.981798] tipc_enable_bearer+0xc5e/0xf10 [ 53.986110] __tipc_nl_bearer_enable+0x37c/0x4a0 [ 53.990994] tipc_nl_bearer_enable+0x22/0x30 [ 53.995403] genl_family_rcv_msg+0x8a7/0x11a0 [ 53.999878] genl_rcv_msg+0xc6/0x168 [ 54.003574] netlink_rcv_skb+0x172/0x440 [ 54.007611] genl_rcv+0x28/0x40 [ 54.010870] netlink_unicast+0x5a5/0x760 [ 54.014909] netlink_sendmsg+0xa18/0xfc0 [ 54.018960] sock_sendmsg+0xd5/0x120 [ 54.022665] ___sys_sendmsg+0x7fd/0x930 [ 54.026621] __sys_sendmsg+0x11d/0x280 [ 54.030491] __x64_sys_sendmsg+0x78/0xb0 [ 54.034534] do_syscall_64+0x1b9/0x820 [ 54.038457] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 54.043630] [ 54.045245] Freed by task 5962: [ 54.048531] save_stack+0x43/0xd0 [ 54.051968] __kasan_slab_free+0x102/0x150 [ 54.056227] kasan_slab_free+0xe/0x10 [ 54.060017] kmem_cache_free+0x83/0x290 [ 54.063971] kfree_skbmem+0x154/0x230 [ 54.067752] kfree_skb+0x1c3/0x580 [ 54.071288] tipc_udp_xmit.isra.14+0x41e/0xee0 [ 54.075867] tipc_udp_send_msg+0x3a1/0x680 [ 54.080089] tipc_bearer_xmit_skb+0x171/0x350 [ 54.084572] tipc_enable_bearer+0xc5e/0xf10 [ 54.088873] __tipc_nl_bearer_enable+0x37c/0x4a0 [ 54.093612] tipc_nl_bearer_enable+0x22/0x30 [ 54.098004] genl_family_rcv_msg+0x8a7/0x11a0 [ 54.102490] genl_rcv_msg+0xc6/0x168 [ 54.106180] netlink_rcv_skb+0x172/0x440 [ 54.110254] genl_rcv+0x28/0x40 [ 54.113519] netlink_unicast+0x5a5/0x760 [ 54.117558] netlink_sendmsg+0xa18/0xfc0 [ 54.121602] sock_sendmsg+0xd5/0x120 [ 54.125296] ___sys_sendmsg+0x7fd/0x930 [ 54.129247] __sys_sendmsg+0x11d/0x280 [ 54.133114] __x64_sys_sendmsg+0x78/0xb0 [ 54.137157] do_syscall_64+0x1b9/0x820 [ 54.141025] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 54.146187] [ 54.147796] The buggy address belongs to the object at ffff8881cbf35e40 [ 54.147796] which belongs to the cache skbuff_head_cache of size 232 [ 54.160956] The buggy address is located 228 bytes inside of [ 54.160956] 232-byte region [ffff8881cbf35e40, ffff8881cbf35f28) [ 54.172804] The buggy address belongs to the page: [ 54.177712] page:ffffea00072fcd40 count:1 mapcount:0 mapping:ffff8881d9be6780 index:0x0 [ 54.185831] flags: 0x2fffc0000000200(slab) [ 54.190067] raw: 02fffc0000000200 ffffea0007060988 ffff8881d9bda148 ffff8881d9be6780 [ 54.197931] raw: 0000000000000000 ffff8881cbf35080 000000010000000c 0000000000000000 [ 54.205794] page dumped because: kasan: bad access detected [ 54.211477] [ 54.213085] Memory state around the buggy address: [ 54.217990] ffff8881cbf35e00: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 54.225334] ffff8881cbf35e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 54.232677] >ffff8881cbf35f00: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc [ 54.240013] ^ [ 54.244401] ffff8881cbf35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 54.251741] ffff8881cbf36000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 54.259203] ================================================================== [ 54.266580] Disabling lock debugging due to kernel taint [ 54.272230] ================================================================== [ 54.279606] BUG: KASAN: double-free or invalid-free in skb_free_head+0x99/0xc0 [ 54.286945] [ 54.288561] CPU: 1 PID: 5962 Comm: syz-executor257 Tainted: G B 4.20.0-rc6+ #338 [ 54.297375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.306705] Call Trace: [ 54.309270] [ 54.311416] dump_stack+0x244/0x39d [ 54.315025] ? dump_stack_print_info.cold.1+0x20/0x20 [ 54.320196] ? printk+0xa7/0xcf [ 54.323477] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 54.328400] ? debug_check_no_obj_freed+0x305/0x58d [ 54.333401] print_address_description.cold.7+0x9/0x1ff [ 54.338757] ? skb_free_head+0x99/0xc0 [ 54.342627] kasan_report_invalid_free+0x64/0xa0 [ 54.347517] ? skb_free_head+0x99/0xc0 [ 54.351387] __kasan_slab_free+0x13a/0x150 [ 54.355607] ? skb_free_head+0x99/0xc0 [ 54.359475] kasan_slab_free+0xe/0x10 [ 54.363266] kfree+0xcf/0x230 [ 54.366351] skb_free_head+0x99/0xc0 [ 54.370046] skb_release_data+0x70c/0x9a0 [ 54.374178] ? __copy_skb_header+0x350/0x6b0 [ 54.378574] ? skb_tx_error+0x410/0x410 [ 54.382532] ? tipc_udp_xmit.isra.14+0x423/0xee0 [ 54.387269] ? kasan_end_report+0x32/0x4f [ 54.391393] ? kasan_report.cold.8+0x76/0x309 [ 54.395874] skb_release_all+0x4a/0x60 [ 54.399751] kfree_skb+0x1bb/0x580 [ 54.403271] ? tipc_udp_send_msg+0x5af/0x680 [ 54.407660] ? __kfree_skb+0x20/0x20 [ 54.411354] ? skb_tstamp_tx+0x50/0x50 [ 54.415312] tipc_udp_send_msg+0x5af/0x680 [ 54.419526] ? tipc_udp_xmit.isra.14+0xee0/0xee0 [ 54.424260] ? bearer_get+0x2f8/0x4e0 [ 54.428040] ? __tipc_nl_add_media+0xca0/0xca0 [ 54.432610] ? skb_clone+0x21a/0x500 [ 54.436394] ? _raw_spin_unlock_bh+0x30/0x40 [ 54.440786] ? trace_hardirqs_off_caller+0x310/0x310 [ 54.445889] ? do_raw_spin_trylock+0x270/0x270 [ 54.450464] tipc_bearer_xmit_skb+0x171/0x350 [ 54.454941] tipc_disc_timeout+0xb2b/0xfc0 [ 54.459159] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 54.464328] ? _raw_spin_unlock+0x2c/0x50 [ 54.468453] ? clocksource_watchdog+0xc4/0xb00 [ 54.473017] ? lock_acquire+0x1ed/0x520 [ 54.476972] ? call_timer_fn+0x1db/0x920 [ 54.481013] ? lock_downgrade+0x900/0x900 [ 54.485141] ? kasan_check_read+0x11/0x20 [ 54.489270] ? lock_release+0xa00/0xa00 [ 54.493221] ? __lock_is_held+0xb5/0x140 [ 54.497264] call_timer_fn+0x272/0x920 [ 54.501131] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 54.506302] ? process_timeout+0x40/0x40 [ 54.510341] ? trace_hardirqs_off+0xb8/0x310 [ 54.514727] ? kasan_check_read+0x11/0x20 [ 54.518858] ? do_raw_spin_unlock+0xa7/0x330 [ 54.523246] ? trace_hardirqs_on+0x310/0x310 [ 54.527789] ? __run_timers+0x7da/0xc70 [ 54.531754] ? lock_downgrade+0x900/0x900 [ 54.535890] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 54.540975] ? trace_hardirqs_on+0xbd/0x310 [ 54.545273] ? kasan_check_read+0x11/0x20 [ 54.549401] ? __run_timers+0x7da/0xc70 [ 54.553354] ? trace_hardirqs_off_caller+0x310/0x310 [ 54.558446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.563987] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 54.569161] __run_timers+0x7e5/0xc70 [ 54.572951] ? timer_fixup_init+0x70/0x70 [ 54.577078] ? kasan_check_read+0x11/0x20 [ 54.581208] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 54.586462] ? rcu_softirq_qs+0x20/0x20 [ 54.590417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.595934] ? check_preemption_disabled+0x48/0x280 [ 54.600932] ? rcu_irq_exit+0x1a2/0x390 [ 54.604889] ? ret_from_intr+0xb/0x1e [ 54.608670] ? retint_kernel+0x2d/0x2d [ 54.612538] ? trace_hardirqs_on_caller+0xc0/0x310 [ 54.617500] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 54.622245] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 54.627678] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.633195] ? check_preemption_disabled+0x48/0x280 [ 54.638196] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 54.642937] ? retint_kernel+0x2d/0x2d [ 54.646805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.652327] ? check_preemption_disabled+0x48/0x280 [ 54.657322] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.662841] run_timer_softirq+0x52/0xb0 [ 54.666886] ? __this_cpu_preempt_check+0x1c/0x20 [ 54.671711] __do_softirq+0x308/0xb7e [ 54.675500] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 54.679988] ? lock_downgrade+0x900/0x900 [ 54.684118] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 54.689411] ? pvclock_read_flags+0x160/0x160 [ 54.693887] ? lapic_next_event+0x5a/0x90 [ 54.698014] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.703533] ? clockevents_program_event+0x140/0x370 [ 54.708616] ? kvm_clock_read+0x18/0x30 [ 54.712568] ? kvm_sched_clock_read+0x9/0x20 [ 54.716956] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.722480] ? check_preemption_disabled+0x48/0x280 [ 54.727477] irq_exit+0x17f/0x1c0 [ 54.730912] smp_apic_timer_interrupt+0x1cb/0x760 [ 54.735736] ? smp_reschedule_interrupt+0x109/0x650 [ 54.740740] ? smp_call_function_single_interrupt+0x650/0x650 [ 54.746604] ? interrupt_entry+0xb5/0xc0 [ 54.750658] ? trace_hardirqs_off_caller+0xbb/0x310 [ 54.755655] ? trace_hardirqs_off_caller+0xbb/0x310 [ 54.760653] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 54.765476] ? trace_hardirqs_on_caller+0x310/0x310 [ 54.770471] ? trace_hardirqs_on_caller+0x310/0x310 [ 54.775465] ? task_prio+0x50/0x50 [ 54.778996] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.784514] ? check_preemption_disabled+0x48/0x280 [ 54.789512] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 54.794337] apic_timer_interrupt+0xf/0x20 [ 54.798673] [ 54.800911] RIP: 0010:_raw_spin_unlock_irqrestore+0xaf/0xd0 [ 54.806603] Code: f0 00 52 89 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 28 48 83 3d 68 42 74 01 00 74 15 48 89 df 57 9d <0f> 1f 44 00 00 eb ad e8 6c be 22 f9 eb bb 0f 0b 0f 0b e8 ca 82 e5 [ 54.825581] RSP: 0018:ffff8881c2af6de8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 54.833289] RAX: dffffc0000000000 RBX: 0000000000000286 RCX: ffffffff8185ad0a [ 54.840539] RDX: 1ffffffff12a401e RSI: ffffffff8185ad24 RDI: 0000000000000286 [ 54.847793] RBP: ffff8881c2af6df8 R08: ffff8881c1a4a540 R09: fffffbfff12c732c [ 54.855051] R10: fffffbfff12c732c R11: ffffffff89639963 R12: ffffffff89639960 [ 54.862304] R13: 0000000000000000 R14: ffff8881cbf35f24 R15: ffff8881cbf35f24 [ 54.869565] ? trace_hardirqs_on+0x9a/0x310 [ 54.873972] ? trace_hardirqs_on+0xb4/0x310 [ 54.878275] kasan_end_report+0x32/0x4f [ 54.882234] kasan_report.cold.8+0x76/0x309 [ 54.886536] ? kfree_skb+0xb7/0x580 [ 54.890155] check_memory_region+0x13e/0x1b0 [ 54.894548] kasan_check_read+0x11/0x20 [ 54.898502] kfree_skb+0xb7/0x580 [ 54.901936] ? __kfree_skb+0x20/0x20 [ 54.905633] ? skb_tstamp_tx+0x50/0x50 [ 54.909505] tipc_udp_send_msg+0x5af/0x680 [ 54.913730] ? tipc_udp_xmit.isra.14+0xee0/0xee0 [ 54.918480] ? bearer_get+0x2f8/0x4e0 [ 54.922265] ? __tipc_nl_add_media+0xca0/0xca0 [ 54.926830] ? kasan_check_read+0x11/0x20 [ 54.930958] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 54.936217] ? rcu_softirq_qs+0x20/0x20 [ 54.940181] ? tipc_disc_remove_dest+0x120/0x120 [ 54.944920] ? tipc_enable_bearer+0x90d/0xf10 [ 54.949398] ? rcu_read_lock_sched_held+0x14f/0x180 [ 54.954395] tipc_bearer_xmit_skb+0x171/0x350 [ 54.958870] tipc_enable_bearer+0xc5e/0xf10 [ 54.963174] ? mutex_trylock+0x2b0/0x2b0 [ 54.967293] ? tipc_bearer_xmit_skb+0x350/0x350 [ 54.971963] ? nla_memcmp+0x90/0x90 [ 54.975576] ? lock_release+0xa00/0xa00 [ 54.979632] ? perf_trace_sched_process_exec+0x860/0x860 [ 54.985064] ? mark_held_locks+0x130/0x130 [ 54.989281] ? check_preemption_disabled+0x48/0x280 [ 54.994288] __tipc_nl_bearer_enable+0x37c/0x4a0 [ 54.999044] ? __tipc_nl_bearer_enable+0x37c/0x4a0 [ 55.003956] ? tipc_nl_bearer_disable+0x30/0x30 [ 55.008609] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.014131] ? __nla_parse+0x12c/0x3e0 [ 55.018004] tipc_nl_bearer_enable+0x22/0x30 [ 55.022394] genl_family_rcv_msg+0x8a7/0x11a0 [ 55.026871] ? genl_unregister_family+0x8a0/0x8a0 [ 55.031703] ? lock_downgrade+0x900/0x900 [ 55.035839] ? check_preemption_disabled+0x48/0x280 [ 55.040840] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 55.045746] ? kasan_check_read+0x11/0x20 [ 55.049875] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 55.055132] ? rcu_softirq_qs+0x20/0x20 [ 55.059112] genl_rcv_msg+0xc6/0x168 [ 55.062807] netlink_rcv_skb+0x172/0x440 [ 55.067629] ? genl_family_rcv_msg+0x11a0/0x11a0 [ 55.072368] ? netlink_ack+0xb80/0xb80 [ 55.076238] ? down_read+0x8d/0x120 [ 55.079845] genl_rcv+0x28/0x40 [ 55.083106] netlink_unicast+0x5a5/0x760 [ 55.087147] ? netlink_attachskb+0x9a0/0x9a0 [ 55.091536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.097056] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 55.102055] netlink_sendmsg+0xa18/0xfc0 [ 55.106099] ? netlink_unicast+0x760/0x760 [ 55.110320] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 55.115233] ? apparmor_socket_sendmsg+0x29/0x30 [ 55.120019] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.125543] ? security_socket_sendmsg+0x94/0xc0 [ 55.130278] ? netlink_unicast+0x760/0x760 [ 55.134492] sock_sendmsg+0xd5/0x120 [ 55.138187] ___sys_sendmsg+0x7fd/0x930 [ 55.142148] ? copy_msghdr_from_user+0x580/0x580 [ 55.146888] ? blkcg_maybe_throttle_current+0xa38/0x1080 [ 55.152324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.157839] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.163375] ? __fget_light+0x2e9/0x430 [ 55.167337] ? fget_raw+0x20/0x20 [ 55.170776] ? task_work_run+0x1af/0x2a0 [ 55.174820] ? _raw_spin_unlock_irq+0x27/0x80 [ 55.179296] ? _raw_spin_unlock_irq+0x27/0x80 [ 55.183786] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 55.188346] ? trace_hardirqs_on+0xbd/0x310 [ 55.192650] ? kasan_check_read+0x11/0x20 [ 55.196778] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 55.202295] ? sockfd_lookup_light+0xc5/0x160 [ 55.206773] __sys_sendmsg+0x11d/0x280 [ 55.210643] ? __ia32_sys_shutdown+0x80/0x80 [ 55.215036] ? do_syscall_64+0x6be/0x820 [ 55.219089] ? trace_hardirqs_on+0x310/0x310 [ 55.223497] ? do_syscall_64+0x9a/0x820 [ 55.227457] ? do_syscall_64+0x9a/0x820 [ 55.231415] ? trace_hardirqs_off_caller+0x310/0x310 [ 55.236503] __x64_sys_sendmsg+0x78/0xb0 [ 55.240550] do_syscall_64+0x1b9/0x820 [ 55.244416] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 55.249758] ? syscall_return_slowpath+0x5e0/0x5e0 [ 55.254667] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.259493] ? trace_hardirqs_on_caller+0x310/0x310 [ 55.264495] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 55.269491] ? prepare_exit_to_usermode+0x291/0x3b0 [ 55.274700] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.279531] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 55.284704] RIP: 0033:0x4446f9 [ 55.287881] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 55.306764] RSP: 002b:00007ffdb2814ca8 EFLAGS: 00000213 ORIG_RAX: 000000000000002e [ 55.314455] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 00000000004446f9 [ 55.321703] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 0000000000000003 [ 55.328961] RBP: 00000000006cf018 R08: 0000000000000000 R09: 00000000004002e0 [ 55.336216] R10: 0000000000000000 R11: 0000000000000213 R12: 00000000004023a0 [ 55.343468] R13: 0000000000402430 R14: 0000000000000000 R15: 0000000000000000 [ 55.350721] [ 55.352327] Allocated by task 5962: [ 55.355952] save_stack+0x43/0xd0 [ 55.359387] kasan_kmalloc+0xc7/0xe0 [ 55.363082] __kmalloc_node_track_caller+0x50/0x70 [ 55.367992] __kmalloc_reserve.isra.40+0x41/0xe0 [ 55.372726] __alloc_skb+0x155/0x770 [ 55.376423] __pskb_copy_fclone+0x16b/0xeb0 [ 55.380729] tipc_udp_send_msg+0x457/0x680 [ 55.384944] tipc_bearer_xmit_skb+0x171/0x350 [ 55.389420] tipc_disc_timeout+0xb2b/0xfc0 [ 55.393633] call_timer_fn+0x272/0x920 [ 55.397499] __run_timers+0x7e5/0xc70 [ 55.401282] run_timer_softirq+0x52/0xb0 [ 55.405344] __do_softirq+0x308/0xb7e [ 55.409122] [ 55.410729] Freed by task 5962: [ 55.413990] save_stack+0x43/0xd0 [ 55.417423] __kasan_slab_free+0x102/0x150 [ 55.421640] kasan_slab_free+0xe/0x10 [ 55.425418] kfree+0xcf/0x230 [ 55.428504] skb_free_head+0x99/0xc0 [ 55.432214] skb_release_data+0x70c/0x9a0 [ 55.436342] skb_release_all+0x4a/0x60 [ 55.440219] kfree_skb+0x1bb/0x580 [ 55.443740] tipc_udp_xmit.isra.14+0x41e/0xee0 [ 55.448298] tipc_udp_send_msg+0x3a1/0x680 [ 55.452511] tipc_bearer_xmit_skb+0x171/0x350 [ 55.456986] tipc_disc_timeout+0xb2b/0xfc0 [ 55.461200] call_timer_fn+0x272/0x920 [ 55.465081] __run_timers+0x7e5/0xc70 [ 55.468859] run_timer_softirq+0x52/0xb0 [ 55.472901] __do_softirq+0x308/0xb7e [ 55.476679] [ 55.478289] The buggy address belongs to the object at ffff8881cdaa5b00 [ 55.478289] which belongs to the cache kmalloc-1k of size 1024 [ 55.490938] The buggy address is located 0 bytes inside of [ 55.490938] 1024-byte region [ffff8881cdaa5b00, ffff8881cdaa5f00) [ 55.502730] The buggy address belongs to the page: [ 55.507637] page:ffffea000736a900 count:1 mapcount:0 mapping:ffff8881da800ac0 index:0x0 compound_mapcount: 0 [ 55.517594] flags: 0x2fffc0000010200(slab|head) [ 55.522256] raw: 02fffc0000010200 ffffea0007387a88 ffffea0007369408 ffff8881da800ac0 [ 55.530124] raw: 0000000000000000 ffff8881cdaa4000 0000000100000007 0000000000000000 [ 55.537977] page dumped because: kasan: bad access detected [ 55.543676] [ 55.545280] Memory state around the buggy address: [ 55.550200] ffff8881cdaa5a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 55.557542] ffff8881cdaa5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 55.564879] >ffff8881cdaa5b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 55.572215] ^ [ 55.575558] ffff8881cdaa5b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 55.582909] ffff8881cdaa5c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 55.590259] ================================================================== [ 55.597594] Kernel panic - not syncing: panic_on_warn set ... [ 55.603460] CPU: 1 PID: 5962 Comm: syz-executor257 Tainted: G B 4.20.0-rc6+ #338 [ 55.612281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.621612] Call Trace: [ 55.624176] [ 55.626311] dump_stack+0x244/0x39d [ 55.629918] ? dump_stack_print_info.cold.1+0x20/0x20 [ 55.635087] ? skb_push+0x70/0xd0 [ 55.638521] panic+0x2ad/0x55c [ 55.641697] ? add_taint.cold.5+0x16/0x16 [ 55.645831] ? print_shadow_for_address+0xb6/0x116 [ 55.650743] ? trace_hardirqs_off+0xaf/0x310 [ 55.655135] ? skb_free_head+0x99/0xc0 [ 55.659009] kasan_end_report+0x47/0x4f [ 55.662987] kasan_report_invalid_free+0x81/0xa0 [ 55.667724] ? skb_free_head+0x99/0xc0 [ 55.671592] __kasan_slab_free+0x13a/0x150 [ 55.675819] ? skb_free_head+0x99/0xc0 [ 55.679688] kasan_slab_free+0xe/0x10 [ 55.683469] kfree+0xcf/0x230 [ 55.686555] skb_free_head+0x99/0xc0 [ 55.690248] skb_release_data+0x70c/0x9a0 [ 55.694376] ? __copy_skb_header+0x350/0x6b0 [ 55.698777] ? skb_tx_error+0x410/0x410 [ 55.702735] ? tipc_udp_xmit.isra.14+0x423/0xee0 [ 55.707577] ? kasan_end_report+0x32/0x4f [ 55.711704] ? kasan_report.cold.8+0x76/0x309 [ 55.716182] skb_release_all+0x4a/0x60 [ 55.720052] kfree_skb+0x1bb/0x580 [ 55.723576] ? tipc_udp_send_msg+0x5af/0x680 [ 55.728311] ? __kfree_skb+0x20/0x20 [ 55.732008] ? skb_tstamp_tx+0x50/0x50 [ 55.735876] tipc_udp_send_msg+0x5af/0x680 [ 55.740109] ? tipc_udp_xmit.isra.14+0xee0/0xee0 [ 55.744848] ? bearer_get+0x2f8/0x4e0 [ 55.748825] ? __tipc_nl_add_media+0xca0/0xca0 [ 55.753386] ? skb_clone+0x21a/0x500 [ 55.757079] ? _raw_spin_unlock_bh+0x30/0x40 [ 55.761471] ? trace_hardirqs_off_caller+0x310/0x310 [ 55.766553] ? do_raw_spin_trylock+0x270/0x270 [ 55.771118] tipc_bearer_xmit_skb+0x171/0x350 [ 55.775592] tipc_disc_timeout+0xb2b/0xfc0 [ 55.779806] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 55.784980] ? _raw_spin_unlock+0x2c/0x50 [ 55.789116] ? clocksource_watchdog+0xc4/0xb00 [ 55.793686] ? lock_acquire+0x1ed/0x520 [ 55.797644] ? call_timer_fn+0x1db/0x920 [ 55.801724] ? lock_downgrade+0x900/0x900 [ 55.805850] ? kasan_check_read+0x11/0x20 [ 55.809979] ? lock_release+0xa00/0xa00 [ 55.813930] ? __lock_is_held+0xb5/0x140 [ 55.817972] call_timer_fn+0x272/0x920 [ 55.821841] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 55.827011] ? process_timeout+0x40/0x40 [ 55.831054] ? trace_hardirqs_off+0xb8/0x310 [ 55.835445] ? kasan_check_read+0x11/0x20 [ 55.839570] ? do_raw_spin_unlock+0xa7/0x330 [ 55.843960] ? trace_hardirqs_on+0x310/0x310 [ 55.848346] ? __run_timers+0x7da/0xc70 [ 55.852301] ? lock_downgrade+0x900/0x900 [ 55.856427] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 55.861509] ? trace_hardirqs_on+0xbd/0x310 [ 55.865809] ? kasan_check_read+0x11/0x20 [ 55.869933] ? __run_timers+0x7da/0xc70 [ 55.873888] ? trace_hardirqs_off_caller+0x310/0x310 [ 55.878978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.884503] ? tipc_disc_msg_xmit.isra.19+0x180/0x180 [ 55.889673] __run_timers+0x7e5/0xc70 [ 55.893458] ? timer_fixup_init+0x70/0x70 [ 55.897585] ? kasan_check_read+0x11/0x20 [ 55.901726] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 55.906983] ? rcu_softirq_qs+0x20/0x20 [ 55.910937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.916453] ? check_preemption_disabled+0x48/0x280 [ 55.921453] ? rcu_irq_exit+0x1a2/0x390 [ 55.925406] ? ret_from_intr+0xb/0x1e [ 55.929187] ? retint_kernel+0x2d/0x2d [ 55.933056] ? trace_hardirqs_on_caller+0xc0/0x310 [ 55.937964] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 55.942718] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 55.948150] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.953668] ? check_preemption_disabled+0x48/0x280 [ 55.958666] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 55.963400] ? retint_kernel+0x2d/0x2d [ 55.967279] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.972797] ? check_preemption_disabled+0x48/0x280 [ 55.977793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.983308] run_timer_softirq+0x52/0xb0 [ 55.987346] ? __this_cpu_preempt_check+0x1c/0x20 [ 55.992168] __do_softirq+0x308/0xb7e [ 55.995949] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 56.000427] ? lock_downgrade+0x900/0x900 [ 56.004560] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 56.009732] ? pvclock_read_flags+0x160/0x160 [ 56.014307] ? lapic_next_event+0x5a/0x90 [ 56.018437] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.023955] ? clockevents_program_event+0x140/0x370 [ 56.029126] ? kvm_clock_read+0x18/0x30 [ 56.033084] ? kvm_sched_clock_read+0x9/0x20 [ 56.037474] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.042992] ? check_preemption_disabled+0x48/0x280 [ 56.047993] irq_exit+0x17f/0x1c0 [ 56.051432] smp_apic_timer_interrupt+0x1cb/0x760 [ 56.056253] ? smp_reschedule_interrupt+0x109/0x650 [ 56.061254] ? smp_call_function_single_interrupt+0x650/0x650 [ 56.067119] ? interrupt_entry+0xb5/0xc0 [ 56.071164] ? trace_hardirqs_off_caller+0xbb/0x310 [ 56.076159] ? trace_hardirqs_off_caller+0xbb/0x310 [ 56.081160] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 56.085983] ? trace_hardirqs_on_caller+0x310/0x310 [ 56.091002] ? trace_hardirqs_on_caller+0x310/0x310 [ 56.096014] ? task_prio+0x50/0x50 [ 56.099538] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.105056] ? check_preemption_disabled+0x48/0x280 [ 56.110145] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 56.114970] apic_timer_interrupt+0xf/0x20 [ 56.119178] [ 56.121396] RIP: 0010:_raw_spin_unlock_irqrestore+0xaf/0xd0 [ 56.127089] Code: f0 00 52 89 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 28 48 83 3d 68 42 74 01 00 74 15 48 89 df 57 9d <0f> 1f 44 00 00 eb ad e8 6c be 22 f9 eb bb 0f 0b 0f 0b e8 ca 82 e5 [ 56.145971] RSP: 0018:ffff8881c2af6de8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 56.153658] RAX: dffffc0000000000 RBX: 0000000000000286 RCX: ffffffff8185ad0a [ 56.160905] RDX: 1ffffffff12a401e RSI: ffffffff8185ad24 RDI: 0000000000000286 [ 56.168152] RBP: ffff8881c2af6df8 R08: ffff8881c1a4a540 R09: fffffbfff12c732c [ 56.175404] R10: fffffbfff12c732c R11: ffffffff89639963 R12: ffffffff89639960 [ 56.182655] R13: 0000000000000000 R14: ffff8881cbf35f24 R15: ffff8881cbf35f24 [ 56.189914] ? trace_hardirqs_on+0x9a/0x310 [ 56.194215] ? trace_hardirqs_on+0xb4/0x310 [ 56.198520] kasan_end_report+0x32/0x4f [ 56.202477] kasan_report.cold.8+0x76/0x309 [ 56.206777] ? kfree_skb+0xb7/0x580 [ 56.210397] check_memory_region+0x13e/0x1b0 [ 56.214787] kasan_check_read+0x11/0x20 [ 56.218740] kfree_skb+0xb7/0x580 [ 56.222171] ? __kfree_skb+0x20/0x20 [ 56.225865] ? skb_tstamp_tx+0x50/0x50 [ 56.229737] tipc_udp_send_msg+0x5af/0x680 [ 56.233953] ? tipc_udp_xmit.isra.14+0xee0/0xee0 [ 56.238687] ? bearer_get+0x2f8/0x4e0 [ 56.242470] ? __tipc_nl_add_media+0xca0/0xca0 [ 56.247031] ? kasan_check_read+0x11/0x20 [ 56.251159] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 56.256412] ? rcu_softirq_qs+0x20/0x20 [ 56.260363] ? tipc_disc_remove_dest+0x120/0x120 [ 56.265096] ? tipc_enable_bearer+0x90d/0xf10 [ 56.269575] ? rcu_read_lock_sched_held+0x14f/0x180 [ 56.274574] tipc_bearer_xmit_skb+0x171/0x350 [ 56.279059] tipc_enable_bearer+0xc5e/0xf10 [ 56.283362] ? mutex_trylock+0x2b0/0x2b0 [ 56.287407] ? tipc_bearer_xmit_skb+0x350/0x350 [ 56.292057] ? nla_memcmp+0x90/0x90 [ 56.295666] ? lock_release+0xa00/0xa00 [ 56.299629] ? perf_trace_sched_process_exec+0x860/0x860 [ 56.305062] ? mark_held_locks+0x130/0x130 [ 56.309282] ? check_preemption_disabled+0x48/0x280 [ 56.314295] __tipc_nl_bearer_enable+0x37c/0x4a0 [ 56.319032] ? __tipc_nl_bearer_enable+0x37c/0x4a0 [ 56.324046] ? tipc_nl_bearer_disable+0x30/0x30 [ 56.328698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.334217] ? __nla_parse+0x12c/0x3e0 [ 56.338085] tipc_nl_bearer_enable+0x22/0x30 [ 56.342496] genl_family_rcv_msg+0x8a7/0x11a0 [ 56.346986] ? genl_unregister_family+0x8a0/0x8a0 [ 56.351811] ? lock_downgrade+0x900/0x900 [ 56.355941] ? check_preemption_disabled+0x48/0x280 [ 56.360939] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 56.365869] ? kasan_check_read+0x11/0x20 [ 56.370003] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 56.375261] ? rcu_softirq_qs+0x20/0x20 [ 56.379239] genl_rcv_msg+0xc6/0x168 [ 56.382945] netlink_rcv_skb+0x172/0x440 [ 56.386987] ? genl_family_rcv_msg+0x11a0/0x11a0 [ 56.391725] ? netlink_ack+0xb80/0xb80 [ 56.395591] ? down_read+0x8d/0x120 [ 56.399211] genl_rcv+0x28/0x40 [ 56.402473] netlink_unicast+0x5a5/0x760 [ 56.406517] ? netlink_attachskb+0x9a0/0x9a0 [ 56.410909] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.416427] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 56.421424] netlink_sendmsg+0xa18/0xfc0 [ 56.425468] ? netlink_unicast+0x760/0x760 [ 56.429687] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 56.434599] ? apparmor_socket_sendmsg+0x29/0x30 [ 56.439346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.444871] ? security_socket_sendmsg+0x94/0xc0 [ 56.449616] ? netlink_unicast+0x760/0x760 [ 56.453835] sock_sendmsg+0xd5/0x120 [ 56.457528] ___sys_sendmsg+0x7fd/0x930 [ 56.461490] ? copy_msghdr_from_user+0x580/0x580 [ 56.466227] ? blkcg_maybe_throttle_current+0xa38/0x1080 [ 56.471658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.477173] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.482707] ? __fget_light+0x2e9/0x430 [ 56.486672] ? fget_raw+0x20/0x20 [ 56.490114] ? task_work_run+0x1af/0x2a0 [ 56.494154] ? _raw_spin_unlock_irq+0x27/0x80 [ 56.498627] ? _raw_spin_unlock_irq+0x27/0x80 [ 56.503104] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 56.507671] ? trace_hardirqs_on+0xbd/0x310 [ 56.511975] ? kasan_check_read+0x11/0x20 [ 56.516109] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 56.521630] ? sockfd_lookup_light+0xc5/0x160 [ 56.526111] __sys_sendmsg+0x11d/0x280 [ 56.529984] ? __ia32_sys_shutdown+0x80/0x80 [ 56.534372] ? do_syscall_64+0x6be/0x820 [ 56.538413] ? trace_hardirqs_on+0x310/0x310 [ 56.542803] ? do_syscall_64+0x9a/0x820 [ 56.546758] ? do_syscall_64+0x9a/0x820 [ 56.550722] ? trace_hardirqs_off_caller+0x310/0x310 [ 56.555809] __x64_sys_sendmsg+0x78/0xb0 [ 56.559853] do_syscall_64+0x1b9/0x820 [ 56.563723] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 56.569072] ? syscall_return_slowpath+0x5e0/0x5e0 [ 56.573982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 56.578805] ? trace_hardirqs_on_caller+0x310/0x310 [ 56.583809] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 56.588804] ? prepare_exit_to_usermode+0x291/0x3b0 [ 56.593830] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 56.598675] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 56.603842] RIP: 0033:0x4446f9 [ 56.607016] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 56.625897] RSP: 002b:00007ffdb2814ca8 EFLAGS: 00000213 ORIG_RAX: 000000000000002e [ 56.633944] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 00000000004446f9 [ 56.641193] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 0000000000000003 [ 56.648444] RBP: 00000000006cf018 R08: 0000000000000000 R09: 00000000004002e0 [ 56.655691] R10: 0000000000000000 R11: 0000000000000213 R12: 00000000004023a0 [ 56.662942] R13: 0000000000402430 R14: 0000000000000000 R15: 0000000000000000 [ 56.671284] Kernel Offset: disabled [ 56.674905] Rebooting in 86400 seconds..