[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.79' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 32.515305] audit: type=1400 audit(1598645355.745:8): avc: denied { execmem } for pid=6350 comm="syz-executor685" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 32.518824] ip_tables: iptables: counters copy to user failed while replacing table [ 32.544117] : caps=(0x0000000000000000, 0x00000040401f4829) len=2720 data_len=2680 gso_size=536 gso_type=1 ip_summed=3 [ 32.555278] ------------[ cut here ]------------ [ 32.560036] WARNING: CPU: 1 PID: 6350 at net/core/dev.c:2609 skb_warn_bad_offload.cold+0x1d1/0x44d [ 32.569105] Kernel panic - not syncing: panic_on_warn set ... [ 32.569105] [ 32.576483] CPU: 1 PID: 6350 Comm: syz-executor685 Not tainted 4.14.195-syzkaller #0 [ 32.584336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.593662] Call Trace: [ 32.596227] dump_stack+0x1b2/0x283 [ 32.599844] panic+0x1f9/0x42d [ 32.603018] ? add_taint.cold+0x16/0x16 [ 32.606968] ? skb_warn_bad_offload.cold+0x1d1/0x44d [ 32.612047] ? skb_warn_bad_offload.cold+0x1d1/0x44d [ 32.617127] __warn.cold+0x20/0x4b [ 32.620643] ? ist_end_non_atomic+0x10/0x10 [ 32.624940] ? skb_warn_bad_offload.cold+0x1d1/0x44d [ 32.630021] report_bug+0x208/0x249 [ 32.633625] do_error_trap+0x195/0x2d0 [ 32.637486] ? math_error+0x2d0/0x2d0 [ 32.641265] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 32.646102] invalid_op+0x1b/0x40 [ 32.649552] RIP: 0010:skb_warn_bad_offload.cold+0x1d1/0x44d [ 32.655252] RSP: 0018:ffff88809014f070 EFLAGS: 00010286 [ 32.660616] RAX: 000000000000006a RBX: ffff888098247828 RCX: 0000000000000000 [ 32.667869] RDX: 0000000000000000 RSI: ffffffff86ac12c0 RDI: ffffed1012029e04 [ 32.675117] RBP: ffffffff87390000 R08: 000000000000006a R09: 0000000000000000 [ 32.682392] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8738e480 [ 32.689636] R13: 0000000000000218 R14: 0000000000000a78 R15: 0000000000000aa0 [ 32.696922] skb_checksum_help+0x627/0x7d0 [ 32.701135] checksum_tg+0x52/0x65 [ 32.704650] ipt_do_table+0xa9a/0x16f0 [ 32.708523] ? ipt_alloc_initial_table+0x630/0x630 [ 32.713516] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 32.718594] iptable_mangle_hook+0x2d5/0x560 [ 32.722992] nf_hook_slow+0xb0/0x1a0 [ 32.726686] __ip_local_out+0x398/0x730 [ 32.730636] ? __ip_flush_pending_frames.constprop.0+0x2c0/0x2c0 [ 32.736803] ? splice_direct_to_actor+0x27c/0x730 [ 32.741630] ? do_splice_direct+0x164/0x210 [ 32.745977] ? do_sendfile+0x47f/0xb30 [ 32.749890] ? ip_forward_options.cold+0x1f/0x1f [ 32.754625] ? check_preemption_disabled+0x35/0x240 [ 32.759657] ip_local_out+0x25/0x170 [ 32.763345] ip_queue_xmit+0x7d3/0x1a80 [ 32.767299] __tcp_transmit_skb+0x17e2/0x2cb0 [ 32.771813] ? bictcp_cong_avoid+0xde0/0xde0 [ 32.776217] ? __tcp_select_window+0x680/0x680 [ 32.780790] tcp_write_xmit+0x69d/0x4e10 [ 32.784833] __tcp_push_pending_frames+0xa0/0x230 [ 32.789666] tcp_push+0x3fd/0x5f0 [ 32.793114] ? tcp_tx_timestamp+0x17/0x250 [ 32.797337] do_tcp_sendpages+0x1223/0x1750 [ 32.801654] ? sk_stream_alloc_skb+0x760/0x760 [ 32.806218] tcp_sendpage_locked+0x81/0x130 [ 32.810528] tcp_sendpage+0x3a/0x60 [ 32.814129] inet_sendpage+0x155/0x590 [ 32.817992] ? tcp_sendpage_locked+0x130/0x130 [ 32.822564] ? do_splice_direct+0x164/0x210 [ 32.826860] ? inet_getname+0x3a0/0x3a0 [ 32.830815] sock_sendpage+0xdf/0x140 [ 32.834591] pipe_to_sendpage+0x226/0x2d0 [ 32.838713] ? sockfs_setattr+0x140/0x140 [ 32.842836] ? direct_splice_actor+0x160/0x160 [ 32.847395] __splice_from_pipe+0x326/0x7a0 [ 32.851779] ? direct_splice_actor+0x160/0x160 [ 32.856337] generic_splice_sendpage+0xc1/0x110 [ 32.860980] ? vmsplice_to_user+0x1b0/0x1b0 [ 32.865291] ? rw_verify_area+0xe1/0x2a0 [ 32.869341] ? vmsplice_to_user+0x1b0/0x1b0 [ 32.873637] direct_splice_actor+0x115/0x160 [ 32.878037] splice_direct_to_actor+0x27c/0x730 [ 32.882695] ? generic_pipe_buf_nosteal+0x10/0x10 [ 32.887535] ? do_splice_to+0x140/0x140 [ 32.891483] ? rw_verify_area+0xe1/0x2a0 [ 32.895532] do_splice_direct+0x164/0x210 [ 32.899655] ? splice_direct_to_actor+0x730/0x730 [ 32.904473] ? rw_verify_area+0xe1/0x2a0 [ 32.908510] do_sendfile+0x47f/0xb30 [ 32.912202] ? do_compat_writev+0x180/0x180 [ 32.916496] ? tcp_setsockopt+0x83/0xc0 [ 32.920445] SyS_sendfile64+0xff/0x110 [ 32.924304] ? SyS_sendfile+0x130/0x130 [ 32.928252] ? do_syscall_64+0x4c/0x640 [ 32.932198] ? SyS_sendfile+0x130/0x130 [ 32.936162] do_syscall_64+0x1d5/0x640 [ 32.940030] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 32.945194] RIP: 0033:0x4411d9 [ 32.948359] RSP: 002b:00007fff3fa7c4c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 32.956048] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004411d9 [ 32.963306] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 32.970563] RBP: 0000000000000028 R08: 65732f636f72702f R09: 65732f636f72702f [ 32.977864] R10: 004000000000edc0 R11: 0000000000000246 R12: 0000000000000070 [ 32.985120] R13: 0000000000402ad0 R14: 0000000000000098 R15: 0000000000000000 [ 32.993811] Kernel Offset: disabled [ 32.997528] Rebooting in 86400 seconds..