[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 79.558933][ T27] audit: type=1800 audit(1581687421.516:25): pid=9546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 79.578892][ T27] audit: type=1800 audit(1581687421.516:26): pid=9546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 79.636541][ T27] audit: type=1800 audit(1581687421.516:27): pid=9546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.13' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 91.441825][ T9698] general protection fault, probably for non-canonical address 0xdffffc00000000a3: 0000 [#1] PREEMPT SMP KASAN [ 91.453558][ T9698] KASAN: null-ptr-deref in range [0x0000000000000518-0x000000000000051f] [ 91.461959][ T9698] CPU: 1 PID: 9698 Comm: syz-executor247 Not tainted 5.6.0-rc1-next-20200214-syzkaller #0 [ 91.471826][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.481879][ T9698] RIP: 0010:strlen+0x1f/0xa0 [ 91.486501][ T9698] Code: 00 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 fa 48 89 e5 48 c1 ea 03 41 54 49 89 fc 53 48 83 ec 08 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 4d 41 80 3c 24 [ 91.506546][ T9698] RSP: 0018:ffffc90002036e90 EFLAGS: 00010286 [ 91.512639][ T9698] RAX: dffffc0000000000 RBX: ffff8880a7f7e418 RCX: 1ffffffff154c5aa [ 91.520650][ T9698] RDX: 00000000000000a3 RSI: ffffffff868e8fa1 RDI: 0000000000000518 [ 91.528992][ T9698] RBP: ffffc90002036ea8 R08: ffff88808d3d21c0 R09: ffffed1014fefc83 [ 91.536959][ T9698] R10: ffffed1014fefc82 R11: ffff8880a7f7e417 R12: 0000000000000518 [ 91.544948][ T9698] R13: 0000000000000508 R14: ffff8880a8b30500 R15: ffff8880a7f7e400 [ 91.552907][ T9698] FS: 0000000001fa0880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 91.561817][ T9698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.568384][ T9698] CR2: 0000000020000046 CR3: 000000009c4fd000 CR4: 00000000001406e0 [ 91.576492][ T9698] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 91.584441][ T9698] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 91.592394][ T9698] Call Trace: [ 91.595718][ T9698] ip_set_comment_free+0x69/0xe0 [ 91.600639][ T9698] hash_net4_add+0x1b9a/0x2200 [ 91.605427][ T9698] hash_net4_uadt+0x596/0x940 [ 91.610141][ T9698] ? hash_net4_head+0x730/0x730 [ 91.614979][ T9698] ? hash_net6_uadt+0x880/0x880 [ 91.619827][ T9698] call_ad+0x1a0/0x5a0 [ 91.623922][ T9698] ? start_msg+0x220/0x220 [ 91.628390][ T9698] ? nla_memcpy+0xb0/0xb0 [ 91.632758][ T9698] ? __nla_parse+0x43/0x60 [ 91.637205][ T9698] ip_set_ad.isra.0+0x572/0xb20 [ 91.642045][ T9698] ? ip_set_dump_start+0x6f0/0x6f0 [ 91.647150][ T9698] ? nla_memcpy+0xb0/0xb0 [ 91.651467][ T9698] ? lock_downgrade+0x920/0x920 [ 91.656300][ T9698] ip_set_uadd+0x37/0x50 [ 91.660526][ T9698] ? ip_set_udel+0x50/0x50 [ 91.664931][ T9698] nfnetlink_rcv_msg+0xcf2/0xfb0 [ 91.669855][ T9698] ? nfnetlink_bind+0x2c0/0x2c0 [ 91.674690][ T9698] ? __kasan_check_read+0x11/0x20 [ 91.679699][ T9698] ? mark_lock+0xc2/0x1220 [ 91.684114][ T9698] ? netlink_sendmsg+0xa1b/0xea0 [ 91.689094][ T9698] ? __kasan_check_read+0x11/0x20 [ 91.694097][ T9698] ? mark_lock+0xc2/0x1220 [ 91.698978][ T9698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.705207][ T9698] ? apparmor_capable+0x4df/0x910 [ 91.710263][ T9698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.716486][ T9698] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 91.721935][ T9698] netlink_rcv_skb+0x177/0x450 [ 91.726678][ T9698] ? nfnetlink_bind+0x2c0/0x2c0 [ 91.731510][ T9698] ? netlink_ack+0xb50/0xb50 [ 91.736125][ T9698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.742373][ T9698] ? ns_capable_common+0x93/0x100 [ 91.747384][ T9698] ? ns_capable+0x20/0x30 [ 91.751739][ T9698] ? __netlink_ns_capable+0x104/0x140 [ 91.757103][ T9698] nfnetlink_rcv+0x1ba/0x460 [ 91.761684][ T9698] ? nfnetlink_rcv_batch+0x1790/0x1790 [ 91.767160][ T9698] ? netlink_deliver_tap+0x248/0xbf0 [ 91.772434][ T9698] ? __kasan_check_write+0x14/0x20 [ 91.777535][ T9698] netlink_unicast+0x59e/0x7e0 [ 91.782551][ T9698] ? netlink_attachskb+0x870/0x870 [ 91.787722][ T9698] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 91.793431][ T9698] ? __check_object_size+0x3d/0x437 [ 91.799082][ T9698] netlink_sendmsg+0x91c/0xea0 [ 91.803831][ T9698] ? netlink_unicast+0x7e0/0x7e0 [ 91.808841][ T9698] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 91.814376][ T9698] ? apparmor_socket_sendmsg+0x2a/0x30 [ 91.819820][ T9698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.826041][ T9698] ? security_socket_sendmsg+0x8d/0xc0 [ 91.831516][ T9698] ? netlink_unicast+0x7e0/0x7e0 [ 91.836528][ T9698] sock_sendmsg+0xd7/0x130 [ 91.840941][ T9698] ____sys_sendmsg+0x753/0x880 [ 91.845692][ T9698] ? kernel_sendmsg+0x50/0x50 [ 91.850355][ T9698] ? lockdep_init_map+0x1be/0x6d0 [ 91.855415][ T9698] ___sys_sendmsg+0x100/0x170 [ 91.860074][ T9698] ? sendmsg_copy_msghdr+0x70/0x70 [ 91.865176][ T9698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.871459][ T9698] ? __this_cpu_preempt_check+0x35/0x190 [ 91.877082][ T9698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.883301][ T9698] ? percpu_counter_add_batch+0x13c/0x190 [ 91.889485][ T9698] ? __fd_install+0x1bc/0x640 [ 91.894186][ T9698] ? find_held_lock+0x35/0x130 [ 91.898940][ T9698] ? __fd_install+0x1bc/0x640 [ 91.903690][ T9698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.909965][ T9698] ? __fget_light+0x1ad/0x270 [ 91.914636][ T9698] ? __fdget+0x1b/0x20 [ 91.918749][ T9698] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.924978][ T9698] __sys_sendmsg+0x105/0x1d0 [ 91.929562][ T9698] ? __sys_sendmsg_sock+0xc0/0xc0 [ 91.934582][ T9698] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 91.940029][ T9698] ? do_syscall_64+0x26/0x790 [ 91.944692][ T9698] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 91.950735][ T9698] ? do_syscall_64+0x26/0x790 [ 91.955394][ T9698] __x64_sys_sendmsg+0x78/0xb0 [ 91.960188][ T9698] do_syscall_64+0xfa/0x790 [ 91.964684][ T9698] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 91.970614][ T9698] RIP: 0033:0x4405c9 [ 91.974493][ T9698] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 91.994075][ T9698] RSP: 002b:00007ffec1d215f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.002472][ T9698] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004405c9 [ 92.010425][ T9698] RDX: 0000000000000000 RSI: 0000000020000d00 RDI: 0000000000000004 [ 92.018523][ T9698] RBP: 00000000006ca018 R08: 0000000000000008 R09: 00000000004002c8 [ 92.026496][ T9698] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000401e50 [ 92.035061][ T9698] R13: 0000000000401ee0 R14: 0000000000000000 R15: 0000000000000000 [ 92.043050][ T9698] Modules linked in: [ 92.047003][ T9698] ---[ end trace 60a02025ce042cac ]--- [ 92.052470][ T9698] RIP: 0010:strlen+0x1f/0xa0 [ 92.057096][ T9698] Code: 00 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 fa 48 89 e5 48 c1 ea 03 41 54 49 89 fc 53 48 83 ec 08 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 4d 41 80 3c 24 [ 92.076812][ T9698] RSP: 0018:ffffc90002036e90 EFLAGS: 00010286 [ 92.082860][ T9698] RAX: dffffc0000000000 RBX: ffff8880a7f7e418 RCX: 1ffffffff154c5aa [ 92.090862][ T9698] RDX: 00000000000000a3 RSI: ffffffff868e8fa1 RDI: 0000000000000518 [ 92.098854][ T9698] RBP: ffffc90002036ea8 R08: ffff88808d3d21c0 R09: ffffed1014fefc83 [ 92.106976][ T9698] R10: ffffed1014fefc82 R11: ffff8880a7f7e417 R12: 0000000000000518 [ 92.114962][ T9698] R13: 0000000000000508 R14: ffff8880a8b30500 R15: ffff8880a7f7e400 [ 92.122966][ T9698] FS: 0000000001fa0880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 92.131966][ T9698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.138610][ T9698] CR2: 0000000020000046 CR3: 000000009c4fd000 CR4: 00000000001406e0 [ 92.146642][ T9698] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 92.154598][ T9698] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 92.162588][ T9698] Kernel panic - not syncing: Fatal exception in interrupt [ 92.171264][ T9698] Kernel Offset: disabled [ 92.175595][ T9698] Rebooting in 86400 seconds..