[ 95.143948][ T27] audit: type=1800 audit(1581467597.424:26): pid=9620 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 96.179234][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 96.179246][ T27] audit: type=1800 audit(1581467598.484:29): pid=9620 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 96.205459][ T27] audit: type=1800 audit(1581467598.494:30): pid=9620 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.26' (ECDSA) to the list of known hosts. 2020/02/12 00:48:12 parsed 1 programs 2020/02/12 00:48:14 executed programs: 0 syzkaller login: [ 992.409210][ T9790] IPVS: ftp: loaded support on port[0] = 21 [ 992.468581][ T9790] chnl_net:caif_netlink_parms(): no params data found [ 992.506724][ T9790] bridge0: port 1(bridge_slave_0) entered blocking state [ 992.514324][ T9790] bridge0: port 1(bridge_slave_0) entered disabled state [ 992.522192][ T9790] device bridge_slave_0 entered promiscuous mode [ 992.530761][ T9790] bridge0: port 2(bridge_slave_1) entered blocking state [ 992.538778][ T9790] bridge0: port 2(bridge_slave_1) entered disabled state [ 992.546741][ T9790] device bridge_slave_1 entered promiscuous mode [ 992.563473][ T9790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 992.574633][ T9790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 992.594596][ T9790] team0: Port device team_slave_0 added [ 992.602675][ T9790] team0: Port device team_slave_1 added [ 992.617502][ T9790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 992.624535][ T9790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 992.650551][ T9790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 992.662926][ T9790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 992.670719][ T9790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 992.696959][ T9790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 992.785823][ T9790] device hsr_slave_0 entered promiscuous mode [ 992.844071][ T9790] device hsr_slave_1 entered promiscuous mode [ 992.977785][ T9790] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 993.047773][ T9790] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 993.115994][ T9790] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 993.206916][ T9790] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 993.297245][ T9790] bridge0: port 2(bridge_slave_1) entered blocking state [ 993.304483][ T9790] bridge0: port 2(bridge_slave_1) entered forwarding state [ 993.312175][ T9790] bridge0: port 1(bridge_slave_0) entered blocking state [ 993.319314][ T9790] bridge0: port 1(bridge_slave_0) entered forwarding state [ 993.361876][ T9790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 993.376560][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 993.388307][ T9795] bridge0: port 1(bridge_slave_0) entered disabled state [ 993.396563][ T9795] bridge0: port 2(bridge_slave_1) entered disabled state [ 993.405684][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 993.418596][ T9790] 8021q: adding VLAN 0 to HW filter on device team0 [ 993.440635][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 993.448996][ T3202] bridge0: port 1(bridge_slave_0) entered blocking state [ 993.456108][ T3202] bridge0: port 1(bridge_slave_0) entered forwarding state [ 993.473919][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 993.482427][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 993.491761][ T9795] bridge0: port 2(bridge_slave_1) entered blocking state [ 993.498865][ T9795] bridge0: port 2(bridge_slave_1) entered forwarding state [ 993.507279][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 993.516255][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 993.538000][ T9790] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 993.549436][ T9790] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 993.561982][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 993.571727][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 993.581256][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 993.590277][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 993.598700][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 993.606941][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 993.615700][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 993.624175][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 993.632596][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 993.640627][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 993.661959][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 993.670071][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 993.682862][ T9790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 993.704316][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 993.712989][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 993.732793][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 993.741523][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 993.752431][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 993.760537][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 993.770112][ T9790] device veth0_vlan entered promiscuous mode [ 993.782875][ T9790] device veth1_vlan entered promiscuous mode [ 993.805354][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 993.813457][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 993.822076][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 993.830949][ T9795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 993.842961][ T9790] device veth0_macvtap entered promiscuous mode [ 993.853556][ T9790] device veth1_macvtap entered promiscuous mode [ 993.871727][ T9790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 993.879453][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 993.888214][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 993.896680][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 993.905604][ T3202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 993.917681][ T9790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 993.926345][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 993.935558][ T2812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 995.751637][ T9992] ================================================================== [ 995.760081][ T9992] BUG: KASAN: use-after-free in __lock_acquire+0x3a8b/0x4a00 [ 995.767442][ T9992] Read of size 8 at addr ffff888094c834e0 by task syz-executor.0/9992 [ 995.775580][ T9992] [ 995.777962][ T9992] CPU: 1 PID: 9992 Comm: syz-executor.0 Not tainted 5.6.0-rc1-syzkaller #0 [ 995.786630][ T9992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 995.796791][ T9992] Call Trace: [ 995.800204][ T9992] dump_stack+0x197/0x210 [ 995.804547][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 995.809655][ T9992] print_address_description.constprop.0.cold+0xd4/0x30b [ 995.816666][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 995.821689][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 995.826743][ T9992] __kasan_report.cold+0x1b/0x32 [ 995.831703][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 995.836909][ T9992] kasan_report+0x12/0x20 [ 995.841227][ T9992] __asan_report_load8_noabort+0x14/0x20 [ 995.846861][ T9992] __lock_acquire+0x3a8b/0x4a00 [ 995.851792][ T9992] ? put_task_struct_rcu_user+0x8f/0xc0 [ 995.857412][ T9992] ? finish_task_switch+0x526/0x750 [ 995.862771][ T9992] ? mark_held_locks+0xf0/0xf0 [ 995.867550][ T9992] ? __schedule+0x93c/0x1f90 [ 995.872133][ T9992] lock_acquire+0x190/0x410 [ 995.876722][ T9992] ? __lock_sock+0x16d/0x290 [ 995.881353][ T9992] _raw_spin_lock_bh+0x33/0x50 [ 995.886237][ T9992] ? __lock_sock+0x16d/0x290 [ 995.890840][ T9992] __lock_sock+0x16d/0x290 [ 995.895300][ T9992] ? __sk_dst_check+0x2e0/0x2e0 [ 995.900235][ T9992] ? finish_wait+0x260/0x260 [ 995.904821][ T9992] lock_sock_nested+0xfe/0x120 [ 995.909700][ T9992] sctp_sock_dump+0x122/0xb20 [ 995.914424][ T9992] sctp_for_each_transport+0x2b4/0x350 [ 995.919901][ T9992] ? sctp_tsp_dump_one+0x690/0x690 [ 995.925002][ T9992] ? sctp_v6_copy_ip_options.cold+0x28/0x28 [ 995.930877][ T9992] ? sctp_transport_get_next+0x150/0x150 [ 995.936505][ T9992] ? sctp_for_each_endpoint+0x131/0x1c0 [ 995.942050][ T9992] ? _raw_read_unlock_bh+0x2c/0x30 [ 995.947232][ T9992] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 995.952942][ T9992] ? sctp_for_each_endpoint+0x166/0x1c0 [ 995.958481][ T9992] sctp_diag_dump+0x33e/0x450 [ 995.963150][ T9992] ? sctp_diag_dump_one+0x4d0/0x4d0 [ 995.968357][ T9992] ? kasan_kmalloc+0x9/0x10 [ 995.972845][ T9992] ? __kmalloc_node_track_caller+0x4e/0x70 [ 995.978874][ T9992] ? mutex_lock_nested+0x16/0x20 [ 995.983888][ T9992] __inet_diag_dump+0x9e/0x130 [ 995.988698][ T9992] inet_diag_dump+0x9b/0x110 [ 995.993429][ T9992] netlink_dump+0x558/0xfb0 [ 995.997926][ T9992] ? __netlink_sendskb+0xc0/0xc0 [ 996.002877][ T9992] __netlink_dump_start+0x673/0x930 [ 996.008066][ T9992] inet_diag_handler_cmd+0x262/0x320 [ 996.013398][ T9992] ? inet_diag_rcv_msg_compat+0x350/0x350 [ 996.019163][ T9992] ? sock_diag_rcv+0x1c/0x40 [ 996.023745][ T9992] ? inet_diag_dump_compat+0x320/0x320 [ 996.029243][ T9992] sock_diag_rcv_msg+0x319/0x410 [ 996.034350][ T9992] netlink_rcv_skb+0x177/0x450 [ 996.039152][ T9992] ? sock_diag_bind+0x80/0x80 [ 996.043822][ T9992] ? netlink_ack+0xb50/0xb50 [ 996.048410][ T9992] ? __kasan_check_read+0x11/0x20 [ 996.053420][ T9992] sock_diag_rcv+0x2b/0x40 [ 996.057859][ T9992] netlink_unicast+0x59e/0x7e0 [ 996.062622][ T9992] ? netlink_attachskb+0x870/0x870 [ 996.067730][ T9992] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 996.073484][ T9992] ? __check_object_size+0x3d/0x437 [ 996.078673][ T9992] netlink_sendmsg+0x91c/0xea0 [ 996.083431][ T9992] ? netlink_unicast+0x7e0/0x7e0 [ 996.088465][ T9992] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 996.094012][ T9992] ? apparmor_socket_sendmsg+0x2a/0x30 [ 996.099589][ T9992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 996.105904][ T9992] ? security_socket_sendmsg+0x8d/0xc0 [ 996.111464][ T9992] ? netlink_unicast+0x7e0/0x7e0 [ 996.116391][ T9992] sock_sendmsg+0xd7/0x130 [ 996.120804][ T9992] sock_write_iter+0x2cb/0x400 [ 996.125585][ T9992] ? sock_sendmsg+0x130/0x130 [ 996.130255][ T9992] ? common_file_perm+0x2f3/0x940 [ 996.135344][ T9992] do_iter_readv_writev+0x5f8/0x8f0 [ 996.140625][ T9992] ? no_seek_end_llseek_size+0x70/0x70 [ 996.146070][ T9992] ? apparmor_file_permission+0x27/0x30 [ 996.151755][ T9992] ? rw_verify_area+0x126/0x360 [ 996.156648][ T9992] do_iter_write+0x184/0x610 [ 996.161303][ T9992] ? dup_iter+0x260/0x260 [ 996.165617][ T9992] vfs_writev+0x1b3/0x2f0 [ 996.169930][ T9992] ? vfs_iter_write+0xb0/0xb0 [ 996.174586][ T9992] ? __kasan_check_read+0x11/0x20 [ 996.179854][ T9992] ? ksys_dup3+0x3e0/0x3e0 [ 996.184256][ T9992] ? __kasan_check_read+0x11/0x20 [ 996.189281][ T9992] ? __fget_light+0x1ad/0x270 [ 996.193946][ T9992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 996.200198][ T9992] do_writev+0x2b0/0x330 [ 996.204440][ T9992] ? vfs_writev+0x2f0/0x2f0 [ 996.209014][ T9992] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 996.214460][ T9992] ? do_syscall_64+0x26/0x790 [ 996.219125][ T9992] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 996.225174][ T9992] ? do_syscall_64+0x26/0x790 [ 996.229944][ T9992] __x64_sys_writev+0x75/0xb0 [ 996.234699][ T9992] do_syscall_64+0xfa/0x790 [ 996.239186][ T9992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 996.245058][ T9992] RIP: 0033:0x45b3b9 [ 996.248934][ T9992] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 996.268520][ T9992] RSP: 002b:00007f5717ea0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 996.276915][ T9992] RAX: ffffffffffffffda RBX: 00007f5717ea16d4 RCX: 000000000045b3b9 [ 996.284928][ T9992] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000000c [ 996.292880][ T9992] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 996.300841][ T9992] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 996.308908][ T9992] R13: 0000000000000cdd R14: 00000000004c9cc2 R15: 000000000075c07c [ 996.316881][ T9992] [ 996.319187][ T9992] Allocated by task 9991: [ 996.323504][ T9992] save_stack+0x23/0x90 [ 996.327641][ T9992] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 996.333269][ T9992] kasan_slab_alloc+0xf/0x20 [ 996.337851][ T9992] kmem_cache_alloc+0x121/0x710 [ 996.342691][ T9992] sk_prot_alloc+0x67/0x310 [ 996.347319][ T9992] sk_alloc+0x39/0xfd0 [ 996.351507][ T9992] inet6_create+0x35b/0xf80 [ 996.356000][ T9992] __sock_create+0x3ce/0x730 [ 996.360572][ T9992] __sys_socket+0x103/0x220 [ 996.365060][ T9992] __x64_sys_socket+0x73/0xb0 [ 996.369747][ T9992] do_syscall_64+0xfa/0x790 [ 996.374333][ T9992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 996.380208][ T9992] [ 996.382527][ T9992] Freed by task 9991: [ 996.386491][ T9992] save_stack+0x23/0x90 [ 996.390629][ T9992] __kasan_slab_free+0x102/0x150 [ 996.395560][ T9992] kasan_slab_free+0xe/0x10 [ 996.400041][ T9992] kmem_cache_free+0x86/0x320 [ 996.404714][ T9992] __sk_destruct+0x4e6/0x7f0 [ 996.409439][ T9992] sk_destruct+0xd5/0x110 [ 996.413747][ T9992] __sk_free+0xfb/0x3f0 [ 996.417888][ T9992] sk_free+0x83/0xb0 [ 996.421764][ T9992] sctp_close+0x7c4/0x960 [ 996.426114][ T9992] inet_release+0xed/0x200 [ 996.430521][ T9992] inet6_release+0x53/0x80 [ 996.435293][ T9992] __sock_release+0xce/0x280 [ 996.439885][ T9992] sock_close+0x1e/0x30 [ 996.444070][ T9992] __fput+0x2ff/0x890 [ 996.448036][ T9992] ____fput+0x16/0x20 [ 996.452071][ T9992] task_work_run+0x145/0x1c0 [ 996.456693][ T9992] get_signal+0x206e/0x24f0 [ 996.461208][ T9992] do_signal+0x87/0x1700 [ 996.465564][ T9992] exit_to_usermode_loop+0x286/0x380 [ 996.470934][ T9992] do_syscall_64+0x676/0x790 [ 996.475507][ T9992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 996.481379][ T9992] [ 996.483719][ T9992] The buggy address belongs to the object at ffff888094c83440 [ 996.483719][ T9992] which belongs to the cache SCTPv6(17:syz0) of size 1960 [ 996.498243][ T9992] The buggy address is located 160 bytes inside of [ 996.498243][ T9992] 1960-byte region [ffff888094c83440, ffff888094c83be8) [ 996.511581][ T9992] The buggy address belongs to the page: [ 996.517205][ T9992] page:ffffea0002532080 refcount:1 mapcount:0 mapping:ffff88809987f8c0 index:0x0 compound_mapcount: 0 [ 996.528134][ T9992] flags: 0xfffe0000010200(slab|head) [ 996.533406][ T9992] raw: 00fffe0000010200 ffffea0002548588 ffff8880a0033248 ffff88809987f8c0 [ 996.542116][ T9992] raw: 0000000000000000 ffff888094c823c0 0000000100000003 0000000000000000 [ 996.550727][ T9992] page dumped because: kasan: bad access detected [ 996.557115][ T9992] [ 996.559518][ T9992] Memory state around the buggy address: [ 996.565136][ T9992] ffff888094c83380: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 996.573179][ T9992] ffff888094c83400: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 996.581232][ T9992] >ffff888094c83480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 996.589280][ T9992] ^ [ 996.596493][ T9992] ffff888094c83500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 996.604600][ T9992] ffff888094c83580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 996.612640][ T9992] ================================================================== [ 996.620694][ T9992] Disabling lock debugging due to kernel taint [ 996.626823][ T9992] Kernel panic - not syncing: panic_on_warn set ... [ 996.633403][ T9992] CPU: 1 PID: 9992 Comm: syz-executor.0 Tainted: G B 5.6.0-rc1-syzkaller #0 [ 996.643361][ T9992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 996.653457][ T9992] Call Trace: [ 996.656753][ T9992] dump_stack+0x197/0x210 [ 996.661074][ T9992] panic+0x2e3/0x75c [ 996.665006][ T9992] ? add_taint.cold+0x16/0x16 [ 996.669671][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 996.674767][ T9992] ? trace_hardirqs_off+0x62/0x240 [ 996.679862][ T9992] ? trace_hardirqs_off+0x59/0x240 [ 996.684962][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 996.689973][ T9992] end_report+0x47/0x4f [ 996.694115][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 996.699163][ T9992] __kasan_report.cold+0xe/0x32 [ 996.704002][ T9992] ? __lock_acquire+0x3a8b/0x4a00 [ 996.709026][ T9992] kasan_report+0x12/0x20 [ 996.713356][ T9992] __asan_report_load8_noabort+0x14/0x20 [ 996.719093][ T9992] __lock_acquire+0x3a8b/0x4a00 [ 996.724048][ T9992] ? put_task_struct_rcu_user+0x8f/0xc0 [ 996.729635][ T9992] ? finish_task_switch+0x526/0x750 [ 996.734816][ T9992] ? mark_held_locks+0xf0/0xf0 [ 996.739571][ T9992] ? __schedule+0x93c/0x1f90 [ 996.744149][ T9992] lock_acquire+0x190/0x410 [ 996.748633][ T9992] ? __lock_sock+0x16d/0x290 [ 996.753335][ T9992] _raw_spin_lock_bh+0x33/0x50 [ 996.758081][ T9992] ? __lock_sock+0x16d/0x290 [ 996.762702][ T9992] __lock_sock+0x16d/0x290 [ 996.767101][ T9992] ? __sk_dst_check+0x2e0/0x2e0 [ 996.771940][ T9992] ? finish_wait+0x260/0x260 [ 996.776522][ T9992] lock_sock_nested+0xfe/0x120 [ 996.781284][ T9992] sctp_sock_dump+0x122/0xb20 [ 996.785953][ T9992] sctp_for_each_transport+0x2b4/0x350 [ 996.791442][ T9992] ? sctp_tsp_dump_one+0x690/0x690 [ 996.796547][ T9992] ? sctp_v6_copy_ip_options.cold+0x28/0x28 [ 996.802663][ T9992] ? sctp_transport_get_next+0x150/0x150 [ 996.808281][ T9992] ? sctp_for_each_endpoint+0x131/0x1c0 [ 996.813815][ T9992] ? _raw_read_unlock_bh+0x2c/0x30 [ 996.818910][ T9992] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 996.824729][ T9992] ? sctp_for_each_endpoint+0x166/0x1c0 [ 996.830397][ T9992] sctp_diag_dump+0x33e/0x450 [ 996.835059][ T9992] ? sctp_diag_dump_one+0x4d0/0x4d0 [ 996.840354][ T9992] ? kasan_kmalloc+0x9/0x10 [ 996.844855][ T9992] ? __kmalloc_node_track_caller+0x4e/0x70 [ 996.850664][ T9992] ? mutex_lock_nested+0x16/0x20 [ 996.855601][ T9992] __inet_diag_dump+0x9e/0x130 [ 996.860355][ T9992] inet_diag_dump+0x9b/0x110 [ 996.864930][ T9992] netlink_dump+0x558/0xfb0 [ 996.869527][ T9992] ? __netlink_sendskb+0xc0/0xc0 [ 996.874457][ T9992] __netlink_dump_start+0x673/0x930 [ 996.879650][ T9992] inet_diag_handler_cmd+0x262/0x320 [ 996.884923][ T9992] ? inet_diag_rcv_msg_compat+0x350/0x350 [ 996.890628][ T9992] ? sock_diag_rcv+0x1c/0x40 [ 996.895210][ T9992] ? inet_diag_dump_compat+0x320/0x320 [ 996.900697][ T9992] sock_diag_rcv_msg+0x319/0x410 [ 996.905625][ T9992] netlink_rcv_skb+0x177/0x450 [ 996.910377][ T9992] ? sock_diag_bind+0x80/0x80 [ 996.915202][ T9992] ? netlink_ack+0xb50/0xb50 [ 996.919827][ T9992] ? __kasan_check_read+0x11/0x20 [ 996.924853][ T9992] sock_diag_rcv+0x2b/0x40 [ 996.929293][ T9992] netlink_unicast+0x59e/0x7e0 [ 996.934040][ T9992] ? netlink_attachskb+0x870/0x870 [ 996.939143][ T9992] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 996.944844][ T9992] ? __check_object_size+0x3d/0x437 [ 996.950028][ T9992] netlink_sendmsg+0x91c/0xea0 [ 996.954774][ T9992] ? netlink_unicast+0x7e0/0x7e0 [ 996.959723][ T9992] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 996.965260][ T9992] ? apparmor_socket_sendmsg+0x2a/0x30 [ 996.970748][ T9992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 996.976974][ T9992] ? security_socket_sendmsg+0x8d/0xc0 [ 996.982417][ T9992] ? netlink_unicast+0x7e0/0x7e0 [ 996.987423][ T9992] sock_sendmsg+0xd7/0x130 [ 996.991818][ T9992] sock_write_iter+0x2cb/0x400 [ 996.996570][ T9992] ? sock_sendmsg+0x130/0x130 [ 997.001287][ T9992] ? common_file_perm+0x2f3/0x940 [ 997.006294][ T9992] do_iter_readv_writev+0x5f8/0x8f0 [ 997.011477][ T9992] ? no_seek_end_llseek_size+0x70/0x70 [ 997.016916][ T9992] ? apparmor_file_permission+0x27/0x30 [ 997.022448][ T9992] ? rw_verify_area+0x126/0x360 [ 997.027282][ T9992] do_iter_write+0x184/0x610 [ 997.031964][ T9992] ? dup_iter+0x260/0x260 [ 997.036290][ T9992] vfs_writev+0x1b3/0x2f0 [ 997.040602][ T9992] ? vfs_iter_write+0xb0/0xb0 [ 997.045258][ T9992] ? __kasan_check_read+0x11/0x20 [ 997.050298][ T9992] ? ksys_dup3+0x3e0/0x3e0 [ 997.054705][ T9992] ? __kasan_check_read+0x11/0x20 [ 997.059716][ T9992] ? __fget_light+0x1ad/0x270 [ 997.064431][ T9992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 997.070671][ T9992] do_writev+0x2b0/0x330 [ 997.074894][ T9992] ? vfs_writev+0x2f0/0x2f0 [ 997.079381][ T9992] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 997.084866][ T9992] ? do_syscall_64+0x26/0x790 [ 997.089548][ T9992] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 997.095600][ T9992] ? do_syscall_64+0x26/0x790 [ 997.100275][ T9992] __x64_sys_writev+0x75/0xb0 [ 997.104965][ T9992] do_syscall_64+0xfa/0x790 [ 997.109458][ T9992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 997.115343][ T9992] RIP: 0033:0x45b3b9 [ 997.119229][ T9992] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 997.138878][ T9992] RSP: 002b:00007f5717ea0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 997.147314][ T9992] RAX: ffffffffffffffda RBX: 00007f5717ea16d4 RCX: 000000000045b3b9 [ 997.155297][ T9992] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000000c [ 997.163253][ T9992] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 997.171220][ T9992] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 997.179169][ T9992] R13: 0000000000000cdd R14: 00000000004c9cc2 R15: 000000000075c07c [ 997.187997][ T9992] Kernel Offset: disabled [ 997.192332][ T9992] Rebooting in 86400 seconds..