kernel msg: ebtables bug: please report to author: Wrong len argument
Unknown ioctl 21531
netlink: 16 bytes leftover after parsing attributes in process `syz-executor5'.
kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
BUG: unable to handle kernel paging request at ffff880211947030
PGD 3b21067 P4D 3b21067 PUD 3b24067 PMD 80000002118000e3 
Oops: 0011 [#1] SMP PTI
CPU: 0 PID: 13890 Comm: kworker/u4:6 Not tainted 4.18.0-rc8+ #32
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: krdsd rds_connect_worker
RIP: 0010:0xffff880211947030
Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 70 94 11 02 88 ff ff 18 70 94 11 02 88 ff ff 00 00 00 00 00 00 00 00 <30> 70 94 11 02 88 ff ff 30 70 94 11 02 88 ff ff 00 00 00 00 00 00 
RSP: 0018:ffff880202b1fb48 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffffffff83657128 RCX: ffff880202b1fb98
RDX: 0000000000000000 RSI: ffff880212b0d5c0 RDI: ffffffff83657128
RBP: ffff880202b1fb88 R08: 00000000020000e0 R09: 0000000000000000
R10: ffff8802129c7340 R11: ffff880211947030 R12: ffff880212b0d5c0
R13: ffff880211947000 R14: ffff880211947088 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff880211947030 CR3: 00000001f1776000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 __fib_lookup+0x6a/0xb0 net/ipv4/fib_rules.c:93
 fib_lookup include/net/ip_fib.h:322 [inline]
 ip_route_output_key_hash_rcu+0x17e/0xc00 net/ipv4/route.c:2434
 ip_route_output_key_hash+0x70/0x80 net/ipv4/route.c:2327
 __ip_route_output_key include/net/route.h:124 [inline]
 ip_route_connect include/net/route.h:303 [inline]
 tcp_v4_connect+0x1a1/0x5a0 net/ipv4/tcp_ipv4.c:232
 __inet_stream_connect+0xb1/0x440 net/ipv4/af_inet.c:655
 inet_stream_connect+0x3b/0x60 net/ipv4/af_inet.c:719
 rds_tcp_conn_path_connect+0x133/0x1b0 net/rds/tcp_connect.c:135
 rds_connect_worker+0x77/0xc0 net/rds/threads.c:175
 process_one_work+0x28e/0x580 kernel/workqueue.c:2153
 worker_thread+0x317/0x690 kernel/workqueue.c:2296
 kthread+0x127/0x140 kernel/kthread.c:247
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:415
Modules linked in:
Dumping ftrace buffer:
   (ftrace buffer empty)
CR2: ffff880211947030
---[ end trace 3e9311dc3dfa3162 ]---
RIP: 0010:0xffff880211947030
Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 70 94 11 02 88 ff ff 18 70 94 11 02 88 ff ff 00 00 00 00 00 00 00 00 <30> 70 94 11 02 88 ff ff 30 70 94 11 02 88 ff ff 00 00 00 00 00 00 
RSP: 0018:ffff880202b1fb48 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffffffff83657128 RCX: ffff880202b1fb98
RDX: 0000000000000000 RSI: ffff880212b0d5c0 RDI: ffffffff83657128
RBP: ffff880202b1fb88 R08: 00000000020000e0 R09: 0000000000000000
R10: ffff8802129c7340 R11: ffff880211947030 R12: ffff880212b0d5c0
R13: ffff880211947000 R14: ffff880211947088 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
sctp: [Deprecated]: syz-executor1 (pid 23032) Use of struct sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff880211947030 CR3: 00000001f1776000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600