kasan: CONFIG_KASAN_INLINE enabled L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue kasan: GPF could be caused by NULL-ptr deref or user memory access FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! general protection fault: 0000 [#1] PREEMPT SMP KASAN Modules linked in: CPU: 1 PID: 10366 Comm: syz-executor.5 Not tainted 4.14.301-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 task: ffff88809aa102c0 task.stack: ffff88804a510000 RIP: 0010:ipt_init_target+0x97/0x250 net/sched/act_ipt.c:46 RSP: 0018:ffff88804a517160 EFLAGS: 00010202 RAX: 0000000000000005 RBX: dffffc0000000000 RCX: 0000000000000000 RDX: 0000000000000007 RSI: ffffffff85d4a151 RDI: 000000000000002f RBP: 0000000000000010 R08: 0000000000000001 R09: ffffed101604d088 R10: ffff8880b0268446 R11: 0000000000000000 R12: 1ffff110094a2e2f R13: ffff88804a5171e8 R14: 0000000000000010 R15: ffff8880943d8140 FS: 00007f5bcb4e9700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f0938800000 CR3: 0000000099afd000 CR4: 00000000003406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __tcf_ipt_init+0x48d/0xc00 net/sched/act_ipt.c:168 tcf_ipt_init+0x43/0x50 net/sched/act_ipt.c:202 tcf_action_init_1+0x51a/0x9e0 net/sched/act_api.c:691 tcf_action_init+0x26d/0x400 net/sched/act_api.c:760 tcf_action_add net/sched/act_api.c:1088 [inline] tc_ctl_action+0x2e3/0x510 net/sched/act_api.c:1140 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4322 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2454 netlink_unicast_kernel net/netlink/af_netlink.c:1296 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1322 netlink_sendmsg+0x648/0xbc0 net/netlink/af_netlink.c:1893 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f5bccf770d9 RSP: 002b:00007f5bcb4e9168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f5bcd096f80 RCX: 00007f5bccf770d9 RDX: 0000000000000000 RSI: 0000000020008140 RDI: 0000000000000003 RBP: 00007f5bccfd2ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffeea6fcf3f R14: 00007f5bcb4e9300 R15: 0000000000022000 Code: e8 ef b8 80 fb 31 c0 b9 0e 00 00 00 4c 8d ac 24 88 00 00 00 4c 89 ef f3 48 ab 48 8d 7d 1f 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <0f> b6 04 18 38 d0 7f 08 84 c0 0f 85 67 01 00 00 0f b6 55 1f 48 RIP: ipt_init_target+0x97/0x250 net/sched/act_ipt.c:46 RSP: ffff88804a517160 ---[ end trace b6dd759bcfe897a3 ]--- ---------------- Code disassembly (best guess): 0: e8 ef b8 80 fb callq 0xfb80b8f4 5: 31 c0 xor %eax,%eax 7: b9 0e 00 00 00 mov $0xe,%ecx c: 4c 8d ac 24 88 00 00 lea 0x88(%rsp),%r13 13: 00 14: 4c 89 ef mov %r13,%rdi 17: f3 48 ab rep stos %rax,%es:(%rdi) 1a: 48 8d 7d 1f lea 0x1f(%rbp),%rdi 1e: 48 89 f8 mov %rdi,%rax 21: 48 89 fa mov %rdi,%rdx 24: 48 c1 e8 03 shr $0x3,%rax 28: 83 e2 07 and $0x7,%edx * 2b: 0f b6 04 18 movzbl (%rax,%rbx,1),%eax <-- trapping instruction 2f: 38 d0 cmp %dl,%al 31: 7f 08 jg 0x3b 33: 84 c0 test %al,%al 35: 0f 85 67 01 00 00 jne 0x1a2 3b: 0f b6 55 1f movzbl 0x1f(%rbp),%edx 3f: 48 rex.W