Warning: Permanently added '10.128.10.42' (ECDSA) to the list of known hosts. 2020/01/14 02:18:37 parsed 1 programs 2020/01/14 02:18:37 executed programs: 0 [ 49.737251] audit: type=1400 audit(1578968317.334:40): avc: denied { map } for pid=7032 comm="syz-execprog" path="/root/syzkaller-shm775136662" dev="sda1" ino=16496 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 49.990949] IPVS: ftp: loaded support on port[0] = 21 [ 50.837124] chnl_net:caif_netlink_parms(): no params data found [ 50.845050] IPVS: ftp: loaded support on port[0] = 21 [ 50.877329] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.884293] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.891269] device bridge_slave_0 entered promiscuous mode [ 50.898350] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.905010] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.912529] device bridge_slave_1 entered promiscuous mode [ 50.935339] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 50.946233] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 50.967872] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 50.975048] team0: Port device team_slave_0 added [ 50.982453] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 50.989512] team0: Port device team_slave_1 added [ 50.995213] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 51.004468] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 51.051161] IPVS: ftp: loaded support on port[0] = 21 [ 51.071867] device hsr_slave_0 entered promiscuous mode [ 51.110285] device hsr_slave_1 entered promiscuous mode [ 51.164491] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 51.171846] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 51.217388] chnl_net:caif_netlink_parms(): no params data found [ 51.235615] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.242208] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.250421] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.256765] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.289506] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.296002] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.303002] device bridge_slave_0 entered promiscuous mode [ 51.322344] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.328756] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.336333] device bridge_slave_1 entered promiscuous mode [ 51.356185] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 51.384341] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 51.412439] IPVS: ftp: loaded support on port[0] = 21 [ 51.427904] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 51.435370] team0: Port device team_slave_0 added [ 51.442930] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 51.450663] team0: Port device team_slave_1 added [ 51.455953] chnl_net:caif_netlink_parms(): no params data found [ 51.486333] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 51.511212] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 51.519010] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.525744] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.532630] device bridge_slave_0 entered promiscuous mode [ 51.543386] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.549765] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.556737] device bridge_slave_1 entered promiscuous mode [ 51.622918] device hsr_slave_0 entered promiscuous mode [ 51.690303] device hsr_slave_1 entered promiscuous mode [ 51.774890] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 51.784770] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 51.791004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.800679] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 51.808514] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 51.818885] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 51.827432] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 51.855299] IPVS: ftp: loaded support on port[0] = 21 [ 51.862681] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.871885] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.878792] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 51.893809] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.904848] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 51.914190] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 51.920470] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.930473] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 51.937491] team0: Port device team_slave_0 added [ 51.967754] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.976820] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.985182] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 51.997748] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 52.005830] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 52.012896] team0: Port device team_slave_1 added [ 52.032936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.041095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.048610] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.055000] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.061932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.069722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.078281] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.084676] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.112844] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 52.135071] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 52.144981] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 52.152907] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 52.171148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.177185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.185170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 52.192881] chnl_net:caif_netlink_parms(): no params data found [ 52.200731] IPVS: ftp: loaded support on port[0] = 21 [ 52.219445] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 52.236562] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 52.244301] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 52.257526] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 52.273949] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 52.281795] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.333538] device hsr_slave_0 entered promiscuous mode [ 52.360334] device hsr_slave_1 entered promiscuous mode [ 52.422597] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 52.464929] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 52.472940] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 52.482637] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 52.494780] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.502800] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.514236] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 52.528132] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 52.549792] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.556384] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.564668] device bridge_slave_0 entered promiscuous mode [ 52.571480] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.577835] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.585224] device bridge_slave_1 entered promiscuous mode [ 52.591652] chnl_net:caif_netlink_parms(): no params data found [ 52.600858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.608355] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.617126] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 52.623599] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 52.631476] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 52.664160] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.671284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.681365] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.706134] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 52.713116] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.724788] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 52.736800] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 52.748145] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 52.765798] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 52.774087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.782469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.789960] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.796316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.804056] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 52.811573] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 52.834619] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 52.843137] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 52.849880] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 52.857137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.864847] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.872557] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.878921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.906005] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 52.914805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 52.944930] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.957424] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.966290] device bridge_slave_0 entered promiscuous mode [ 52.973125] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 52.980973] team0: Port device team_slave_0 added [ 52.986815] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 52.994267] team0: Port device team_slave_1 added [ 52.999903] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.009198] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.039365] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.048521] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.055693] device bridge_slave_1 entered promiscuous mode [ 53.063606] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.072782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.080614] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 53.133704] device hsr_slave_0 entered promiscuous mode [ 53.180369] device hsr_slave_1 entered promiscuous mode [ 53.240885] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.249936] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.257138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.265326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.273315] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.288159] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 53.302251] chnl_net:caif_netlink_parms(): no params data found [ 53.319478] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.328953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.336612] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.345407] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.359413] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 53.378524] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 53.387370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.395060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.405180] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.429296] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 53.449741] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.457071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 53.466021] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.477789] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.484641] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.491949] device bridge_slave_0 entered promiscuous mode [ 53.499119] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.505672] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.513187] device bridge_slave_1 entered promiscuous mode [ 53.526344] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.533971] team0: Port device team_slave_0 added [ 53.557465] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.568559] team0: Port device team_slave_1 added [ 53.575764] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 53.582932] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.590704] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.597008] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.605010] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.617973] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.626290] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.658555] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 53.684469] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.695821] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 53.702392] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.722850] ================================================================== [ 53.723266] BUG: unable to handle kernel paging request [ 53.730303] BUG: KASAN: use-after-free in padata_parallel_worker+0x37a/0x420 [ 53.730308] Write of size 8 at addr ffff88808d15e998 by task kworker/0:0/3 [ 53.735662] at ffffffffffffffc8 [ 53.742840] [ 53.749841] IP: pcrypt_aead_enc+0x7b/0xf0 [ 53.753184] CPU: 0 PID: 3 Comm: kworker/0:0 Not tainted 4.14.164-syzkaller #0 [ 53.754788] PGD 7e6d067 [ 53.758916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.766525] P4D 7e6d067 [ 53.769179] Workqueue: pencrypt padata_parallel_worker [ 53.778507] PUD 7e6f067 [ 53.786432] PMD 0 [ 53.789089] Call Trace: [ 53.789103] dump_stack+0xf7/0x13b [ 53.791222] Oops: 0000 [#1] PREEMPT SMP KASAN [ 53.793791] ? padata_parallel_worker+0x37a/0x420 [ 53.797338] Modules linked in: [ 53.801826] print_address_description.cold.7+0x9/0x1c9 [ 53.806642] CPU: 1 PID: 7063 Comm: kworker/1:2 Not tainted 4.14.164-syzkaller #0 [ 53.809814] ? padata_parallel_worker+0x37a/0x420 [ 53.815153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.822669] kasan_report.cold.8+0x11a/0x2d3 [ 53.827491] Workqueue: pencrypt padata_parallel_worker [ 53.836821] __asan_report_store8_noabort+0x17/0x20 [ 53.846468] padata_parallel_worker+0x37a/0x420 [ 53.851457] task: ffff8880a4f2e540 task.stack: ffff888090890000 [ 53.856119] ? padata_sysfs_store+0xa0/0xa0 [ 53.862154] RIP: 0010:pcrypt_aead_enc+0x7b/0xf0 [ 53.866457] process_one_work+0x79e/0x16c0 [ 53.871099] RSP: 0018:ffff888090897c90 EFLAGS: 00010246 [ 53.875337] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 53.880694] RAX: dffffc0000000000 RBX: ffff888092e035d0 RCX: ffffffff82e14b4e [ 53.885343] worker_thread+0xcc/0xee0 [ 53.892589] RDX: 1ffffffffffffff9 RSI: 0000000000000008 RDI: ffff888092e03608 [ 53.896390] kthread+0x338/0x400 [ 53.903633] RBP: ffff888090897cb0 R08: 0000000000000001 R09: 0000000000000000 [ 53.906975] ? process_one_work+0x16c0/0x16c0 [ 53.914220] R10: 0000000000000050 R11: ffff8880a4f2e540 R12: 0000000000000000 [ 53.918692] ? kthread_create_on_node+0xa0/0xa0 [ 53.925943] R13: ffff888092e03608 R14: ffff888090897cf8 R15: 1ffff11012112f9b [ 53.930589] ret_from_fork+0x24/0x30 [ 53.937847] FS: 0000000000000000(0000) GS:ffff8880aed00000(0000) knlGS:0000000000000000 [ 53.941551] [ 53.949752] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.951359] Allocated by task 7088: [ 53.957220] CR2: ffffffffffffffc8 CR3: 000000008c2e1000 CR4: 00000000001406e0 [ 53.960826] save_stack_trace+0x16/0x20 [ 53.968074] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.972026] save_stack+0x43/0xd0 [ 53.979291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.982721] kasan_kmalloc+0xc7/0xe0 [ 53.989967] Call Trace: [ 53.993659] __kmalloc+0x15b/0x7b0 [ 53.996230] padata_parallel_worker+0x24e/0x420 [ 53.999743] tls_push_record+0xf6/0x14c0 [ 54.004401] ? padata_sysfs_store+0xa0/0xa0 [ 54.008436] tls_sw_sendmsg+0x90b/0x10a0 [ 54.012918] process_one_work+0x79e/0x16c0 [ 54.016953] inet_sendmsg+0x108/0x440 [ 54.016958] sock_sendmsg+0xb5/0xf0 [ 54.021174] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 54.024948] SYSC_sendto+0x1e3/0x2c0 [ 54.028551] worker_thread+0xcc/0xee0 [ 54.033193] SyS_sendto+0x9/0x10 [ 54.036884] kthread+0x338/0x400 [ 54.040656] do_syscall_64+0x1c7/0x5b0 [ 54.044009] ? process_one_work+0x16c0/0x16c0 [ 54.047353] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 54.051213] ? kthread_create_on_node+0xa0/0xa0 [ 54.051217] ret_from_fork+0x24/0x30 [ 54.055688] [ 54.060860] Code: [ 54.065500] Freed by task 7088: [ 54.069190] 00 [ 54.070811] save_stack_trace+0x16/0x20 [ 54.072944] 0f [ 54.076199] save_stack+0x43/0xd0 [ 54.078064] 85 [ 54.082185] kasan_slab_free+0x71/0xc0 [ 54.082188] kfree+0xcc/0x270 [ 54.084070] 82 [ 54.087500] tls_push_record+0xd32/0x14c0 [ 54.089373] 00 [ 54.093237] tls_sw_sendmsg+0x90b/0x10a0 [ 54.096327] 00 [ 54.098196] inet_sendmsg+0x108/0x440 [ 54.102314] 00 [ 54.104182] sock_sendmsg+0xb5/0xf0 [ 54.108232] 48 [ 54.110108] SYSC_sendto+0x1e3/0x2c0 [ 54.113895] b8 [ 54.115777] SyS_sendto+0x9/0x10 [ 54.119408] 00 [ 54.121297] do_syscall_64+0x1c7/0x5b0 [ 54.124986] 00 [ 54.126873] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 54.130225] 00 [ 54.132099] [ 54.135988] 00 [ 54.137874] The buggy address belongs to the object at ffff88808d15e940 [ 54.137874] which belongs to the cache kmalloc-256 of size 256 [ 54.143050] 00 [ 54.144928] The buggy address is located 88 bytes inside of [ 54.144928] 256-byte region [ffff88808d15e940, ffff88808d15ea40) [ 54.146543] fc [ 54.148409] The buggy address belongs to the page: [ 54.161072] ff [ 54.162952] page:ffffea0002345780 count:1 mapcount:0 mapping:ffff88808d15e080 index:0x0 [ 54.174736] df [ 54.181530] 4d [ 54.183398] flags: 0xfffe0000000100(slab) [ 54.191513] 8b [ 54.193399] raw: 00fffe0000000100 ffff88808d15e080 0000000000000000 000000010000000c [ 54.195273] 64 [ 54.199401] raw: ffffea00027773a0 ffffea00024892e0 ffff8880aa8007c0 0000000000000000 [ 54.201287] 24 [ 54.209146] page dumped because: kasan: bad access detected [ 54.211034] 38 [ 54.218889] [ 54.220773] 49 [ 54.226457] Memory state around the buggy address: [ 54.228328] 8d [ 54.229951] ffff88808d15e880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 54.231829] 7c [ 54.236732] ffff88808d15e900: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 54.238613] 24 [ 54.245965] >ffff88808d15e980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 54.247833] c8 [ 54.255168] ^ [ 54.257034] 48 [ 54.264368] ffff88808d15ea00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 54.266232] 89 [ 54.270371] ffff88808d15ea80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 54.272250] fa [ 54.279600] ================================================================== [ 54.281472] 48 [ 54.289054] Kernel panic - not syncing: panic_on_warn set ... [ 54.289054] [ 54.290876] c1 ea 03 80 3c 02 00 75 5a 4c 89 ef <41> ff 54 24 c8 48 8d 7b 1c 48 ba 00 00 00 00 00 fc ff df 48 89 [ 54.318133] RIP: pcrypt_aead_enc+0x7b/0xf0 RSP: ffff888090897c90 [ 54.324258] CR2: ffffffffffffffc8 [ 54.327693] ---[ end trace 86f5fcd53b859186 ]--- [ 55.423347] Shutting down cpus with NMI [ 55.428808] Kernel Offset: disabled [ 55.432459] Rebooting in 86400 seconds..