[ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 31.758339] audit: type=1400 audit(1591461866.211:8): avc: denied { execmem } for pid=6107 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 31.940264] IPVS: ftp: loaded support on port[0] = 21 [ 33.092803] can: request_module (can-proto-0) failed. [ 33.102613] can: request_module (can-proto-0) failed. [ 33.126910] audit: type=1400 audit(1591461867.581:9): avc: denied { create } for pid=6087 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 Warning: Permanently added '10.128.0.136' (ECDSA) to the list of known hosts. 2020/06/06 16:44:34 parsed 1 programs 2020/06/06 16:44:35 executed programs: 0 [ 40.611961] audit: type=1400 audit(1591461875.075:10): avc: denied { execmem } for pid=6223 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 40.886008] IPVS: ftp: loaded support on port[0] = 21 [ 41.633538] IPVS: ftp: loaded support on port[0] = 21 [ 41.694785] chnl_net:caif_netlink_parms(): no params data found [ 41.733607] IPVS: ftp: loaded support on port[0] = 21 [ 41.742288] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.750445] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.758105] device bridge_slave_0 entered promiscuous mode [ 41.765301] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.771645] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.780030] device bridge_slave_1 entered promiscuous mode [ 41.797966] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.807253] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.824445] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.833218] team0: Port device team_slave_0 added [ 41.840954] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.848938] team0: Port device team_slave_1 added [ 41.854233] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 41.864200] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.958240] device hsr_slave_0 entered promiscuous mode [ 41.995152] device hsr_slave_1 entered promiscuous mode [ 42.035373] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.044277] chnl_net:caif_netlink_parms(): no params data found [ 42.053034] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.082232] IPVS: ftp: loaded support on port[0] = 21 [ 42.140862] chnl_net:caif_netlink_parms(): no params data found [ 42.160051] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.166476] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.173330] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.179819] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.211926] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.218831] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.226876] device bridge_slave_0 entered promiscuous mode [ 42.246223] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.252576] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.261968] device bridge_slave_1 entered promiscuous mode [ 42.292567] IPVS: ftp: loaded support on port[0] = 21 [ 42.296648] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.320100] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.338934] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.345431] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.352204] device bridge_slave_0 entered promiscuous mode [ 42.360624] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.370587] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.377870] device bridge_slave_1 entered promiscuous mode [ 42.391391] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.399036] team0: Port device team_slave_0 added [ 42.418286] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.426127] team0: Port device team_slave_1 added [ 42.432079] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.443813] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.461277] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.472254] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.558926] device hsr_slave_0 entered promiscuous mode [ 42.594933] device hsr_slave_1 entered promiscuous mode [ 42.647966] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 42.654082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.663781] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.671758] team0: Port device team_slave_0 added [ 42.677784] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.686109] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.693345] team0: Port device team_slave_1 added [ 42.702042] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.711590] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.720615] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.727923] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.758696] IPVS: ftp: loaded support on port[0] = 21 [ 42.847462] device hsr_slave_0 entered promiscuous mode [ 42.865066] device hsr_slave_1 entered promiscuous mode [ 42.915087] chnl_net:caif_netlink_parms(): no params data found [ 42.924195] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.941840] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.948835] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 42.962886] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.984643] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.998242] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.013621] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.024960] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.031748] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.043708] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.051623] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.058608] chnl_net:caif_netlink_parms(): no params data found [ 43.089339] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.106556] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.114244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.122761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.131185] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.137569] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.144715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.152333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.159993] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.166400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.192650] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.199507] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.208093] device bridge_slave_0 entered promiscuous mode [ 43.215344] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.221683] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.230927] device bridge_slave_1 entered promiscuous mode [ 43.250346] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.261896] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.283127] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.299115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.311948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.320289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.335890] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.344153] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.352189] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.359535] device bridge_slave_0 entered promiscuous mode [ 43.367799] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.375930] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.382959] team0: Port device team_slave_0 added [ 43.391862] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.399486] team0: Port device team_slave_1 added [ 43.416603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.424729] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.432333] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.439643] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.447048] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.453850] device bridge_slave_1 entered promiscuous mode [ 43.476523] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.535837] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.543730] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.561617] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 43.571468] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 43.585713] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.646858] device hsr_slave_0 entered promiscuous mode [ 43.684529] device hsr_slave_1 entered promiscuous mode [ 43.725114] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.733628] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.741714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.749593] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.759550] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.767159] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.773596] chnl_net:caif_netlink_parms(): no params data found [ 43.787635] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.795915] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.802915] team0: Port device team_slave_0 added [ 43.808924] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 43.819765] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.830083] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.841050] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.848775] team0: Port device team_slave_1 added [ 43.854036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 43.862012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.870361] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.878997] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.886090] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 43.892238] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 43.909508] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.916276] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.925901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.932716] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.942192] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.954765] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.960992] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.968239] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.984491] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.990567] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.999796] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.007347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.017145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.024075] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.031957] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.039949] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.046414] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.063304] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.081321] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.092568] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.099948] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.107251] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.115711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.123469] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.130007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.137051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.145273] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.152783] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.159150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.217102] device hsr_slave_0 entered promiscuous mode [ 44.265061] device hsr_slave_1 entered promiscuous mode [ 44.308591] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.315613] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.323327] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.330056] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.338085] device bridge_slave_0 entered promiscuous mode [ 44.344639] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.352508] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.361755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.372238] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.380714] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.388190] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.396279] device bridge_slave_1 entered promiscuous mode [ 44.402446] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.410313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.418542] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.424980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.431733] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.441957] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.451940] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.476036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.483587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.496832] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.506543] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.513844] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.522746] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.532204] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.540871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.549201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.557258] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.565170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.572638] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.580580] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.593085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.602466] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.611100] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.634850] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.641886] team0: Port device team_slave_0 added [ 44.651574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.659456] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.667787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.675934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.685119] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.703934] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.719332] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.728051] team0: Port device team_slave_1 added [ 44.741486] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.750986] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 44.757647] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.771918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.782786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.795592] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.803646] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.811863] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.812219] ================================================================== [ 44.820147] BUG: unable to handle kernel [ 44.826131] BUG: KASAN: use-after-free in padata_parallel_worker+0x377/0x420 [ 44.826132] paging request at ffffffffffffffc8 [ 44.830275] Write of size 8 at addr ffff888091729618 by task kworker/0:4/7077 [ 44.837461] IP: pcrypt_aead_enc+0x77/0xf0 [ 44.842008] [ 44.849270] PGD 786d067 [ 44.853400] CPU: 0 PID: 7077 Comm: kworker/0:4 Not tainted 4.14.183-syzkaller #0 [ 44.855000] P4D 786d067 [ 44.857645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.865153] PUD 786f067 [ 44.867819] Workqueue: pencrypt padata_parallel_worker [ 44.877149] PMD 0 [ 44.887189] Call Trace: [ 44.887193] Oops: 0000 [#1] PREEMPT SMP KASAN [ 44.887198] Modules linked in: [ 44.889774] dump_stack+0xf7/0x13b [ 44.897430] ? padata_parallel_worker+0x377/0x420 [ 44.900947] CPU: 1 PID: 3531 Comm: kworker/1:2 Not tainted 4.14.183-syzkaller #0 [ 44.905775] print_address_description.cold.7+0x9/0x1c9 [ 44.913281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.918623] ? padata_parallel_worker+0x377/0x420 [ 44.927961] Workqueue: pencrypt padata_parallel_worker [ 44.932783] kasan_report.cold.8+0x11a/0x2d3 [ 44.938039] task: ffff88809029a100 task.stack: ffff8880902a0000 [ 44.942444] __asan_report_store8_noabort+0x17/0x20 [ 44.948488] RIP: 0010:pcrypt_aead_enc+0x77/0xf0 [ 44.953476] padata_parallel_worker+0x377/0x420 [ 44.958137] RSP: 0018:ffff8880902a7c90 EFLAGS: 00010246 [ 44.962779] ? invoke_padata_reorder+0x40/0x40 [ 44.962787] process_one_work+0x79e/0x16c0 [ 44.968120] RAX: dffffc0000000000 RBX: ffff88809185a850 RCX: ffffffff82b0c462 [ 44.972678] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 44.976986] RDX: 1ffffffffffffff9 RSI: 0000000000000008 RDI: ffff88809185a890 [ 44.984238] worker_thread+0xcc/0xee0 [ 44.988904] RBP: ffff8880902a7cb0 R08: 0000000000000001 R09: 0000000000000000 [ 44.996168] kthread+0x338/0x400 [ 44.999935] R10: 0000000000000050 R11: ffff88809029a100 R12: 0000000000000000 [ 45.007181] ? process_one_work+0x16c0/0x16c0 [ 45.010517] R13: ffff88809185a890 R14: ffff8880902a7cf8 R15: 1ffff11012054f9b [ 45.017762] ? kthread_create_on_node+0xa0/0xa0 [ 45.022229] FS: 0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000 [ 45.029475] ret_from_fork+0x24/0x30 [ 45.034112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.042329] [ 45.046011] CR2: ffffffffffffffc8 CR3: 000000009b919000 CR4: 00000000001406e0 [ 45.051866] Allocated by task 7099: [ 45.053469] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.060713] save_stack_trace+0x16/0x20 [ 45.064316] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.071561] save_stack+0x43/0xd0 [ 45.075503] Call Trace: [ 45.082747] kasan_kmalloc+0xc7/0xe0 [ 45.086184] padata_parallel_worker+0x24b/0x420 [ 45.088737] __kmalloc+0x15b/0x7b0 [ 45.092436] ? invoke_padata_reorder+0x40/0x40 [ 45.097074] tls_push_record+0xf6/0x14c0 [ 45.100589] process_one_work+0x79e/0x16c0 [ 45.105136] tls_sw_sendmsg+0x90b/0x10a0 [ 45.109170] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 45.113391] inet_sendmsg+0x108/0x440 [ 45.117425] worker_thread+0xcc/0xee0 [ 45.122063] sock_sendmsg+0xb5/0xf0 [ 45.125852] kthread+0x338/0x400 [ 45.129634] SYSC_sendto+0x1e3/0x2c0 [ 45.133244] ? process_one_work+0x16c0/0x16c0 [ 45.136595] SyS_sendto+0x9/0x10 [ 45.140297] ? kthread_create_on_node+0xa0/0xa0 [ 45.144763] do_syscall_64+0x1c7/0x5b0 [ 45.148101] ret_from_fork+0x24/0x30 [ 45.152756] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.157482] Code: [ 45.161163] [ 45.166338] 03 [ 45.168462] Freed by task 7099: [ 45.170062] 80 [ 45.171923] save_stack_trace+0x16/0x20 [ 45.175182] 3c [ 45.177047] save_stack+0x43/0xd0 [ 45.180989] 02 [ 45.182854] kasan_slab_free+0x71/0xc0 [ 45.186277] 00 [ 45.188144] kfree+0xcc/0x270 [ 45.192001] 75 [ 45.193865] tls_push_record+0xd32/0x14c0 [ 45.196939] 7a [ 45.198803] tls_sw_sendmsg+0x90b/0x10a0 [ 45.202919] 48 [ 45.204798] inet_sendmsg+0x108/0x440 [ 45.208826] b8 [ 45.210692] sock_sendmsg+0xb5/0xf0 [ 45.214458] 00 [ 45.216418] SYSC_sendto+0x1e3/0x2c0 [ 45.220014] 00 [ 45.221876] SyS_sendto+0x9/0x10 [ 45.225558] 00 [ 45.227422] do_syscall_64+0x1c7/0x5b0 [ 45.230759] 00 [ 45.232622] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.236503] 00 [ 45.238365] [ 45.243523] fc [ 45.245388] The buggy address belongs to the object at ffff8880917295c0 [ 45.245388] which belongs to the cache kmalloc-256 of size 256 [ 45.246986] ff [ 45.248852] The buggy address is located 88 bytes inside of [ 45.248852] 256-byte region [ffff8880917295c0, ffff8880917296c0) [ 45.261476] df [ 45.263356] The buggy address belongs to the page: [ 45.275127] 4d [ 45.276992] page:ffffea000245ca40 count:1 mapcount:0 mapping:ffff8880917290c0 index:0x0 [ 45.281890] 8b [ 45.291876] 64 [ 45.293741] flags: 0x1fffc0000000100(slab) [ 45.293744] 24 [ 45.295614] raw: 01fffc0000000100 ffff8880917290c0 0000000000000000 000000010000000c [ 45.299817] 38 [ 45.301695] raw: ffffea00024616a0 ffff8880aa801648 ffff8880aa8007c0 0000000000000000 [ 45.309563] 49 [ 45.311429] page dumped because: kasan: bad access detected [ 45.319295] 8d [ 45.321157] [ 45.326847] 7c [ 45.328716] Memory state around the buggy address: [ 45.330322] 24 [ 45.332206] ffff888091729500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.337106] c8 [ 45.338996] ffff888091729580: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 45.346327] 48 [ 45.348190] >ffff888091729600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 45.355533] 89 [ 45.357412] ^ [ 45.364742] fa [ 45.366604] ffff888091729680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 45.370721] 48 [ 45.372596] ffff888091729700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.379926] c1 [ 45.381789] ================================================================== [ 45.389119] ea [ 45.391052] Kernel panic - not syncing: panic_on_warn set ... [ 45.391052] [ 45.398314] 03 80 3c 02 00 75 52 4c 89 ef <41> ff 54 24 c8 48 8d 7b 20 48 ba 00 00 00 00 00 fc ff df 48 89 [ 45.417418] RIP: pcrypt_aead_enc+0x77/0xf0 RSP: ffff8880902a7c90 [ 45.423550] CR2: ffffffffffffffc8 [ 45.426978] ---[ end trace 5caba9f184885679 ]--- [ 46.523177] Shutting down cpus with NMI [ 46.528652] Kernel Offset: disabled [ 46.532319] Rebooting in 86400 seconds..