Warning: Permanently added '10.128.1.14' (ECDSA) to the list of known hosts. 2020/04/12 07:58:24 parsed 1 programs 2020/04/12 07:58:24 executed programs: 0 [ 43.390281] audit: type=1400 audit(1586678304.382:10): avc: denied { execmem } for pid=6097 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 43.667305] IPVS: ftp: loaded support on port[0] = 21 [ 44.435923] IPVS: ftp: loaded support on port[0] = 21 [ 44.485634] chnl_net:caif_netlink_parms(): no params data found [ 44.536627] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.543600] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.551360] device bridge_slave_0 entered promiscuous mode [ 44.559686] IPVS: ftp: loaded support on port[0] = 21 [ 44.583527] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.590041] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.597801] device bridge_slave_1 entered promiscuous mode [ 44.630614] chnl_net:caif_netlink_parms(): no params data found [ 44.654518] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.670663] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.691166] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.698660] team0: Port device team_slave_0 added [ 44.705835] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.714454] team0: Port device team_slave_1 added [ 44.737839] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.745947] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.753418] device bridge_slave_0 entered promiscuous mode [ 44.760149] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.767574] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.774159] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.781593] device bridge_slave_1 entered promiscuous mode [ 44.781842] IPVS: ftp: loaded support on port[0] = 21 [ 44.802410] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.811622] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.820433] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.880501] device hsr_slave_0 entered promiscuous mode [ 44.926629] device hsr_slave_1 entered promiscuous mode [ 44.973144] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.982195] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.989640] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.997136] team0: Port device team_slave_0 added [ 45.007665] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 45.014766] team0: Port device team_slave_1 added [ 45.020273] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 45.038343] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 45.063343] IPVS: ftp: loaded support on port[0] = 21 [ 45.115876] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.122414] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.129479] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.135923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.229479] device hsr_slave_0 entered promiscuous mode [ 45.266382] device hsr_slave_1 entered promiscuous mode [ 45.318427] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 45.349092] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 45.355825] chnl_net:caif_netlink_parms(): no params data found [ 45.363258] IPVS: ftp: loaded support on port[0] = 21 [ 45.388930] chnl_net:caif_netlink_parms(): no params data found [ 45.490323] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.496722] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.503308] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.509717] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.524005] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.531167] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.538597] device bridge_slave_0 entered promiscuous mode [ 45.550921] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.558586] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.565577] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.573312] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.597775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.610402] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.616903] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.623713] device bridge_slave_1 entered promiscuous mode [ 45.655132] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.667591] chnl_net:caif_netlink_parms(): no params data found [ 45.687667] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.695420] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 45.704134] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.711283] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.718586] device bridge_slave_0 entered promiscuous mode [ 45.727480] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.733559] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.740104] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.747757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.767946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.781125] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 45.789526] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.796188] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.803105] device bridge_slave_1 entered promiscuous mode [ 45.819857] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.836972] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.850860] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 45.860081] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 45.874960] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.882863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.890895] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.897363] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.906367] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.930604] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 45.937903] team0: Port device team_slave_0 added [ 45.943240] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.950061] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.957507] device bridge_slave_0 entered promiscuous mode [ 45.964776] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.971802] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.979124] device bridge_slave_1 entered promiscuous mode [ 45.985182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.993211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.001035] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.007613] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.014978] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 46.022664] team0: Port device team_slave_0 added [ 46.028486] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 46.036899] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 46.043939] team0: Port device team_slave_1 added [ 46.050277] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.058385] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 46.064645] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.078941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.087261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.094067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.101853] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 46.109873] team0: Port device team_slave_1 added [ 46.118391] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 46.143729] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.152887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.164767] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.173957] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 46.180771] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.219307] device hsr_slave_0 entered promiscuous mode [ 46.256244] device hsr_slave_1 entered promiscuous mode [ 46.307316] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 46.315220] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.322746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.330710] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.338529] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 46.384440] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 46.393236] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 46.401826] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 46.409666] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 46.429020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.437373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.444875] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.451397] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.463773] chnl_net:caif_netlink_parms(): no params data found [ 46.481045] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 46.497379] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 46.549391] device hsr_slave_0 entered promiscuous mode [ 46.596130] device hsr_slave_1 entered promiscuous mode [ 46.656263] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.664021] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.672687] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.679123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.686720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 46.694277] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 46.707426] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 46.724650] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 46.734587] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 46.742175] team0: Port device team_slave_0 added [ 46.748802] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 46.755602] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 46.763440] team0: Port device team_slave_1 added [ 46.770182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.778207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.786237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.795351] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 46.809560] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 46.817688] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 46.830070] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 46.837497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.845092] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.852946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.861534] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.868080] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.874929] device bridge_slave_0 entered promiscuous mode [ 46.881579] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 46.901898] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 46.908268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 46.916518] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 46.924248] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.935053] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.943182] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.950983] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.958324] device bridge_slave_1 entered promiscuous mode [ 47.028040] device hsr_slave_0 entered promiscuous mode [ 47.076298] device hsr_slave_1 entered promiscuous mode [ 47.136504] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 47.148616] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 47.156808] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.164139] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 47.173317] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 47.182178] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 47.193338] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 47.215228] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.223012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 47.231303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 47.240329] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 47.249649] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 47.258075] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 47.265245] team0: Port device team_slave_0 added [ 47.274746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.282702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.294142] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.302906] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 47.316857] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 47.323968] team0: Port device team_slave_1 added [ 47.330683] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 47.338714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.346825] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.367858] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 47.377525] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 47.383631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 47.392415] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 47.424717] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 47.442563] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.470860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.523121] device hsr_slave_0 entered promiscuous mode [ 47.540208] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 47.553202] BUG: unable to handle kernel NULL pointer dereference at (null) [ 47.561325] IP: (null) [ 47.564672] PGD 951f6067 P4D 951f6067 PUD 957f0067 PMD 0 [ 47.570192] Oops: 0010 [#1] PREEMPT SMP KASAN [ 47.574662] Modules linked in: [ 47.577833] CPU: 0 PID: 24 Comm: kworker/0:1 Not tainted 4.14.175-syzkaller #0 [ 47.585167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.594509] Workqueue: pencrypt padata_serial_worker [ 47.599606] task: ffff8880a9e44640 task.stack: ffff8880a9e58000 [ 47.604765] ================================================================== [ 47.605867] RIP: 0010: (null) [ 47.613924] BUG: KASAN: use-after-free in padata_parallel_worker+0x37a/0x420 [ 47.617790] RSP: 0018:ffff8880a9e5fc88 EFLAGS: 00010246 [ 47.624962] Write of size 8 at addr ffff88809beaae58 by task kworker/1:0/18 [ 47.624966] [ 47.637385] CPU: 1 PID: 18 Comm: kworker/1:0 Not tainted 4.14.175-syzkaller #0 [ 47.638989] RAX: dffffc0000000000 RBX: ffff888083045c80 RCX: 0000000000000000 [ 47.646322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.653569] RDX: 1ffff11010608b92 RSI: 0000000000000000 RDI: ffff888083045c80 [ 47.653572] RBP: ffff8880a9e5fca0 R08: ffff8880a9e5fcf8 R09: 1ffff110153cbfa0 [ 47.662925] Workqueue: pencrypt padata_parallel_worker [ 47.670169] R10: ffff8880a9e5f998 R11: ffff8880a9e44640 R12: 0000000000000001 [ 47.670172] R13: ffff8880a9e5fcf8 R14: dffffc0000000000 R15: ffff888083045cd0 [ 47.683380] FS: 0000000000000000(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000 [ 47.690645] Call Trace: [ 47.697906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.706123] dump_stack+0xf7/0x13b [ 47.708671] CR2: 0000000000000000 CR3: 000000009539d000 CR4: 00000000001406f0 [ 47.708676] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.714539] ? padata_parallel_worker+0x37a/0x420 [ 47.718063] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.725314] print_address_description.cold.7+0x9/0x1c9 [ 47.732559] Call Trace: [ 47.737396] ? padata_parallel_worker+0x37a/0x420 [ 47.744661] pcrypt_aead_serial+0x79/0xb0 [ 47.750022] kasan_report.cold.8+0x11a/0x2d3 [ 47.752591] padata_serial_worker+0x26b/0x470 [ 47.757410] __asan_report_store8_noabort+0x17/0x20 [ 47.761537] ? padata_free_pd+0x70/0x70 [ 47.765918] padata_parallel_worker+0x37a/0x420 [ 47.770405] process_one_work+0x79e/0x16c0 [ 47.775417] ? padata_sysfs_store+0xa0/0xa0 [ 47.779369] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 47.784009] ? finish_task_switch+0x14d/0x650 [ 47.788226] worker_thread+0xcc/0xee0 [ 47.792541] process_one_work+0x79e/0x16c0 [ 47.797198] kthread+0x338/0x400 [ 47.801789] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 47.805575] ? process_one_work+0x16c0/0x16c0 [ 47.809789] worker_thread+0xcc/0xee0 [ 47.813128] ? kthread_create_on_node+0xa0/0xa0 [ 47.817775] kthread+0x338/0x400 [ 47.822361] ret_from_fork+0x24/0x30 [ 47.826142] ? process_one_work+0x16c0/0x16c0 [ 47.830805] Code: [ 47.834147] ? kthread_create_on_node+0xa0/0xa0 [ 47.837860] Bad RIP value. [ 47.842321] ret_from_fork+0x24/0x30 [ 47.844449] RIP: (null) RSP: ffff8880a9e5fc88 [ 47.849107] [ 47.852021] CR2: 0000000000000000 [ 47.852028] ---[ end trace 5271bb37ade1bdee ]--- [ 47.855713] Allocated by task 6987: [ 47.861070] Kernel panic - not syncing: Fatal exception in interrupt [ 47.862709] save_stack_trace+0x16/0x20 [ 47.885601] save_stack+0x43/0xd0 [ 47.889034] kasan_kmalloc+0xc7/0xe0 [ 47.892727] __kmalloc+0x15b/0x7b0 [ 47.896256] tls_push_record+0xf6/0x14c0 [ 47.900299] tls_sw_push_pending_record+0xe/0x10 [ 47.905118] tls_push_pending_closed_record+0xc5/0x120 [ 47.910374] tls_sk_proto_close+0x56d/0x790 [ 47.914676] inet_release+0xd9/0x1c0 [ 47.918455] inet6_release+0x46/0x60 [ 47.922245] __sock_release+0xc2/0x2a0 [ 47.926123] sock_close+0x10/0x20 [ 47.929557] __fput+0x232/0x750 [ 47.932828] ____fput+0x9/0x10 [ 47.935998] task_work_run+0xe5/0x170 [ 47.939876] exit_to_usermode_loop+0x16a/0x1b0 [ 47.944452] do_syscall_64+0x416/0x5b0 [ 47.948419] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 47.953786] [ 47.955398] Freed by task 6987: [ 47.958662] save_stack_trace+0x16/0x20 [ 47.962618] save_stack+0x43/0xd0 [ 47.966049] kasan_slab_free+0x71/0xc0 [ 47.969914] kfree+0xcc/0x270 [ 47.973067] tls_push_record+0xd32/0x14c0 [ 47.977222] tls_sw_push_pending_record+0xe/0x10 [ 47.981962] tls_push_pending_closed_record+0xc5/0x120 [ 47.987237] tls_sk_proto_close+0x56d/0x790 [ 47.991555] inet_release+0xd9/0x1c0 [ 47.995256] inet6_release+0x46/0x60 [ 47.998970] __sock_release+0xc2/0x2a0 [ 48.002845] sock_close+0x10/0x20 [ 48.006278] __fput+0x232/0x750 [ 48.009722] ____fput+0x9/0x10 [ 48.012908] task_work_run+0xe5/0x170 [ 48.016812] exit_to_usermode_loop+0x16a/0x1b0 [ 48.021391] do_syscall_64+0x416/0x5b0 [ 48.025272] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 48.031051] [ 48.032662] The buggy address belongs to the object at ffff88809beaae00 [ 48.032662] which belongs to the cache kmalloc-256 of size 256 [ 48.045311] The buggy address is located 88 bytes inside of [ 48.045311] 256-byte region [ffff88809beaae00, ffff88809beaaf00) [ 48.057092] The buggy address belongs to the page: [ 48.062092] page:ffffea00026faa80 count:1 mapcount:0 mapping:ffff88809beaa040 index:0x0 [ 48.070558] flags: 0x1fffc0000000100(slab) [ 48.075476] raw: 01fffc0000000100 ffff88809beaa040 0000000000000000 000000010000000c [ 48.083430] raw: ffffea00026be760 ffffea00029bdca0 ffff8880aa8007c0 0000000000000000 [ 48.091290] page dumped because: kasan: bad access detected [ 48.096978] [ 48.098584] Memory state around the buggy address: [ 48.103492] ffff88809beaad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.111088] ffff88809beaad80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.118440] >ffff88809beaae00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.125783] ^ [ 48.131994] ffff88809beaae80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.139331] ffff88809beaaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.146672] ================================================================== [ 48.156670] Kernel Offset: disabled [ 48.160828] Rebooting in 86400 seconds..