[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 81.271309][ T27] audit: type=1800 audit(1579379212.869:25): pid=9763 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 81.291305][ T27] audit: type=1800 audit(1579379212.869:26): pid=9763 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 81.329725][ T27] audit: type=1800 audit(1579379212.879:27): pid=9763 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.25' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 93.373952][ T9915] ==================================================================
[ 93.382294][ T9915] BUG: KASAN: slab-out-of-bounds in bitmap_ip_list+0x40f/0xf20
[ 93.389826][ T9915] Read of size 8 at addr ffff88809ab25e40 by task syz-executor730/9915
[ 93.398050][ T9915]
[ 93.400372][ T9915] CPU: 0 PID: 9915 Comm: syz-executor730 Not tainted 5.5.0-rc6-syzkaller #0
[ 93.409255][ T9915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 93.419312][ T9915] Call Trace:
[ 93.422623][ T9915] dump_stack+0x197/0x210
[ 93.427130][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 93.432135][ T9915] print_address_description.constprop.0.cold+0xd4/0x30b
[ 93.439157][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 93.444033][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 93.448896][ T9915] __kasan_report.cold+0x1b/0x41
[ 93.453837][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 93.458730][ T9915] kasan_report+0x12/0x20
[ 93.463196][ T9915] check_memory_region+0x134/0x1a0
[ 93.468357][ T9915] __kasan_check_read+0x11/0x20
[ 93.473212][ T9915] bitmap_ip_list+0x40f/0xf20
[ 93.477893][ T9915] ? bitmap_ip_add+0xe60/0xe60
[ 93.482654][ T9915] ? nla_put+0x110/0x150
[ 93.486909][ T9915] ip_set_dump_start+0x96c/0x1ca0
[ 93.491939][ T9915] ? ip_set_rename+0x720/0x720
[ 93.496739][ T9915] ? __kmalloc_reserve.isra.0+0xf0/0xf0
[ 93.502312][ T9915] ? perf_trace_lock_acquire+0x4c0/0x530
[ 93.507962][ T9915] ? __kasan_check_write+0x14/0x20
[ 93.513096][ T9915] netlink_dump+0x558/0xfb0
[ 93.517613][ T9915] ? __netlink_sendskb+0xc0/0xc0
[ 93.522734][ T9915] __netlink_dump_start+0x66a/0x930
[ 93.528197][ T9915] ip_set_dump+0x15a/0x1d0
[ 93.532830][ T9915] ? call_ad+0x5a0/0x5a0
[ 93.537059][ T9915] ? ip_set_rename+0x720/0x720
[ 93.541863][ T9915] ? __ip_set_put_netlink.isra.0+0x90/0x90
[ 93.547673][ T9915] ? call_ad+0x5a0/0x5a0
[ 93.551904][ T9915] nfnetlink_rcv_msg+0xcf2/0xfb0
[ 93.557010][ T9915] ? nfnetlink_bind+0x2c0/0x2c0
[ 93.561924][ T9915] ? __kasan_check_read+0x11/0x20
[ 93.567086][ T9915] ? __lock_acquire+0x8a0/0x4a00
[ 93.572041][ T9915] ? save_stack+0x5c/0x90
[ 93.576366][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 93.582705][ T9915] ? apparmor_capable+0x497/0x900
[ 93.587793][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 93.594130][ T9915] ? __kasan_check_read+0x11/0x20
[ 93.599164][ T9915] ? apparmor_cred_prepare+0x7b0/0x7b0
[ 93.604619][ T9915] netlink_rcv_skb+0x177/0x450
[ 93.609433][ T9915] ? nfnetlink_bind+0x2c0/0x2c0
[ 93.614361][ T9915] ? netlink_ack+0xb50/0xb50
[ 93.618956][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 93.625190][ T9915] ? ns_capable_common+0x93/0x100
[ 93.630206][ T9915] ? ns_capable+0x20/0x30
[ 93.634669][ T9915] ? __netlink_ns_capable+0x104/0x140
[ 93.640332][ T9915] nfnetlink_rcv+0x1ba/0x460
[ 93.644952][ T9915] ? nfnetlink_rcv_batch+0x17a0/0x17a0
[ 93.650550][ T9915] ? netlink_deliver_tap+0x24a/0xbe0
[ 93.655834][ T9915] ? __kasan_check_write+0x14/0x20
[ 93.661082][ T9915] netlink_unicast+0x58c/0x7d0
[ 93.665914][ T9915] ? netlink_attachskb+0x870/0x870
[ 93.671022][ T9915] ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 93.676750][ T9915] ? __check_object_size+0x3d/0x437
[ 93.681939][ T9915] netlink_sendmsg+0x91c/0xea0
[ 93.686942][ T9915] ? netlink_unicast+0x7d0/0x7d0
[ 93.692012][ T9915] ? aa_sock_msg_perm.isra.0+0xba/0x170
[ 93.697639][ T9915] ? apparmor_socket_sendmsg+0x2a/0x30
[ 93.703096][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 93.709389][ T9915] ? security_socket_sendmsg+0x8d/0xc0
[ 93.714849][ T9915] ? netlink_unicast+0x7d0/0x7d0
[ 93.719790][ T9915] sock_sendmsg+0xd7/0x130
[ 93.724205][ T9915] ____sys_sendmsg+0x753/0x880
[ 93.729148][ T9915] ? kernel_sendmsg+0x50/0x50
[ 93.733833][ T9915] ? lockdep_init_map+0x1be/0x6d0
[ 93.738886][ T9915] ___sys_sendmsg+0x100/0x170
[ 93.743566][ T9915] ? sendmsg_copy_msghdr+0x70/0x70
[ 93.748815][ T9915] ? __kasan_check_read+0x11/0x20
[ 93.753827][ T9915] ? __lock_acquire+0x8a0/0x4a00
[ 93.758762][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 93.765331][ T9915] ? __this_cpu_preempt_check+0x35/0x190
[ 93.771294][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 93.778169][ T9915] ? percpu_counter_add_batch+0x13c/0x190
[ 93.783884][ T9915] ? __fd_install+0x1bc/0x640
[ 93.788872][ T9915] ? find_held_lock+0x35/0x130
[ 93.793762][ T9915] ? __fd_install+0x1bc/0x640
[ 93.798452][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 93.804790][ T9915] ? __fget_light+0x1a9/0x230
[ 93.809736][ T9915] ? __fdget+0x1b/0x20
[ 93.814070][ T9915] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 93.820780][ T9915] __sys_sendmsg+0x105/0x1d0
[ 93.825374][ T9915] ? __sys_sendmsg_sock+0xc0/0xc0
[ 93.830770][ T9915] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 93.836223][ T9915] ? do_syscall_64+0x26/0x790
[ 93.841011][ T9915] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 93.847246][ T9915] ? do_syscall_64+0x26/0x790
[ 93.851961][ T9915] __x64_sys_sendmsg+0x78/0xb0
[ 93.856739][ T9915] do_syscall_64+0xfa/0x790
[ 93.861728][ T9915] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 93.867925][ T9915] RIP: 0033:0x440529
[ 93.872064][ T9915] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 93.892550][ T9915] RSP: 002b:00007ffcbbb3db08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 93.901059][ T9915] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529
[ 93.909254][ T9915] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000004
[ 93.917223][ T9915] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[ 93.925464][ T9915] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000401db0
[ 93.933541][ T9915] R13: 0000000000401e40 R14: 0000000000000000 R15: 0000000000000000
[ 93.941795][ T9915]
[ 93.944257][ T9915] Allocated by task 9915:
[ 93.948745][ T9915] save_stack+0x23/0x90
[ 93.953094][ T9915] __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 93.958874][ T9915] kasan_kmalloc+0x9/0x10
[ 93.963214][ T9915] __kmalloc+0x163/0x770
[ 93.967567][ T9915] ip_set_alloc+0x38/0x5e
[ 93.972143][ T9915] bitmap_ip_create+0x6ec/0xc20
[ 93.977435][ T9915] ip_set_create+0x6f1/0x1500
[ 93.982107][ T9915] nfnetlink_rcv_msg+0xcf2/0xfb0
[ 93.987249][ T9915] netlink_rcv_skb+0x177/0x450
[ 93.992134][ T9915] nfnetlink_rcv+0x1ba/0x460
[ 93.996721][ T9915] netlink_unicast+0x58c/0x7d0
[ 94.001659][ T9915] netlink_sendmsg+0x91c/0xea0
[ 94.007330][ T9915] sock_sendmsg+0xd7/0x130
[ 94.012121][ T9915] ____sys_sendmsg+0x753/0x880
[ 94.016949][ T9915] ___sys_sendmsg+0x100/0x170
[ 94.022379][ T9915] __sys_sendmsg+0x105/0x1d0
[ 94.026992][ T9915] __x64_sys_sendmsg+0x78/0xb0
[ 94.031743][ T9915] do_syscall_64+0xfa/0x790
[ 94.036241][ T9915] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 94.042144][ T9915]
[ 94.044470][ T9915] Freed by task 9657:
[ 94.048466][ T9915] save_stack+0x23/0x90
[ 94.052616][ T9915] __kasan_slab_free+0x102/0x150
[ 94.057582][ T9915] kasan_slab_free+0xe/0x10
[ 94.062113][ T9915] kfree+0x10a/0x2c0
[ 94.066033][ T9915] tomoyo_unix_entry+0x469/0x5d0
[ 94.071227][ T9915] tomoyo_socket_connect_permission+0x331/0x380
[ 94.077479][ T9915] tomoyo_socket_connect+0x26/0x30
[ 94.082624][ T9915] security_socket_connect+0x77/0xc0
[ 94.088199][ T9915] __sys_connect_file+0xae/0x1c0
[ 94.093790][ T9915] __sys_connect+0x174/0x1b0
[ 94.098661][ T9915] __x64_sys_connect+0x73/0xb0
[ 94.103496][ T9915] do_syscall_64+0xfa/0x790
[ 94.108041][ T9915] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 94.114121][ T9915]
[ 94.116471][ T9915] The buggy address belongs to the object at ffff88809ab25e40
[ 94.116471][ T9915] which belongs to the cache kmalloc-32 of size 32
[ 94.130621][ T9915] The buggy address is located 0 bytes inside of
[ 94.130621][ T9915] 32-byte region [ffff88809ab25e40, ffff88809ab25e60)
[ 94.143884][ T9915] The buggy address belongs to the page:
[ 94.149621][ T9915] page:ffffea00026ac940 refcount:1 mapcount:0 mapping:ffff8880aa4001c0 index:0xffff88809ab25fc1
[ 94.160128][ T9915] raw: 00fffe0000000200 ffffea00029ada88 ffffea00026863c8 ffff8880aa4001c0
[ 94.168716][ T9915] raw: ffff88809ab25fc1 ffff88809ab25000 000000010000003e 0000000000000000
[ 94.177550][ T9915] page dumped because: kasan: bad access detected
[ 94.183956][ T9915]
[ 94.186303][ T9915] Memory state around the buggy address:
[ 94.193490][ T9915] ffff88809ab25d00: fb fb fb fb fc fc fc fc 00 00 fc fc fc fc fc fc
[ 94.201679][ T9915] ffff88809ab25d80: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[ 94.209751][ T9915] >ffff88809ab25e00: fb fb fb fb fc fc fc fc 04 fc fc fc fc fc fc fc
[ 94.217848][ T9915] ^
[ 94.224008][ T9915] ffff88809ab25e80: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[ 94.232477][ T9915] ffff88809ab25f00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[ 94.240645][ T9915] ==================================================================
[ 94.248815][ T9915] Disabling lock debugging due to kernel taint
[ 94.256409][ T9915] Kernel panic - not syncing: panic_on_warn set ...
[ 94.263572][ T9915] CPU: 0 PID: 9915 Comm: syz-executor730 Tainted: G B 5.5.0-rc6-syzkaller #0
[ 94.274424][ T9915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 94.284566][ T9915] Call Trace:
[ 94.287856][ T9915] dump_stack+0x197/0x210
[ 94.292228][ T9915] panic+0x2e3/0x75c
[ 94.296133][ T9915] ? add_taint.cold+0x16/0x16
[ 94.300804][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 94.305649][ T9915] ? preempt_schedule+0x4b/0x60
[ 94.310596][ T9915] ? ___preempt_schedule+0x16/0x18
[ 94.315904][ T9915] ? trace_hardirqs_on+0x5e/0x240
[ 94.321043][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 94.325882][ T9915] end_report+0x47/0x4f
[ 94.330133][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 94.335010][ T9915] __kasan_report.cold+0xe/0x41
[ 94.339850][ T9915] ? bitmap_ip_list+0x40f/0xf20
[ 94.344832][ T9915] kasan_report+0x12/0x20
[ 94.349221][ T9915] check_memory_region+0x134/0x1a0
[ 94.354443][ T9915] __kasan_check_read+0x11/0x20
[ 94.359377][ T9915] bitmap_ip_list+0x40f/0xf20
[ 94.364245][ T9915] ? bitmap_ip_add+0xe60/0xe60
[ 94.369091][ T9915] ? nla_put+0x110/0x150
[ 94.373576][ T9915] ip_set_dump_start+0x96c/0x1ca0
[ 94.379924][ T9915] ? ip_set_rename+0x720/0x720
[ 94.384787][ T9915] ? __kmalloc_reserve.isra.0+0xf0/0xf0
[ 94.390328][ T9915] ? perf_trace_lock_acquire+0x4c0/0x530
[ 94.395983][ T9915] ? __kasan_check_write+0x14/0x20
[ 94.401111][ T9915] netlink_dump+0x558/0xfb0
[ 94.405603][ T9915] ? __netlink_sendskb+0xc0/0xc0
[ 94.410662][ T9915] __netlink_dump_start+0x66a/0x930
[ 94.415963][ T9915] ip_set_dump+0x15a/0x1d0
[ 94.420376][ T9915] ? call_ad+0x5a0/0x5a0
[ 94.424613][ T9915] ? ip_set_rename+0x720/0x720
[ 94.429734][ T9915] ? __ip_set_put_netlink.isra.0+0x90/0x90
[ 94.435705][ T9915] ? call_ad+0x5a0/0x5a0
[ 94.440380][ T9915] nfnetlink_rcv_msg+0xcf2/0xfb0
[ 94.445390][ T9915] ? nfnetlink_bind+0x2c0/0x2c0
[ 94.450338][ T9915] ? __kasan_check_read+0x11/0x20
[ 94.455448][ T9915] ? __lock_acquire+0x8a0/0x4a00
[ 94.460382][ T9915] ? save_stack+0x5c/0x90
[ 94.464711][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 94.471030][ T9915] ? apparmor_capable+0x497/0x900
[ 94.476051][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 94.482392][ T9915] ? __kasan_check_read+0x11/0x20
[ 94.487415][ T9915] ? apparmor_cred_prepare+0x7b0/0x7b0
[ 94.493244][ T9915] netlink_rcv_skb+0x177/0x450
[ 94.498033][ T9915] ? nfnetlink_bind+0x2c0/0x2c0
[ 94.502907][ T9915] ? netlink_ack+0xb50/0xb50
[ 94.507507][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 94.513886][ T9915] ? ns_capable_common+0x93/0x100
[ 94.518919][ T9915] ? ns_capable+0x20/0x30
[ 94.523349][ T9915] ? __netlink_ns_capable+0x104/0x140
[ 94.528868][ T9915] nfnetlink_rcv+0x1ba/0x460
[ 94.533567][ T9915] ? nfnetlink_rcv_batch+0x17a0/0x17a0
[ 94.539019][ T9915] ? netlink_deliver_tap+0x24a/0xbe0
[ 94.544616][ T9915] ? __kasan_check_write+0x14/0x20
[ 94.549897][ T9915] netlink_unicast+0x58c/0x7d0
[ 94.554793][ T9915] ? netlink_attachskb+0x870/0x870
[ 94.559936][ T9915] ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 94.565667][ T9915] ? __check_object_size+0x3d/0x437
[ 94.570971][ T9915] netlink_sendmsg+0x91c/0xea0
[ 94.575848][ T9915] ? netlink_unicast+0x7d0/0x7d0
[ 94.580887][ T9915] ? aa_sock_msg_perm.isra.0+0xba/0x170
[ 94.586560][ T9915] ? apparmor_socket_sendmsg+0x2a/0x30
[ 94.592017][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 94.600697][ T9915] ? security_socket_sendmsg+0x8d/0xc0
[ 94.606616][ T9915] ? netlink_unicast+0x7d0/0x7d0
[ 94.611674][ T9915] sock_sendmsg+0xd7/0x130
[ 94.616106][ T9915] ____sys_sendmsg+0x753/0x880
[ 94.620993][ T9915] ? kernel_sendmsg+0x50/0x50
[ 94.625813][ T9915] ? lockdep_init_map+0x1be/0x6d0
[ 94.630832][ T9915] ___sys_sendmsg+0x100/0x170
[ 94.635651][ T9915] ? sendmsg_copy_msghdr+0x70/0x70
[ 94.640758][ T9915] ? __kasan_check_read+0x11/0x20
[ 94.645783][ T9915] ? __lock_acquire+0x8a0/0x4a00
[ 94.651008][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 94.657250][ T9915] ? __this_cpu_preempt_check+0x35/0x190
[ 94.662869][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 94.669288][ T9915] ? percpu_counter_add_batch+0x13c/0x190
[ 94.674994][ T9915] ? __fd_install+0x1bc/0x640
[ 94.679661][ T9915] ? find_held_lock+0x35/0x130
[ 94.684620][ T9915] ? __fd_install+0x1bc/0x640
[ 94.689397][ T9915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 94.695625][ T9915] ? __fget_light+0x1a9/0x230
[ 94.700315][ T9915] ? __fdget+0x1b/0x20
[ 94.704501][ T9915] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 94.710877][ T9915] __sys_sendmsg+0x105/0x1d0
[ 94.715940][ T9915] ? __sys_sendmsg_sock+0xc0/0xc0
[ 94.720962][ T9915] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 94.726404][ T9915] ? do_syscall_64+0x26/0x790
[ 94.731352][ T9915] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 94.737613][ T9915] ? do_syscall_64+0x26/0x790
[ 94.742281][ T9915] __x64_sys_sendmsg+0x78/0xb0
[ 94.747030][ T9915] do_syscall_64+0xfa/0x790
[ 94.751596][ T9915] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 94.757498][ T9915] RIP: 0033:0x440529
[ 94.761392][ T9915] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 94.781519][ T9915] RSP: 002b:00007ffcbbb3db08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 94.790539][ T9915] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529
[ 94.798505][ T9915] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000004
[ 94.806470][ T9915] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[ 94.815343][ T9915] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000401db0
[ 94.823309][ T9915] R13: 0000000000401e40 R14: 0000000000000000 R15: 0000000000000000
[ 94.833559][ T9915] Kernel Offset: disabled
[ 94.838416][ T9915] Rebooting in 86400 seconds..