[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 53.244112][ T26] audit: type=1800 audit(1579373417.641:25): pid=8451 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 53.270981][ T26] audit: type=1800 audit(1579373417.641:26): pid=8451 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 53.295706][ T26] audit: type=1800 audit(1579373417.641:27): pid=8451 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.236' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 69.679609][ T8603] ==================================================================
[ 69.687828][ T8603] BUG: KASAN: slab-out-of-bounds in bitmap_ipmac_list+0x40d/0xdd0
[ 69.695711][ T8603] Read of size 8 at addr ffff8880a7e30140 by task syz-executor921/8603
[ 69.703921][ T8603]
[ 69.706229][ T8603] CPU: 1 PID: 8603 Comm: syz-executor921 Not tainted 5.5.0-rc6-syzkaller #0
[ 69.714873][ T8603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 69.724927][ T8603] Call Trace:
[ 69.728198][ T8603] dump_stack+0x1fb/0x318
[ 69.732506][ T8603] print_address_description+0x74/0x5c0
[ 69.738026][ T8603] ? vprintk_func+0x158/0x170
[ 69.742677][ T8603] ? printk+0x62/0x8d
[ 69.746634][ T8603] ? vprintk_emit+0x2d4/0x3a0
[ 69.751287][ T8603] __kasan_report+0x149/0x1c0
[ 69.755938][ T8603] ? bitmap_ipmac_list+0x40d/0xdd0
[ 69.761023][ T8603] kasan_report+0x26/0x50
[ 69.765341][ T8603] ? debug_smp_processor_id+0x9/0x20
[ 69.770598][ T8603] check_memory_region+0x2b6/0x2f0
[ 69.775683][ T8603] __kasan_check_read+0x11/0x20
[ 69.780505][ T8603] bitmap_ipmac_list+0x40d/0xdd0
[ 69.785414][ T8603] ? ip_set_put_flags+0x15c/0x250
[ 69.790422][ T8603] ip_set_dump_start+0x10f9/0x1800
[ 69.795517][ T8603] netlink_dump+0x4ed/0x1170
[ 69.800088][ T8603] __netlink_dump_start+0x5cb/0x7b0
[ 69.805263][ T8603] ip_set_dump+0x107/0x160
[ 69.809667][ T8603] ? __find_set_type_get+0x540/0x540
[ 69.814924][ T8603] ? ip_set_dump_start+0x1800/0x1800
[ 69.820180][ T8603] ? ip_set_swap+0x730/0x730
[ 69.824743][ T8603] nfnetlink_rcv_msg+0x9ae/0xcd0
[ 69.829669][ T8603] ? cap_capable+0x25b/0x290
[ 69.834244][ T8603] ? cap_capable+0x25b/0x290
[ 69.838824][ T8603] netlink_rcv_skb+0x19e/0x3e0
[ 69.843624][ T8603] ? nfnetlink_bind+0x250/0x250
[ 69.848463][ T8603] nfnetlink_rcv+0x1e0/0x1e50
[ 69.853149][ T8603] ? rcu_lock_release+0x9/0x30
[ 69.857888][ T8603] ? rcu_lock_release+0x21/0x30
[ 69.862712][ T8603] ? netlink_deliver_tap+0x142/0x880
[ 69.867980][ T8603] netlink_unicast+0x767/0x920
[ 69.872730][ T8603] netlink_sendmsg+0xa2c/0xd50
[ 69.877477][ T8603] ? netlink_getsockopt+0x9f0/0x9f0
[ 69.882656][ T8603] ____sys_sendmsg+0x4f7/0x7f0
[ 69.887402][ T8603] __sys_sendmsg+0x1ed/0x290
[ 69.891975][ T8603] ? check_preemption_disabled+0xb4/0x260
[ 69.897665][ T8603] ? debug_smp_processor_id+0x9/0x20
[ 69.902929][ T8603] ? debug_smp_processor_id+0x1c/0x20
[ 69.908290][ T8603] ? fpregs_assert_state_consistent+0xb6/0xe0
[ 69.914349][ T8603] ? prepare_exit_to_usermode+0x221/0x5b0
[ 69.920046][ T8603] ? trace_irq_disable_rcuidle+0x23/0x1e0
[ 69.925745][ T8603] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 69.931183][ T8603] ? trace_irq_disable_rcuidle+0x23/0x1e0
[ 69.936881][ T8603] ? do_syscall_64+0x1d/0x1c0
[ 69.941536][ T8603] __x64_sys_sendmsg+0x7f/0x90
[ 69.946291][ T8603] do_syscall_64+0xf7/0x1c0
[ 69.950771][ T8603] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 69.956636][ T8603] RIP: 0033:0x440529
[ 69.960522][ T8603] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 69.980100][ T8603] RSP: 002b:00007ffcd01ca208 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 69.988491][ T8603] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529
[ 69.996436][ T8603] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[ 70.004382][ T8603] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[ 70.012326][ T8603] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000401db0
[ 70.020388][ T8603] R13: 0000000000401e40 R14: 0000000000000000 R15: 0000000000000000
[ 70.028360][ T8603]
[ 70.030669][ T8603] Allocated by task 8603:
[ 70.035023][ T8603] __kasan_kmalloc+0x118/0x1c0
[ 70.039806][ T8603] kasan_kmalloc+0x9/0x10
[ 70.044111][ T8603] __kmalloc+0x254/0x340
[ 70.048329][ T8603] kzalloc+0x21/0x40
[ 70.052319][ T8603] ip_set_alloc+0x32/0x60
[ 70.056629][ T8603] bitmap_ipmac_create+0x3d9/0x840
[ 70.061722][ T8603] ip_set_create+0x421/0xfd0
[ 70.066291][ T8603] nfnetlink_rcv_msg+0x9ae/0xcd0
[ 70.071208][ T8603] netlink_rcv_skb+0x19e/0x3e0
[ 70.075943][ T8603] nfnetlink_rcv+0x1e0/0x1e50
[ 70.080591][ T8603] netlink_unicast+0x767/0x920
[ 70.085327][ T8603] netlink_sendmsg+0xa2c/0xd50
[ 70.090062][ T8603] ____sys_sendmsg+0x4f7/0x7f0
[ 70.094798][ T8603] __sys_sendmsg+0x1ed/0x290
[ 70.099360][ T8603] __x64_sys_sendmsg+0x7f/0x90
[ 70.104135][ T8603] do_syscall_64+0xf7/0x1c0
[ 70.108609][ T8603] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 70.114468][ T8603]
[ 70.116768][ T8603] Freed by task 8347:
[ 70.120722][ T8603] __kasan_slab_free+0x12e/0x1e0
[ 70.125673][ T8603] kasan_slab_free+0xe/0x10
[ 70.130147][ T8603] kfree+0x10d/0x220
[ 70.134013][ T8603] tomoyo_supervisor+0x103a/0x1310
[ 70.139096][ T8603] tomoyo_path_perm+0x5b4/0x850
[ 70.143918][ T8603] tomoyo_inode_getattr+0x1c/0x20
[ 70.148914][ T8603] security_inode_getattr+0xc0/0x140
[ 70.154168][ T8603] vfs_getattr+0x2a/0x6d0
[ 70.158468][ T8603] __x64_sys_newfstat+0xa3/0x130
[ 70.163420][ T8603] do_syscall_64+0xf7/0x1c0
[ 70.167896][ T8603] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 70.173754][ T8603]
[ 70.176057][ T8603] The buggy address belongs to the object at ffff8880a7e30140
[ 70.176057][ T8603] which belongs to the cache kmalloc-32 of size 32
[ 70.189906][ T8603] The buggy address is located 0 bytes inside of
[ 70.189906][ T8603] 32-byte region [ffff8880a7e30140, ffff8880a7e30160)
[ 70.202884][ T8603] The buggy address belongs to the page:
[ 70.208488][ T8603] page:ffffea00029f8c00 refcount:1 mapcount:0 mapping:ffff8880aa8001c0 index:0xffff8880a7e30fc1
[ 70.218871][ T8603] raw: 00fffe0000000200 ffffea0002946488 ffffea0002a3adc8 ffff8880aa8001c0
[ 70.227441][ T8603] raw: ffff8880a7e30fc1 ffff8880a7e30000 0000000100000033 0000000000000000
[ 70.235993][ T8603] page dumped because: kasan: bad access detected
[ 70.242376][ T8603]
[ 70.244678][ T8603] Memory state around the buggy address:
[ 70.250280][ T8603] ffff8880a7e30000: 00 00 fc fc fc fc fc fc 00 00 06 fc fc fc fc fc
[ 70.258329][ T8603] ffff8880a7e30080: 00 00 01 fc fc fc fc fc 00 00 fc fc fc fc fc fc
[ 70.266362][ T8603] >ffff8880a7e30100: 00 00 01 fc fc fc fc fc 04 fc fc fc fc fc fc fc
[ 70.274391][ T8603] ^
[ 70.280529][ T8603] ffff8880a7e30180: 00 00 00 07 fc fc fc fc fb fb fb fb fc fc fc fc
[ 70.288560][ T8603] ffff8880a7e30200: 00 00 00 fc fc fc fc fc fb fb fb fb fc fc fc fc
[ 70.296590][ T8603] ==================================================================
[ 70.304620][ T8603] Disabling lock debugging due to kernel taint
[ 70.311296][ T8603] Kernel panic - not syncing: panic_on_warn set ...
[ 70.317872][ T8603] CPU: 1 PID: 8603 Comm: syz-executor921 Tainted: G B 5.5.0-rc6-syzkaller #0
[ 70.327903][ T8603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 70.337931][ T8603] Call Trace:
[ 70.341203][ T8603] dump_stack+0x1fb/0x318
[ 70.345504][ T8603] panic+0x264/0x7a9
[ 70.349371][ T8603] ? __kasan_report+0x193/0x1c0
[ 70.354212][ T8603] ? trace_hardirqs_on+0x34/0x80
[ 70.359179][ T8603] ? __kasan_report+0x193/0x1c0
[ 70.364004][ T8603] __kasan_report+0x1b9/0x1c0
[ 70.368706][ T8603] ? bitmap_ipmac_list+0x40d/0xdd0
[ 70.373791][ T8603] kasan_report+0x26/0x50
[ 70.378101][ T8603] ? debug_smp_processor_id+0x9/0x20
[ 70.383359][ T8603] check_memory_region+0x2b6/0x2f0
[ 70.388444][ T8603] __kasan_check_read+0x11/0x20
[ 70.393282][ T8603] bitmap_ipmac_list+0x40d/0xdd0
[ 70.398191][ T8603] ? ip_set_put_flags+0x15c/0x250
[ 70.403203][ T8603] ip_set_dump_start+0x10f9/0x1800
[ 70.408293][ T8603] netlink_dump+0x4ed/0x1170
[ 70.412859][ T8603] __netlink_dump_start+0x5cb/0x7b0
[ 70.418029][ T8603] ip_set_dump+0x107/0x160
[ 70.422418][ T8603] ? __find_set_type_get+0x540/0x540
[ 70.427673][ T8603] ? ip_set_dump_start+0x1800/0x1800
[ 70.432944][ T8603] ? ip_set_swap+0x730/0x730
[ 70.437505][ T8603] nfnetlink_rcv_msg+0x9ae/0xcd0
[ 70.442420][ T8603] ? cap_capable+0x25b/0x290
[ 70.446977][ T8603] ? cap_capable+0x25b/0x290
[ 70.451550][ T8603] netlink_rcv_skb+0x19e/0x3e0
[ 70.456281][ T8603] ? nfnetlink_bind+0x250/0x250
[ 70.461103][ T8603] nfnetlink_rcv+0x1e0/0x1e50
[ 70.465755][ T8603] ? rcu_lock_release+0x9/0x30
[ 70.470493][ T8603] ? rcu_lock_release+0x21/0x30
[ 70.475328][ T8603] ? netlink_deliver_tap+0x142/0x880
[ 70.480587][ T8603] netlink_unicast+0x767/0x920
[ 70.485325][ T8603] netlink_sendmsg+0xa2c/0xd50
[ 70.490061][ T8603] ? netlink_getsockopt+0x9f0/0x9f0
[ 70.495228][ T8603] ____sys_sendmsg+0x4f7/0x7f0
[ 70.499965][ T8603] __sys_sendmsg+0x1ed/0x290
[ 70.504531][ T8603] ? check_preemption_disabled+0xb4/0x260
[ 70.510219][ T8603] ? debug_smp_processor_id+0x9/0x20
[ 70.515476][ T8603] ? debug_smp_processor_id+0x1c/0x20
[ 70.520866][ T8603] ? fpregs_assert_state_consistent+0xb6/0xe0
[ 70.526906][ T8603] ? prepare_exit_to_usermode+0x221/0x5b0
[ 70.532601][ T8603] ? trace_irq_disable_rcuidle+0x23/0x1e0
[ 70.538294][ T8603] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 70.543728][ T8603] ? trace_irq_disable_rcuidle+0x23/0x1e0
[ 70.549418][ T8603] ? do_syscall_64+0x1d/0x1c0
[ 70.554066][ T8603] __x64_sys_sendmsg+0x7f/0x90
[ 70.558848][ T8603] do_syscall_64+0xf7/0x1c0
[ 70.563342][ T8603] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 70.569216][ T8603] RIP: 0033:0x440529
[ 70.573085][ T8603] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 70.592667][ T8603] RSP: 002b:00007ffcd01ca208 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 70.601052][ T8603] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529
[ 70.609007][ T8603] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[ 70.616956][ T8603] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[ 70.624905][ T8603] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000401db0
[ 70.632861][ T8603] R13: 0000000000401e40 R14: 0000000000000000 R15: 0000000000000000
[ 70.642186][ T8603] Kernel Offset: disabled
[ 70.646503][ T8603] Rebooting in 86400 seconds..