[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.190' (ECDSA) to the list of known hosts.
executing program
executing program
syzkaller login: [   56.037855][ T7019] ==================================================================
[   56.046092][ T7019] BUG: KASAN: double-free or invalid-free in nf_tables_newset+0x1ed6/0x2560
[   56.054739][ T7019] 
[   56.057060][ T7019] CPU: 1 PID: 7019 Comm: syz-executor294 Not tainted 5.6.0-syzkaller #0
[   56.065444][ T7019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.075558][ T7019] Call Trace:
[   56.078841][ T7019]  dump_stack+0x188/0x20d
[   56.083502][ T7019]  print_address_description.constprop.0.cold+0xd3/0x315
[   56.090515][ T7019]  ? nf_tables_newset+0x1ed6/0x2560
[   56.095698][ T7019]  kasan_report_invalid_free+0x61/0xa0
[   56.101142][ T7019]  ? nf_tables_newset+0x1ed6/0x2560
[   56.106323][ T7019]  __kasan_slab_free+0x129/0x140
[   56.111243][ T7019]  ? nf_tables_newset+0x1ed6/0x2560
[   56.116428][ T7019]  kfree+0x109/0x2b0
[   56.120313][ T7019]  nf_tables_newset+0x1ed6/0x2560
[   56.125338][ T7019]  ? lock_downgrade+0x840/0x840
[   56.130226][ T7019]  ? nft_set_elem_expr_alloc+0x200/0x200
[   56.135845][ T7019]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   56.141814][ T7019]  ? __nla_parse+0x2e/0x60
[   56.146218][ T7019]  nfnetlink_rcv_batch+0x83a/0x1610
[   56.151405][ T7019]  ? nft_set_elem_expr_alloc+0x200/0x200
[   56.157054][ T7019]  ? nfnetlink_subsys_register+0x2b0/0x2b0
[   56.162870][ T7019]  ? __nla_validate_parse+0x2af/0x1cd0
[   56.175388][ T7019]  ? cap_capable+0x1eb/0x250
[   56.179970][ T7019]  ? nla_memcpy+0xa0/0xa0
[   56.184286][ T7019]  ? ns_capable_common+0xe2/0x100
[   56.189297][ T7019]  ? __nla_parse+0x2e/0x60
[   56.193970][ T7019]  nfnetlink_rcv+0x3af/0x420
[   56.198547][ T7019]  ? nfnetlink_rcv_batch+0x1610/0x1610
[   56.204000][ T7019]  netlink_unicast+0x537/0x740
[   56.208763][ T7019]  ? netlink_attachskb+0x810/0x810
[   56.213859][ T7019]  ? _copy_from_iter_full+0x25c/0x870
[   56.219216][ T7019]  ? __phys_addr_symbol+0x2c/0x70
[   56.224229][ T7019]  ? __check_object_size+0x171/0x437
[   56.229594][ T7019]  netlink_sendmsg+0x882/0xe10
[   56.234353][ T7019]  ? aa_af_perm+0x260/0x260
[   56.238839][ T7019]  ? netlink_unicast+0x740/0x740
[   56.243764][ T7019]  ? netlink_unicast+0x740/0x740
[   56.248682][ T7019]  sock_sendmsg+0xcf/0x120
[   56.253084][ T7019]  ____sys_sendmsg+0x6bf/0x7e0
[   56.257836][ T7019]  ? print_usage_bug+0x240/0x240
[   56.262813][ T7019]  ? kernel_sendmsg+0x50/0x50
[   56.267503][ T7019]  ___sys_sendmsg+0x100/0x170
[   56.272161][ T7019]  ? sendmsg_copy_msghdr+0x70/0x70
[   56.277256][ T7019]  ? mark_held_locks+0xe0/0xe0
[   56.282015][ T7019]  ? __this_cpu_preempt_check+0x28/0x190
[   56.287644][ T7019]  ? percpu_counter_add_batch+0x123/0x180
[   56.293355][ T7019]  ? find_held_lock+0x2d/0x110
[   56.298114][ T7019]  ? __fd_install+0x1b4/0x600
[   56.302798][ T7019]  ? lock_downgrade+0x840/0x840
[   56.307630][ T7019]  ? __fget_light+0x1ab/0x270
[   56.312291][ T7019]  __sys_sendmsg+0xec/0x1b0
[   56.316780][ T7019]  ? __sys_sendmsg_sock+0xb0/0xb0
[   56.321798][ T7019]  ? trace_hardirqs_off_caller+0x55/0x230
[   56.327505][ T7019]  ? do_syscall_64+0x21/0x7d0
[   56.332175][ T7019]  do_syscall_64+0xf6/0x7d0
[   56.336675][ T7019]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[   56.342560][ T7019] RIP: 0033:0x441279
[   56.346437][ T7019] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   56.366023][ T7019] RSP: 002b:00007ffe7a439e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.374440][ T7019] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441279
[   56.382548][ T7019] RDX: 0000000000000000 RSI: 0000000020000c40 RDI: 0000000000000004
[   56.390513][ T7019] RBP: 000000000000daba R08: 00000000004002c8 R09: 00000000004002c8
[   56.398482][ T7019] R10: 00000000004002c8 R11: 0000000000000246 R12: 00000000004020a0
[   56.406443][ T7019] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000
[   56.414405][ T7019] 
[   56.416716][ T7019] Allocated by task 7019:
[   56.421031][ T7019]  save_stack+0x1b/0x80
[   56.425184][ T7019]  __kasan_kmalloc.constprop.0+0xbf/0xd0
[   56.430799][ T7019]  __kmalloc_track_caller+0x159/0x7a0
[   56.436150][ T7019]  kvasprintf+0xb5/0x150
[   56.440372][ T7019]  kasprintf+0xbb/0xf0
[   56.444424][ T7019]  nf_tables_newset+0x1543/0x2560
[   56.449427][ T7019]  nfnetlink_rcv_batch+0x83a/0x1610
[   56.454602][ T7019]  nfnetlink_rcv+0x3af/0x420
[   56.459209][ T7019]  netlink_unicast+0x537/0x740
[   56.463964][ T7019]  netlink_sendmsg+0x882/0xe10
[   56.468704][ T7019]  sock_sendmsg+0xcf/0x120
[   56.473100][ T7019]  ____sys_sendmsg+0x6bf/0x7e0
[   56.477854][ T7019]  ___sys_sendmsg+0x100/0x170
[   56.482521][ T7019]  __sys_sendmsg+0xec/0x1b0
[   56.487020][ T7019]  do_syscall_64+0xf6/0x7d0
[   56.491507][ T7019]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[   56.497381][ T7019] 
[   56.499699][ T7019] Freed by task 7019:
[   56.503675][ T7019]  save_stack+0x1b/0x80
[   56.507824][ T7019]  __kasan_slab_free+0xf7/0x140
[   56.512664][ T7019]  kfree+0x109/0x2b0
[   56.516550][ T7019]  nf_tables_newset+0x1f73/0x2560
[   56.521556][ T7019]  nfnetlink_rcv_batch+0x83a/0x1610
[   56.526845][ T7019]  nfnetlink_rcv+0x3af/0x420
[   56.531414][ T7019]  netlink_unicast+0x537/0x740
[   56.536165][ T7019]  netlink_sendmsg+0x882/0xe10
[   56.540920][ T7019]  sock_sendmsg+0xcf/0x120
[   56.545314][ T7019]  ____sys_sendmsg+0x6bf/0x7e0
[   56.550059][ T7019]  ___sys_sendmsg+0x100/0x170
[   56.554713][ T7019]  __sys_sendmsg+0xec/0x1b0
[   56.559245][ T7019]  do_syscall_64+0xf6/0x7d0
[   56.563887][ T7019]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[   56.569768][ T7019] 
[   56.572084][ T7019] The buggy address belongs to the object at ffff88809e638740
[   56.572084][ T7019]  which belongs to the cache kmalloc-32 of size 32
[   56.586106][ T7019] The buggy address is located 0 bytes inside of
[   56.586106][ T7019]  32-byte region [ffff88809e638740, ffff88809e638760)
[   56.599154][ T7019] The buggy address belongs to the page:
[   56.604786][ T7019] page:ffffea0002798e00 refcount:1 mapcount:0 mapping:ffff8880aa0001c0 index:0xffff88809e638fc1
[   56.615210][ T7019] flags: 0xfffe0000000200(slab)
[   56.620044][ T7019] raw: 00fffe0000000200 ffff8880aa001240 ffffea00025cbd08 ffff8880aa0001c0
[   56.628609][ T7019] raw: ffff88809e638fc1 ffff88809e638000 0000000100000036 0000000000000000
[   56.637174][ T7019] page dumped because: kasan: bad access detected
[   56.644005][ T7019] 
[   56.646315][ T7019] Memory state around the buggy address:
[   56.651981][ T7019]  ffff88809e638600: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   56.660048][ T7019]  ffff88809e638680: fb fb fb fb fc fc fc fc 00 fc fc fc fc fc fc fc
[   56.668224][ T7019] >ffff88809e638700: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   56.676277][ T7019]                                            ^
[   56.682420][ T7019]  ffff88809e638780: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   56.690464][ T7019]  ffff88809e638800: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   56.698504][ T7019] ==================================================================
[   56.706561][ T7019] Disabling lock debugging due to kernel taint
[   56.712708][ T7019] Kernel panic - not syncing: panic_on_warn set ...
[   56.719405][ T7019] CPU: 1 PID: 7019 Comm: syz-executor294 Tainted: G    B             5.6.0-syzkaller #0
[   56.729447][ T7019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.739511][ T7019] Call Trace:
[   56.742802][ T7019]  dump_stack+0x188/0x20d
[   56.747114][ T7019]  panic+0x2e3/0x75c
[   56.750995][ T7019]  ? add_taint.cold+0x16/0x16
[   56.755687][ T7019]  ? print_shadow_for_address+0xb8/0x114
[   56.761319][ T7019]  ? trace_hardirqs_off+0x50/0x220
[   56.766421][ T7019]  ? nf_tables_newset+0x1ed6/0x2560
[   56.771603][ T7019]  end_report+0x43/0x49
[   56.775833][ T7019]  kasan_report_invalid_free+0x7d/0xa0
[   56.781273][ T7019]  ? nf_tables_newset+0x1ed6/0x2560
[   56.786468][ T7019]  __kasan_slab_free+0x129/0x140
[   56.791390][ T7019]  ? nf_tables_newset+0x1ed6/0x2560
[   56.796619][ T7019]  kfree+0x109/0x2b0
[   56.800534][ T7019]  nf_tables_newset+0x1ed6/0x2560
[   56.805561][ T7019]  ? lock_downgrade+0x840/0x840
[   56.810401][ T7019]  ? nft_set_elem_expr_alloc+0x200/0x200
[   56.816040][ T7019]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   56.822142][ T7019]  ? __nla_parse+0x2e/0x60
[   56.826543][ T7019]  nfnetlink_rcv_batch+0x83a/0x1610
[   56.831731][ T7019]  ? nft_set_elem_expr_alloc+0x200/0x200
[   56.837354][ T7019]  ? nfnetlink_subsys_register+0x2b0/0x2b0
[   56.843146][ T7019]  ? __nla_validate_parse+0x2af/0x1cd0
[   56.848600][ T7019]  ? cap_capable+0x1eb/0x250
[   56.853169][ T7019]  ? nla_memcpy+0xa0/0xa0
[   56.857484][ T7019]  ? ns_capable_common+0xe2/0x100
[   56.862482][ T7019]  ? __nla_parse+0x2e/0x60
[   56.866873][ T7019]  nfnetlink_rcv+0x3af/0x420
[   56.871440][ T7019]  ? nfnetlink_rcv_batch+0x1610/0x1610
[   56.876887][ T7019]  netlink_unicast+0x537/0x740
[   56.881640][ T7019]  ? netlink_attachskb+0x810/0x810
[   56.886752][ T7019]  ? _copy_from_iter_full+0x25c/0x870
[   56.892105][ T7019]  ? __phys_addr_symbol+0x2c/0x70
[   56.897118][ T7019]  ? __check_object_size+0x171/0x437
[   56.902385][ T7019]  netlink_sendmsg+0x882/0xe10
[   56.907133][ T7019]  ? aa_af_perm+0x260/0x260
[   56.911619][ T7019]  ? netlink_unicast+0x740/0x740
[   56.916602][ T7019]  ? netlink_unicast+0x740/0x740
[   56.921616][ T7019]  sock_sendmsg+0xcf/0x120
[   56.926020][ T7019]  ____sys_sendmsg+0x6bf/0x7e0
[   56.930817][ T7019]  ? print_usage_bug+0x240/0x240
[   56.935756][ T7019]  ? kernel_sendmsg+0x50/0x50
[   56.940416][ T7019]  ___sys_sendmsg+0x100/0x170
[   56.945077][ T7019]  ? sendmsg_copy_msghdr+0x70/0x70
[   56.950170][ T7019]  ? mark_held_locks+0xe0/0xe0
[   56.954959][ T7019]  ? __this_cpu_preempt_check+0x28/0x190
[   56.960583][ T7019]  ? percpu_counter_add_batch+0x123/0x180
[   56.966333][ T7019]  ? find_held_lock+0x2d/0x110
[   56.971126][ T7019]  ? __fd_install+0x1b4/0x600
[   56.975783][ T7019]  ? lock_downgrade+0x840/0x840
[   56.980608][ T7019]  ? __fget_light+0x1ab/0x270
[   56.985264][ T7019]  __sys_sendmsg+0xec/0x1b0
[   56.989770][ T7019]  ? __sys_sendmsg_sock+0xb0/0xb0
[   56.994779][ T7019]  ? trace_hardirqs_off_caller+0x55/0x230
[   57.000475][ T7019]  ? do_syscall_64+0x21/0x7d0
[   57.005127][ T7019]  do_syscall_64+0xf6/0x7d0
[   57.009613][ T7019]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[   57.015479][ T7019] RIP: 0033:0x441279
[   57.019353][ T7019] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   57.039107][ T7019] RSP: 002b:00007ffe7a439e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.047523][ T7019] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441279
[   57.055470][ T7019] RDX: 0000000000000000 RSI: 0000000020000c40 RDI: 0000000000000004
[   57.063428][ T7019] RBP: 000000000000daba R08: 00000000004002c8 R09: 00000000004002c8
[   57.071378][ T7019] R10: 00000000004002c8 R11: 0000000000000246 R12: 00000000004020a0
[   57.079333][ T7019] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000
[   57.088636][ T7019] Kernel Offset: disabled
[   57.092957][ T7019] Rebooting in 86400 seconds..