[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   80.403564][   T26] audit: type=1800 audit(1579425022.892:25): pid=9466 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   80.423401][   T26] audit: type=1800 audit(1579425022.892:26): pid=9466 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   80.460888][   T26] audit: type=1800 audit(1579425022.892:27): pid=9466 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.143' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   90.904955][ T9618] ==================================================================
[   90.913186][ T9618] BUG: KASAN: slab-out-of-bounds in bitmap_ip_list+0x40f/0xf20
[   90.920711][ T9618] Read of size 8 at addr ffff88809e40dcc0 by task syz-executor445/9618
[   90.928931][ T9618] 
[   90.931256][ T9618] CPU: 1 PID: 9618 Comm: syz-executor445 Not tainted 5.5.0-rc6-syzkaller #0
[   90.939910][ T9618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   90.949967][ T9618] Call Trace:
[   90.953255][ T9618]  dump_stack+0x197/0x210
[   90.957574][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   90.962417][ T9618]  print_address_description.constprop.0.cold+0xd4/0x30b
[   90.969426][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   90.974264][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   90.979119][ T9618]  __kasan_report.cold+0x1b/0x41
[   90.984045][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   90.988888][ T9618]  kasan_report+0x12/0x20
[   90.993208][ T9618]  check_memory_region+0x134/0x1a0
[   90.998331][ T9618]  __kasan_check_read+0x11/0x20
[   91.003219][ T9618]  bitmap_ip_list+0x40f/0xf20
[   91.007886][ T9618]  ? bitmap_ip_add+0xe60/0xe60
[   91.012672][ T9618]  ? nla_put+0x110/0x150
[   91.016905][ T9618]  ip_set_dump_start+0x96c/0x1ca0
[   91.021914][ T9618]  ? ip_set_rename+0x720/0x720
[   91.026668][ T9618]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[   91.032206][ T9618]  ? perf_trace_lock_acquire+0x4a0/0x530
[   91.037838][ T9618]  ? __kasan_check_write+0x14/0x20
[   91.042934][ T9618]  netlink_dump+0x558/0xfb0
[   91.047424][ T9618]  ? __netlink_sendskb+0xc0/0xc0
[   91.052522][ T9618]  __netlink_dump_start+0x66a/0x930
[   91.057727][ T9618]  ip_set_dump+0x15a/0x1d0
[   91.062124][ T9618]  ? call_ad+0x5a0/0x5a0
[   91.066358][ T9618]  ? ip_set_rename+0x720/0x720
[   91.071113][ T9618]  ? __ip_set_put_netlink.isra.0+0x90/0x90
[   91.076909][ T9618]  ? call_ad+0x5a0/0x5a0
[   91.081134][ T9618]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   91.086068][ T9618]  ? nfnetlink_bind+0x2c0/0x2c0
[   91.090944][ T9618]  ? __kasan_check_read+0x11/0x20
[   91.095956][ T9618]  ? __lock_acquire+0x8a0/0x4a00
[   91.100873][ T9618]  ? save_stack+0x5c/0x90
[   91.105213][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.111458][ T9618]  ? apparmor_capable+0x497/0x900
[   91.116478][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.122715][ T9618]  ? __kasan_check_read+0x11/0x20
[   91.127791][ T9618]  ? apparmor_cred_prepare+0x7b0/0x7b0
[   91.133375][ T9618]  netlink_rcv_skb+0x177/0x450
[   91.138137][ T9618]  ? nfnetlink_bind+0x2c0/0x2c0
[   91.142980][ T9618]  ? netlink_ack+0xb50/0xb50
[   91.147630][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.153866][ T9618]  ? ns_capable_common+0x93/0x100
[   91.158881][ T9618]  ? ns_capable+0x20/0x30
[   91.163195][ T9618]  ? __netlink_ns_capable+0x104/0x140
[   91.168579][ T9618]  nfnetlink_rcv+0x1ba/0x460
[   91.173342][ T9618]  ? nfnetlink_rcv_batch+0x17a0/0x17a0
[   91.178786][ T9618]  ? netlink_deliver_tap+0x24a/0xbe0
[   91.184169][ T9618]  ? __kasan_check_write+0x14/0x20
[   91.189270][ T9618]  netlink_unicast+0x58c/0x7d0
[   91.194024][ T9618]  ? netlink_attachskb+0x870/0x870
[   91.199139][ T9618]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   91.204894][ T9618]  ? __check_object_size+0x3d/0x437
[   91.210077][ T9618]  netlink_sendmsg+0x91c/0xea0
[   91.214836][ T9618]  ? netlink_unicast+0x7d0/0x7d0
[   91.219766][ T9618]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   91.225362][ T9618]  ? apparmor_socket_sendmsg+0x2a/0x30
[   91.230869][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.237096][ T9618]  ? security_socket_sendmsg+0x8d/0xc0
[   91.242549][ T9618]  ? netlink_unicast+0x7d0/0x7d0
[   91.247478][ T9618]  sock_sendmsg+0xd7/0x130
[   91.251890][ T9618]  ____sys_sendmsg+0x753/0x880
[   91.256756][ T9618]  ? kernel_sendmsg+0x50/0x50
[   91.261424][ T9618]  ? lockdep_init_map+0x1be/0x6d0
[   91.266517][ T9618]  ___sys_sendmsg+0x100/0x170
[   91.271468][ T9618]  ? sendmsg_copy_msghdr+0x70/0x70
[   91.276572][ T9618]  ? __kasan_check_read+0x11/0x20
[   91.281586][ T9618]  ? __lock_acquire+0x8a0/0x4a00
[   91.286519][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.292749][ T9618]  ? __this_cpu_preempt_check+0x35/0x190
[   91.298364][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.304596][ T9618]  ? percpu_counter_add_batch+0x13c/0x190
[   91.310295][ T9618]  ? __fd_install+0x1bc/0x640
[   91.314955][ T9618]  ? find_held_lock+0x35/0x130
[   91.319706][ T9618]  ? __fd_install+0x1bc/0x640
[   91.324375][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.330607][ T9618]  ? __fget_light+0x1a9/0x230
[   91.335430][ T9618]  ? __fdget+0x1b/0x20
[   91.339482][ T9618]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   91.346050][ T9618]  __sys_sendmsg+0x105/0x1d0
[   91.350628][ T9618]  ? __sys_sendmsg_sock+0xc0/0xc0
[   91.355641][ T9618]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   91.361270][ T9618]  ? do_syscall_64+0x26/0x790
[   91.365928][ T9618]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.371973][ T9618]  ? do_syscall_64+0x26/0x790
[   91.376764][ T9618]  __x64_sys_sendmsg+0x78/0xb0
[   91.381516][ T9618]  do_syscall_64+0xfa/0x790
[   91.386007][ T9618]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.391888][ T9618] RIP: 0033:0x440559
[   91.395768][ T9618] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   91.415468][ T9618] RSP: 002b:00007ffcf65a3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.423870][ T9618] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440559
[   91.431834][ T9618] RDX: 0000000000000080 RSI: 00000000200000c0 RDI: 0000000000000004
[   91.439792][ T9618] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[   91.447753][ T9618] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000401de0
[   91.455844][ T9618] R13: 0000000000401e70 R14: 0000000000000000 R15: 0000000000000000
[   91.463811][ T9618] 
[   91.466135][ T9618] Allocated by task 9618:
[   91.470487][ T9618]  save_stack+0x23/0x90
[   91.474722][ T9618]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   91.480344][ T9618]  kasan_kmalloc+0x9/0x10
[   91.484746][ T9618]  __kmalloc+0x163/0x770
[   91.488971][ T9618]  ip_set_alloc+0x38/0x5e
[   91.493323][ T9618]  bitmap_ip_create+0x6ec/0xc20
[   91.498175][ T9618]  ip_set_create+0x6f1/0x1500
[   91.502847][ T9618]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   91.507819][ T9618]  netlink_rcv_skb+0x177/0x450
[   91.512565][ T9618]  nfnetlink_rcv+0x1ba/0x460
[   91.517142][ T9618]  netlink_unicast+0x58c/0x7d0
[   91.521893][ T9618]  netlink_sendmsg+0x91c/0xea0
[   91.526641][ T9618]  sock_sendmsg+0xd7/0x130
[   91.531045][ T9618]  ____sys_sendmsg+0x753/0x880
[   91.535792][ T9618]  ___sys_sendmsg+0x100/0x170
[   91.540468][ T9618]  __sys_sendmsg+0x105/0x1d0
[   91.545045][ T9618]  __x64_sys_sendmsg+0x78/0xb0
[   91.549788][ T9618]  do_syscall_64+0xfa/0x790
[   91.554283][ T9618]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.560158][ T9618] 
[   91.562474][ T9618] Freed by task 9362:
[   91.566437][ T9618]  save_stack+0x23/0x90
[   91.570586][ T9618]  __kasan_slab_free+0x102/0x150
[   91.575517][ T9618]  kasan_slab_free+0xe/0x10
[   91.580001][ T9618]  kfree+0x10a/0x2c0
[   91.583888][ T9618]  tomoyo_supervisor+0xc2c/0xef0
[   91.588806][ T9618]  tomoyo_env_perm+0x18e/0x210
[   91.593596][ T9618]  tomoyo_find_next_domain+0x1354/0x1f6c
[   91.599267][ T9618]  tomoyo_bprm_check_security+0x124/0x1a0
[   91.604970][ T9618]  security_bprm_check+0x63/0xb0
[   91.609906][ T9618]  search_binary_handler+0x71/0x570
[   91.615084][ T9618]  __do_execve_file.isra.0+0x1329/0x22b0
[   91.620834][ T9618]  __x64_sys_execve+0x8f/0xc0
[   91.625627][ T9618]  do_syscall_64+0xfa/0x790
[   91.630184][ T9618]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.636234][ T9618] 
[   91.638562][ T9618] The buggy address belongs to the object at ffff88809e40dcc0
[   91.638562][ T9618]  which belongs to the cache kmalloc-32 of size 32
[   91.652430][ T9618] The buggy address is located 0 bytes inside of
[   91.652430][ T9618]  32-byte region [ffff88809e40dcc0, ffff88809e40dce0)
[   91.665430][ T9618] The buggy address belongs to the page:
[   91.671056][ T9618] page:ffffea0002790340 refcount:1 mapcount:0 mapping:ffff8880aa4001c0 index:0xffff88809e40dfc1
[   91.681468][ T9618] raw: 00fffe0000000200 ffffea00029e8348 ffffea00027f6dc8 ffff8880aa4001c0
[   91.690058][ T9618] raw: ffff88809e40dfc1 ffff88809e40d000 000000010000002e 0000000000000000
[   91.698627][ T9618] page dumped because: kasan: bad access detected
[   91.705134][ T9618] 
[   91.707478][ T9618] Memory state around the buggy address:
[   91.713096][ T9618]  ffff88809e40db80: 00 01 fc fc fc fc fc fc fb fb fb fb fc fc fc fc
[   91.721148][ T9618]  ffff88809e40dc00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   91.729314][ T9618] >ffff88809e40dc80: 00 06 fc fc fc fc fc fc 04 fc fc fc fc fc fc fc
[   91.737367][ T9618]                                            ^
[   91.743500][ T9618]  ffff88809e40dd00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   91.751548][ T9618]  ffff88809e40dd80: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   91.759591][ T9618] ==================================================================
[   91.767634][ T9618] Disabling lock debugging due to kernel taint
[   91.775130][ T9618] Kernel panic - not syncing: panic_on_warn set ...
[   91.781773][ T9618] CPU: 1 PID: 9618 Comm: syz-executor445 Tainted: G    B             5.5.0-rc6-syzkaller #0
[   91.791818][ T9618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   91.801858][ T9618] Call Trace:
[   91.805135][ T9618]  dump_stack+0x197/0x210
[   91.809566][ T9618]  panic+0x2e3/0x75c
[   91.813590][ T9618]  ? add_taint.cold+0x16/0x16
[   91.818255][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   91.823094][ T9618]  ? preempt_schedule+0x4b/0x60
[   91.827930][ T9618]  ? ___preempt_schedule+0x16/0x18
[   91.833030][ T9618]  ? trace_hardirqs_on+0x5e/0x240
[   91.838047][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   91.842875][ T9618]  end_report+0x47/0x4f
[   91.847017][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   91.851855][ T9618]  __kasan_report.cold+0xe/0x41
[   91.856694][ T9618]  ? bitmap_ip_list+0x40f/0xf20
[   91.861552][ T9618]  kasan_report+0x12/0x20
[   91.865865][ T9618]  check_memory_region+0x134/0x1a0
[   91.870960][ T9618]  __kasan_check_read+0x11/0x20
[   91.875921][ T9618]  bitmap_ip_list+0x40f/0xf20
[   91.880591][ T9618]  ? bitmap_ip_add+0xe60/0xe60
[   91.885333][ T9618]  ? nla_put+0x110/0x150
[   91.889557][ T9618]  ip_set_dump_start+0x96c/0x1ca0
[   91.894569][ T9618]  ? ip_set_rename+0x720/0x720
[   91.899314][ T9618]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[   91.905036][ T9618]  ? perf_trace_lock_acquire+0x4a0/0x530
[   91.910644][ T9618]  ? __kasan_check_write+0x14/0x20
[   91.915742][ T9618]  netlink_dump+0x558/0xfb0
[   91.920223][ T9618]  ? __netlink_sendskb+0xc0/0xc0
[   91.925194][ T9618]  __netlink_dump_start+0x66a/0x930
[   91.930431][ T9618]  ip_set_dump+0x15a/0x1d0
[   91.934930][ T9618]  ? call_ad+0x5a0/0x5a0
[   91.939161][ T9618]  ? ip_set_rename+0x720/0x720
[   91.943913][ T9618]  ? __ip_set_put_netlink.isra.0+0x90/0x90
[   91.949710][ T9618]  ? call_ad+0x5a0/0x5a0
[   91.953943][ T9618]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   91.958917][ T9618]  ? nfnetlink_bind+0x2c0/0x2c0
[   91.963874][ T9618]  ? __kasan_check_read+0x11/0x20
[   91.968893][ T9618]  ? __lock_acquire+0x8a0/0x4a00
[   91.973820][ T9618]  ? save_stack+0x5c/0x90
[   91.978361][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.984647][ T9618]  ? apparmor_capable+0x497/0x900
[   91.989651][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.995875][ T9618]  ? __kasan_check_read+0x11/0x20
[   92.000914][ T9618]  ? apparmor_cred_prepare+0x7b0/0x7b0
[   92.006364][ T9618]  netlink_rcv_skb+0x177/0x450
[   92.011106][ T9618]  ? nfnetlink_bind+0x2c0/0x2c0
[   92.015944][ T9618]  ? netlink_ack+0xb50/0xb50
[   92.020516][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.026744][ T9618]  ? ns_capable_common+0x93/0x100
[   92.031757][ T9618]  ? ns_capable+0x20/0x30
[   92.036119][ T9618]  ? __netlink_ns_capable+0x104/0x140
[   92.041484][ T9618]  nfnetlink_rcv+0x1ba/0x460
[   92.046055][ T9618]  ? nfnetlink_rcv_batch+0x17a0/0x17a0
[   92.051679][ T9618]  ? netlink_deliver_tap+0x24a/0xbe0
[   92.056951][ T9618]  ? __kasan_check_write+0x14/0x20
[   92.062093][ T9618]  netlink_unicast+0x58c/0x7d0
[   92.066845][ T9618]  ? netlink_attachskb+0x870/0x870
[   92.071993][ T9618]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   92.077726][ T9618]  ? __check_object_size+0x3d/0x437
[   92.082909][ T9618]  netlink_sendmsg+0x91c/0xea0
[   92.087662][ T9618]  ? netlink_unicast+0x7d0/0x7d0
[   92.092650][ T9618]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   92.098185][ T9618]  ? apparmor_socket_sendmsg+0x2a/0x30
[   92.103656][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.109980][ T9618]  ? security_socket_sendmsg+0x8d/0xc0
[   92.115427][ T9618]  ? netlink_unicast+0x7d0/0x7d0
[   92.120414][ T9618]  sock_sendmsg+0xd7/0x130
[   92.124814][ T9618]  ____sys_sendmsg+0x753/0x880
[   92.129564][ T9618]  ? kernel_sendmsg+0x50/0x50
[   92.134271][ T9618]  ? lockdep_init_map+0x1be/0x6d0
[   92.139315][ T9618]  ___sys_sendmsg+0x100/0x170
[   92.143981][ T9618]  ? sendmsg_copy_msghdr+0x70/0x70
[   92.149078][ T9618]  ? __kasan_check_read+0x11/0x20
[   92.154176][ T9618]  ? __lock_acquire+0x8a0/0x4a00
[   92.159105][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.165324][ T9618]  ? __this_cpu_preempt_check+0x35/0x190
[   92.170946][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.177176][ T9618]  ? percpu_counter_add_batch+0x13c/0x190
[   92.182881][ T9618]  ? __fd_install+0x1bc/0x640
[   92.187568][ T9618]  ? find_held_lock+0x35/0x130
[   92.192314][ T9618]  ? __fd_install+0x1bc/0x640
[   92.196978][ T9618]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.203245][ T9618]  ? __fget_light+0x1a9/0x230
[   92.207905][ T9618]  ? __fdget+0x1b/0x20
[   92.212392][ T9618]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   92.218632][ T9618]  __sys_sendmsg+0x105/0x1d0
[   92.223204][ T9618]  ? __sys_sendmsg_sock+0xc0/0xc0
[   92.228219][ T9618]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   92.233777][ T9618]  ? do_syscall_64+0x26/0x790
[   92.238561][ T9618]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   92.244615][ T9618]  ? do_syscall_64+0x26/0x790
[   92.249292][ T9618]  __x64_sys_sendmsg+0x78/0xb0
[   92.254045][ T9618]  do_syscall_64+0xfa/0x790
[   92.258540][ T9618]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   92.264474][ T9618] RIP: 0033:0x440559
[   92.268362][ T9618] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   92.288057][ T9618] RSP: 002b:00007ffcf65a3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.296457][ T9618] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440559
[   92.304436][ T9618] RDX: 0000000000000080 RSI: 00000000200000c0 RDI: 0000000000000004
[   92.312387][ T9618] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[   92.320731][ T9618] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000401de0
[   92.328815][ T9618] R13: 0000000000401e70 R14: 0000000000000000 R15: 0000000000000000
[   92.338252][ T9618] Kernel Offset: disabled
[   92.342578][ T9618] Rebooting in 86400 seconds..