Warning: Permanently added '10.128.0.191' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   86.120712][ T9582] ==================================================================
[   86.129087][ T9582] BUG: KASAN: slab-out-of-bounds in bitmap_ip_list+0x40f/0xf20
[   86.136615][ T9582] Read of size 8 at addr ffff8880a6c8c900 by task syz-executor402/9582
[   86.144970][ T9582] 
[   86.147288][ T9582] CPU: 1 PID: 9582 Comm: syz-executor402 Not tainted 5.5.0-rc5-syzkaller #0
[   86.156027][ T9582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   86.166071][ T9582] Call Trace:
[   86.169395][ T9582]  dump_stack+0x197/0x210
[   86.173718][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   86.178578][ T9582]  print_address_description.constprop.0.cold+0xd4/0x30b
[   86.185589][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   86.190419][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   86.195261][ T9582]  __kasan_report.cold+0x1b/0x41
[   86.200208][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   86.205059][ T9582]  kasan_report+0x12/0x20
[   86.209367][ T9582]  check_memory_region+0x134/0x1a0
[   86.214476][ T9582]  __kasan_check_read+0x11/0x20
[   86.219325][ T9582]  bitmap_ip_list+0x40f/0xf20
[   86.224031][ T9582]  ? bitmap_ip_add+0xe60/0xe60
[   86.228777][ T9582]  ? nla_put+0x110/0x150
[   86.233000][ T9582]  ip_set_dump_start+0x96c/0x1ca0
[   86.238008][ T9582]  ? ip_set_rename+0x720/0x720
[   86.242803][ T9582]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[   86.248336][ T9582]  ? zap_class+0xe40/0xe60
[   86.252747][ T9582]  ? __kasan_check_write+0x14/0x20
[   86.257876][ T9582]  netlink_dump+0x558/0xfb0
[   86.262396][ T9582]  ? __netlink_sendskb+0xc0/0xc0
[   86.267348][ T9582]  __netlink_dump_start+0x673/0x930
[   86.272581][ T9582]  ip_set_dump+0x15a/0x1d0
[   86.277037][ T9582]  ? call_ad+0x5a0/0x5a0
[   86.281300][ T9582]  ? ip_set_rename+0x720/0x720
[   86.286051][ T9582]  ? __ip_set_put_netlink.isra.0+0x90/0x90
[   86.291934][ T9582]  ? call_ad+0x5a0/0x5a0
[   86.296214][ T9582]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   86.301193][ T9582]  ? nfnetlink_bind+0x2c0/0x2c0
[   86.306043][ T9582]  ? __kasan_check_read+0x11/0x20
[   86.311058][ T9582]  ? __lock_acquire+0x8a0/0x4a00
[   86.316109][ T9582]  ? save_stack+0x5c/0x90
[   86.320425][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.326652][ T9582]  ? apparmor_capable+0x497/0x900
[   86.331663][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.338050][ T9582]  ? __kasan_check_read+0x11/0x20
[   86.343061][ T9582]  ? apparmor_cred_prepare+0x7b0/0x7b0
[   86.348508][ T9582]  netlink_rcv_skb+0x177/0x450
[   86.353273][ T9582]  ? nfnetlink_bind+0x2c0/0x2c0
[   86.358118][ T9582]  ? netlink_ack+0xb50/0xb50
[   86.362699][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.368932][ T9582]  ? ns_capable_common+0x93/0x100
[   86.373948][ T9582]  ? ns_capable+0x20/0x30
[   86.378260][ T9582]  ? __netlink_ns_capable+0x104/0x140
[   86.383624][ T9582]  nfnetlink_rcv+0x1ba/0x460
[   86.388197][ T9582]  ? nfnetlink_rcv_batch+0x17a0/0x17a0
[   86.393635][ T9582]  ? netlink_deliver_tap+0x24a/0xbf0
[   86.398913][ T9582]  ? __kasan_check_write+0x14/0x20
[   86.404016][ T9582]  netlink_unicast+0x59e/0x7e0
[   86.408769][ T9582]  ? netlink_attachskb+0x870/0x870
[   86.413870][ T9582]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   86.419580][ T9582]  ? __check_object_size+0x3d/0x437
[   86.424823][ T9582]  netlink_sendmsg+0x91c/0xea0
[   86.429580][ T9582]  ? netlink_unicast+0x7e0/0x7e0
[   86.434621][ T9582]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   86.440163][ T9582]  ? apparmor_socket_sendmsg+0x2a/0x30
[   86.445609][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.451841][ T9582]  ? security_socket_sendmsg+0x8d/0xc0
[   86.457289][ T9582]  ? netlink_unicast+0x7e0/0x7e0
[   86.462221][ T9582]  sock_sendmsg+0xd7/0x130
[   86.466630][ T9582]  ____sys_sendmsg+0x753/0x880
[   86.471858][ T9582]  ? kernel_sendmsg+0x50/0x50
[   86.476518][ T9582]  ? lockdep_init_map+0x1be/0x6d0
[   86.481549][ T9582]  ___sys_sendmsg+0x100/0x170
[   86.486259][ T9582]  ? sendmsg_copy_msghdr+0x70/0x70
[   86.491367][ T9582]  ? __kasan_check_read+0x11/0x20
[   86.496384][ T9582]  ? __lock_acquire+0x8a0/0x4a00
[   86.501410][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.507709][ T9582]  ? __this_cpu_preempt_check+0x35/0x190
[   86.513335][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.519671][ T9582]  ? percpu_counter_add_batch+0x13c/0x190
[   86.525381][ T9582]  ? __fd_install+0x1bc/0x640
[   86.530041][ T9582]  ? find_held_lock+0x35/0x130
[   86.534798][ T9582]  ? __fd_install+0x1bc/0x640
[   86.539476][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.545732][ T9582]  ? __fget_light+0x1a9/0x230
[   86.550419][ T9582]  ? __fdget+0x1b/0x20
[   86.554484][ T9582]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   86.560725][ T9582]  __sys_sendmsg+0x105/0x1d0
[   86.565319][ T9582]  ? __sys_sendmsg_sock+0xc0/0xc0
[   86.570358][ T9582]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   86.575810][ T9582]  ? do_syscall_64+0x26/0x790
[   86.580477][ T9582]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.586532][ T9582]  ? do_syscall_64+0x26/0x790
[   86.591207][ T9582]  __x64_sys_sendmsg+0x78/0xb0
[   86.596056][ T9582]  do_syscall_64+0xfa/0x790
[   86.600552][ T9582]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.606436][ T9582] RIP: 0033:0x440529
[   86.610326][ T9582] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   86.630836][ T9582] RSP: 002b:00007ffe2ffa6e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.639341][ T9582] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529
[   86.647391][ T9582] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000004
[   86.655371][ T9582] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[   86.663333][ T9582] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000401db0
[   86.671305][ T9582] R13: 0000000000401e40 R14: 0000000000000000 R15: 0000000000000000
[   86.679362][ T9582] 
[   86.681675][ T9582] Allocated by task 9582:
[   86.685993][ T9582]  save_stack+0x23/0x90
[   86.690140][ T9582]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   86.695761][ T9582]  kasan_kmalloc+0x9/0x10
[   86.700175][ T9582]  __kmalloc+0x163/0x770
[   86.704415][ T9582]  ip_set_alloc+0x38/0x5e
[   86.708739][ T9582]  bitmap_ip_create+0x6ec/0xc20
[   86.713697][ T9582]  ip_set_create+0x6f1/0x1500
[   86.718357][ T9582]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   86.723272][ T9582]  netlink_rcv_skb+0x177/0x450
[   86.728023][ T9582]  nfnetlink_rcv+0x1ba/0x460
[   86.732646][ T9582]  netlink_unicast+0x59e/0x7e0
[   86.737444][ T9582]  netlink_sendmsg+0x91c/0xea0
[   86.742236][ T9582]  sock_sendmsg+0xd7/0x130
[   86.746642][ T9582]  ____sys_sendmsg+0x753/0x880
[   86.751394][ T9582]  ___sys_sendmsg+0x100/0x170
[   86.756069][ T9582]  __sys_sendmsg+0x105/0x1d0
[   86.760989][ T9582]  __x64_sys_sendmsg+0x78/0xb0
[   86.765736][ T9582]  do_syscall_64+0xfa/0x790
[   86.770216][ T9582]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.776083][ T9582] 
[   86.778403][ T9582] Freed by task 9312:
[   86.782537][ T9582]  save_stack+0x23/0x90
[   86.786684][ T9582]  __kasan_slab_free+0x102/0x150
[   86.791609][ T9582]  kasan_slab_free+0xe/0x10
[   86.796266][ T9582]  kfree+0x10a/0x2c0
[   86.800150][ T9582]  single_release+0x95/0xc0
[   86.804641][ T9582]  __fput+0x2ff/0x890
[   86.808618][ T9582]  ____fput+0x16/0x20
[   86.814717][ T9582]  task_work_run+0x145/0x1c0
[   86.819292][ T9582]  exit_to_usermode_loop+0x316/0x380
[   86.824570][ T9582]  do_syscall_64+0x676/0x790
[   86.829153][ T9582]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.835057][ T9582] 
[   86.837375][ T9582] The buggy address belongs to the object at ffff8880a6c8c900
[   86.837375][ T9582]  which belongs to the cache kmalloc-32 of size 32
[   86.851249][ T9582] The buggy address is located 0 bytes inside of
[   86.851249][ T9582]  32-byte region [ffff8880a6c8c900, ffff8880a6c8c920)
[   86.864243][ T9582] The buggy address belongs to the page:
[   86.869880][ T9582] page:ffffea00029b2300 refcount:1 mapcount:0 mapping:ffff8880aa4001c0 index:0xffff8880a6c8cfc1
[   86.880288][ T9582] raw: 00fffe0000000200 ffffea00026b1a08 ffffea00028fc8c8 ffff8880aa4001c0
[   86.888865][ T9582] raw: ffff8880a6c8cfc1 ffff8880a6c8c000 0000000100000025 0000000000000000
[   86.897426][ T9582] page dumped because: kasan: bad access detected
[   86.903821][ T9582] 
[   86.906195][ T9582] Memory state around the buggy address:
[   86.911848][ T9582]  ffff8880a6c8c800: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   86.919898][ T9582]  ffff8880a6c8c880: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   86.927944][ T9582] >ffff8880a6c8c900: 04 fc fc fc fc fc fc fc fb fb fb fb fc fc fc fc
[   86.935982][ T9582]                    ^
[   86.940035][ T9582]  ffff8880a6c8c980: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   86.948078][ T9582]  ffff8880a6c8ca00: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   86.956117][ T9582] ==================================================================
[   86.964161][ T9582] Disabling lock debugging due to kernel taint
[   86.970417][ T9582] Kernel panic - not syncing: panic_on_warn set ...
[   86.977002][ T9582] CPU: 1 PID: 9582 Comm: syz-executor402 Tainted: G    B             5.5.0-rc5-syzkaller #0
[   86.987155][ T9582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   86.997271][ T9582] Call Trace:
[   87.000591][ T9582]  dump_stack+0x197/0x210
[   87.004960][ T9582]  panic+0x2e3/0x75c
[   87.008842][ T9582]  ? add_taint.cold+0x16/0x16
[   87.013498][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   87.018332][ T9582]  ? preempt_schedule+0x4b/0x60
[   87.023173][ T9582]  ? ___preempt_schedule+0x16/0x18
[   87.028316][ T9582]  ? trace_hardirqs_on+0x5e/0x240
[   87.033328][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   87.038160][ T9582]  end_report+0x47/0x4f
[   87.042297][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   87.047250][ T9582]  __kasan_report.cold+0xe/0x41
[   87.052080][ T9582]  ? bitmap_ip_list+0x40f/0xf20
[   87.056908][ T9582]  kasan_report+0x12/0x20
[   87.061228][ T9582]  check_memory_region+0x134/0x1a0
[   87.066325][ T9582]  __kasan_check_read+0x11/0x20
[   87.071225][ T9582]  bitmap_ip_list+0x40f/0xf20
[   87.075895][ T9582]  ? bitmap_ip_add+0xe60/0xe60
[   87.080645][ T9582]  ? nla_put+0x110/0x150
[   87.084872][ T9582]  ip_set_dump_start+0x96c/0x1ca0
[   87.089931][ T9582]  ? ip_set_rename+0x720/0x720
[   87.094683][ T9582]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[   87.100217][ T9582]  ? zap_class+0xe40/0xe60
[   87.104672][ T9582]  ? __kasan_check_write+0x14/0x20
[   87.109770][ T9582]  netlink_dump+0x558/0xfb0
[   87.114261][ T9582]  ? __netlink_sendskb+0xc0/0xc0
[   87.119211][ T9582]  __netlink_dump_start+0x673/0x930
[   87.124425][ T9582]  ip_set_dump+0x15a/0x1d0
[   87.128840][ T9582]  ? call_ad+0x5a0/0x5a0
[   87.133059][ T9582]  ? ip_set_rename+0x720/0x720
[   87.137811][ T9582]  ? __ip_set_put_netlink.isra.0+0x90/0x90
[   87.143605][ T9582]  ? call_ad+0x5a0/0x5a0
[   87.147883][ T9582]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   87.152864][ T9582]  ? nfnetlink_bind+0x2c0/0x2c0
[   87.157702][ T9582]  ? __kasan_check_read+0x11/0x20
[   87.162701][ T9582]  ? __lock_acquire+0x8a0/0x4a00
[   87.167768][ T9582]  ? save_stack+0x5c/0x90
[   87.172088][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.178446][ T9582]  ? apparmor_capable+0x497/0x900
[   87.183462][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.189689][ T9582]  ? __kasan_check_read+0x11/0x20
[   87.194699][ T9582]  ? apparmor_cred_prepare+0x7b0/0x7b0
[   87.200142][ T9582]  netlink_rcv_skb+0x177/0x450
[   87.204892][ T9582]  ? nfnetlink_bind+0x2c0/0x2c0
[   87.209733][ T9582]  ? netlink_ack+0xb50/0xb50
[   87.214317][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.220539][ T9582]  ? ns_capable_common+0x93/0x100
[   87.225552][ T9582]  ? ns_capable+0x20/0x30
[   87.229893][ T9582]  ? __netlink_ns_capable+0x104/0x140
[   87.235254][ T9582]  nfnetlink_rcv+0x1ba/0x460
[   87.239823][ T9582]  ? nfnetlink_rcv_batch+0x17a0/0x17a0
[   87.246569][ T9582]  ? netlink_deliver_tap+0x24a/0xbf0
[   87.251848][ T9582]  ? __kasan_check_write+0x14/0x20
[   87.256946][ T9582]  netlink_unicast+0x59e/0x7e0
[   87.261688][ T9582]  ? netlink_attachskb+0x870/0x870
[   87.266785][ T9582]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   87.272604][ T9582]  ? __check_object_size+0x3d/0x437
[   87.277790][ T9582]  netlink_sendmsg+0x91c/0xea0
[   87.282555][ T9582]  ? netlink_unicast+0x7e0/0x7e0
[   87.287479][ T9582]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   87.293049][ T9582]  ? apparmor_socket_sendmsg+0x2a/0x30
[   87.298495][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.304715][ T9582]  ? security_socket_sendmsg+0x8d/0xc0
[   87.310187][ T9582]  ? netlink_unicast+0x7e0/0x7e0
[   87.315106][ T9582]  sock_sendmsg+0xd7/0x130
[   87.319607][ T9582]  ____sys_sendmsg+0x753/0x880
[   87.324358][ T9582]  ? kernel_sendmsg+0x50/0x50
[   87.329032][ T9582]  ? lockdep_init_map+0x1be/0x6d0
[   87.334051][ T9582]  ___sys_sendmsg+0x100/0x170
[   87.338737][ T9582]  ? sendmsg_copy_msghdr+0x70/0x70
[   87.343839][ T9582]  ? __kasan_check_read+0x11/0x20
[   87.348860][ T9582]  ? __lock_acquire+0x8a0/0x4a00
[   87.353787][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.360118][ T9582]  ? __this_cpu_preempt_check+0x35/0x190
[   87.365781][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.372047][ T9582]  ? percpu_counter_add_batch+0x13c/0x190
[   87.377847][ T9582]  ? __fd_install+0x1bc/0x640
[   87.382509][ T9582]  ? find_held_lock+0x35/0x130
[   87.387256][ T9582]  ? __fd_install+0x1bc/0x640
[   87.391963][ T9582]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   87.398253][ T9582]  ? __fget_light+0x1a9/0x230
[   87.402919][ T9582]  ? __fdget+0x1b/0x20
[   87.406972][ T9582]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   87.413198][ T9582]  __sys_sendmsg+0x105/0x1d0
[   87.417769][ T9582]  ? __sys_sendmsg_sock+0xc0/0xc0
[   87.422788][ T9582]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   87.428236][ T9582]  ? do_syscall_64+0x26/0x790
[   87.432908][ T9582]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   87.439098][ T9582]  ? do_syscall_64+0x26/0x790
[   87.443768][ T9582]  __x64_sys_sendmsg+0x78/0xb0
[   87.448517][ T9582]  do_syscall_64+0xfa/0x790
[   87.453000][ T9582]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   87.458874][ T9582] RIP: 0033:0x440529
[   87.462747][ T9582] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   87.482475][ T9582] RSP: 002b:00007ffe2ffa6e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.490902][ T9582] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529
[   87.498857][ T9582] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000004
[   87.506812][ T9582] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[   87.514763][ T9582] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000401db0
[   87.522769][ T9582] R13: 0000000000401e40 R14: 0000000000000000 R15: 0000000000000000
[   87.532346][ T9582] Kernel Offset: disabled
[   87.536672][ T9582] Rebooting in 86400 seconds..