Warning: Permanently added '10.128.0.207' (ECDSA) to the list of known hosts.
executing program
[   54.766928] audit: type=1400 audit(1583913938.595:36): avc:  denied  { map } for  pid=7966 comm="syz-executor066" path="/root/syz-executor066597159" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   54.784898] IPVS: ftp: loaded support on port[0] = 21
[   54.825932] ==================================================================
[   54.833389] BUG: KASAN: slab-out-of-bounds in tcindex_set_parms+0x17d0/0x19d0
[   54.840650] Write of size 16 at addr ffff8880a54778b8 by task syz-executor066/7967
[   54.848348] 
[   54.849981] CPU: 0 PID: 7967 Comm: syz-executor066 Not tainted 4.19.108-syzkaller #0
[   54.857951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.867301] Call Trace:
[   54.869915]  dump_stack+0x188/0x20d
[   54.873529]  ? tcindex_set_parms+0x17d0/0x19d0
[   54.878108]  print_address_description.cold+0x7c/0x212
[   54.883583]  ? tcindex_set_parms+0x17d0/0x19d0
[   54.888671]  kasan_report.cold+0x88/0x2b9
[   54.892815]  tcindex_set_parms+0x17d0/0x19d0
[   54.897209]  ? avc_has_perm_noaudit+0x316/0x520
[   54.901872]  ? tcindex_alloc_perfect_hash+0x350/0x350
[   54.907056]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   54.912231]  ? validate_nla+0x328/0x800
[   54.916281]  ? tcindex_change+0x200/0x2d3
[   54.920409]  tcindex_change+0x200/0x2d3
[   54.924367]  ? tcindex_set_parms+0x19d0/0x19d0
[   54.928938]  ? tcindex_set_parms+0x19d0/0x19d0
[   54.933500]  tc_new_tfilter+0xa6b/0x1450
[   54.937552]  ? tc_del_tfilter+0xd40/0xd40
[   54.941683]  ? __mutex_lock+0x3cd/0x1300
[   54.945738]  ? selinux_ipv4_output+0x50/0x50
[   54.950129]  ? rtnetlink_rcv_msg+0x3fe/0xaf0
[   54.954531]  ? tc_del_tfilter+0xd40/0xd40
[   54.958665]  rtnetlink_rcv_msg+0x453/0xaf0
[   54.962883]  ? rtnetlink_put_metrics+0x520/0x520
[   54.967621]  ? find_held_lock+0x2d/0x110
[   54.971666]  netlink_rcv_skb+0x160/0x410
[   54.975713]  ? rtnetlink_put_metrics+0x520/0x520
[   54.980454]  ? netlink_ack+0xa60/0xa60
[   54.984332]  netlink_unicast+0x4d7/0x6a0
[   54.988386]  ? netlink_attachskb+0x710/0x710
[   54.992782]  netlink_sendmsg+0x80b/0xcd0
[   54.996833]  ? netlink_unicast+0x6a0/0x6a0
[   55.001050]  ? move_addr_to_kernel.part.0+0x110/0x110
[   55.006229]  ? netlink_unicast+0x6a0/0x6a0
[   55.010458]  sock_sendmsg+0xcf/0x120
[   55.014154]  ___sys_sendmsg+0x803/0x920
[   55.018114]  ? copy_msghdr_from_user+0x410/0x410
[   55.022855]  ? find_held_lock+0x2d/0x110
[   55.026908]  ? __might_fault+0x11f/0x1d0
[   55.030953]  ? lock_downgrade+0x740/0x740
[   55.035095]  ? __might_fault+0x192/0x1d0
[   55.039152]  ? _copy_to_user+0xb8/0x100
[   55.043114]  ? move_addr_to_user+0xa8/0x1e0
[   55.047417]  ? __fget_light+0x1a2/0x230
[   55.051377]  __sys_sendmsg+0xec/0x1b0
[   55.055176]  ? __ia32_sys_shutdown+0x70/0x70
[   55.059574]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   55.064307]  ? trace_hardirqs_off_caller+0x55/0x210
[   55.069305]  ? do_syscall_64+0x21/0x620
[   55.073281]  do_syscall_64+0xf9/0x620
[   55.077093]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   55.082270] RIP: 0033:0x440eb9
[   55.085446] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   55.104347] RSP: 002b:00007ffe0f5cf728 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.112049] RAX: ffffffffffffffda RBX: 00000000004a2690 RCX: 0000000000440eb9
[   55.119310] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[   55.126560] RBP: 00000000004a2690 R08: 0000000120080522 R09: 0000000120080522
[   55.133812] R10: 0000000120080522 R11: 0000000000000246 R12: 00000000004023c0
[   55.141062] R13: 0000000000402450 R14: 0000000000000000 R15: 0000000000000000
[   55.148320] 
[   55.149950] Allocated by task 1524:
[   55.154973]  kasan_kmalloc+0xbf/0xe0
[   55.158693]  kmem_cache_alloc_trace+0x14d/0x7a0
[   55.163349]  kthread+0x96/0x420
[   55.166610]  ret_from_fork+0x24/0x30
[   55.170301] 
[   55.171914] Freed by task 0:
[   55.174918] (stack is not available)
[   55.178614] 
[   55.180227] The buggy address belongs to the object at ffff8880a5477800
[   55.180227]  which belongs to the cache kmalloc-192 of size 192
[   55.192877] The buggy address is located 184 bytes inside of
[   55.192877]  192-byte region [ffff8880a5477800, ffff8880a54778c0)
[   55.204741] The buggy address belongs to the page:
[   55.209659] page:ffffea0002951dc0 count:1 mapcount:0 mapping:ffff88812c3dc040 index:0x0
[   55.217787] flags: 0xfffe0000000100(slab)
[   55.221922] raw: 00fffe0000000100 ffffea000296f948 ffffea00029a9008 ffff88812c3dc040
[   55.229784] raw: 0000000000000000 ffff8880a5477000 0000000100000010 0000000000000000
[   55.237641] page dumped because: kasan: bad access detected
[   55.243330] 
[   55.244948] Memory state around the buggy address:
[   55.249861]  ffff8880a5477780: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   55.257291]  ffff8880a5477800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   55.264645] >ffff8880a5477880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   55.271995]                                            ^
[   55.277432]  ffff8880a5477900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   55.284777]  ffff8880a5477980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   55.292132] ==================================================================
[   55.299491] Disabling lock debugging due to kernel taint
[   55.305436] Kernel panic - not syncing: panic_on_warn set ...
[   55.305436] 
[   55.312803] CPU: 0 PID: 7967 Comm: syz-executor066 Tainted: G    B             4.19.108-syzkaller #0
[   55.322054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.331386] Call Trace:
[   55.333961]  dump_stack+0x188/0x20d
[   55.337572]  panic+0x26a/0x50e
[   55.340744]  ? __warn_printk+0xf3/0xf3
[   55.344610]  ? preempt_schedule_common+0x4a/0xc0
[   55.349345]  ? tcindex_set_parms+0x17d0/0x19d0
[   55.353927]  ? ___preempt_schedule+0x16/0x18
[   55.358329]  ? trace_hardirqs_on+0x55/0x210
[   55.362647]  ? tcindex_set_parms+0x17d0/0x19d0
[   55.367220]  kasan_end_report+0x43/0x49
[   55.371178]  kasan_report.cold+0xa4/0x2b9
[   55.375334]  tcindex_set_parms+0x17d0/0x19d0
[   55.379728]  ? avc_has_perm_noaudit+0x316/0x520
[   55.384385]  ? tcindex_alloc_perfect_hash+0x350/0x350
[   55.389575]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   55.394753]  ? validate_nla+0x328/0x800
[   55.398711]  ? tcindex_change+0x200/0x2d3
[   55.402837]  tcindex_change+0x200/0x2d3
[   55.406808]  ? tcindex_set_parms+0x19d0/0x19d0
[   55.411374]  ? tcindex_set_parms+0x19d0/0x19d0
[   55.415946]  tc_new_tfilter+0xa6b/0x1450
[   55.419990]  ? tc_del_tfilter+0xd40/0xd40
[   55.424126]  ? __mutex_lock+0x3cd/0x1300
[   55.428170]  ? selinux_ipv4_output+0x50/0x50
[   55.432559]  ? rtnetlink_rcv_msg+0x3fe/0xaf0
[   55.436954]  ? tc_del_tfilter+0xd40/0xd40
[   55.441083]  rtnetlink_rcv_msg+0x453/0xaf0
[   55.445311]  ? rtnetlink_put_metrics+0x520/0x520
[   55.450049]  ? find_held_lock+0x2d/0x110
[   55.454092]  netlink_rcv_skb+0x160/0x410
[   55.458159]  ? rtnetlink_put_metrics+0x520/0x520
[   55.462916]  ? netlink_ack+0xa60/0xa60
[   55.466800]  netlink_unicast+0x4d7/0x6a0
[   55.470848]  ? netlink_attachskb+0x710/0x710
[   55.475242]  netlink_sendmsg+0x80b/0xcd0
[   55.479289]  ? netlink_unicast+0x6a0/0x6a0
[   55.483517]  ? move_addr_to_kernel.part.0+0x110/0x110
[   55.488696]  ? netlink_unicast+0x6a0/0x6a0
[   55.492917]  sock_sendmsg+0xcf/0x120
[   55.496619]  ___sys_sendmsg+0x803/0x920
[   55.500578]  ? copy_msghdr_from_user+0x410/0x410
[   55.505319]  ? find_held_lock+0x2d/0x110
[   55.509368]  ? __might_fault+0x11f/0x1d0
[   55.513413]  ? lock_downgrade+0x740/0x740
[   55.517548]  ? __might_fault+0x192/0x1d0
[   55.521592]  ? _copy_to_user+0xb8/0x100
[   55.525556]  ? move_addr_to_user+0xa8/0x1e0
[   55.529860]  ? __fget_light+0x1a2/0x230
[   55.534121]  __sys_sendmsg+0xec/0x1b0
[   55.537957]  ? __ia32_sys_shutdown+0x70/0x70
[   55.542359]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   55.547102]  ? trace_hardirqs_off_caller+0x55/0x210
[   55.552100]  ? do_syscall_64+0x21/0x620
[   55.556060]  do_syscall_64+0xf9/0x620
[   55.559844]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   55.565069] RIP: 0033:0x440eb9
[   55.568242] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   55.588087] RSP: 002b:00007ffe0f5cf728 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.595777] RAX: ffffffffffffffda RBX: 00000000004a2690 RCX: 0000000000440eb9
[   55.603025] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[   55.610275] RBP: 00000000004a2690 R08: 0000000120080522 R09: 0000000120080522
[   55.617534] R10: 0000000120080522 R11: 0000000000000246 R12: 00000000004023c0
[   55.624809] R13: 0000000000402450 R14: 0000000000000000 R15: 0000000000000000
[   55.633432] Kernel Offset: disabled
[   55.637066] Rebooting in 86400 seconds..