Warning: Permanently added '10.128.10.40' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   91.114966][ T9594] ==================================================================
[   91.123428][ T9594] BUG: KASAN: slab-out-of-bounds in bitmap_ip_del+0xdb/0x380
[   91.130809][ T9594] Write of size 8 at addr ffff88809c829840 by task syz-executor306/9594
[   91.139231][ T9594] 
[   91.141547][ T9594] CPU: 1 PID: 9594 Comm: syz-executor306 Not tainted 5.5.0-rc7-syzkaller #0
[   91.150195][ T9594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   91.160249][ T9594] Call Trace:
[   91.163542][ T9594]  dump_stack+0x197/0x210
[   91.167855][ T9594]  ? bitmap_ip_del+0xdb/0x380
[   91.172518][ T9594]  print_address_description.constprop.0.cold+0xd4/0x30b
[   91.179529][ T9594]  ? bitmap_ip_del+0xdb/0x380
[   91.184212][ T9594]  ? bitmap_ip_del+0xdb/0x380
[   91.188875][ T9594]  __kasan_report.cold+0x1b/0x41
[   91.193809][ T9594]  ? __sanitizer_cov_trace_cmp2+0x1/0x20
[   91.199434][ T9594]  ? bitmap_ip_del+0xdb/0x380
[   91.204119][ T9594]  kasan_report+0x12/0x20
[   91.208620][ T9594]  check_memory_region+0x134/0x1a0
[   91.213735][ T9594]  __kasan_check_write+0x14/0x20
[   91.218661][ T9594]  bitmap_ip_del+0xdb/0x380
[   91.223148][ T9594]  bitmap_ip_uadt+0x73e/0xa10
[   91.227924][ T9594]  ? bitmap_ip_create+0xc20/0xc20
[   91.232955][ T9594]  ? bitmap_ip_kadt+0x5a0/0x5a0
[   91.237800][ T9594]  ? __kasan_check_write+0x14/0x20
[   91.242936][ T9594]  ? lock_set_class+0x3b0/0x7a0
[   91.247794][ T9594]  call_ad+0x1a0/0x5a0
[   91.251959][ T9594]  ? start_msg+0x220/0x220
[   91.256407][ T9594]  ? nla_memcpy+0xb0/0xb0
[   91.260732][ T9594]  ? __nla_parse+0x43/0x60
[   91.265157][ T9594]  ip_set_ad.isra.0+0x572/0xb20
[   91.270102][ T9594]  ? ip_set_nfnl_get_byindex+0x460/0x460
[   91.275799][ T9594]  ? nla_memcpy+0xb0/0xb0
[   91.280176][ T9594]  ? lock_downgrade+0x920/0x920
[   91.285196][ T9594]  ip_set_udel+0x3a/0x50
[   91.289438][ T9594]  ? ip_set_ad.isra.0+0xb20/0xb20
[   91.294540][ T9594]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   91.299601][ T9594]  ? nfnetlink_bind+0x2c0/0x2c0
[   91.304714][ T9594]  ? __kasan_check_read+0x11/0x20
[   91.309723][ T9594]  ? __lock_acquire+0x8a0/0x4a00
[   91.314890][ T9594]  ? save_stack+0x5c/0x90
[   91.319223][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.325453][ T9594]  ? apparmor_capable+0x497/0x900
[   91.330471][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.336744][ T9594]  ? __kasan_check_read+0x11/0x20
[   91.341761][ T9594]  ? apparmor_cred_prepare+0x7b0/0x7b0
[   91.347264][ T9594]  netlink_rcv_skb+0x177/0x450
[   91.352021][ T9594]  ? nfnetlink_bind+0x2c0/0x2c0
[   91.356856][ T9594]  ? netlink_ack+0xb50/0xb50
[   91.361703][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.367982][ T9594]  ? ns_capable_common+0x93/0x100
[   91.373013][ T9594]  ? ns_capable+0x20/0x30
[   91.377329][ T9594]  ? __netlink_ns_capable+0x104/0x140
[   91.382692][ T9594]  nfnetlink_rcv+0x1ba/0x460
[   91.387314][ T9594]  ? nfnetlink_rcv_batch+0x17a0/0x17a0
[   91.392766][ T9594]  ? netlink_deliver_tap+0x24a/0xbe0
[   91.398049][ T9594]  ? __kasan_check_write+0x14/0x20
[   91.403192][ T9594]  netlink_unicast+0x58c/0x7d0
[   91.407956][ T9594]  ? netlink_attachskb+0x870/0x870
[   91.413061][ T9594]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   91.418859][ T9594]  ? __check_object_size+0x3d/0x437
[   91.424052][ T9594]  netlink_sendmsg+0x91c/0xea0
[   91.428801][ T9594]  ? netlink_unicast+0x7d0/0x7d0
[   91.433725][ T9594]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   91.439303][ T9594]  ? apparmor_socket_sendmsg+0x2a/0x30
[   91.444745][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.451030][ T9594]  ? security_socket_sendmsg+0x8d/0xc0
[   91.456530][ T9594]  ? netlink_unicast+0x7d0/0x7d0
[   91.461461][ T9594]  sock_sendmsg+0xd7/0x130
[   91.465858][ T9594]  ____sys_sendmsg+0x753/0x880
[   91.470616][ T9594]  ? kernel_sendmsg+0x50/0x50
[   91.475288][ T9594]  ? lockdep_init_map+0x1be/0x6d0
[   91.480314][ T9594]  ___sys_sendmsg+0x100/0x170
[   91.484992][ T9594]  ? sendmsg_copy_msghdr+0x70/0x70
[   91.490100][ T9594]  ? __kasan_check_read+0x11/0x20
[   91.495106][ T9594]  ? __lock_acquire+0x8a0/0x4a00
[   91.500036][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.506280][ T9594]  ? __this_cpu_preempt_check+0x35/0x190
[   91.511898][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.518135][ T9594]  ? percpu_counter_add_batch+0x13c/0x190
[   91.523850][ T9594]  ? __fd_install+0x1bc/0x640
[   91.528528][ T9594]  ? find_held_lock+0x35/0x130
[   91.533344][ T9594]  ? __fd_install+0x1bc/0x640
[   91.538018][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.544254][ T9594]  ? __fget_light+0x1a9/0x230
[   91.548929][ T9594]  ? __fdget+0x1b/0x20
[   91.552989][ T9594]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   91.559321][ T9594]  __sys_sendmsg+0x105/0x1d0
[   91.564033][ T9594]  ? __sys_sendmsg_sock+0xc0/0xc0
[   91.569130][ T9594]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   91.574583][ T9594]  ? do_syscall_64+0x26/0x790
[   91.579287][ T9594]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.585348][ T9594]  ? do_syscall_64+0x26/0x790
[   91.590082][ T9594]  __x64_sys_sendmsg+0x78/0xb0
[   91.594831][ T9594]  do_syscall_64+0xfa/0x790
[   91.599386][ T9594]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.605275][ T9594] RIP: 0033:0x440689
[   91.609252][ T9594] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   91.628845][ T9594] RSP: 002b:00007ffc744ff5c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.637294][ T9594] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440689
[   91.645279][ T9594] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004
[   91.653235][ T9594] RBP: 00000000006ca018 R08: 000000000000001c R09: 00000000004002c8
[   91.661199][ T9594] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000401f10
[   91.669156][ T9594] R13: 0000000000401fa0 R14: 0000000000000000 R15: 0000000000000000
[   91.677131][ T9594] 
[   91.679445][ T9594] Allocated by task 9594:
[   91.683773][ T9594]  save_stack+0x23/0x90
[   91.687915][ T9594]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[   91.693542][ T9594]  kasan_kmalloc+0x9/0x10
[   91.697853][ T9594]  __kmalloc+0x163/0x770
[   91.702075][ T9594]  ip_set_alloc+0x38/0x5e
[   91.706395][ T9594]  bitmap_ip_create+0x6ec/0xc20
[   91.711235][ T9594]  ip_set_create+0x6f1/0x1500
[   91.715935][ T9594]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   91.720906][ T9594]  netlink_rcv_skb+0x177/0x450
[   91.725665][ T9594]  nfnetlink_rcv+0x1ba/0x460
[   91.730278][ T9594]  netlink_unicast+0x58c/0x7d0
[   91.735023][ T9594]  netlink_sendmsg+0x91c/0xea0
[   91.739800][ T9594]  sock_sendmsg+0xd7/0x130
[   91.744232][ T9594]  ____sys_sendmsg+0x753/0x880
[   91.749038][ T9594]  ___sys_sendmsg+0x100/0x170
[   91.753703][ T9594]  __sys_sendmsg+0x105/0x1d0
[   91.758273][ T9594]  __x64_sys_sendmsg+0x78/0xb0
[   91.763031][ T9594]  do_syscall_64+0xfa/0x790
[   91.767530][ T9594]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.773456][ T9594] 
[   91.775815][ T9594] Freed by task 9323:
[   91.779781][ T9594]  save_stack+0x23/0x90
[   91.783915][ T9594]  __kasan_slab_free+0x102/0x150
[   91.788851][ T9594]  kasan_slab_free+0xe/0x10
[   91.793364][ T9594]  kfree+0x10a/0x2c0
[   91.797301][ T9594]  single_release+0x95/0xc0
[   91.801890][ T9594]  __fput+0x2ff/0x890
[   91.805906][ T9594]  ____fput+0x16/0x20
[   91.809946][ T9594]  task_work_run+0x145/0x1c0
[   91.814643][ T9594]  exit_to_usermode_loop+0x316/0x380
[   91.820095][ T9594]  do_syscall_64+0x676/0x790
[   91.824678][ T9594]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.831254][ T9594] 
[   91.833590][ T9594] The buggy address belongs to the object at ffff88809c829840
[   91.833590][ T9594]  which belongs to the cache kmalloc-32 of size 32
[   91.847563][ T9594] The buggy address is located 0 bytes inside of
[   91.847563][ T9594]  32-byte region [ffff88809c829840, ffff88809c829860)
[   91.860556][ T9594] The buggy address belongs to the page:
[   91.866259][ T9594] page:ffffea0002720a40 refcount:1 mapcount:0 mapping:ffff8880aa4001c0 index:0xffff88809c829fc1
[   91.876796][ T9594] raw: 00fffe0000000200 ffffea00026a9c88 ffffea0002818188 ffff8880aa4001c0
[   91.885463][ T9594] raw: ffff88809c829fc1 ffff88809c829000 0000000100000033 0000000000000000
[   91.894066][ T9594] page dumped because: kasan: bad access detected
[   91.900458][ T9594] 
[   91.902763][ T9594] Memory state around the buggy address:
[   91.908428][ T9594]  ffff88809c829700: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   91.916478][ T9594]  ffff88809c829780: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   91.924630][ T9594] >ffff88809c829800: fb fb fb fb fc fc fc fc 04 fc fc fc fc fc fc fc
[   91.932716][ T9594]                                            ^
[   91.938850][ T9594]  ffff88809c829880: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   91.946897][ T9594]  ffff88809c829900: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[   91.954938][ T9594] ==================================================================
[   91.962975][ T9594] Disabling lock debugging due to kernel taint
[   91.969166][ T9594] Kernel panic - not syncing: panic_on_warn set ...
[   91.975746][ T9594] CPU: 1 PID: 9594 Comm: syz-executor306 Tainted: G    B             5.5.0-rc7-syzkaller #0
[   91.985799][ T9594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   91.995838][ T9594] Call Trace:
[   91.999110][ T9594]  dump_stack+0x197/0x210
[   92.003479][ T9594]  panic+0x2e3/0x75c
[   92.007361][ T9594]  ? add_taint.cold+0x16/0x16
[   92.012023][ T9594]  ? retint_kernel+0x2b/0x2b
[   92.016596][ T9594]  ? trace_hardirqs_on+0x5e/0x240
[   92.021604][ T9594]  ? bitmap_ip_del+0xdb/0x380
[   92.026272][ T9594]  end_report+0x47/0x4f
[   92.030414][ T9594]  ? bitmap_ip_del+0xdb/0x380
[   92.035082][ T9594]  __kasan_report.cold+0xe/0x41
[   92.039975][ T9594]  ? __sanitizer_cov_trace_cmp2+0x1/0x20
[   92.045637][ T9594]  ? bitmap_ip_del+0xdb/0x380
[   92.050295][ T9594]  kasan_report+0x12/0x20
[   92.054749][ T9594]  check_memory_region+0x134/0x1a0
[   92.059886][ T9594]  __kasan_check_write+0x14/0x20
[   92.064816][ T9594]  bitmap_ip_del+0xdb/0x380
[   92.069308][ T9594]  bitmap_ip_uadt+0x73e/0xa10
[   92.073966][ T9594]  ? bitmap_ip_create+0xc20/0xc20
[   92.078975][ T9594]  ? bitmap_ip_kadt+0x5a0/0x5a0
[   92.083809][ T9594]  ? __kasan_check_write+0x14/0x20
[   92.088908][ T9594]  ? lock_set_class+0x3b0/0x7a0
[   92.093743][ T9594]  call_ad+0x1a0/0x5a0
[   92.097795][ T9594]  ? start_msg+0x220/0x220
[   92.102192][ T9594]  ? nla_memcpy+0xb0/0xb0
[   92.106504][ T9594]  ? __nla_parse+0x43/0x60
[   92.110900][ T9594]  ip_set_ad.isra.0+0x572/0xb20
[   92.115729][ T9594]  ? ip_set_nfnl_get_byindex+0x460/0x460
[   92.121340][ T9594]  ? nla_memcpy+0xb0/0xb0
[   92.125659][ T9594]  ? lock_downgrade+0x920/0x920
[   92.130482][ T9594]  ip_set_udel+0x3a/0x50
[   92.134699][ T9594]  ? ip_set_ad.isra.0+0xb20/0xb20
[   92.139700][ T9594]  nfnetlink_rcv_msg+0xcf2/0xfb0
[   92.144618][ T9594]  ? nfnetlink_bind+0x2c0/0x2c0
[   92.149452][ T9594]  ? __kasan_check_read+0x11/0x20
[   92.154461][ T9594]  ? __lock_acquire+0x8a0/0x4a00
[   92.159379][ T9594]  ? save_stack+0x5c/0x90
[   92.163688][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.169904][ T9594]  ? apparmor_capable+0x497/0x900
[   92.174906][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.181118][ T9594]  ? __kasan_check_read+0x11/0x20
[   92.186128][ T9594]  ? apparmor_cred_prepare+0x7b0/0x7b0
[   92.191580][ T9594]  netlink_rcv_skb+0x177/0x450
[   92.196328][ T9594]  ? nfnetlink_bind+0x2c0/0x2c0
[   92.201157][ T9594]  ? netlink_ack+0xb50/0xb50
[   92.205736][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.211976][ T9594]  ? ns_capable_common+0x93/0x100
[   92.216991][ T9594]  ? ns_capable+0x20/0x30
[   92.221355][ T9594]  ? __netlink_ns_capable+0x104/0x140
[   92.226710][ T9594]  nfnetlink_rcv+0x1ba/0x460
[   92.231422][ T9594]  ? nfnetlink_rcv_batch+0x17a0/0x17a0
[   92.236868][ T9594]  ? netlink_deliver_tap+0x24a/0xbe0
[   92.242191][ T9594]  ? __kasan_check_write+0x14/0x20
[   92.247282][ T9594]  netlink_unicast+0x58c/0x7d0
[   92.252031][ T9594]  ? netlink_attachskb+0x870/0x870
[   92.257128][ T9594]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   92.262830][ T9594]  ? __check_object_size+0x3d/0x437
[   92.268020][ T9594]  netlink_sendmsg+0x91c/0xea0
[   92.272819][ T9594]  ? netlink_unicast+0x7d0/0x7d0
[   92.277736][ T9594]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   92.283268][ T9594]  ? apparmor_socket_sendmsg+0x2a/0x30
[   92.288729][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.294954][ T9594]  ? security_socket_sendmsg+0x8d/0xc0
[   92.300391][ T9594]  ? netlink_unicast+0x7d0/0x7d0
[   92.305322][ T9594]  sock_sendmsg+0xd7/0x130
[   92.309718][ T9594]  ____sys_sendmsg+0x753/0x880
[   92.314510][ T9594]  ? kernel_sendmsg+0x50/0x50
[   92.319165][ T9594]  ? lockdep_init_map+0x1be/0x6d0
[   92.324218][ T9594]  ___sys_sendmsg+0x100/0x170
[   92.328883][ T9594]  ? sendmsg_copy_msghdr+0x70/0x70
[   92.333984][ T9594]  ? __kasan_check_read+0x11/0x20
[   92.339000][ T9594]  ? __lock_acquire+0x8a0/0x4a00
[   92.343922][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.350151][ T9594]  ? __this_cpu_preempt_check+0x35/0x190
[   92.355776][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.362004][ T9594]  ? percpu_counter_add_batch+0x13c/0x190
[   92.367716][ T9594]  ? __fd_install+0x1bc/0x640
[   92.372380][ T9594]  ? find_held_lock+0x35/0x130
[   92.377132][ T9594]  ? __fd_install+0x1bc/0x640
[   92.381792][ T9594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.388026][ T9594]  ? __fget_light+0x1a9/0x230
[   92.392692][ T9594]  ? __fdget+0x1b/0x20
[   92.396741][ T9594]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   92.402976][ T9594]  __sys_sendmsg+0x105/0x1d0
[   92.407546][ T9594]  ? __sys_sendmsg_sock+0xc0/0xc0
[   92.412564][ T9594]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   92.420501][ T9594]  ? do_syscall_64+0x26/0x790
[   92.425166][ T9594]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   92.431306][ T9594]  ? do_syscall_64+0x26/0x790
[   92.435980][ T9594]  __x64_sys_sendmsg+0x78/0xb0
[   92.440730][ T9594]  do_syscall_64+0xfa/0x790
[   92.445227][ T9594]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   92.451101][ T9594] RIP: 0033:0x440689
[   92.454982][ T9594] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   92.474571][ T9594] RSP: 002b:00007ffc744ff5c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.483026][ T9594] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440689
[   92.491028][ T9594] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004
[   92.498988][ T9594] RBP: 00000000006ca018 R08: 000000000000001c R09: 00000000004002c8
[   92.507029][ T9594] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000401f10
[   92.514998][ T9594] R13: 0000000000401fa0 R14: 0000000000000000 R15: 0000000000000000
[   92.524755][ T9594] Kernel Offset: disabled
[   92.529212][ T9594] Rebooting in 86400 seconds..