pic_ioport_write: 44 callbacks suppressed
kvm: pic: level sensitive irq not supported
pic_ioport_write: 38 callbacks suppressed
kvm: pic: single mode not supported
==================================================================
BUG: KASAN: slab-out-of-bounds in put_unaligned_be32 include/linux/unaligned/access_ok.h:60 [inline]
BUG: KASAN: slab-out-of-bounds in sha1_base_finish include/crypto/sha1_base.h:102 [inline]
BUG: KASAN: slab-out-of-bounds in sha1_final+0x283/0x2e0 crypto/sha1_generic.c:58
kvm: pic: single mode not supported
Write of size 4 at addr ffff8801d81f24d8 by task syz-executor2/18104

CPU: 1 PID: 18104 Comm: syz-executor2 Not tainted 4.18.0-rc2+ #118
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
kvm: pic: level sensitive irq not supported
 print_address_description+0x6c/0x20b mm/kasan/report.c:256
kvm: pic: level sensitive irq not supported
 kasan_report_error mm/kasan/report.c:354 [inline]
 kasan_report.cold.7+0x242/0x2fe mm/kasan/report.c:412
 __asan_report_store4_noabort+0x17/0x20 mm/kasan/report.c:437
 put_unaligned_be32 include/linux/unaligned/access_ok.h:60 [inline]
 sha1_base_finish include/crypto/sha1_base.h:102 [inline]
 sha1_final+0x283/0x2e0 crypto/sha1_generic.c:58
kvm: pic: single mode not supported
 crypto_shash_final+0x104/0x260 crypto/shash.c:152
 kdf_ctr security/keys/dh.c:186 [inline]
 keyctl_dh_compute_kdf security/keys/dh.c:217 [inline]
 __keyctl_dh_compute+0x1198/0x1be0 security/keys/dh.c:389
kvm: pic: level sensitive irq not supported
kvm: pic: level sensitive irq not supported
 keyctl_dh_compute+0xc5/0x11f security/keys/dh.c:425
 __do_sys_keyctl security/keys/keyctl.c:1741 [inline]
 __se_sys_keyctl security/keys/keyctl.c:1637 [inline]
 __x64_sys_keyctl+0x12a/0x3b0 security/keys/keyctl.c:1637
kvm: pic: level sensitive irq not supported
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
kvm: pic: level sensitive irq not supported
kvm: pic: level sensitive irq not supported
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x455a99
Code: 1d ba fb ff c3 
kvm: pic: single mode not supported
66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 
kvm: pic: level sensitive irq not supported
c8 4c 8b 4c 24 08 0f 05 
kvm: pic: level sensitive irq not supported
<48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
RSP: 002b:00007f7095ff6c68 EFLAGS: 00000246
kvm: pic: single mode not supported
 ORIG_RAX: 00000000000000fa
RAX: ffffffffffffffda RBX: 00007f7095ff76d4 RCX: 0000000000455a99
RDX: 0000000020a53ffb RSI: 0000000020000200 RDI: 0000000000000017
RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004bfd68 R14: 00000000004cefb8 R15: 0000000000000000

Allocated by task 18104:
 save_stack+0x43/0xd0 mm/kasan/kasan.c:448
 set_track mm/kasan/kasan.c:460 [inline]
 kasan_kmalloc+0xc4/0xe0 mm/kasan/kasan.c:553
kvm: pic: single mode not supported
 __do_kmalloc mm/slab.c:3718 [inline]
 __kmalloc+0x14e/0x760 mm/slab.c:3727
 kmalloc include/linux/slab.h:518 [inline]
 keyctl_dh_compute_kdf security/keys/dh.c:211 [inline]
 __keyctl_dh_compute+0x1000/0x1be0 security/keys/dh.c:389
 keyctl_dh_compute+0xc5/0x11f security/keys/dh.c:425
 __do_sys_keyctl security/keys/keyctl.c:1741 [inline]
 __se_sys_keyctl security/keys/keyctl.c:1637 [inline]
 __x64_sys_keyctl+0x12a/0x3b0 security/keys/keyctl.c:1637
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
kvm: pic: single mode not supported
 entry_SYSCALL_64_after_hwframe+0x49/0xbe

Freed by task 15965:
 save_stack+0x43/0xd0 mm/kasan/kasan.c:448
 set_track mm/kasan/kasan.c:460 [inline]
 __kasan_slab_free+0x11a/0x170 mm/kasan/kasan.c:521
 kasan_slab_free+0xe/0x10 mm/kasan/kasan.c:528
 __cache_free mm/slab.c:3498 [inline]
 kfree+0xd9/0x260 mm/slab.c:3813
 kvfree+0x61/0x70 mm/util.c:442
 __vunmap+0x326/0x460 mm/vmalloc.c:1529
kvm: pic: single mode not supported
 vfree+0x68/0x100 mm/vmalloc.c:1593
 copy_entries_to_user net/ipv6/netfilter/ip6_tables.c:886 [inline]
 get_entries net/ipv6/netfilter/ip6_tables.c:1044 [inline]
 do_ip6t_get_ctl+0xa52/0xc30 net/ipv6/netfilter/ip6_tables.c:1712
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x80/0xe0 net/netfilter/nf_sockopt.c:122
 ipv6_getsockopt+0x1f0/0x320 net/ipv6/ipv6_sockglue.c:1370
 tcp_getsockopt+0x93/0xe0 net/ipv4/tcp.c:3534
 sock_common_getsockopt+0x9a/0xe0 net/core/sock.c:2999
kvm: pic: single mode not supported
 __sys_getsockopt+0x1ad/0x390 net/socket.c:1984
 __do_sys_getsockopt net/socket.c:1995 [inline]
 __se_sys_getsockopt net/socket.c:1992 [inline]
 __x64_sys_getsockopt+0xbe/0x150 net/socket.c:1992
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe

kvm: pic: single mode not supported
The buggy address belongs to the object at ffff8801d81f24c0
 which belongs to the cache kmalloc-32 of size 32
The buggy address is located 24 bytes inside of
 32-byte region [ffff8801d81f24c0, ffff8801d81f24e0)
The buggy address belongs to the page:
page:ffffea0007607c80 count:1 mapcount:0 mapping:ffff8801da8001c0 index:0xffff8801d81f2fc1
flags: 0x2fffc0000000100(slab)
raw: 02fffc0000000100 ffffea00074c9188 ffffea00075c0f88 ffff8801da8001c0
raw: ffff8801d81f2fc1 ffff8801d81f2000 0000000100000027 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff8801d81f2380: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
 ffff8801d81f2400: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
>ffff8801d81f2480: fb fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc
                                                    ^
 ffff8801d81f2500: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
 ffff8801d81f2580: 00 fc fc fc fc fc fc fc 00 fc fc fc fc fc fc fc
==================================================================