syzbot

NET: Registered protocol family 30
Failed to register TIPC socket type
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
list_add double add: new=ffffffff892e7630, prev=ffffffff890f3140, next=ffffffff892e7630.
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:29!
8021q: adding VLAN 0 to HW filter on device batadv0
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 8532 Comm: syz-executor.1 Not tainted 4.19.47 #19
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__list_add_valid.cold+0x26/0x3c lib/list_debug.c:29
Code: 56 ff ff ff 4c 89 e1 48 c7 c7 a0 ae 81 87 e8 d0 f3 30 fe 0f 0b 48 89 f2 4c 89 e1 4c 89 ee 48 c7 c7 e0 af 81 87 e8 b9 f3 30 fe <0f> 0b 48 89 f1 48 c7 c7 60 af 81 87 4c 89 e6 e8 a5 f3 30 fe 0f 0b
RSP: 0018:ffff888068ee7b88 EFLAGS: 00010282
kobject: 'bpq28' (00000000a105d7cb): kobject_add_internal: parent: 'net', set: 'devices'
RAX: 0000000000000058 RBX: ffffffff892e74a0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff81559f66 RDI: ffffed100d1dcf63
RBP: ffff888068ee7ba0 R08: 0000000000000058 R09: ffffed1015d24fe9
R10: ffffed1015d24fe8 R11: ffff8880ae927f47 R12: ffffffff892e7630
R13: ffffffff892e7630 R14: ffffffff892e7630 R15: ffffffff892e75d0
FS:  0000000000ada940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffff600400 CR3: 000000006cb5b000 CR4: 00000000001406e0
Call Trace:
 __list_add include/linux/list.h:60 [inline]
 list_add include/linux/list.h:79 [inline]
 proto_register+0x459/0x8e0 net/core/sock.c:3299
 tipc_socket_init+0x1c/0x70 net/tipc/socket.c:3157
 tipc_init_net+0x2ed/0x570 net/tipc/core.c:69
 ops_init+0xb3/0x410 net/core/net_namespace.c:129
 setup_net+0x2d3/0x740 net/core/net_namespace.c:315
kobject: 'bpq28' (00000000a105d7cb): kobject_uevent_env
 copy_net_ns+0x1df/0x340 net/core/net_namespace.c:438
kobject: 'bpq28' (00000000a105d7cb): fill_kobj_path: path = '/devices/virtual/net/bpq28'
 create_new_namespaces+0x400/0x7b0 kernel/nsproxy.c:107
 unshare_nsproxy_namespaces+0xc2/0x200 kernel/nsproxy.c:206
 ksys_unshare+0x440/0x980 kernel/fork.c:2525
 __do_sys_unshare kernel/fork.c:2593 [inline]
 __se_sys_unshare kernel/fork.c:2591 [inline]
 __x64_sys_unshare+0x31/0x40 kernel/fork.c:2591
 do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45bd47
Code: 00 00 00 b8 63 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 1d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffd0c217cb8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 000000000075c9a8 RCX: 000000000045bd47
RDX: 0000000000000000 RSI: 00007ffd0c217c60 RDI: 0000000040000000
RBP: 00000000000000f8 R08: 0000000000000000 R09: 0000000000000005
R10: 0000000000000000 R11: 0000000000000202 R12: 000000000075c9a8
R13: 00007ffd0c217f28 R14: 0000000000000000 R15: 0000000000000000
kobject: 'queues' (00000000ba46e007): kobject_add_internal: parent: 'bpq28', set: '<NULL>'
Modules linked in:
kobject: 'queues' (00000000ba46e007): kobject_uevent_env
kobject: 'queues' (00000000ba46e007): kobject_uevent_env: filter function caused the event to drop!
kobject: 'rx-0' (000000008d374650): kobject_add_internal: parent: 'queues', set: 'queues'
kobject: 'rx-0' (000000008d374650): kobject_uevent_env
kobject: 'rx-0' (000000008d374650): fill_kobj_path: path = '/devices/virtual/net/bpq28/queues/rx-0'
kobject: 'tx-0' (00000000a039a49d): kobject_add_internal: parent: 'queues', set: 'queues'
kobject: 'tx-0' (00000000a039a49d): kobject_uevent_env
kobject: 'tx-0' (00000000a039a49d): fill_kobj_path: path = '/devices/virtual/net/bpq28/queues/tx-0'
kobject: 'lapb28' (000000009aa91642): kobject_add_internal: parent: 'net', set: 'devices'
kobject: 'lapb28' (000000009aa91642): kobject_uevent_env
kobject: 'lapb28' (000000009aa91642): fill_kobj_path: path = '/devices/virtual/net/lapb28'
---[ end trace 68fa31c46d55b0f8 ]---
RIP: 0010:__list_add_valid.cold+0x26/0x3c lib/list_debug.c:29
Code: 56 ff ff ff 4c 89 e1 48 c7 c7 a0 ae 81 87 e8 d0 f3 30 fe 0f 0b 48 89 f2 4c 89 e1 4c 89 ee 48 c7 c7 e0 af 81 87 e8 b9 f3 30 fe <0f> 0b 48 89 f1 48 c7 c7 60 af 81 87 4c 89 e6 e8 a5 f3 30 fe 0f 0b
kobject: 'queues' (00000000e8703bd8): kobject_add_internal: parent: 'lapb28', set: '<NULL>'
RSP: 0018:ffff888068ee7b88 EFLAGS: 00010282
RAX: 0000000000000058 RBX: ffffffff892e74a0 RCX: 0000000000000000
kobject: 'queues' (00000000e8703bd8): kobject_uevent_env
kobject: 'queues' (00000000e8703bd8): kobject_uevent_env: filter function caused the event to drop!
RDX: 0000000000000000 RSI: ffffffff81559f66 RDI: ffffed100d1dcf63
RBP: ffff888068ee7ba0 R08: 0000000000000058 R09: ffffed1015d24fe9
kobject: 'rx-0' (00000000a441c9cf): kobject_add_internal: parent: 'queues', set: 'queues'
R10: ffffed1015d24fe8 R11: ffff8880ae927f47 R12: ffffffff892e7630
R13: ffffffff892e7630 R14: ffffffff892e7630 R15: ffffffff892e75d0
kobject: 'rx-0' (00000000a441c9cf): kobject_uevent_env
FS:  0000000000ada940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
kobject: 'rx-0' (00000000a441c9cf): fill_kobj_path: path = '/devices/virtual/net/lapb28/queues/rx-0'
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000171d008 CR3: 000000006cb5b000 CR4: 00000000001406e0
kobject: 'tx-0' (000000000a507241): kobject_add_internal: parent: 'queues', set: 'queues'