syzbot

device nr0
 entered promiscuous mode
device nr0
 entered promiscuous mode
device nr0
 entered promiscuous mode
device nr0
 entered promiscuous mode
device nr0
 entered promiscuous mode
WARNING: CPU: 1 PID: 7946 at net/core/flow_dissector.c:764 __skb_flow_dissect+0xdc5/0x5c90 net/core/flow_dissector.c:764
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 7946 Comm: syz-executor4 Not tainted 4.20.0-rc4+ #165
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
kobject: 'tx-1' (00000000a32f47fd): kobject_add_internal: parent: 'queues', set: 'queues'
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x244/0x39d lib/dump_stack.c:113
 panic+0x2ad/0x55c kernel/panic.c:188
kobject: 'tx-1' (00000000a32f47fd): kobject_uevent_env
 __warn.cold.8+0x20/0x45 kernel/panic.c:540
 report_bug+0x254/0x2d0 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:178 [inline]
 do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:271
 do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:290
kobject: 'tx-1' (00000000a32f47fd): fill_kobj_path: path = '/devices/virtual/net/nr0
/queues/tx-1'
kobject: 'rx-1' (000000004a838265): kobject_add_internal: parent: 'queues', set: 'queues'
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:969
RIP: 0010:__skb_flow_dissect+0xdc5/0x5c90 net/core/flow_dissector.c:764
Code: 48 01 d3 c7 03 f8 f8 f8 f8 48 c1 e8 03 66 44 89 73 04 48 01 d0 c7 00 f8 f8 f8 f8 66 44 89 78 04 e9 58 09 00 00 e8 9b 50 53 fb <0f> 0b e8 94 50 53 fb e8 bf 79 3c fb 31 ff 89 c3 89 c6 e8 94 51 53
RSP: 0018:ffff88819dfd6f80 EFLAGS: 00010293
RAX: ffff8881b5922380 RBX: 0000000000000001 RCX: ffffffff862c4e0d
RDX: 0000000000000000 RSI: ffffffff862c3a55 RDI: ffff8881c6af5018
RBP: ffff88819dfd7710 R08: ffff8881b5922380 R09: ffffed103b5e5b67
R10: ffffed103b5e5b67 R11: ffff8881daf2db3b R12: 0000000000000000
R13: ffff8881c6af5000 R14: ffff8881c6af5000 R15: 000000000000ffff
kobject: 'rx-1' (000000004a838265): kobject_uevent_env
kobject: 'rx-1' (000000004a838265): fill_kobj_path: path = '/devices/virtual/net/nr0
/queues/rx-1'
kobject: 'nr0
' (000000003d0a885c): kobject_add_internal: parent: 'net', set: 'devices'
kobject: 'nr0
' (000000003d0a885c): kobject_uevent_env
kobject: 'nr0
' (000000003d0a885c): fill_kobj_path: path = '/devices/virtual/net/nr0
'
kobject: 'queues' (00000000b98ae821): kobject_add_internal: parent: 'nr0
', set: '<NULL>'
kobject: 'queues' (00000000b98ae821): kobject_uevent_env
kobject: 'queues' (00000000b98ae821): kobject_uevent_env: filter function caused the event to drop!
 skb_flow_dissect_flow_keys_basic include/linux/skbuff.h:1248 [inline]
 skb_probe_transport_header include/linux/skbuff.h:2425 [inline]
 tun_get_user+0x2d0e/0x4240 drivers/net/tun.c:1914
kobject: 'rx-0' (0000000057597420): kobject_add_internal: parent: 'queues', set: 'queues'
kobject: 'rx-0' (0000000057597420): kobject_uevent_env
kobject: 'rx-0' (0000000057597420): fill_kobj_path: path = '/devices/virtual/net/nr0
/queues/rx-0'
 tun_chr_write_iter+0xb9/0x160 drivers/net/tun.c:2001
 call_write_iter include/linux/fs.h:1857 [inline]
 new_sync_write fs/read_write.c:474 [inline]
 __vfs_write+0x6b8/0x9f0 fs/read_write.c:487
kobject: 'tx-0' (0000000058936530): kobject_add_internal: parent: 'queues', set: 'queues'
 vfs_write+0x1fc/0x560 fs/read_write.c:549
 ksys_write+0x101/0x260 fs/read_write.c:598
kobject: 'tx-0' (0000000058936530): kobject_uevent_env
 __do_sys_write fs/read_write.c:610 [inline]
 __se_sys_write fs/read_write.c:607 [inline]
 __x64_sys_write+0x73/0xb0 fs/read_write.c:607
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
kobject: 'tx-0' (0000000058936530): fill_kobj_path: path = '/devices/virtual/net/nr0
/queues/tx-0'
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457569
Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb4a99edc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
kobject: 'nr0
' (0000000063425c86): kobject_cleanup, parent           (null)
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
RDX: 000000000000017b RSI: 0000000020000000 RDI: 0000000000000005
RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb4a99ee6d4
R13: 00000000004c5d2a R14: 00000000004da0f0 R15: 00000000ffffffff
Kernel Offset: disabled
Rebooting in 86400 seconds..