last executing test programs:
1.571696694s ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop-control', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control', 0x800, 0x0)
1.527411341s ago: executing program 4:
fspick(0xffffffffffffffff, &(0x7f0000000000), 0x0)
1.496157015s ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1', 0x800, 0x0)
1.187913234s ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full', 0x800, 0x0)
1.15014502s ago: executing program 4:
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
1.119179284s ago: executing program 4:
sync()
1.08728558s ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/urandom', 0x800, 0x0)
1.063057533s ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ndctl0', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ndctl0', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ndctl0', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ndctl0', 0x800, 0x0)
1.042007287s ago: executing program 3:
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
1.041271787s ago: executing program 1:
select(0x0, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000))
1.040811977s ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio', 0x800, 0x0)
1.028188879s ago: executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp', 0x800, 0x0)
1.017165791s ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ocfs2_control', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ocfs2_control', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ocfs2_control', 0x800, 0x0)
1.014015482s ago: executing program 3:
futimesat(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000000))
993.408534ms ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot', 0x800, 0x0)
985.362426ms ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cdrom', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cdrom', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cdrom', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cdrom', 0x800, 0x0)
975.779227ms ago: executing program 1:
dup(0xffffffffffffffff)
975.216577ms ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bifrost', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bifrost', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bifrost', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bifrost', 0x800, 0x0)
968.504308ms ago: executing program 1:
preadv2(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
956.433551ms ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/exec', 0x2, 0x0)
942.095173ms ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nmem0', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nmem0', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nmem0', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nmem0', 0x800, 0x0)
927.673895ms ago: executing program 0:
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
925.878745ms ago: executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem', 0x800, 0x0)
912.438357ms ago: executing program 3:
mount_setattr(0xffffffffffffffff, &(0x7f0000000000), 0x0, &(0x7f0000000000), 0x0)
893.49314ms ago: executing program 1:
move_mount(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffffff, &(0x7f0000000000), 0x0)
893.02711ms ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vtpmx', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vtpmx', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vtpmx', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vtpmx', 0x800, 0x0)
876.255153ms ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/acpi_thermal_rel', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/acpi_thermal_rel', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/acpi_thermal_rel', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/acpi_thermal_rel', 0x800, 0x0)
874.776014ms ago: executing program 3:
stat(&(0x7f0000000000), &(0x7f0000000000))
812.068583ms ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/user', 0x2, 0x0)
0s ago: executing program 2:
mmap(&(0x7efffffff000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000000)=nil, 0x1000000, 0x7, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0001000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.1.102' (ED25519) to the list of known hosts.
2024/06/17 09:32:31 fuzzer started
2024/06/17 09:32:31 dialing manager at 10.128.0.163:30033
[ 53.520402][ T5079] cgroup: Unknown subsys name 'net'
[ 53.845431][ T5079] cgroup: Unknown subsys name 'rlimit'
[ 54.899350][ T5095] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/06/17 09:32:39 starting 5 executor processes
[ 63.923049][ T2839] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 63.945405][ T2839] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 63.976813][ T2807]
[ 63.979283][ T2807] =============================
[ 63.984448][ T2807] WARNING: suspicious RCU usage
[ 63.989304][ T2807] 6.10.0-rc4-syzkaller #0 Not tainted
[ 63.994924][ T2807] -----------------------------
[ 63.999781][ T2807] net/netfilter/ipset/ip_set_core.c:1200 suspicious rcu_dereference_protected() usage!
[ 64.009481][ T2807]
[ 64.009481][ T2807] other info that might help us debug this:
[ 64.009481][ T2807]
[ 64.019783][ T2807]
2024/06/17 09:32:42 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[ 64.019783][ T2807] rcu_scheduler_active = 2, debug_locks = 1
[ 64.027912][ T2807] 3 locks held by kworker/u8:8/2807:
[ 64.033278][ T2807] #0: ffff888015ed3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 64.044443][ T2807] #1: ffffc90009cbfd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 64.055080][ T2807] #2: ffffffff8f5c95d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[ 64.064609][ T2807]
[ 64.064609][ T2807] stack backtrace:
[ 64.070512][ T2807] CPU: 1 PID: 2807 Comm: kworker/u8:8 Not tainted 6.10.0-rc4-syzkaller #0
[ 64.079022][ T2807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 64.083652][ T2839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 64.089066][ T2807] Workqueue: netns cleanup_net
[ 64.101663][ T2807] Call Trace:
[ 64.104955][ T2807]
[ 64.107898][ T2807] dump_stack_lvl+0x241/0x360
[ 64.112600][ T2807] ? __pfx_dump_stack_lvl+0x10/0x10
[ 64.117826][ T2807] ? __pfx__printk+0x10/0x10
[ 64.117958][ T2839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 64.122422][ T2807] lockdep_rcu_suspicious+0x221/0x340
[ 64.135053][ T2807] _destroy_all_sets+0x232/0x5f0
[ 64.140012][ T2807] ip_set_net_exit+0x20/0x50
[ 64.144619][ T2807] cleanup_net+0x802/0xcc0
[ 64.149065][ T2807] ? __pfx_cleanup_net+0x10/0x10
[ 64.154035][ T2807] ? process_scheduled_works+0x945/0x1830
[ 64.159777][ T2807] process_scheduled_works+0xa2c/0x1830
[ 64.165367][ T2807] ? __pfx_process_scheduled_works+0x10/0x10
[ 64.171371][ T2807] ? assign_work+0x364/0x3d0
[ 64.175979][ T2807] worker_thread+0x86d/0xd70
[ 64.180598][ T2807] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 64.186515][ T2807] ? __kthread_parkme+0x169/0x1d0
[ 64.191554][ T2807] ? __pfx_worker_thread+0x10/0x10
[ 64.196692][ T2807] kthread+0x2f0/0x390
[ 64.200776][ T2807] ? __pfx_worker_thread+0x10/0x10
[ 64.205895][ T2807] ? __pfx_kthread+0x10/0x10
[ 64.210496][ T2807] ret_from_fork+0x4b/0x80
[ 64.214928][ T2807] ? __pfx_kthread+0x10/0x10
[ 64.219534][ T2807] ret_from_fork_asm+0x1a/0x30
[ 64.224338][ T2807]
[ 64.232234][ T2807]
[ 64.234647][ T2807] =============================
[ 64.239499][ T2807] WARNING: suspicious RCU usage
[ 64.244379][ T2807] 6.10.0-rc4-syzkaller #0 Not tainted
[ 64.249752][ T2807] -----------------------------
[ 64.255104][ T2807] net/netfilter/ipset/ip_set_core.c:1211 suspicious rcu_dereference_protected() usage!
[ 64.265102][ T2807]
[ 64.265102][ T2807] other info that might help us debug this:
[ 64.265102][ T2807]
[ 64.275600][ T2807]
[ 64.275600][ T2807] rcu_scheduler_active = 2, debug_locks = 1
[ 64.284549][ T2807] 3 locks held by kworker/u8:8/2807:
[ 64.289856][ T2807] #0: ffff888015ed3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 64.301568][ T2807] #1: ffffc90009cbfd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 64.312569][ T2807] #2: ffffffff8f5c95d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[ 64.322019][ T2807]
[ 64.322019][ T2807] stack backtrace:
[ 64.328197][ T2807] CPU: 0 PID: 2807 Comm: kworker/u8:8 Not tainted 6.10.0-rc4-syzkaller #0
[ 64.336711][ T2807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 64.346773][ T2807] Workqueue: netns cleanup_net
[ 64.351566][ T2807] Call Trace:
[ 64.354851][ T2807]
[ 64.357794][ T2807] dump_stack_lvl+0x241/0x360
[ 64.362489][ T2807] ? __pfx_dump_stack_lvl+0x10/0x10
[ 64.367703][ T2807] ? __pfx__printk+0x10/0x10
[ 64.372322][ T2807] lockdep_rcu_suspicious+0x221/0x340
[ 64.377710][ T2807] _destroy_all_sets+0x53f/0x5f0
[ 64.382664][ T2807] ip_set_net_exit+0x20/0x50
[ 64.387265][ T2807] cleanup_net+0x802/0xcc0
[ 64.391705][ T2807] ? __pfx_cleanup_net+0x10/0x10
[ 64.396667][ T2807] ? process_scheduled_works+0x945/0x1830
[ 64.402393][ T2807] process_scheduled_works+0xa2c/0x1830
[ 64.407971][ T2807] ? __pfx_process_scheduled_works+0x10/0x10
[ 64.413967][ T2807] ? assign_work+0x364/0x3d0
[ 64.418567][ T2807] worker_thread+0x86d/0xd70
[ 64.423172][ T2807] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 64.429080][ T2807] ? __kthread_parkme+0x169/0x1d0
[ 64.434112][ T2807] ? __pfx_worker_thread+0x10/0x10
[ 64.439214][ T2807] kthread+0x2f0/0x390
[ 64.443271][ T2807] ? __pfx_worker_thread+0x10/0x10
[ 64.448369][ T2807] ? __pfx_kthread+0x10/0x10
[ 64.452947][ T2807] ret_from_fork+0x4b/0x80
[ 64.457350][ T2807] ? __pfx_kthread+0x10/0x10
[ 64.461927][ T2807] ret_from_fork_asm+0x1a/0x30
[ 64.466693][ T2807]