Warning: Permanently added '10.128.0.142' (ECDSA) to the list of known hosts. syzkaller login: [ 92.671580][ T9626] IPVS: ftp: loaded support on port[0] = 21 [ 92.675978][ T9628] IPVS: ftp: loaded support on port[0] = 21 [ 92.681874][ T9622] IPVS: ftp: loaded support on port[0] = 21 [ 92.691847][ T9629] IPVS: ftp: loaded support on port[0] = 21 [ 92.694472][ T9627] IPVS: ftp: loaded support on port[0] = 21 [ 92.705339][ T9630] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program [ 92.826285][ T9632] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 92.851661][ T9638] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 92.862954][ T9640] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. executing program executing program [ 92.863335][ T9639] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 92.874521][ T9641] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 92.898011][ T9646] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. executing program executing program executing program executing program [ 92.923727][ T9649] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 92.932918][ T9641] list_del corruption, ffff8880a73c2c00->prev is LIST_POISON2 (dead000000000122) [ 92.950587][ T9641] ------------[ cut here ]------------ [ 92.956160][ T9641] kernel BUG at lib/list_debug.c:48! [ 92.968297][ T9641] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 92.974412][ T9641] CPU: 0 PID: 9641 Comm: syz-executor287 Not tainted 5.5.0-rc6-syzkaller #0 [ 92.983085][ T9641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.993185][ T9641] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 92.999671][ T9641] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 e0 6a 71 88 e8 b0 e0 be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 40 6b 71 88 e8 9c e0 be fd <0f> 0b 4c 89 f6 48 c7 c7 00 6c 71 88 e8 8b e0 be fd 0f 0b cc cc cc [ 93.019695][ T9641] RSP: 0018:ffffc900064d7478 EFLAGS: 00010282 executing program [ 93.025741][ T9641] RAX: 000000000000004e RBX: ffff8880a73c2c00 RCX: 0000000000000000 [ 93.033696][ T9641] RDX: 0000000000000000 RSI: ffffffff815e5dd6 RDI: fffff52000c9ae81 [ 93.041751][ T9641] RBP: ffffc900064d7490 R08: 000000000000004e R09: ffffed1015d06621 [ 93.047363][ T9671] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 93.049724][ T9641] R10: ffffed1015d06620 R11: ffff8880ae833107 R12: dead000000000122 [ 93.049733][ T9641] R13: ffff8880a01df370 R14: ffff8880a73c2c00 R15: ffff88809d86cc00 [ 93.049745][ T9641] FS: 00007f29db716700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 93.049754][ T9641] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.049761][ T9641] CR2: 0000000020000280 CR3: 000000009ad9c000 CR4: 00000000001406f0 [ 93.049775][ T9641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 93.073013][ T9657] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 93.075310][ T9641] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 93.075316][ T9641] Call Trace: [ 93.075339][ T9641] __nf_tables_abort+0x1e53/0x2a50 [ 93.075352][ T9641] ? nfnl_err_del+0x115/0x170 [ 93.075372][ T9641] nf_tables_abort+0x17/0x30 [ 93.084453][ T9666] netlink: 20 bytes leftover after parsing attributes in process `syz-executor287'. [ 93.090860][ T9641] nfnetlink_rcv_batch+0xa5d/0x17a0 [ 93.090881][ T9641] ? nf_tables_delobj+0x8f0/0x8f0 [ 93.103900][ T9657] ------------[ cut here ]------------ [ 93.106801][ T9641] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 93.116341][ T9657] WARNING: CPU: 1 PID: 9657 at net/netfilter/nf_tables_api.c:603 lockdep_nfnl_nft_mutex_not_held+0x30/0x40 [ 93.124287][ T9641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.127539][ T9657] Kernel panic - not syncing: panic_on_warn set ... [ 93.132630][ T9641] ? apparmor_capable+0x497/0x900 [ 93.201683][ T9641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.208024][ T9641] ? __nla_validate_parse+0x2d0/0x1ee0 [ 93.213498][ T9641] ? cap_capable+0x205/0x270 [ 93.218086][ T9641] ? nla_memcpy+0xb0/0xb0 [ 93.222405][ T9641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.228637][ T9641] ? ns_capable_common+0x93/0x100 [ 93.233660][ T9641] ? __nla_parse+0x43/0x60 [ 93.238064][ T9641] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 93.243770][ T9641] nfnetlink_rcv+0x3e7/0x460 [ 93.248348][ T9641] ? nfnetlink_rcv_batch+0x17a0/0x17a0 [ 93.253797][ T9641] ? netlink_deliver_tap+0x24a/0xbf0 [ 93.259067][ T9641] ? __kasan_check_write+0x14/0x20 [ 93.264382][ T9641] netlink_unicast+0x59e/0x7e0 [ 93.269150][ T9641] ? netlink_attachskb+0x870/0x870 [ 93.274263][ T9641] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 93.279969][ T9641] ? __check_object_size+0x3d/0x437 [ 93.285167][ T9641] netlink_sendmsg+0x91c/0xea0 [ 93.289931][ T9641] ? netlink_unicast+0x7e0/0x7e0 [ 93.294865][ T9641] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 93.304932][ T9641] ? apparmor_socket_sendmsg+0x2a/0x30 [ 93.310387][ T9641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 93.316616][ T9641] ? security_socket_sendmsg+0x8d/0xc0 [ 93.322060][ T9641] ? netlink_unicast+0x7e0/0x7e0 [ 93.327339][ T9641] sock_sendmsg+0xd7/0x130 [ 93.331744][ T9641] ____sys_sendmsg+0x753/0x880 [ 93.336497][ T9641] ? kernel_sendmsg+0x50/0x50 [ 93.341159][ T9641] ? __fget+0x35d/0x550 [ 93.345299][ T9641] ? find_held_lock+0x35/0x130 [ 93.350059][ T9641] ___sys_sendmsg+0x100/0x170 [ 93.354756][ T9641] ? sendmsg_copy_msghdr+0x70/0x70 [ 93.359852][ T9641] ? __kasan_check_read+0x11/0x20 [ 93.364860][ T9641] ? __fget+0x37f/0x550 [ 93.369003][ T9641] ? ksys_dup3+0x3e0/0x3e0 [ 93.373430][ T9641] ? __do_page_fault+0x56a/0xd80 [ 93.378354][ T9641] ? __fget_light+0x1a9/0x230 [ 93.383020][ T9641] ? __fdget+0x1b/0x20 [ 93.387080][ T9641] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.393306][ T9641] __sys_sendmsg+0x105/0x1d0 [ 93.397886][ T9641] ? __sys_sendmsg_sock+0xc0/0xc0 [ 93.402923][ T9641] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 93.408474][ T9641] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 93.413925][ T9641] ? do_syscall_64+0x26/0x790 [ 93.418850][ T9641] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 93.424914][ T9641] ? do_syscall_64+0x26/0x790 [ 93.429581][ T9641] __x64_sys_sendmsg+0x78/0xb0 [ 93.434332][ T9641] do_syscall_64+0xfa/0x790 [ 93.438822][ T9641] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 93.444695][ T9641] RIP: 0033:0x446d49 [ 93.448577][ T9641] Code: e8 8c e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 93.470271][ T9641] RSP: 002b:00007f29db715d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.479211][ T9641] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 0000000000446d49 [ 93.487185][ T9641] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 93.495148][ T9641] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 93.503113][ T9641] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c [ 93.511066][ T9641] R13: 00000000200002c0 R14: 00000000004aed40 R15: 0000000000000000 [ 93.519038][ T9641] Modules linked in: [ 93.524369][ T9657] Kernel Offset: disabled [ 93.528699][ T9657] Rebooting in 86400 seconds..