[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 81.346761][ T27] audit: type=1800 audit(1578399522.094:25): pid=9521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 81.376918][ T27] audit: type=1800 audit(1578399522.104:26): pid=9521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 81.418050][ T27] audit: type=1800 audit(1578399522.114:27): pid=9521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.37' (ECDSA) to the list of known hosts. 2020/01/07 12:18:55 fuzzer started 2020/01/07 12:18:57 dialing manager at 10.128.0.26:40807 2020/01/07 12:18:57 syscalls: 2842 2020/01/07 12:18:57 code coverage: enabled 2020/01/07 12:18:57 comparison tracing: enabled 2020/01/07 12:18:57 extra coverage: enabled 2020/01/07 12:18:57 setuid sandbox: enabled 2020/01/07 12:18:57 namespace sandbox: enabled 2020/01/07 12:18:57 Android sandbox: /sys/fs/selinux/policy does not exist 2020/01/07 12:18:57 fault injection: enabled 2020/01/07 12:18:57 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/01/07 12:18:57 net packet injection: enabled 2020/01/07 12:18:57 net device setup: enabled 2020/01/07 12:18:57 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/01/07 12:18:57 devlink PCI setup: PCI device 0000:00:10.0 is not available 12:21:35 executing program 0: bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffffa0018000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000]}, 0x2c) 12:21:35 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) syzkaller login: [ 255.189431][ T9691] IPVS: ftp: loaded support on port[0] = 21 12:21:36 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f00000000c0)={@remote}, 0x14) [ 255.402193][ T9691] chnl_net:caif_netlink_parms(): no params data found [ 255.533326][ T9691] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.557106][ T9691] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.576952][ T9691] device bridge_slave_0 entered promiscuous mode [ 255.591351][ T9691] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.609104][ T9691] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.610508][ T9695] IPVS: ftp: loaded support on port[0] = 21 [ 255.637800][ T9691] device bridge_slave_1 entered promiscuous mode [ 255.691761][ T9691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 255.731783][ T9691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 12:21:36 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000400)='/dev/net/tun\x00', 0x0, 0x0) [ 255.754615][ T9696] IPVS: ftp: loaded support on port[0] = 21 [ 255.836606][ T9691] team0: Port device team_slave_0 added [ 255.876588][ T9691] team0: Port device team_slave_1 added 12:21:36 executing program 4: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff) lremovexattr(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)=@known='security.apparmor\x00') [ 256.010555][ T9691] device hsr_slave_0 entered promiscuous mode [ 256.088362][ T9691] device hsr_slave_1 entered promiscuous mode [ 256.191342][ T9698] IPVS: ftp: loaded support on port[0] = 21 [ 256.316720][ T9695] chnl_net:caif_netlink_parms(): no params data found [ 256.361877][ T9701] IPVS: ftp: loaded support on port[0] = 21 12:21:37 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$rxrpc(0x21, 0x2, 0x2) fcntl$lock(r2, 0x7, &(0x7f0000000300)={0x1, 0x0, 0x0, 0x2}) [ 256.517659][ T9695] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.524765][ T9695] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.536350][ T9695] device bridge_slave_0 entered promiscuous mode [ 256.552610][ T9696] chnl_net:caif_netlink_parms(): no params data found [ 256.598845][ T9695] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.605972][ T9695] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.618131][ T9695] device bridge_slave_1 entered promiscuous mode [ 256.695088][ T9695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 256.715349][ T9704] IPVS: ftp: loaded support on port[0] = 21 [ 256.746789][ T9695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 256.787911][ T9691] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 256.856430][ T9691] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 256.920115][ T9696] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.927621][ T9696] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.935438][ T9696] device bridge_slave_0 entered promiscuous mode [ 256.952369][ T9698] chnl_net:caif_netlink_parms(): no params data found [ 256.968091][ T9691] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 257.029393][ T9696] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.036496][ T9696] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.044986][ T9696] device bridge_slave_1 entered promiscuous mode [ 257.073097][ T9695] team0: Port device team_slave_0 added [ 257.081884][ T9696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.092105][ T9691] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 257.185824][ T9696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.199363][ T9695] team0: Port device team_slave_1 added [ 257.224571][ T9696] team0: Port device team_slave_0 added [ 257.262330][ T9696] team0: Port device team_slave_1 added [ 257.360326][ T9695] device hsr_slave_0 entered promiscuous mode [ 257.397401][ T9695] device hsr_slave_1 entered promiscuous mode [ 257.457448][ T9695] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 257.465360][ T9695] Cannot create hsr debugfs directory [ 257.489229][ T9698] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.496386][ T9698] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.505273][ T9698] device bridge_slave_0 entered promiscuous mode [ 257.521943][ T9701] chnl_net:caif_netlink_parms(): no params data found [ 257.562449][ T9698] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.569749][ T9698] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.579545][ T9698] device bridge_slave_1 entered promiscuous mode [ 257.629692][ T9698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.646760][ T9698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.708983][ T9696] device hsr_slave_0 entered promiscuous mode [ 257.758031][ T9696] device hsr_slave_1 entered promiscuous mode [ 257.817103][ T9696] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 257.824706][ T9696] Cannot create hsr debugfs directory [ 257.849137][ T9701] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.856214][ T9701] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.864302][ T9701] device bridge_slave_0 entered promiscuous mode [ 257.873807][ T9701] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.881120][ T9701] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.889612][ T9701] device bridge_slave_1 entered promiscuous mode [ 257.915109][ T9701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.953782][ T9701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.965171][ T9698] team0: Port device team_slave_0 added [ 257.978530][ T9698] team0: Port device team_slave_1 added [ 258.140401][ T9698] device hsr_slave_0 entered promiscuous mode [ 258.177389][ T9698] device hsr_slave_1 entered promiscuous mode [ 258.236972][ T9698] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 258.244700][ T9698] Cannot create hsr debugfs directory [ 258.262941][ T9701] team0: Port device team_slave_0 added [ 258.269147][ T9704] chnl_net:caif_netlink_parms(): no params data found [ 258.279822][ T9695] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 258.358391][ T9701] team0: Port device team_slave_1 added [ 258.365841][ T9695] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 258.468689][ T9695] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 258.600608][ T9701] device hsr_slave_0 entered promiscuous mode [ 258.637540][ T9701] device hsr_slave_1 entered promiscuous mode [ 258.677477][ T9701] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 258.685097][ T9701] Cannot create hsr debugfs directory [ 258.691486][ T9695] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 258.793578][ T9704] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.801886][ T9704] bridge0: port 1(bridge_slave_0) entered disabled state [ 258.811184][ T9704] device bridge_slave_0 entered promiscuous mode [ 258.855707][ T9696] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 258.909277][ T9704] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.916388][ T9704] bridge0: port 2(bridge_slave_1) entered disabled state [ 258.924566][ T9704] device bridge_slave_1 entered promiscuous mode [ 258.948494][ T9696] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 258.999837][ T9696] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 259.072727][ T9691] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.091384][ T9696] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 259.163676][ T9704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 259.181410][ T9704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 259.211630][ T9698] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 259.271585][ T9698] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 259.356610][ T9704] team0: Port device team_slave_0 added [ 259.368998][ T9698] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 259.416532][ T9704] team0: Port device team_slave_1 added [ 259.435812][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 259.450785][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 259.463328][ T9691] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.472724][ T9698] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 259.620503][ T9704] device hsr_slave_0 entered promiscuous mode [ 259.657452][ T9704] device hsr_slave_1 entered promiscuous mode [ 259.717035][ T9704] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.724722][ T9704] Cannot create hsr debugfs directory [ 259.749664][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 259.758416][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 259.766846][ T2803] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.774164][ T2803] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.782581][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 259.791425][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 259.801453][ T2803] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.808541][ T2803] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.816452][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 259.874226][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 259.883805][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 259.893065][ T9701] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 259.951105][ T9701] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 260.022247][ T9701] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 260.069926][ T9701] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 260.167907][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 260.179725][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 260.209949][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 260.218195][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 260.226720][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 260.261374][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 260.275096][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 260.327859][ T9691] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 260.340660][ T9691] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 260.365246][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 260.376187][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 260.399611][ T9695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.433320][ T9696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.442136][ T9704] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 260.471701][ T9704] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 260.568008][ T9698] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.586074][ T9695] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.599489][ T9704] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 260.660922][ T9696] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.673947][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 260.682443][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.691075][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 260.699297][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 260.706712][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 260.715389][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.731611][ T9691] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 260.740867][ T9704] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 260.815026][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 260.827921][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 260.836382][ T2741] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.843499][ T2741] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.852672][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 260.861727][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 260.870633][ T2741] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.877771][ T2741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.885550][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 260.894910][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 260.903393][ T2741] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.910506][ T2741] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.918540][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 260.926254][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.934289][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 260.943314][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 260.952462][ T2741] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.959645][ T2741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.990673][ T9701] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.999457][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 261.008097][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 261.022107][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 261.038702][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 261.061928][ T9701] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.072420][ T9698] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.093402][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 261.101238][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 261.109835][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 261.121836][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 261.131148][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 261.141077][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.150290][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 261.171597][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 261.180678][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 261.190008][ T2802] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.197139][ T2802] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.205049][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 261.215004][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 261.223583][ T2802] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.230687][ T2802] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.238717][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 261.247513][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 261.255838][ T2802] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.262969][ T2802] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.271079][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 261.279839][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 261.288481][ T2802] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.295526][ T2802] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.303350][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 261.312148][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.322446][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 261.330658][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 261.338752][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 261.356947][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 261.365718][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.374414][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 261.383240][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 261.422837][ T9696] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 261.436572][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 261.463952][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 261.472633][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.486139][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 261.497232][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 261.505558][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 261.514538][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 261.523462][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 261.532688][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.543254][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 261.551899][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 261.560583][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 261.569666][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 261.583741][ T9695] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 261.603209][ T9695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 261.633378][ T9691] device veth0_vlan entered promiscuous mode [ 261.645137][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 261.653369][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 261.661975][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 261.673051][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 261.682536][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 261.691348][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 261.739666][ T9691] device veth1_vlan entered promiscuous mode [ 261.746754][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 261.755586][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 261.763567][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 261.772169][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 261.781608][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 261.790323][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.798975][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 261.809437][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.818057][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 261.826668][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 261.835417][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 261.844541][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 261.852921][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 261.860466][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 261.871928][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 261.902978][ T9696] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.917826][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 261.918668][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.945135][ T9698] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 261.956172][ T9698] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 261.987261][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 261.996175][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 262.012976][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 262.023038][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 262.034866][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 262.043733][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 262.051869][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 262.081083][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 262.088784][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 262.108821][ T9704] 8021q: adding VLAN 0 to HW filter on device bond0 [ 262.140249][ T9701] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.175052][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 262.184380][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 12:21:43 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002200)={&(0x7f00000017c0)={0x848, 0x0, 0x0, 0x0, 0x0, {}, [{{0x8}, {0x1f0, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{}]}}}]}}, {{0x8}, {0x1bc, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{}, {}, {}, {}, {}, {}]}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x2c, 0x4, [{}, {}, {}, {}, {}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8}}}]}}, {{0x8}, {0xdc, 0x2, [{0x34, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x4}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x34, 0x4, [{}, {}, {}, {}, {}, {}]}}}]}}, {{0x8}, {0x3c, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8}}}]}}, {{0x8}, {0x1b0, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{}]}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0xc8, 0x2, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0xc0, 0x2, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x848}}, 0x0) [ 262.231586][ T9704] 8021q: adding VLAN 0 to HW filter on device team0 [ 262.242256][ T9695] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.270210][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 262.278587][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 262.292819][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 262.308037][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 262.332315][ T9698] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.380619][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 262.393873][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 262.402905][ T2745] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.410070][ T2745] bridge0: port 1(bridge_slave_0) entered forwarding state [ 262.421128][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 262.430382][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 262.439762][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 262.448956][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 262.458586][ T2745] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.465730][ T2745] bridge0: port 2(bridge_slave_1) entered forwarding state 12:21:43 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="20000000010a01002cbd7000fbdbdf25c8c400020900020001007a3100000000"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) [ 262.484762][ T9696] device veth0_vlan entered promiscuous mode [ 262.508473][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 262.518013][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 262.539463][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 262.561749][ T2734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 262.567290][ T9729] netlink: 'syz-executor.0': attribute type 2 has an invalid length. 12:21:43 executing program 0: r0 = socket$nl_netfilter(0xa, 0x3, 0x3a) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000600)={&(0x7f0000000680)={0xa, 0x0, 0x8e00}, 0xa8bb58c230971cd4, &(0x7f00000005c0)={&(0x7f0000000000)={0x58, 0x9, 0x6, 0x0, 0x0, 0xf4010000, {}, [@IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0x0, 0x11, @local}}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x0, 0xb, 0x1, 0x0, 0x1000000}}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE}, {0xfe2f, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0x0, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0xfffffffffffffec6}}}]}, @IPSET_ATTR_SETNAME={0x0, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_DATA, @IPSET_ATTR_LINENO, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2}]}, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK}]}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_LINENO]}, 0xffd8}}, 0x0) [ 262.600659][ T9696] device veth1_vlan entered promiscuous mode [ 262.611464][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 262.627855][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 262.635739][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 262.644883][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 262.668943][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 262.678687][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready 12:21:43 executing program 0: r0 = socket$nl_netfilter(0xa, 0x3, 0x3a) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000600)={&(0x7f0000000680)={0xa, 0x0, 0x8e00, 0xf5ffffff}, 0xa8bb58c230971cd4, &(0x7f00000005c0)={&(0x7f0000000000)={0x58, 0x9, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0x0, 0x11, @local}}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE}, {0xfe3c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0x0, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0xfffffffffffffec6}}}]}, @IPSET_ATTR_SETNAME={0x0, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_DATA, @IPSET_ATTR_LINENO, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2}]}, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK}]}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_LINENO]}, 0xffd8}}, 0x0) [ 262.724902][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 262.737811][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 262.769381][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 262.795971][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 12:21:43 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x20, 0xb, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0xffffffffffffff7a, 0x2, 'syz2\x00'}]}, 0xff4b}}, 0x0) [ 262.854476][ T9698] device veth0_vlan entered promiscuous mode [ 262.866609][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 262.878345][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 262.887464][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 262.898338][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 262.914531][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 262.924776][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 262.940809][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 262.950843][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 262.959934][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 262.969430][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready 12:21:43 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x500}, 0x0) [ 262.995944][ T9704] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 263.021094][ T9704] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 263.045318][ T9698] device veth1_vlan entered promiscuous mode 12:21:43 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="20000000010201022cdbdf25090000020900020073797a3101000000"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) [ 263.068237][ T9695] device veth0_vlan entered promiscuous mode [ 263.081782][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 263.090444][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 263.099458][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 263.107761][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 263.115772][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 263.133431][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 263.142713][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 263.171572][ T9744] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 263.175180][ T9701] device veth0_vlan entered promiscuous mode [ 263.246381][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 263.265559][ T2802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 263.310605][ T9695] device veth1_vlan entered promiscuous mode [ 263.336731][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 263.344813][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 263.353534][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 263.361770][ T2803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 263.398955][ T9701] device veth1_vlan entered promiscuous mode [ 263.454717][ T9704] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 263.692664][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 263.710070][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 263.738637][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready 12:21:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x5c, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x12, 0x1, 0x0, 0xa000000}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x5c}}, 0x0) 12:21:44 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$IP_SET_OP_VERSION(r0, 0x11, 0x1c, 0x0, 0x0) 12:21:44 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x60, 0xa, 0x6, 0x8b48c98102abdf79, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PACKETS={0xc}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14}}, @IPSET_ATTR_SKBPRIO={0x8}, @IPSET_ATTR_PORT={0x6}]}]}, 0x60}}, 0x0) 12:21:44 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) [ 263.780761][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 263.818437][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 263.828551][ T2741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 263.840834][ T9704] device veth0_vlan entered promiscuous mode [ 263.889626][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 263.908755][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 263.943010][ T9704] device veth1_vlan entered promiscuous mode [ 264.087018][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 264.096390][ T2745] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready 12:21:45 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f80)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x8, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}}, 0x0) 12:21:45 executing program 4: r0 = socket$nl_netfilter(0x2, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, 0xfffffffffffffffd, 0x0) 12:21:45 executing program 0: r0 = socket$nl_netfilter(0xa, 0x3, 0x3a) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000600)={&(0x7f0000000680)={0xa, 0x0, 0x8e00}, 0xa8bb58c230971cd4, &(0x7f00000005c0)={&(0x7f0000000000)={0x58, 0x9, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0x0, 0x11, @local}}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE}, {0xfe3b, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0x0, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0xfffffffffffffec6}}}]}, @IPSET_ATTR_SETNAME={0x0, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_DATA, @IPSET_ATTR_LINENO, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2}]}, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK}]}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_LINENO]}, 0xffd8}}, 0x0) 12:21:45 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:45 executing program 2: r0 = socket$nl_netfilter(0xa, 0x3, 0x3a) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000600)={&(0x7f0000000680)={0xa, 0x0, 0x8e00, 0xf5ffffff}, 0xa8bb58c230971cd4, &(0x7f00000005c0)={&(0x7f0000000000)={0x58, 0x9, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0x0, 0x11, @local}}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK}, {0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE}, {0xfe3a, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0x0, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0xfffffffffffffec6}}}]}, @IPSET_ATTR_SETNAME={0x0, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_DATA, @IPSET_ATTR_LINENO, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2}]}, @IPSET_ATTR_ADT={0x0, 0x8, 0x0, 0x1, [{0x0, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK}]}, @IPSET_ATTR_PROTOCOL, @IPSET_ATTR_LINENO]}, 0xffd8}}, 0x0) 12:21:45 executing program 4: r0 = socket$nl_netfilter(0x2, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000440)={&(0x7f0000000200)={0x2}, 0x2000020c, &(0x7f0000000400)={0x0, 0x7}}, 0x0) 12:21:45 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x9, 0x6, 0x803, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x9}]}, 0x1c}, 0x1, 0xfffffffffffff000}, 0x0) 12:21:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES64], 0x1}}, 0x0) [ 264.557240][ T9800] netlink: 'syz-executor.0': attribute type 9 has an invalid length. 12:21:49 executing program 1: r0 = socket$nl_netfilter(0xa, 0x2, 0x88) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0xa, 0x7a00}, 0x1, &(0x7f0000000100)={0x0}}, 0x0) 12:21:49 executing program 4: r0 = socket$nl_netfilter(0xa, 0x3, 0x3a) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000600)={&(0x7f0000000680)={0xa}, 0xa8bb58c230971cd4, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="89f009750906addb0000000000008f725dfff9000000000000021d7f8f88547a1ca3764dab4f018414a2fde5b6335a5721700c8dbfa194cb123fbdb4eec0df2048226d514f2cd16438c9056eeaaffcc63c49681f5f2ec0be490000fdbfd895a9e8ffbf10e80b8a3d26fcb7c5e7ba274bcaf04205b0e46ae637d4ef83924b30c43115c361f700000f000077cfb8310234b6bf5da904c3a092201b81e6a05abdc6f133c5e07821ccec2848fe882574dd4098f4c43aaca687c08f9aed4da8a06678de9f94db746a4a5d59590f6103190eacdada28000000000000000000000000004c24ee61735d54452fe226f3ddbbbb9e2b0eec04915cfae806df7c56ca56b67aac52d90ed2f5178cf8e7f67be867ed1f2a3da01273e88862a4e1a0094dd646505f93bfa5b0b893dcc9d506a400dd807a0159588dd562bf92b74355d079877d198ad99d89225d357940f56b1cad55991a02a7c21f6b2c8ea907fa3731f35bbab37304791c1e5c"], 0xffd8}}, 0x0) 12:21:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x38, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}]}]}, 0x38}}, 0x0) 12:21:49 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x13}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:49 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f80)={0x12, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_SIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x33fe0}}, 0x0) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0xc, 0x6, 0x4}, 0x14}}, 0x0) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x9, 0x6, 0x4}, 0x14}}, 0x0) 12:21:49 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:49 executing program 0: r0 = socket$nl_netfilter(0xa, 0x3, 0x3a) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000600)={&(0x7f0000000680)={0xa, 0x0, 0x8e00}, 0xa8bb58c230971cd4, &(0x7f00000005c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5800000009060000000000000000000000000000000008803323078000001100aaaaaaaaaaaa009d00000007808745c033be860d83edc521000b40000004000000078000001d40000000002ffe078000000180c6fe01400000ea000000020073797a30000000000000010007000000000007800000094000000000000008800000078000001500000000000000088000f9068000000b400000c84058d2704e000000000100070000000000"], 0xffd8}}, 0x0) 12:21:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000001081f2cffff00f7f53c7945572603d8fb00fb0000b9f10d88bff2cd8ea9d7e02bcf000027000000000040000000"], 0x28}}, 0x0) 12:21:49 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:49 executing program 5: r0 = socket$nl_netfilter(0x2, 0x3, 0xc) sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2}, 0x4c, &(0x7f0000000080)={0x0}}, 0xc9c3538a1fcc6c06) 12:21:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x58, 0xb, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x30, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}, @IPSET_ATTR_ETHER={0xa, 0x11, @dev}, @IPSET_ATTR_PACKETS={0xc}, @IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x58}}, 0x0) 12:21:49 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x44, 0x9, 0x6, 0xe21, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14}}]}]}, 0x44}}, 0x0) [ 268.821246][ T9829] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. 12:21:49 executing program 2: r0 = socket$nl_netfilter(0x2, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={0x0}}, 0x0) 12:21:49 executing program 3: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:49 executing program 4: r0 = socket$nl_netfilter(0xa, 0x3, 0x3a) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000600)={&(0x7f0000000680)={0xa}, 0x196, &(0x7f00000005c0)={&(0x7f0000000000)={0x34, 0x9, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_ADT={0x20, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2={0x5}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}}]}]}, 0x4}}, 0x0) 12:21:49 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x4, &(0x7f0000000040)={0x0}}, 0x0) 12:21:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x30, 0x7, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x437}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x30}}, 0x0) 12:21:49 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0xfffffffffffffd54, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="58000000020601000000000000000000000000000900020073997a3200e8000013000300686173683a6e65742c696661636500000c0007800800060000000000050001000700000005000400000000000500050023000000250e655e5c670d58365384aebcbc22f14e285e845cbdb2322404f9313f772a2b1ef59871d3f9f333f3ca4bae326f3368a43fe9259f03dfea4884672f6b68ff6493be23d0cc0427b3747a771b25ac25cbd9251ca2376c4f85f7de7392a0fb09c2614a1f1aa4305df0be7c4550014ba4e4afb2c0f34c56d300"], 0x58}, 0x1, 0x0, 0x0, 0x40884}, 0x0) 12:21:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000009c0)={0x28, 0x4, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x33fe0}}, 0x0) 12:21:50 executing program 3: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:50 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c000000020201000000000000000000000000000900020073797a300000000015000300686173683a69702c706f72742c6e6574000000000c0007800800064000000006000000000700000005000400000000000500050002000000"], 0x5c}}, 0x0) 12:21:50 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x5c, 0x9, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x48, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14}}, @IPSET_ATTR_IP2={0x18, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14}}, @IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}]}]}, 0x5c}}, 0x0) sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000b0500050003000002"], 0x1c}}, 0x20004000) 12:21:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x38, 0xa, 0x6, 0xa2fa8f3ae354afcf, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}]}]}, 0x5b}}, 0x0) 12:21:50 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f80)={0x12, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_SIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x33fe0}}, 0x0) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x9, 0x6, 0x4}, 0x14}}, 0x0) 12:21:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000706af300000000000000000000000000500010007000000ca437c18e2ebccc29601929717d4c74940e7e7d8cfd70d6186e5326da62052c09ab3036f5e3f186ed2df89c8e12671ced15381ea7bc896bbbabefa6a1e9f685b00c3a05978492003d794d4bd2acaac43cb44db1f8e335fa8be03efc844bb46fc458878aa9af41662e9cf34c545608d20eae96bbc4d32177dda7856bdc36e73b229fd5cda50749b29208483eb414825fa43"], 0x1c}}, 0x0) 12:21:50 executing program 3: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) [ 269.558716][ T9879] netlink: 'syz-executor.0': attribute type 7 has an invalid length. 12:21:50 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0xffffff09, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000000206010000000000000000000000000011000300686173683a69702c6d61726b0000000005000400000000000900020073797a30000000000c000780080012400e000000050005000a00000005000100070000003f4c23ed801a6bb1ccbc427e3a1a9e2f3cd435a2cf859267990d4031973384e5570800d616efba80813653e0c8f1369056cef2ab714fd4965927723be1a77ab98b7fb76b5418a86697442e7bdf3ddb0e70859eaebf34b24726c54662119db528fb5d8efb6793df6f4eab7b23d4c15321f663c6e82aedc27148ea777ee7c6ce3fafcca10d8e6bbe22c7a8ec59a02f8cbf983460853ee6806f3aa8e6ab47e7e11dacc640b1717b6c9bb255287def"], 0x58}}, 0x0) 12:21:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f80)={0x48, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}}, 0x0) [ 269.641903][ T9879] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 269.674028][ T9879] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'. 12:21:50 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x3, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x20004022) 12:21:50 executing program 3: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:50 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c000000020201000000000000000000000000000900020073797a300000000015000300686173683a69702c706f72742c6e6574000000000c0007800800064000000006000000000700000005000400000000000500050002000000"], 0x5c}}, 0x0) 12:21:50 executing program 3: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) [ 270.001818][ T9908] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 270.014261][ T9908] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 270.040506][ T9908] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'. 12:21:50 executing program 3: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0) 12:21:50 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c000000020201000000000000000000000000000900020073797a300000000015000300686173683a69702c706f72742c6e6574000000000c0007800800064000000006000000000700000005000400000000000500050002000000"], 0x5c}}, 0x0) 12:21:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) [ 270.193990][ T9916] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 270.217721][ T9916] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 270.247517][ T9916] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'. 12:21:51 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) [ 424.547085][ T991] INFO: task syz-executor.1:9887 can't die for more than 143 seconds. [ 424.555308][ T991] syz-executor.1 R running task 25768 9887 9695 0x00004006 [ 424.576689][ T991] Call Trace: [ 424.580636][ T991] ? __kasan_check_read+0x11/0x20 [ 424.585750][ T991] mark_lock+0xc2/0x1220 [ 424.597965][ T991] ? mark_held_locks+0xa4/0xf0 [ 424.602791][ T991] ? __kasan_check_read+0x11/0x20 [ 424.614958][ T991] __lock_acquire+0x8a0/0x4a00 [ 424.621931][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 424.633747][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 424.640920][ T991] ? retint_kernel+0x2b/0x2b [ 424.645533][ T991] ? mark_held_locks+0xf0/0xf0 [ 424.656087][ T991] ? lock_downgrade+0x920/0x920 [ 424.662398][ T991] lock_acquire+0x190/0x410 [ 424.672776][ T991] ? rcu_read_lock_held+0x9c/0xb0 [ 424.679418][ T991] ? __kasan_check_read+0x11/0x20 [ 424.684585][ T991] ? hash_netportnet4_list+0x349/0x1490 [ 424.695986][ T991] ? hash_netportnet4_list+0x10c4/0x1490 [ 424.703159][ T991] ? mark_held_locks+0xa4/0xf0 [ 424.716076][ T991] ? hash_netportnet6_list+0x1470/0x1470 [ 424.724581][ T991] ? trace_hardirqs_on+0x67/0x240 [ 424.735550][ T991] ? hash_netportnet4_uref+0x16a/0x260 [ 424.742495][ T991] ? hash_netportnet6_uref+0x260/0x260 [ 424.753952][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 424.761070][ T991] ? hash_netportnet6_uref+0x260/0x260 [ 424.766596][ T991] ? ip_set_dump_start+0x96c/0x1ca0 [ 424.779041][ T991] ? ip_set_rename+0x720/0x720 [ 424.783952][ T991] ? __kmalloc_reserve.isra.0+0xc0/0xf0 [ 424.797186][ T991] ? debug_mutex_unlock+0x1b0/0x260 [ 424.802455][ T991] ? __kasan_check_write+0x14/0x20 [ 424.815589][ T991] ? netlink_dump+0x558/0xfb0 [ 424.820671][ T991] ? __netlink_sendskb+0xc0/0xc0 [ 424.825631][ T991] ? __netlink_dump_start+0x66a/0x930 [ 424.839236][ T991] ? ip_set_dump+0x15a/0x1d0 [ 424.843853][ T991] ? call_ad+0x5a0/0x5a0 [ 424.853995][ T991] ? ip_set_rename+0x720/0x720 [ 424.860322][ T991] ? __ip_set_put_netlink.isra.0+0x90/0x90 [ 424.866157][ T991] ? call_ad+0x5a0/0x5a0 [ 424.876410][ T991] ? nfnetlink_rcv_msg+0xcf2/0xfb0 [ 424.883238][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 424.894074][ T991] ? find_held_lock+0x35/0x130 [ 424.901480][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 424.912820][ T991] ? __dev_queue_xmit+0x176d/0x35c0 [ 424.919520][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 424.925078][ T991] ? lockdep_hardirqs_on+0x421/0x5e0 [ 424.936451][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 424.943679][ T991] ? trace_hardirqs_on+0x67/0x240 [ 424.958411][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 424.963761][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.987007][ T991] ? apparmor_capable+0x4df/0x910 [ 424.992086][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.998941][ T991] ? __kasan_check_read+0x11/0x20 [ 425.004084][ T991] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 425.015327][ T991] ? netlink_rcv_skb+0x177/0x450 [ 425.021715][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 425.026580][ T991] ? netlink_ack+0xb50/0xb50 [ 425.038249][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.044526][ T991] ? ns_capable_common+0x93/0x100 [ 425.054393][ T991] ? ns_capable+0x20/0x30 [ 425.061327][ T991] ? __netlink_ns_capable+0x104/0x140 [ 425.066713][ T991] ? nfnetlink_rcv+0x1ba/0x460 [ 425.079767][ T991] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 425.085271][ T991] ? netlink_deliver_tap+0x248/0xbe0 [ 425.095307][ T991] ? netlink_unicast+0x58c/0x7d0 [ 425.102786][ T991] ? netlink_attachskb+0x870/0x870 [ 425.114099][ T991] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 425.139270][ T991] ? __check_object_size+0x3d/0x437 [ 425.144507][ T991] ? netlink_sendmsg+0x91c/0xea0 [ 425.155053][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 425.162838][ T991] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 425.173147][ T991] ? apparmor_socket_sendmsg+0x2a/0x30 [ 425.181822][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.194377][ T991] ? security_socket_sendmsg+0x8d/0xc0 [ 425.202382][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 425.212035][ T991] ? sock_sendmsg+0xd7/0x130 [ 425.216641][ T991] ? ____sys_sendmsg+0x753/0x880 [ 425.224275][ T991] ? kernel_sendmsg+0x50/0x50 [ 425.233743][ T991] ? __fget+0x35d/0x550 [ 425.241632][ T991] ? find_held_lock+0x35/0x130 [ 425.246516][ T991] ? ___sys_sendmsg+0x100/0x170 [ 425.256612][ T991] ? sendmsg_copy_msghdr+0x70/0x70 [ 425.264389][ T991] ? __kasan_check_read+0x11/0x20 [ 425.274200][ T991] ? __fget+0x37f/0x550 [ 425.280947][ T991] ? do_dup2+0x4f0/0x4f0 [ 425.285224][ T991] ? __fget_light+0x1a9/0x230 [ 425.295351][ T991] ? __fdget+0x1b/0x20 [ 425.302795][ T991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 425.313772][ T991] ? __sys_sendmsg+0x105/0x1d0 [ 425.321138][ T991] ? __sys_sendmsg_sock+0xc0/0xc0 [ 425.332923][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 425.340933][ T991] ? do_syscall_64+0x26/0x790 [ 425.345630][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.356504][ T991] ? do_syscall_64+0x26/0x790 [ 425.363872][ T991] ? __x64_sys_sendmsg+0x78/0xb0 [ 425.373597][ T991] ? do_syscall_64+0xfa/0x790 [ 425.380785][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.391553][ T991] INFO: task syz-executor.4:9896 can't die for more than 144 seconds. [ 425.402653][ T991] syz-executor.4 D28224 9896 9701 0x00004004 [ 425.414600][ T991] Call Trace: [ 425.420425][ T991] __schedule+0x934/0x1f90 [ 425.424863][ T991] ? firmware_map_remove+0x1a0/0x1a0 [ 425.435088][ T991] ? lock_downgrade+0x920/0x920 [ 425.442559][ T991] ? rwlock_bug.part.0+0x90/0x90 [ 425.452254][ T991] schedule+0xdc/0x2b0 [ 425.456354][ T991] schedule_preempt_disabled+0x13/0x20 [ 425.464456][ T991] __mutex_lock+0x7ab/0x13c0 [ 425.473822][ T991] ? nfnetlink_rcv_msg+0x9ee/0xfb0 [ 425.481533][ T991] ? mutex_trylock+0x2d0/0x2d0 [ 425.492142][ T991] ? nla_memcpy+0xb0/0xb0 [ 425.496511][ T991] mutex_lock_nested+0x16/0x20 [ 425.503844][ T991] ? mutex_lock_nested+0x16/0x20 [ 425.515256][ T991] nfnetlink_rcv_msg+0x9ee/0xfb0 [ 425.523604][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 425.533182][ T991] ? lock_downgrade+0x920/0x920 [ 425.540630][ T991] ? lock_downgrade+0x920/0x920 [ 425.545504][ T991] ? swake_up_one+0x4d/0x60 [ 425.554779][ T991] ? find_held_lock+0x35/0x130 [ 425.562121][ T991] ? swake_up_one+0x4d/0x60 [ 425.566670][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.580049][ T991] ? apparmor_capable+0x4df/0x910 [ 425.585100][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.595163][ T991] ? swake_up_one+0x4d/0x60 [ 425.603386][ T991] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 425.612481][ T991] netlink_rcv_skb+0x177/0x450 [ 425.621403][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 425.626299][ T991] ? netlink_ack+0xb50/0xb50 [ 425.635636][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.646179][ T991] ? ns_capable_common+0x93/0x100 [ 425.654879][ T991] ? ns_capable+0x20/0x30 [ 425.663001][ T991] ? __netlink_ns_capable+0x104/0x140 [ 425.672514][ T991] nfnetlink_rcv+0x1ba/0x460 [ 425.681019][ T991] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 425.686539][ T991] ? netlink_deliver_tap+0x248/0xbe0 [ 425.695526][ T991] netlink_unicast+0x58c/0x7d0 [ 425.704792][ T991] ? netlink_attachskb+0x870/0x870 [ 425.713578][ T991] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 425.722872][ T991] ? __check_object_size+0x3d/0x437 [ 425.732170][ T991] netlink_sendmsg+0x91c/0xea0 [ 425.741464][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 425.752032][ T991] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 425.761415][ T991] ? apparmor_socket_sendmsg+0x2a/0x30 [ 425.770578][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.780599][ T991] ? security_socket_sendmsg+0x8d/0xc0 [ 425.786071][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 425.794639][ T991] sock_sendmsg+0xd7/0x130 [ 425.802766][ T991] ____sys_sendmsg+0x753/0x880 [ 425.811148][ T991] ? kernel_sendmsg+0x50/0x50 [ 425.816280][ T991] ? __fget+0x35d/0x550 [ 425.824067][ T991] ? find_held_lock+0x35/0x130 [ 425.834820][ T991] ___sys_sendmsg+0x100/0x170 [ 425.843535][ T991] ? sendmsg_copy_msghdr+0x70/0x70 [ 425.853333][ T991] ? __kasan_check_read+0x11/0x20 [ 425.862056][ T991] ? __fget+0x37f/0x550 [ 425.866247][ T991] ? do_dup2+0x4f0/0x4f0 [ 425.874415][ T991] ? __fget_light+0x1a9/0x230 [ 425.882721][ T991] ? __fdget+0x1b/0x20 [ 425.886820][ T991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 425.896766][ T991] __sys_sendmsg+0x105/0x1d0 [ 425.905052][ T991] ? __sys_sendmsg_sock+0xc0/0xc0 [ 425.913693][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 425.922900][ T991] ? do_syscall_64+0x26/0x790 [ 425.931456][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.941227][ T991] ? do_syscall_64+0x26/0x790 [ 425.945955][ T991] __x64_sys_sendmsg+0x78/0xb0 [ 425.954955][ T991] do_syscall_64+0xfa/0x790 [ 425.964207][ T991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.973753][ T991] RIP: 0033:0x45af49 [ 425.981883][ T991] Code: Bad RIP value. [ 425.985999][ T991] RSP: 002b:00007f7feebddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.004075][ T991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045af49 [ 426.012472][ T991] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003 [ 426.027060][ T991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.035092][ T991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7feebde6d4 [ 426.049412][ T991] R13: 00000000004c9d34 R14: 00000000004e2d78 R15: 00000000ffffffff [ 426.061608][ T991] INFO: task syz-executor.4:9896 blocked for more than 144 seconds. [ 426.074106][ T991] Not tainted 5.5.0-rc5-next-20200107-syzkaller #0 [ 426.084760][ T991] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 426.100351][ T991] syz-executor.4 D28224 9896 9701 0x00004004 [ 426.106714][ T991] Call Trace: [ 426.112661][ T991] __schedule+0x934/0x1f90 [ 426.121846][ T991] ? firmware_map_remove+0x1a0/0x1a0 [ 426.129837][ T991] ? lock_downgrade+0x920/0x920 [ 426.134703][ T991] ? rwlock_bug.part.0+0x90/0x90 [ 426.144384][ T991] schedule+0xdc/0x2b0 [ 426.152318][ T991] schedule_preempt_disabled+0x13/0x20 [ 426.162541][ T991] __mutex_lock+0x7ab/0x13c0 [ 426.170126][ T991] ? nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.175354][ T991] ? mutex_trylock+0x2d0/0x2d0 [ 426.185805][ T991] ? nla_memcpy+0xb0/0xb0 [ 426.193432][ T991] mutex_lock_nested+0x16/0x20 [ 426.203058][ T991] ? mutex_lock_nested+0x16/0x20 [ 426.210526][ T991] nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.215485][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.224945][ T991] ? lock_downgrade+0x920/0x920 [ 426.232344][ T991] ? lock_downgrade+0x920/0x920 [ 426.241870][ T991] ? swake_up_one+0x4d/0x60 [ 426.246406][ T991] ? find_held_lock+0x35/0x130 [ 426.253814][ T991] ? swake_up_one+0x4d/0x60 [ 426.263919][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.272802][ T991] ? apparmor_capable+0x4df/0x910 [ 426.282894][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.292567][ T991] ? swake_up_one+0x4d/0x60 [ 426.301849][ T991] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 426.309999][ T991] netlink_rcv_skb+0x177/0x450 [ 426.314873][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.324520][ T991] ? netlink_ack+0xb50/0xb50 [ 426.331609][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.342674][ T991] ? ns_capable_common+0x93/0x100 [ 426.350330][ T991] ? ns_capable+0x20/0x30 [ 426.354674][ T991] ? __netlink_ns_capable+0x104/0x140 [ 426.365109][ T991] nfnetlink_rcv+0x1ba/0x460 [ 426.372351][ T991] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 426.382609][ T991] ? netlink_deliver_tap+0x248/0xbe0 [ 426.390893][ T991] netlink_unicast+0x58c/0x7d0 [ 426.395685][ T991] ? netlink_attachskb+0x870/0x870 [ 426.406534][ T991] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 426.415055][ T991] ? __check_object_size+0x3d/0x437 [ 426.425086][ T991] netlink_sendmsg+0x91c/0xea0 [ 426.432589][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.442432][ T991] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 426.450652][ T991] ? apparmor_socket_sendmsg+0x2a/0x30 [ 426.456134][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.469440][ T991] ? security_socket_sendmsg+0x8d/0xc0 [ 426.475195][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.483998][ T991] sock_sendmsg+0xd7/0x130 [ 426.492092][ T991] ____sys_sendmsg+0x753/0x880 [ 426.500969][ T991] ? kernel_sendmsg+0x50/0x50 [ 426.505673][ T991] ? __fget+0x35d/0x550 [ 426.514456][ T991] ? find_held_lock+0x35/0x130 [ 426.522959][ T991] ___sys_sendmsg+0x100/0x170 [ 426.531243][ T991] ? sendmsg_copy_msghdr+0x70/0x70 [ 426.536631][ T991] ? __kasan_check_read+0x11/0x20 [ 426.545277][ T991] ? __fget+0x37f/0x550 [ 426.554195][ T991] ? do_dup2+0x4f0/0x4f0 [ 426.562082][ T991] ? __fget_light+0x1a9/0x230 [ 426.570562][ T991] ? __fdget+0x1b/0x20 [ 426.574646][ T991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.584702][ T991] __sys_sendmsg+0x105/0x1d0 [ 426.593134][ T991] ? __sys_sendmsg_sock+0xc0/0xc0 [ 426.601796][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 426.611684][ T991] ? do_syscall_64+0x26/0x790 [ 426.616820][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.633826][ T991] ? do_syscall_64+0x26/0x790 [ 426.633851][ T991] __x64_sys_sendmsg+0x78/0xb0 [ 426.633870][ T991] do_syscall_64+0xfa/0x790 [ 426.633891][ T991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.633904][ T991] RIP: 0033:0x45af49 [ 426.633927][ T991] Code: Bad RIP value. [ 426.633936][ T991] RSP: 002b:00007f7feebddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.633952][ T991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045af49 [ 426.633961][ T991] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003 [ 426.633970][ T991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.633980][ T991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7feebde6d4 [ 426.633989][ T991] R13: 00000000004c9d34 R14: 00000000004e2d78 R15: 00000000ffffffff [ 426.634025][ T991] INFO: task syz-executor.2:9899 can't die for more than 145 seconds. [ 426.634033][ T991] syz-executor.2 D28224 9899 9696 0x00000004 [ 426.634056][ T991] Call Trace: [ 426.634078][ T991] __schedule+0x934/0x1f90 [ 426.634101][ T991] ? firmware_map_remove+0x1a0/0x1a0 [ 426.634115][ T991] ? lock_downgrade+0x920/0x920 [ 426.634136][ T991] ? rwlock_bug.part.0+0x90/0x90 [ 426.634159][ T991] schedule+0xdc/0x2b0 [ 426.634178][ T991] schedule_preempt_disabled+0x13/0x20 [ 426.634194][ T991] __mutex_lock+0x7ab/0x13c0 [ 426.634213][ T991] ? nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.634235][ T991] ? mutex_trylock+0x2d0/0x2d0 [ 426.634255][ T991] ? nla_memcpy+0xb0/0xb0 [ 426.634288][ T991] mutex_lock_nested+0x16/0x20 [ 426.634303][ T991] ? mutex_lock_nested+0x16/0x20 [ 426.634318][ T991] nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.634346][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.634360][ T991] ? find_held_lock+0x35/0x130 [ 426.634385][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.634399][ T991] ? __dev_queue_xmit+0x176d/0x35c0 [ 426.634413][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.634429][ T991] ? lockdep_hardirqs_on+0x421/0x5e0 [ 426.634443][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.634460][ T991] ? trace_hardirqs_on+0x67/0x240 [ 426.634475][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.634496][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.634514][ T991] ? apparmor_capable+0x4df/0x910 [ 426.634532][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.634549][ T991] ? __kasan_check_read+0x11/0x20 [ 426.634567][ T991] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 426.634589][ T991] netlink_rcv_skb+0x177/0x450 [ 426.634606][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.634624][ T991] ? netlink_ack+0xb50/0xb50 [ 426.634640][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.634655][ T991] ? ns_capable_common+0x93/0x100 [ 426.634673][ T991] ? ns_capable+0x20/0x30 [ 426.634690][ T991] ? __netlink_ns_capable+0x104/0x140 [ 426.634711][ T991] nfnetlink_rcv+0x1ba/0x460 [ 426.634729][ T991] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 426.634743][ T991] ? netlink_deliver_tap+0x248/0xbe0 [ 426.634769][ T991] netlink_unicast+0x58c/0x7d0 [ 426.634790][ T991] ? netlink_attachskb+0x870/0x870 [ 426.634807][ T991] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 426.634825][ T991] ? __check_object_size+0x3d/0x437 [ 426.634847][ T991] netlink_sendmsg+0x91c/0xea0 [ 426.634871][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.634887][ T991] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 426.634907][ T991] ? apparmor_socket_sendmsg+0x2a/0x30 [ 426.634924][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.634940][ T991] ? security_socket_sendmsg+0x8d/0xc0 [ 426.634956][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.634973][ T991] sock_sendmsg+0xd7/0x130 [ 426.634990][ T991] ____sys_sendmsg+0x753/0x880 [ 426.635011][ T991] ? kernel_sendmsg+0x50/0x50 [ 426.635026][ T991] ? __fget+0x35d/0x550 [ 426.635041][ T991] ? find_held_lock+0x35/0x130 [ 426.635068][ T991] ___sys_sendmsg+0x100/0x170 [ 426.635088][ T991] ? sendmsg_copy_msghdr+0x70/0x70 [ 426.635104][ T991] ? __kasan_check_read+0x11/0x20 [ 426.635128][ T991] ? __fget+0x37f/0x550 [ 426.635151][ T991] ? do_dup2+0x4f0/0x4f0 [ 426.635177][ T991] ? __fget_light+0x1a9/0x230 [ 426.635194][ T991] ? __fdget+0x1b/0x20 [ 426.635210][ T991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.635231][ T991] __sys_sendmsg+0x105/0x1d0 [ 426.635249][ T991] ? __sys_sendmsg_sock+0xc0/0xc0 [ 426.635278][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 426.635294][ T991] ? do_syscall_64+0x26/0x790 [ 426.635309][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.635324][ T991] ? do_syscall_64+0x26/0x790 [ 426.635346][ T991] __x64_sys_sendmsg+0x78/0xb0 [ 426.635364][ T991] do_syscall_64+0xfa/0x790 [ 426.635384][ T991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.635394][ T991] RIP: 0033:0x45af49 [ 426.635410][ T991] Code: Bad RIP value. [ 426.635419][ T991] RSP: 002b:00007fc60f2f6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.635433][ T991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045af49 [ 426.635442][ T991] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003 [ 426.635452][ T991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.635461][ T991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc60f2f76d4 [ 426.635471][ T991] R13: 00000000004c9d34 R14: 00000000004e2d78 R15: 00000000ffffffff [ 426.635498][ T991] INFO: task syz-executor.2:9899 blocked for more than 145 seconds. [ 426.635535][ T991] Not tainted 5.5.0-rc5-next-20200107-syzkaller #0 [ 426.635541][ T991] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 426.635548][ T991] syz-executor.2 D28224 9899 9696 0x00000004 [ 426.635568][ T991] Call Trace: [ 426.635587][ T991] __schedule+0x934/0x1f90 [ 426.635610][ T991] ? firmware_map_remove+0x1a0/0x1a0 [ 426.635623][ T991] ? lock_downgrade+0x920/0x920 [ 426.635639][ T991] ? rwlock_bug.part.0+0x90/0x90 [ 426.635662][ T991] schedule+0xdc/0x2b0 [ 426.635681][ T991] schedule_preempt_disabled+0x13/0x20 [ 426.635697][ T991] __mutex_lock+0x7ab/0x13c0 [ 426.635715][ T991] ? nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.635736][ T991] ? mutex_trylock+0x2d0/0x2d0 [ 426.635756][ T991] ? nla_memcpy+0xb0/0xb0 [ 426.635789][ T991] mutex_lock_nested+0x16/0x20 [ 426.635804][ T991] ? mutex_lock_nested+0x16/0x20 [ 426.635819][ T991] nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.635847][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.635861][ T991] ? find_held_lock+0x35/0x130 [ 426.635885][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.635898][ T991] ? __dev_queue_xmit+0x176d/0x35c0 [ 426.635912][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.635927][ T991] ? lockdep_hardirqs_on+0x421/0x5e0 [ 426.635941][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.635957][ T991] ? trace_hardirqs_on+0x67/0x240 [ 426.635972][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.635992][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.636009][ T991] ? apparmor_capable+0x4df/0x910 [ 426.636027][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.636042][ T991] ? __kasan_check_read+0x11/0x20 [ 426.636060][ T991] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 426.636082][ T991] netlink_rcv_skb+0x177/0x450 [ 426.636099][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.636117][ T991] ? netlink_ack+0xb50/0xb50 [ 426.636139][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.636155][ T991] ? ns_capable_common+0x93/0x100 [ 426.636173][ T991] ? ns_capable+0x20/0x30 [ 426.636189][ T991] ? __netlink_ns_capable+0x104/0x140 [ 426.636211][ T991] nfnetlink_rcv+0x1ba/0x460 [ 426.636229][ T991] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 426.636244][ T991] ? netlink_deliver_tap+0x248/0xbe0 [ 426.636269][ T991] netlink_unicast+0x58c/0x7d0 [ 426.636291][ T991] ? netlink_attachskb+0x870/0x870 [ 426.636308][ T991] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 426.636324][ T991] ? __check_object_size+0x3d/0x437 [ 426.636346][ T991] netlink_sendmsg+0x91c/0xea0 [ 426.636370][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.636386][ T991] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 426.636407][ T991] ? apparmor_socket_sendmsg+0x2a/0x30 [ 426.636424][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.636439][ T991] ? security_socket_sendmsg+0x8d/0xc0 [ 426.636455][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.636471][ T991] sock_sendmsg+0xd7/0x130 [ 426.636489][ T991] ____sys_sendmsg+0x753/0x880 [ 426.636509][ T991] ? kernel_sendmsg+0x50/0x50 [ 426.636524][ T991] ? __fget+0x35d/0x550 [ 426.636539][ T991] ? find_held_lock+0x35/0x130 [ 426.636566][ T991] ___sys_sendmsg+0x100/0x170 [ 426.636586][ T991] ? sendmsg_copy_msghdr+0x70/0x70 [ 426.636601][ T991] ? __kasan_check_read+0x11/0x20 [ 426.636621][ T991] ? __fget+0x37f/0x550 [ 426.636643][ T991] ? do_dup2+0x4f0/0x4f0 [ 426.636669][ T991] ? __fget_light+0x1a9/0x230 [ 426.636686][ T991] ? __fdget+0x1b/0x20 [ 426.636703][ T991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.636723][ T991] __sys_sendmsg+0x105/0x1d0 [ 426.636741][ T991] ? __sys_sendmsg_sock+0xc0/0xc0 [ 426.636771][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 426.636787][ T991] ? do_syscall_64+0x26/0x790 [ 426.636802][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.636820][ T991] ? do_syscall_64+0x26/0x790 [ 426.644894][ T991] __x64_sys_sendmsg+0x78/0xb0 [ 426.644916][ T991] do_syscall_64+0xfa/0x790 [ 426.644937][ T991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.644949][ T991] RIP: 0033:0x45af49 [ 426.644973][ T991] Code: Bad RIP value. [ 426.644981][ T991] RSP: 002b:00007fc60f2f6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.644997][ T991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045af49 [ 426.645006][ T991] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003 [ 426.645015][ T991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.645025][ T991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc60f2f76d4 [ 426.645034][ T991] R13: 00000000004c9d34 R14: 00000000004e2d78 R15: 00000000ffffffff [ 426.645066][ T991] INFO: task syz-executor.5:9902 can't die for more than 145 seconds. [ 426.645073][ T991] syz-executor.5 D28224 9902 9704 0x00000004 [ 426.645097][ T991] Call Trace: [ 426.645118][ T991] __schedule+0x934/0x1f90 [ 426.645146][ T991] ? firmware_map_remove+0x1a0/0x1a0 [ 426.645161][ T991] ? lock_downgrade+0x920/0x920 [ 426.645177][ T991] ? rwlock_bug.part.0+0x90/0x90 [ 426.645200][ T991] schedule+0xdc/0x2b0 [ 426.645219][ T991] schedule_preempt_disabled+0x13/0x20 [ 426.645235][ T991] __mutex_lock+0x7ab/0x13c0 [ 426.645254][ T991] ? nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.645276][ T991] ? mutex_trylock+0x2d0/0x2d0 [ 426.645297][ T991] ? nla_memcpy+0xb0/0xb0 [ 426.645330][ T991] mutex_lock_nested+0x16/0x20 [ 426.645345][ T991] ? mutex_lock_nested+0x16/0x20 [ 426.645360][ T991] nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.645389][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.645403][ T991] ? find_held_lock+0x35/0x130 [ 426.645428][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.645442][ T991] ? __dev_queue_xmit+0x176d/0x35c0 [ 426.645456][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.645471][ T991] ? lockdep_hardirqs_on+0x421/0x5e0 [ 426.645486][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.645503][ T991] ? trace_hardirqs_on+0x67/0x240 [ 426.645518][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.645539][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.645556][ T991] ? apparmor_capable+0x4df/0x910 [ 426.645574][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.645590][ T991] ? __kasan_check_read+0x11/0x20 [ 426.645614][ T991] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 426.645636][ T991] netlink_rcv_skb+0x177/0x450 [ 426.645652][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.645671][ T991] ? netlink_ack+0xb50/0xb50 [ 426.645687][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.645703][ T991] ? ns_capable_common+0x93/0x100 [ 426.645721][ T991] ? ns_capable+0x20/0x30 [ 426.645737][ T991] ? __netlink_ns_capable+0x104/0x140 [ 426.645759][ T991] nfnetlink_rcv+0x1ba/0x460 [ 426.645777][ T991] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 426.645792][ T991] ? netlink_deliver_tap+0x248/0xbe0 [ 426.645817][ T991] netlink_unicast+0x58c/0x7d0 [ 426.645839][ T991] ? netlink_attachskb+0x870/0x870 [ 426.645856][ T991] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 426.645874][ T991] ? __check_object_size+0x3d/0x437 [ 426.645896][ T991] netlink_sendmsg+0x91c/0xea0 [ 426.645920][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.645936][ T991] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 426.645957][ T991] ? apparmor_socket_sendmsg+0x2a/0x30 [ 426.645974][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.645990][ T991] ? security_socket_sendmsg+0x8d/0xc0 [ 426.646006][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.646023][ T991] sock_sendmsg+0xd7/0x130 [ 426.646041][ T991] ____sys_sendmsg+0x753/0x880 [ 426.646062][ T991] ? kernel_sendmsg+0x50/0x50 [ 426.646077][ T991] ? __fget+0x35d/0x550 [ 426.646092][ T991] ? find_held_lock+0x35/0x130 [ 426.646151][ T991] ___sys_sendmsg+0x100/0x170 [ 426.646171][ T991] ? sendmsg_copy_msghdr+0x70/0x70 [ 426.646187][ T991] ? __kasan_check_read+0x11/0x20 [ 426.646207][ T991] ? __fget+0x37f/0x550 [ 426.646229][ T991] ? do_dup2+0x4f0/0x4f0 [ 426.646255][ T991] ? __fget_light+0x1a9/0x230 [ 426.646273][ T991] ? __fdget+0x1b/0x20 [ 426.646289][ T991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.646310][ T991] __sys_sendmsg+0x105/0x1d0 [ 426.646327][ T991] ? __sys_sendmsg_sock+0xc0/0xc0 [ 426.646357][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 426.646373][ T991] ? do_syscall_64+0x26/0x790 [ 426.646388][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.646403][ T991] ? do_syscall_64+0x26/0x790 [ 426.646425][ T991] __x64_sys_sendmsg+0x78/0xb0 [ 426.646444][ T991] do_syscall_64+0xfa/0x790 [ 426.646463][ T991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.646474][ T991] RIP: 0033:0x45af49 [ 426.646490][ T991] Code: Bad RIP value. [ 426.646499][ T991] RSP: 002b:00007f4d29f9ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.646513][ T991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045af49 [ 426.646522][ T991] RDX: 0000000020004022 RSI: 0000000020000100 RDI: 0000000000000003 [ 426.646532][ T991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.646541][ T991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4d29f9f6d4 [ 426.646551][ T991] R13: 00000000004c9d63 R14: 00000000004e2da8 R15: 00000000ffffffff [ 426.646579][ T991] INFO: task syz-executor.5:9902 blocked for more than 145 seconds. [ 426.646589][ T991] Not tainted 5.5.0-rc5-next-20200107-syzkaller #0 [ 426.646596][ T991] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 426.646602][ T991] syz-executor.5 D28224 9902 9704 0x00000004 [ 426.646621][ T991] Call Trace: [ 426.646640][ T991] __schedule+0x934/0x1f90 [ 426.646664][ T991] ? firmware_map_remove+0x1a0/0x1a0 [ 426.646677][ T991] ? lock_downgrade+0x920/0x920 [ 426.646693][ T991] ? rwlock_bug.part.0+0x90/0x90 [ 426.646716][ T991] schedule+0xdc/0x2b0 [ 426.646735][ T991] schedule_preempt_disabled+0x13/0x20 [ 426.646751][ T991] __mutex_lock+0x7ab/0x13c0 [ 426.646769][ T991] ? nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.646790][ T991] ? mutex_trylock+0x2d0/0x2d0 [ 426.646814][ T991] ? nla_memcpy+0xb0/0xb0 [ 426.667613][ T991] mutex_lock_nested+0x16/0x20 [ 426.667629][ T991] ? mutex_lock_nested+0x16/0x20 [ 426.667645][ T991] nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.667674][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.667689][ T991] ? find_held_lock+0x35/0x130 [ 426.667714][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.667729][ T991] ? __dev_queue_xmit+0x176d/0x35c0 [ 426.667742][ T991] ? __local_bh_enable_ip+0x15a/0x270 [ 426.667758][ T991] ? lockdep_hardirqs_on+0x421/0x5e0 [ 426.667772][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.667790][ T991] ? trace_hardirqs_on+0x67/0x240 [ 426.667805][ T991] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.667827][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.667845][ T991] ? apparmor_capable+0x4df/0x910 [ 426.667863][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.667903][ T991] ? __kasan_check_read+0x11/0x20 [ 426.667921][ T991] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 426.667944][ T991] netlink_rcv_skb+0x177/0x450 [ 426.667960][ T991] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.667979][ T991] ? netlink_ack+0xb50/0xb50 [ 426.667995][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.668011][ T991] ? ns_capable_common+0x93/0x100 [ 426.668029][ T991] ? ns_capable+0x20/0x30 [ 426.668046][ T991] ? __netlink_ns_capable+0x104/0x140 [ 426.668067][ T991] nfnetlink_rcv+0x1ba/0x460 [ 426.668086][ T991] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 426.668100][ T991] ? netlink_deliver_tap+0x248/0xbe0 [ 426.668131][ T991] netlink_unicast+0x58c/0x7d0 [ 426.668153][ T991] ? netlink_attachskb+0x870/0x870 [ 426.668171][ T991] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 426.668189][ T991] ? __check_object_size+0x3d/0x437 [ 426.668211][ T991] netlink_sendmsg+0x91c/0xea0 [ 426.668235][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.668251][ T991] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 426.668272][ T991] ? apparmor_socket_sendmsg+0x2a/0x30 [ 426.668289][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.668305][ T991] ? security_socket_sendmsg+0x8d/0xc0 [ 426.668326][ T991] ? netlink_unicast+0x7d0/0x7d0 [ 426.668343][ T991] sock_sendmsg+0xd7/0x130 [ 426.668361][ T991] ____sys_sendmsg+0x753/0x880 [ 426.668382][ T991] ? kernel_sendmsg+0x50/0x50 [ 426.668397][ T991] ? __fget+0x35d/0x550 [ 426.668413][ T991] ? find_held_lock+0x35/0x130 [ 426.668440][ T991] ___sys_sendmsg+0x100/0x170 [ 426.668459][ T991] ? sendmsg_copy_msghdr+0x70/0x70 [ 426.668475][ T991] ? __kasan_check_read+0x11/0x20 [ 426.668494][ T991] ? __fget+0x37f/0x550 [ 426.668516][ T991] ? do_dup2+0x4f0/0x4f0 [ 426.668542][ T991] ? __fget_light+0x1a9/0x230 [ 426.668560][ T991] ? __fdget+0x1b/0x20 [ 426.668576][ T991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.668597][ T991] __sys_sendmsg+0x105/0x1d0 [ 426.668615][ T991] ? __sys_sendmsg_sock+0xc0/0xc0 [ 426.668644][ T991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 426.668661][ T991] ? do_syscall_64+0x26/0x790 [ 426.668676][ T991] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.668691][ T991] ? do_syscall_64+0x26/0x790 [ 426.668713][ T991] __x64_sys_sendmsg+0x78/0xb0 [ 426.668732][ T991] do_syscall_64+0xfa/0x790 [ 426.668751][ T991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.668763][ T991] RIP: 0033:0x45af49 [ 426.668787][ T991] Code: Bad RIP value. [ 426.668796][ T991] RSP: 002b:00007f4d29f9ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.668811][ T991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045af49 [ 426.668820][ T991] RDX: 0000000020004022 RSI: 0000000020000100 RDI: 0000000000000003 [ 426.668830][ T991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.668839][ T991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4d29f9f6d4 [ 426.668849][ T991] R13: 00000000004c9d63 R14: 00000000004e2da8 R15: 00000000ffffffff [ 426.668876][ T991] [ 426.668876][ T991] Showing all locks held in the system: [ 426.668892][ T991] 1 lock held by khungtaskd/991: [ 426.668897][ T991] #0: ffffffff89bae540 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279 [ 426.668945][ T991] 3 locks held by kworker/0:35/2802: [ 426.668973][ T991] 1 lock held by rsyslogd/9559: [ 426.668979][ T991] #0: ffff88809ae7c660 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 [ 426.669012][ T991] 2 locks held by getty/9649: [ 426.669017][ T991] #0: ffff888094251090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 426.669046][ T991] #1: ffffc9000176b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 426.669186][ T991] 2 locks held by getty/9650: [ 426.669192][ T991] #0: ffff8880a8ba6090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 426.669221][ T991] #1: ffffc900017bb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 426.669254][ T991] 2 locks held by getty/9651: [ 426.669259][ T991] #0: ffff88809e164090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 426.669288][ T991] #1: ffffc9000177b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 426.669321][ T991] 2 locks held by getty/9652: [ 426.669327][ T991] #0: ffff8880a738d090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 426.669356][ T991] #1: ffffc900017db2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 426.669389][ T991] 2 locks held by getty/9653: [ 426.669394][ T991] #0: ffff8880a7f02090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 426.669423][ T991] #1: ffffc900017cb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 426.669456][ T991] 2 locks held by getty/9654: [ 426.669461][ T991] #0: ffff88809490a090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 426.669490][ T991] #1: ffffc900017eb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 426.669524][ T991] 2 locks held by getty/9655: [ 426.669529][ T991] #0: ffff888090b54090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 426.669558][ T991] #1: ffffc9000172b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 426.669600][ T991] 3 locks held by syz-executor.1/9887: [ 426.669610][ T991] 1 lock held by syz-executor.4/9896: [ 426.669615][ T991] #0: ffffffff8c3e4010 (&table[i].mutex){+.+.}, at: nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.669648][ T991] 1 lock held by syz-executor.2/9899: [ 426.669654][ T991] #0: ffffffff8c3e4010 (&table[i].mutex){+.+.}, at: nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.669686][ T991] 1 lock held by syz-executor.5/9902: [ 426.669691][ T991] #0: ffffffff8c3e4010 (&table[i].mutex){+.+.}, at: nfnetlink_rcv_msg+0x9ee/0xfb0 [ 426.669719][ T991] [ 426.669725][ T991] ============================================= [ 426.669725][ T991] [ 426.669732][ T991] NMI backtrace for cpu 0 [ 426.669748][ T991] CPU: 0 PID: 991 Comm: khungtaskd Not tainted 5.5.0-rc5-next-20200107-syzkaller #0 [ 426.669757][ T991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.669762][ T991] Call Trace: [ 426.669809][ T991] dump_stack+0x197/0x210 [ 426.669832][ T991] nmi_cpu_backtrace.cold+0x70/0xb2 [ 426.669869][ T991] ? vprintk_func+0x86/0x189 [ 426.669937][ T991] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 426.669955][ T991] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 426.669976][ T991] arch_trigger_cpumask_backtrace+0x14/0x20 [ 426.669990][ T991] watchdog+0xdf1/0x14e0 [ 426.670038][ T991] kthread+0x361/0x430 [ 426.670054][ T991] ? reset_hung_task_detector+0x30/0x30 [ 426.670068][ T991] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 426.670084][ T991] ret_from_fork+0x24/0x30 [ 426.670109][ T991] Sending NMI from CPU 0 to CPUs 1: [ 426.671007][ C1] NMI backtrace for cpu 1 [ 426.671014][ C1] CPU: 1 PID: 9887 Comm: syz-executor.1 Not tainted 5.5.0-rc5-next-20200107-syzkaller #0 [ 426.671020][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.671024][ C1] RIP: 0010:hash_netportnet4_list+0x3fd/0x1490 [ 426.671036][ C1] Code: 08 ff ff ff 48 8b 8d d8 fe ff ff 48 8b 40 70 4c 8d 6c c1 10 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 ff 0e 00 00 49 8b 45 00 <48> 89 85 40 ff ff ff e8 d7 46 cd fa 31 ff 41 89 c5 89 c6 e8 0b 24 [ 426.671040][ C1] RSP: 0018:ffffc90001956fe0 EFLAGS: 00000246 [ 426.671047][ C1] RAX: 0000000000000000 RBX: 0000000000000088 RCX: ffffc900173ae000 [ 426.671052][ C1] RDX: 0000000000040000 RSI: ffffffff869412d0 RDI: 0000000000000001 [ 426.671057][ C1] RBP: ffffc90001957140 R08: ffff888094ea2300 R09: ffffed1015d27074 [ 426.671062][ C1] R10: ffffed1015d27073 R11: ffff8880ae93839b R12: ffff88800d9de000 [ 426.671067][ C1] R13: ffffc9007f12f1c0 R14: dffffc0000000000 R15: ffff88808bf7f300 [ 426.671073][ C1] FS: 00007fd575e24700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 426.671077][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 426.671082][ C1] CR2: 000000c0002edc80 CR3: 00000001c967d000 CR4: 00000000001406e0 [ 426.671087][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 426.671092][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 426.671094][ C1] Call Trace: [ 426.671098][ C1] ? mark_held_locks+0xa4/0xf0 [ 426.671102][ C1] ? hash_netportnet6_list+0x1470/0x1470 [ 426.671105][ C1] ? trace_hardirqs_on+0x67/0x240 [ 426.671109][ C1] ? hash_netportnet4_uref+0x16a/0x260 [ 426.671113][ C1] ? hash_netportnet6_uref+0x260/0x260 [ 426.671116][ C1] ? __local_bh_enable_ip+0x15a/0x270 [ 426.671120][ C1] ? hash_netportnet6_uref+0x260/0x260 [ 426.671124][ C1] ip_set_dump_start+0x96c/0x1ca0 [ 426.671128][ C1] ? ip_set_rename+0x720/0x720 [ 426.671131][ C1] ? __kmalloc_reserve.isra.0+0xc0/0xf0 [ 426.671134][ C1] ? debug_mutex_unlock+0x1b0/0x260 [ 426.671137][ C1] ? __kasan_check_write+0x14/0x20 [ 426.671139][ C1] netlink_dump+0x558/0xfb0 [ 426.671142][ C1] ? __netlink_sendskb+0xc0/0xc0 [ 426.671145][ C1] __netlink_dump_start+0x66a/0x930 [ 426.671148][ C1] ip_set_dump+0x15a/0x1d0 [ 426.671151][ C1] ? call_ad+0x5a0/0x5a0 [ 426.671154][ C1] ? ip_set_rename+0x720/0x720 [ 426.671157][ C1] ? __ip_set_put_netlink.isra.0+0x90/0x90 [ 426.671160][ C1] ? call_ad+0x5a0/0x5a0 [ 426.671162][ C1] nfnetlink_rcv_msg+0xcf2/0xfb0 [ 426.671165][ C1] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.671168][ C1] ? find_held_lock+0x35/0x130 [ 426.671171][ C1] ? __local_bh_enable_ip+0x15a/0x270 [ 426.671174][ C1] ? __dev_queue_xmit+0x176d/0x35c0 [ 426.671177][ C1] ? __local_bh_enable_ip+0x15a/0x270 [ 426.671179][ C1] ? lockdep_hardirqs_on+0x421/0x5e0 [ 426.671182][ C1] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.671185][ C1] ? trace_hardirqs_on+0x67/0x240 [ 426.671188][ C1] ? __dev_queue_xmit+0x173f/0x35c0 [ 426.671192][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.671194][ C1] ? apparmor_capable+0x4df/0x910 [ 426.671198][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.671201][ C1] ? __kasan_check_read+0x11/0x20 [ 426.671204][ C1] ? apparmor_cred_prepare+0x7b0/0x7b0 [ 426.671207][ C1] netlink_rcv_skb+0x177/0x450 [ 426.671210][ C1] ? nfnetlink_bind+0x2c0/0x2c0 [ 426.671213][ C1] ? netlink_ack+0xb50/0xb50 [ 426.671216][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.671219][ C1] ? ns_capable_common+0x93/0x100 [ 426.671222][ C1] ? ns_capable+0x20/0x30 [ 426.671225][ C1] ? __netlink_ns_capable+0x104/0x140 [ 426.671227][ C1] nfnetlink_rcv+0x1ba/0x460 [ 426.671230][ C1] ? nfnetlink_rcv_batch+0x1780/0x1780 [ 426.671233][ C1] ? netlink_deliver_tap+0x248/0xbe0 [ 426.671236][ C1] netlink_unicast+0x58c/0x7d0 [ 426.671239][ C1] ? netlink_attachskb+0x870/0x870 [ 426.671242][ C1] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 426.671245][ C1] ? __check_object_size+0x3d/0x437 [ 426.671247][ C1] netlink_sendmsg+0x91c/0xea0 [ 426.671250][ C1] ? netlink_unicast+0x7d0/0x7d0 [ 426.671253][ C1] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 426.671256][ C1] ? apparmor_socket_sendmsg+0x2a/0x30 [ 426.671260][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.671263][ C1] ? security_socket_sendmsg+0x8d/0xc0 [ 426.671265][ C1] ? netlink_unicast+0x7d0/0x7d0 [ 426.671268][ C1] sock_sendmsg+0xd7/0x130 [ 426.671271][ C1] ____sys_sendmsg+0x753/0x880 [ 426.671273][ C1] ? kernel_sendmsg+0x50/0x50 [ 426.671276][ C1] ? __fget+0x35d/0x550 [ 426.671279][ C1] ? find_held_lock+0x35/0x130 [ 426.671281][ C1] ___sys_sendmsg+0x100/0x170 [ 426.671284][ C1] ? sendmsg_copy_msghdr+0x70/0x70 [ 426.671287][ C1] ? __kasan_check_read+0x11/0x20 [ 426.671290][ C1] ? __fget+0x37f/0x550 [ 426.671292][ C1] ? do_dup2+0x4f0/0x4f0 [ 426.671295][ C1] ? __fget_light+0x1a9/0x230 [ 426.671298][ C1] ? __fdget+0x1b/0x20 [ 426.671301][ C1] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.671304][ C1] __sys_sendmsg+0x105/0x1d0 [ 426.671307][ C1] ? __sys_sendmsg_sock+0xc0/0xc0 [ 426.671310][ C1] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 426.671313][ C1] ? do_syscall_64+0x26/0x790 [ 426.671316][ C1] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.671319][ C1] ? do_syscall_64+0x26/0x790 [ 426.671321][ C1] __x64_sys_sendmsg+0x78/0xb0 [ 426.671324][ C1] do_syscall_64+0xfa/0x790 [ 426.671327][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.671329][ C1] RIP: 0033:0x45af49 [ 426.671339][ C1] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 426.671342][ C1] RSP: 002b:00007fd575e23c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.671349][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045af49 [ 426.671353][ C1] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 426.671358][ C1] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.671362][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd575e246d4 [ 426.671366][ C1] R13: 00000000004c9de9 R14: 00000000004e2e20 R15: 00000000ffffffff [ 426.671376][ T991] Kernel panic - not syncing: hung_task: blocked tasks [ 426.671390][ T991] CPU: 0 PID: 991 Comm: khungtaskd Not tainted 5.5.0-rc5-next-20200107-syzkaller #0 [ 426.671397][ T991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.671401][ T991] Call Trace: [ 426.671413][ T991] dump_stack+0x197/0x210 [ 426.671449][ T991] panic+0x2e3/0x75c [ 426.671468][ T991] ? add_taint.cold+0x16/0x16 [ 426.671486][ T991] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 426.671504][ T991] ? printk_safe_flush+0xf2/0x140 [ 426.671521][ T991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.671540][ T991] ? nmi_trigger_cpumask_backtrace+0x224/0x28b [ 426.671558][ T991] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 426.671575][ T991] watchdog+0xe02/0x14e0 [ 426.671600][ T991] kthread+0x361/0x430 [ 426.671617][ T991] ? reset_hung_task_detector+0x30/0x30 [ 426.671638][ T991] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 426.671654][ T991] ret_from_fork+0x24/0x30 [ 426.673357][ T991] Kernel Offset: disabled [ 429.565957][ T991] Rebooting in 86400 seconds..