last executing test programs:
2.012416021s ago: executing program 2:
futex_waitv(&(0x7f0000000000), 0x0, 0x0, &(0x7f0000000000), 0x0)
1.985640397s ago: executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bsg', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bsg', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bsg', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bsg', 0x800, 0x0)
1.908277993s ago: executing program 2:
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
1.857781882s ago: executing program 2:
landlock_restrict_self(0xffffffffffffffff, 0x0)
1.803780519s ago: executing program 2:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
1.750218037s ago: executing program 2:
sync()
1.490810565s ago: executing program 5:
chroot(&(0x7f0000000000))
1.42822001s ago: executing program 5:
migrate_pages(0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000))
1.375474183s ago: executing program 3:
time(&(0x7f0000000000))
1.355971608s ago: executing program 5:
getxattr(&(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), 0x0)
1.322259799s ago: executing program 5:
syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$I2C(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$I2C(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$I2C(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$I2C(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$I2C(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$I2C(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$I2C(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$I2C(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$I2C(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$I2C(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$I2C(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$I2C(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$I2C(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$I2C(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$I2C(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$I2C(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$I2C(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$I2C(&(0x7f0000000500), 0x4, 0x800)
1.316141836s ago: executing program 3:
times(&(0x7f0000000000))
1.258226881s ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/netlabel', 0x2, 0x0)
1.24374814s ago: executing program 5:
userfaultfd(0x0)
1.202634279s ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/keychord', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/keychord', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/keychord', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/keychord', 0x800, 0x0)
1.200924092s ago: executing program 1:
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$sndctrl(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$sndctrl(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$sndctrl(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$sndctrl(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$sndctrl(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$sndctrl(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$sndctrl(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$sndctrl(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000500), 0x4, 0x800)
1.189580279s ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full', 0x800, 0x0)
1.1881142s ago: executing program 0:
clock_adjtime(0x0, &(0x7f0000000000))
1.184566663s ago: executing program 5:
syz_open_dev$audion(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$audion(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$audion(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$audion(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$audion(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$audion(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$audion(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$audion(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$audion(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$audion(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$audion(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$audion(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$audion(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$audion(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$audion(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$audion(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$audion(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$audion(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$audion(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$audion(&(0x7f0000000500), 0x4, 0x800)
1.164242692s ago: executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/relabel', 0x2, 0x0)
1.146368753s ago: executing program 1:
shutdown(0xffffffffffffffff, 0x0)
1.141075082s ago: executing program 4:
socket$inet6_dccp(0xa, 0x6, 0x0)
1.132579427s ago: executing program 0:
move_pages(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000000), 0x0)
1.102646425s ago: executing program 3:
pause()
1.101926741s ago: executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/xen/evtchn', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/xen/evtchn', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/xen/evtchn', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/xen/evtchn', 0x800, 0x0)
1.098943726s ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vfio/vfio', 0x800, 0x0)
1.081170698s ago: executing program 4:
lseek(0xffffffffffffffff, 0x0, 0x0)
1.065318783s ago: executing program 4:
utimensat(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000000), 0x0)
1.054480574s ago: executing program 0:
getdents64(0xffffffffffffffff, &(0x7f0000000000), 0x0)
1.044328802s ago: executing program 1:
msync(0x0, 0x0, 0x0)
1.013604553s ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_congestion_control', 0x1, 0x0)
1.010975397s ago: executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/damon/kdamond_pid', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/damon/kdamond_pid', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/damon/kdamond_pid', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/damon/kdamond_pid', 0x800, 0x0)
994.96144ms ago: executing program 0:
uname(&(0x7f0000000000))
983.383108ms ago: executing program 4:
syz_open_dev$media(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$media(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$media(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$media(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$media(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$media(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$media(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$media(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$media(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$media(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$media(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$media(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$media(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$media(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$media(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$media(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$media(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$media(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$media(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$media(&(0x7f0000000500), 0x4, 0x800)
944.47828ms ago: executing program 0:
socket$nl_audit(0x10, 0x3, 0x9)
0s ago: executing program 1:
mmap(&(0x7efffffff000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000000)=nil, 0x1000000, 0x7, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0001000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.1.253' (ED25519) to the list of known hosts.
2024/06/19 19:58:01 fuzzer started
2024/06/19 19:58:01 dialing manager at 10.128.0.169:30003
[ 69.990434][ T5089] cgroup: Unknown subsys name 'net'
[ 70.295445][ T5089] cgroup: Unknown subsys name 'rlimit'
[ 70.998354][ T1240] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.005157][ T1240] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.602362][ T5088] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/06/19 19:58:04 starting 6 executor processes
[ 73.016315][ T5225] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 75.632618][ T5485] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 77.559801][ T5698] mmap: syz-executor.1 (5698) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 78.943506][ T71]
[ 78.946340][ T71] =============================
[ 78.951249][ T71] WARNING: suspicious RCU usage
[ 78.956496][ T71] 6.10.0-rc4-syzkaller-00052-ge5b3efbe1ab1 #0 Not tainted
[ 78.963984][ T71] -----------------------------
[ 78.968872][ T71] net/netfilter/ipset/ip_set_core.c:1200 suspicious rcu_dereference_protected() usage!
[ 78.978759][ T71]
[ 78.978759][ T71] other info that might help us debug this:
[ 78.978759][ T71]
[ 78.989282][ T71]
[ 78.989282][ T71] rcu_scheduler_active = 2, debug_locks = 1
[ 78.997978][ T71] 3 locks held by kworker/u8:5/71:
[ 79.003119][ T71] #0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 79.014225][ T71] #1: ffffc900015e7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 79.024892][ T71] #2: ffffffff8f5da110 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[ 79.034703][ T71]
[ 79.034703][ T71] stack backtrace:
[ 79.040647][ T71] CPU: 0 PID: 71 Comm: kworker/u8:5 Not tainted 6.10.0-rc4-syzkaller-00052-ge5b3efbe1ab1 #0
[ 79.050789][ T71] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 79.060910][ T71] Workqueue: netns cleanup_net
[ 79.065710][ T71] Call Trace:
[ 79.069013][ T71]
[ 79.071949][ T71] dump_stack_lvl+0x241/0x360
[ 79.076659][ T71] ? __pfx_dump_stack_lvl+0x10/0x10
[ 79.081881][ T71] ? __pfx__printk+0x10/0x10
[ 79.086499][ T71] ? srso_alias_return_thunk+0x5/0xfbef5
[ 79.092160][ T71] lockdep_rcu_suspicious+0x221/0x340
[ 79.097564][ T71] _destroy_all_sets+0x232/0x5f0
[ 79.102528][ T71] ip_set_net_exit+0x20/0x50
[ 79.107155][ T71] cleanup_net+0x804/0xcc0
[ 79.111610][ T71] ? __pfx_cleanup_net+0x10/0x10
[ 79.116595][ T71] ? process_scheduled_works+0x945/0x1830
[ 79.122430][ T71] process_scheduled_works+0xa2e/0x1830
[ 79.128018][ T71] ? __pfx_process_scheduled_works+0x10/0x10
[ 79.134039][ T71] ? assign_work+0x364/0x3d0
[ 79.138665][ T71] worker_thread+0x86d/0xd70
2024/06/19 19:58:11 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[ 79.143279][ T71] ? __kthread_parkme+0x169/0x1d0
[ 79.148324][ T71] ? __pfx_worker_thread+0x10/0x10
[ 79.153438][ T71] kthread+0x2f2/0x390
[ 79.157564][ T71] ? __pfx_worker_thread+0x10/0x10
[ 79.162694][ T71] ? __pfx_kthread+0x10/0x10
[ 79.167368][ T71] ret_from_fork+0x4d/0x80
[ 79.171839][ T71] ? __pfx_kthread+0x10/0x10
[ 79.176446][ T71] ret_from_fork_asm+0x1a/0x30
[ 79.181263][ T71]
[ 79.184334][ C0] vkms_vblank_simulate: vblank timer overrun
[ 79.228595][ T71]
[ 79.230976][ T71] =============================
[ 79.236477][ T71] WARNING: suspicious RCU usage
[ 79.241585][ T71] 6.10.0-rc4-syzkaller-00052-ge5b3efbe1ab1 #0 Not tainted
[ 79.249129][ T71] -----------------------------
[ 79.254395][ T71] net/netfilter/ipset/ip_set_core.c:1211 suspicious rcu_dereference_protected() usage!
[ 79.264539][ T71]
[ 79.264539][ T71] other info that might help us debug this:
[ 79.264539][ T71]
[ 79.275327][ T71]
[ 79.275327][ T71] rcu_scheduler_active = 2, debug_locks = 1
[ 79.283496][ T71] 3 locks held by kworker/u8:5/71:
[ 79.288992][ T71] #0: ffff888015ed5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 79.300333][ T71] #1: ffffc900015e7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 79.311371][ T71] #2: ffffffff8f5da110 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[ 79.321697][ T71]
[ 79.321697][ T71] stack backtrace:
[ 79.327937][ T71] CPU: 1 PID: 71 Comm: kworker/u8:5 Not tainted 6.10.0-rc4-syzkaller-00052-ge5b3efbe1ab1 #0
[ 79.338107][ T71] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 79.348175][ T71] Workqueue: netns cleanup_net
[ 79.352971][ T71] Call Trace:
[ 79.356260][ T71]
[ 79.359209][ T71] dump_stack_lvl+0x241/0x360
[ 79.363934][ T71] ? __pfx_dump_stack_lvl+0x10/0x10
[ 79.369443][ T71] ? __pfx__printk+0x10/0x10
[ 79.374646][ T71] ? srso_alias_return_thunk+0x5/0xfbef5
[ 79.380433][ T71] lockdep_rcu_suspicious+0x221/0x340
[ 79.385878][ T71] _destroy_all_sets+0x53f/0x5f0
[ 79.390871][ T71] ip_set_net_exit+0x20/0x50
[ 79.395497][ T71] cleanup_net+0x804/0xcc0
[ 79.399948][ T71] ? __pfx_cleanup_net+0x10/0x10
[ 79.404929][ T71] ? process_scheduled_works+0x945/0x1830
[ 79.410666][ T71] process_scheduled_works+0xa2e/0x1830
[ 79.416256][ T71] ? __pfx_process_scheduled_works+0x10/0x10
[ 79.422252][ T71] ? assign_work+0x364/0x3d0
[ 79.426862][ T71] worker_thread+0x86d/0xd70
[ 79.431481][ T71] ? __kthread_parkme+0x169/0x1d0
[ 79.436522][ T71] ? __pfx_worker_thread+0x10/0x10
[ 79.441644][ T71] kthread+0x2f2/0x390
[ 79.445730][ T71] ? __pfx_worker_thread+0x10/0x10
[ 79.450860][ T71] ? __pfx_kthread+0x10/0x10
[ 79.455498][ T71] ret_from_fork+0x4d/0x80
[ 79.459944][ T71] ? __pfx_kthread+0x10/0x10
[ 79.464562][ T71] ret_from_fork_asm+0x1a/0x30
[ 79.469402][ T71]