Warning: Permanently added '10.128.1.109' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   28.629975] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   28.641588] mkiss: ax0: crc mode is auto.
executing program
[   28.712451] 
[   28.714079] ======================================================
[   28.720369] WARNING: possible circular locking dependency detected
[   28.726681] 4.14.285-syzkaller #0 Not tainted
[   28.731147] ------------------------------------------------------
[   28.737713] syz-executor355/8006 is trying to acquire lock:
[   28.743394]  (rtnl_mutex){+.+.}, at: [<ffffffff85c250ce>] unregister_netdevice_notifier+0x5e/0x2b0
[   28.752473] 
[   28.752473] but task is already holding lock:
[   28.758428]  (&xt[i].mutex){+.+.}, at: [<ffffffff85f150a8>] xt_find_table_lock+0x38/0x3d0
[   28.766723] 
[   28.766723] which lock already depends on the new lock.
[   28.766723] 
[   28.775010] 
[   28.775010] the existing dependency chain (in reverse order) is:
[   28.782600] 
[   28.782600] -> #2 (&xt[i].mutex){+.+.}:
[   28.788031]        __mutex_lock+0xc4/0x1310
[   28.792349]        target_revfn+0x43/0x210
[   28.796558]        xt_find_revision+0x15e/0x1d0
[   28.801206]        nfnl_compat_get+0x1f7/0x870
[   28.805770]        nfnetlink_rcv_msg+0x9bb/0xc00
[   28.810511]        netlink_rcv_skb+0x125/0x390
[   28.815163]        nfnetlink_rcv+0x1ab/0x1da0
[   28.819628]        netlink_unicast+0x437/0x610
[   28.824188]        netlink_sendmsg+0x648/0xbc0
[   28.828742]        sock_sendmsg+0xb5/0x100
[   28.833035]        ___sys_sendmsg+0x6c8/0x800
[   28.837500]        __sys_sendmsg+0xa3/0x120
[   28.841791]        SyS_sendmsg+0x27/0x40
[   28.845823]        do_syscall_64+0x1d5/0x640
[   28.850204]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.855883] 
[   28.855883] -> #1 (&table[i].mutex){+.+.}:
[   28.861661]        __mutex_lock+0xc4/0x1310
[   28.865967]        nf_tables_netdev_event+0x10d/0x4d0
[   28.871132]        notifier_call_chain+0x108/0x1a0
[   28.876038]        rollback_registered_many+0x765/0xbb0
[   28.881380]        rollback_registered+0xca/0x170
[   28.886196]        unregister_netdevice_queue+0x1b4/0x360
[   28.891715]        unregister_netdev+0x18/0x20
[   28.896268]        mkiss_close+0xd7/0x1d0
[   28.900387]        tty_ldisc_close+0x8c/0xc0
[   28.904767]        tty_ldisc_release+0xe8/0x400
[   28.909408]        tty_release_struct+0x20/0xe0
[   28.914046]        tty_release+0xb3f/0x10d0
[   28.918342]        __fput+0x25f/0x7a0
[   28.922113]        task_work_run+0x11f/0x190
[   28.926492]        do_exit+0xa44/0x2850
[   28.930447]        do_group_exit+0x100/0x2e0
[   28.934826]        SyS_exit_group+0x19/0x20
[   28.939120]        do_syscall_64+0x1d5/0x640
[   28.943505]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.949270] 
[   28.949270] -> #0 (rtnl_mutex){+.+.}:
[   28.954629]        lock_acquire+0x170/0x3f0
[   28.958936]        __mutex_lock+0xc4/0x1310
[   28.963235]        unregister_netdevice_notifier+0x5e/0x2b0
[   28.968932]        tee_tg_destroy+0x5c/0xb0
[   28.973236]        cleanup_entry+0x232/0x310
[   28.977633]        __do_replace+0x38d/0x580
[   28.982018]        do_ip6t_set_ctl+0x256/0x3b0
[   28.986584]        nf_setsockopt+0x5f/0xb0
[   28.990792]        ipv6_setsockopt+0xc0/0x120
[   28.995264]        udpv6_setsockopt+0x45/0x80
[   28.999731]        SyS_setsockopt+0x110/0x1e0
[   29.004209]        do_syscall_64+0x1d5/0x640
[   29.008604]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.014289] 
[   29.014289] other info that might help us debug this:
[   29.014289] 
[   29.022412] Chain exists of:
[   29.022412]   rtnl_mutex --> &table[i].mutex --> &xt[i].mutex
[   29.022412] 
[   29.032637]  Possible unsafe locking scenario:
[   29.032637] 
[   29.038680]        CPU0                    CPU1
[   29.043331]        ----                    ----
[   29.047971]   lock(&xt[i].mutex);
[   29.051408]                                lock(&table[i].mutex);
[   29.057773]                                lock(&xt[i].mutex);
[   29.063722]   lock(rtnl_mutex);
[   29.066985] 
[   29.066985]  *** DEADLOCK ***
[   29.066985] 
[   29.073021] 1 lock held by syz-executor355/8006:
[   29.077751]  #0:  (&xt[i].mutex){+.+.}, at: [<ffffffff85f150a8>] xt_find_table_lock+0x38/0x3d0
[   29.086485] 
[   29.086485] stack backtrace:
[   29.090962] CPU: 0 PID: 8006 Comm: syz-executor355 Not tainted 4.14.285-syzkaller #0
[   29.098909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   29.108257] Call Trace:
[   29.110824]  dump_stack+0x1b2/0x281
[   29.114450]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   29.120234]  __lock_acquire+0x2e0e/0x3f20
[   29.124359]  ? lock_acquire+0x170/0x3f0
[   29.128317]  ? lock_downgrade+0x740/0x740
[   29.132442]  ? trace_hardirqs_on+0x10/0x10
[   29.136658]  ? is_bpf_text_address+0xb8/0x150
[   29.141136]  ? kernel_text_address+0xbd/0xf0
[   29.145522]  ? __lock_acquire+0x5fc/0x3f20
[   29.149737]  ? __kernel_text_address+0x9/0x30
[   29.154215]  ? __save_stack_trace+0xa0/0x160
[   29.158621]  lock_acquire+0x170/0x3f0
[   29.162402]  ? unregister_netdevice_notifier+0x5e/0x2b0
[   29.171302]  ? unregister_netdevice_notifier+0x5e/0x2b0
[   29.176642]  __mutex_lock+0xc4/0x1310
[   29.180445]  ? unregister_netdevice_notifier+0x5e/0x2b0
[   29.185808]  ? unregister_netdevice_notifier+0x5e/0x2b0
[   29.191178]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   29.196640]  ? trace_hardirqs_on+0x10/0x10
[   29.200858]  ? lock_acquire+0x170/0x3f0
[   29.204807]  ? trace_hardirqs_on+0x10/0x10
[   29.209039]  ? xt_find_table_lock+0x38/0x3d0
[   29.213434]  ? __mutex_lock+0x360/0x1310
[   29.217495]  unregister_netdevice_notifier+0x5e/0x2b0
[   29.222667]  ? fs_reclaim_release+0xd0/0x110
[   29.227049]  ? register_netdevice_notifier+0x4d0/0x4d0
[   29.232300]  tee_tg_destroy+0x5c/0xb0
[   29.236074]  ? tee_tg6+0x160/0x160
[   29.239589]  cleanup_entry+0x232/0x310
[   29.243465]  ? cpumask_next+0x30/0x40
[   29.247236]  ? compat_do_ip6t_get_ctl+0x820/0x820
[   29.252053]  __do_replace+0x38d/0x580
[   29.255824]  ? ip6t_unregister_table+0x60/0x60
[   29.260379]  do_ip6t_set_ctl+0x256/0x3b0
[   29.264932]  ? compat_do_ip6t_set_ctl+0x140/0x140
[   29.269756]  ? nf_sockopt_find.constprop.0+0x1ad/0x220
[   29.275015]  nf_setsockopt+0x5f/0xb0
[   29.278725]  ipv6_setsockopt+0xc0/0x120
[   29.282686]  udpv6_setsockopt+0x45/0x80
[   29.286640]  SyS_setsockopt+0x110/0x1e0
[   29.290602]  ? SyS_recv+0x40/0x40
[   29.294034]  ? security_file_fcntl+0x83/0xb0
[   29.298421]  ? do_syscall_64+0x4c/0x640
[   29.302378]  ? SyS_recv+0x40/0x40
[   29.305814]  do_syscall_64+0x1d5/0x640
[   29.309682]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.314843] RIP: 0033:0x7fcd16fc63c9
[   29.318543] RSP: 002b:00007ffc53ab9f18 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   29.326231] RAX: ffffffffffffffda RBX: 000000306e616c76 RCX: 00007fcd16fc63c9
[   29.333481] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006
[   29.340751] RBP: 0000000000000000 R08: 0000000000000410 R09: 00007ffc53aba0b8
[   29.348003] R10: 00000000200001c0 R11: 0000000000000246 R12: 00007ffc53ab9f2c
[   29.355251] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   29.363071] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.373841] mkiss: ax0: crc mode is auto.
executing program
[   29.438838] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.449409] mkiss: ax0: crc mode is auto.
executing program
executing program
[   29.529706] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.539809] mkiss: ax0: crc mode is auto.
executing program
[   29.581372] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.592379] mkiss: ax0: crc mode is auto.
executing program
[   29.630506] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.640952] mkiss: ax0: crc mode is auto.
executing program
[   29.680287] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.691505] mkiss: ax0: crc mode is auto.
[   29.740653] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.751615] mkiss: ax0: crc mode is auto.
executing program
executing program
[   29.819210] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.829381] mkiss: ax0: crc mode is auto.
[   29.870330] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   29.881166] mkiss: ax0: crc mode is auto.
executing program
executing program
[   29.950883] mkiss: ax0: crc mode is auto.
executing program
[   29.995290] mkiss: ax0: crc mode is auto.
[   30.041357] mkiss: ax0: crc mode is auto.
executing program
[   30.090363] mkiss: ax0: crc mode is auto.
executing program
[   30.151193] mkiss: ax0: crc mode is auto.
executing program
[   30.210625] mkiss: ax0: crc mode is auto.
executing program
executing program
[   30.259863] mkiss: ax0: crc mode is auto.
[   30.306084] mkiss: ax0: crc mode is auto.
executing program
executing program
[   30.355274] mkiss: ax0: crc mode is auto.
executing program
[   30.396809] mkiss: ax0: crc mode is auto.
[   30.442416] mkiss: ax0: crc mode is auto.
executing program
[   30.496465] mkiss: ax0: crc mode is auto.
executing program
[   30.560569] mkiss: ax0: crc mode is auto.
executing program
executing program
[   30.615211] mkiss: ax0: crc mode is auto.
[   30.658607] mkiss: ax0: crc mode is auto.
executing program
executing program
[   30.709878] mkiss: ax0: crc mode is auto.
[   30.753992] mkiss: ax0: crc mode is auto.
executing program
[   30.800602] mkiss: ax0: crc mode is auto.
executing program
[   30.851218] mkiss: ax0: crc mode is auto.
executing program
[   30.920083] mkiss: ax0: crc mode is auto.
executing program
[   30.971117] mkiss: ax0: crc mode is auto.
executing program
executing program
[   31.040512] mkiss: ax0: crc mode is auto.
executing program
[   31.086334] mkiss: ax0: crc mode is auto.
[   31.132379] mkiss: ax0: crc mode is auto.
executing program
[   31.181185] mkiss: ax0: crc mode is auto.
executing program
executing program
[   31.236928] mkiss: ax0: crc mode is auto.
[   31.287695] mkiss: ax0: crc mode is auto.
executing program
[   31.350270] mkiss: ax0: crc mode is auto.
executing program
[   31.400214] mkiss: ax0: crc mode is auto.
executing program
[   31.449163] mkiss: ax0: crc mode is auto.
executing program
[   31.500640] mkiss: ax0: crc mode is auto.
executing program
[   31.560265] mkiss: ax0: crc mode is auto.
executing program
[   31.630677] mkiss: ax0: crc mode is auto.
executing program
[   31.689343] mkiss: ax0: crc mode is auto.
executing program
[   31.760645] mkiss: ax0: crc mode is auto.
executing program
[   31.829420] mkiss: ax0: crc mode is auto.
executing program
[   31.889384] mkiss: ax0: crc mode is auto.
executing program
executing program
[   31.949965] mkiss: ax0: crc mode is auto.
[   31.991703] mkiss: ax0: crc mode is auto.
executing program
[   32.039667] mkiss: ax0: crc mode is auto.
executing program
executing program
[   32.099296] mkiss: ax0: crc mode is auto.
[   32.141887] mkiss: ax0: crc mode is auto.
executing program
executing program
[   32.193317] mkiss: ax0: crc mode is auto.
[   32.232874] mkiss: ax0: crc mode is auto.
executing program
[   32.282581] mkiss: ax0: crc mode is auto.
executing program
[   32.332053] mkiss: ax0: crc mode is auto.
executing program
executing program
[   32.385832] mkiss: ax0: crc mode is auto.
[   32.440029] mkiss: ax0: crc mode is auto.
executing program
[   32.494270] mkiss: ax0: crc mode is auto.
executing program
[   32.559840] mkiss: ax0: crc mode is auto.
executing program
[   32.609257] mkiss: ax0: crc mode is auto.
executing program
[   32.659228] mkiss: ax0: crc mode is auto.
executing program
[   32.708888] mkiss: ax0: crc mode is auto.
executing program
[   32.779455] mkiss: ax0: crc mode is auto.
executing program
executing program
[   32.829806] mkiss: ax0: crc mode is auto.
executing program
[   32.874133] mkiss: ax0: crc mode is auto.
[   32.914190] mkiss: ax0: crc mode is auto.
executing program
[   32.980133] mkiss: ax0: crc mode is auto.
executing program
executing program
[   33.038861] mkiss: ax0: crc mode is auto.
executing program
[   33.083052] mkiss: ax0: crc mode is auto.
[   33.127907] mkiss: ax0: crc mode is auto.
executing program
[   33.198801] mkiss: ax0: crc mode is auto.
executing program
[   33.258999] mkiss: ax0: crc mode is auto.
executing program
[   33.319470] mkiss: ax0: crc mode is auto.
executing program
[   33.388518] mkiss: ax0: crc mode is auto.
executing program
[   33.458607] mkiss: ax0: crc mode is auto.
executing program
[   33.528553] mkiss: ax0: crc mode is auto.
executing program
executing program
[   33.578169] mkiss: ax0: crc mode is auto.
[   33.621328] mkiss: ax0: crc mode is auto.
executing program
executing program
[   33.669077] net_ratelimit: 69 callbacks suppressed
[   33.669081] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   33.685970] mkiss: ax0: crc mode is auto.
[   33.728121] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   33.738454] mkiss: ax0: crc mode is auto.
executing program
[   33.796991] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   33.807708] mkiss: ax0: crc mode is auto.
executing program
executing program
[   33.867232] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   33.877152] mkiss: ax0: crc mode is auto.
[   33.927343] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   33.937395] mkiss: ax0: crc mode is auto.
executing program
[   33.995866] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   34.005964] mkiss: ax0: crc mode is auto.
executing program
[   34.066224] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   34.076516] mkiss: ax0: crc mode is auto.
executing program
executing program
[   34.136106] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   34.146967] mkiss: ax0: crc mode is auto.
executing program
[   34.187946] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   34.202435] mkiss: ax0: crc mode is auto.
executing program
[   34.247230] ip6_tables: ip6tables: counters copy to user failed while replacing table
[   34.257598] mkiss: ax0: crc mode is auto.
[   34.308619] mkiss: ax0: crc mode is auto.
executing program
[   34.378527] mkiss: ax0: crc mode is auto.
executing program
[   34.439292] mkiss: ax0: crc mode is auto.
executing program
executing program
[   34.508384] mkiss: ax0: crc mode is auto.
executing program
[   34.553340] mkiss: ax0: crc mode is auto.
executing program
[   34.592677] mkiss: ax0: crc mode is auto.
[   34.641570] mkiss: ax0: crc mode is auto.
executing program
[   34.704552] mkiss: ax0: crc mode is auto.
executing program
[   34.758375] mkiss: ax0: crc mode is auto.
executing program
executing program
[   34.829338] mkiss: ax0: crc mode is auto.
executing program
[   34.870819] mkiss: ax0: crc mode is auto.
executing program
[   34.912616] mkiss: ax0: crc mode is auto.
[   34.959018] mkiss: ax0: crc mode is auto.
executing program
[   35.028826] mkiss: ax0: crc mode is auto.
executing program
[   35.088919] mkiss: ax0: crc mode is auto.
executing program
[   35.138520] mkiss: ax0: crc mode is auto.
executing program
executing program
[   35.187798] mkiss: ax0: crc mode is auto.
executing program
[   35.234963] mkiss: ax0: crc mode is auto.
[   35.283409] mkiss: ax0: crc mode is auto.
executing program
executing program
[   35.337799] mkiss: ax0: crc mode is auto.
[   35.383454] mkiss: ax0: crc mode is auto.
executing program
executing program
[   35.438641] mkiss: ax0: crc mode is auto.
executing program
[   35.483852] mkiss: ax0: crc mode is auto.
[   35.521824] mkiss: ax0: crc mode is auto.
executing program
[   35.570337] mkiss: ax0: crc mode is auto.
executing program
executing program
[   35.638688] mkiss: ax0: crc mode is auto.
[   35.684080] mkiss: ax0: crc mode is auto.
executing program
[   35.752051] mkiss: ax0: crc mode is auto.
executing program
[   35.798836] mkiss: ax0: crc mode is auto.
executing program
[   35.848368] mkiss: ax0: crc mode is auto.
executing program
[   35.908869] mkiss: ax0: crc mode is auto.
executing program
[   35.977640] mkiss: ax0: crc mode is auto.
executing program
[   36.028142] mkiss: ax0: crc mode is auto.
executing program
executing program
[   36.078644] mkiss: ax0: crc mode is auto.
[   36.124398] mkiss: ax0: crc mode is auto.
executing program
executing program
[   36.188188] mkiss: ax0: crc mode is auto.
[   36.229274] mkiss: ax0: crc mode is auto.
executing program
executing program
[   36.296943] mkiss: ax0: crc mode is auto.
executing program
[   36.340637] mkiss: ax0: crc mode is auto.
executing program
[   36.382059] mkiss: ax0: crc mode is auto.
[   36.437332] mkiss: ax0: crc mode is auto.
executing program
executing program
[   36.487677] mkiss: ax0: crc mode is auto.
executing program
[   36.531885] mkiss: ax0: crc mode is auto.
[   36.570789] mkiss: ax0: crc mode is auto.
executing program
executing program
[   36.633029] mkiss: ax0: crc mode is auto.
executing program
[   36.670611] mkiss: ax0: crc mode is auto.
[   36.714347] mkiss: ax0: crc mode is auto.
executing program
[   36.768678] mkiss: ax0: crc mode is auto.
executing program
executing program
[   36.821099] mkiss: ax0: crc mode is auto.
executing program
[   36.853600] mkiss: ax0: crc mode is auto.
executing program
[   36.893235] mkiss: ax0: crc mode is auto.
[   36.941666] mkiss: ax0: crc mode is auto.
executing program
[   37.002930] mkiss: ax0: crc mode is auto.
executing program
[   37.061795] mkiss: ax0: crc mode is auto.
executing program
executing program
[   37.118139] mkiss: ax0: crc mode is auto.
[   37.162125] mkiss: ax0: crc mode is auto.
executing program
executing program
[   37.212265] mkiss: ax0: crc mode is auto.
[   37.257794] mkiss: ax0: crc mode is auto.
executing program
[   37.316342] mkiss: ax0: crc mode is auto.
executing program
[   37.387576] mkiss: ax0: crc mode is auto.
executing program
executing program
[   37.446550] mkiss: ax0: crc mode is auto.
[   37.489866] mkiss: ax0: crc mode is auto.
executing program
[   37.545399] mkiss: ax0: crc mode is auto.
executing program
executing program
[   37.606999] mkiss: ax0: crc mode is auto.
[   37.649986] mkiss: ax0: crc mode is auto.
executing program
[   37.717586] mkiss: ax0: crc mode is auto.
executing program
[   37.776677] mkiss: ax0: crc mode is auto.
executing program
[   37.829687] mkiss: ax0: crc mode is auto.
executing program
executing program
[   37.877739] mkiss: ax0: crc mode is auto.
executing program
[   37.922221] mkiss: ax0: crc mode is auto.
[   37.959444] mkiss: ax0: crc mode is auto.
executing program
executing program
[   38.008171] mkiss: ax0: crc mode is auto.
executing program
[   38.049891] mkiss: ax0: crc mode is auto.
[   38.093198] mkiss: ax0: crc mode is auto.
executing program
executing program
[   38.142835] mkiss: ax0: crc mode is auto.
executing program
[   38.189679] mkiss: ax0: crc mode is auto.
[   38.220540] mkiss: ax0: crc mode is auto.
executing program
[   38.274734] mkiss: ax0: crc mode is auto.
executing program
[   38.332070] mkiss: ax0: crc mode is auto.
executing program
executing program
[   38.396914] mkiss: ax0: crc mode is auto.
[   38.442811] mkiss: ax0: crc mode is auto.
executing program
[   38.500285] mkiss: ax0: crc mode is auto.
executing program
[   38.548227] mkiss: ax0: crc mode is auto.
executing program
[   38.596867] mkiss: ax0: crc mode is auto.
executing program
[   38.667079] mkiss: ax0: crc mode is auto.
executing program