audit: type=1804 audit(1619439672.632:6574): pid=18064 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir604440934/syzkaller.OHwGDP/1000/bus" dev="sda1" ino=15011 res=1
device hsr_slave_1 left promiscuous mode
device hsr_slave_0 left promiscuous mode
BUG: MAX_LOCKDEP_CHAINS too low!
turning off the locking correctness validator.
CPU: 1 PID: 9275 Comm: kworker/u4:5 Not tainted 4.14.231-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 add_chain_cache kernel/locking/lockdep.c:2303 [inline]
 lookup_chain_cache_add kernel/locking/lockdep.c:2415 [inline]
 validate_chain kernel/locking/lockdep.c:2435 [inline]
 __lock_acquire.cold+0x19a/0x97c kernel/locking/lockdep.c:3491
 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
 __raw_write_lock_bh include/linux/rwlock_api_smp.h:203 [inline]
 _raw_write_lock_bh+0x2f/0x40 kernel/locking/spinlock.c:320
 fib6_walker_link net/ipv6/ip6_fib.c:85 [inline]
 fib6_walk+0x9d/0x350 net/ipv6/ip6_fib.c:1748
 fib6_clean_tree+0xc1/0xf0 net/ipv6/ip6_fib.c:1823
 __fib6_clean_all+0xfd/0x230 net/ipv6/ip6_fib.c:1839
 rt6_mtu_change+0x89/0xb0 net/ipv6/route.c:2972
 addrconf_notify+0x77d/0x1c20 net/ipv6/addrconf.c:3388
 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93
 call_netdevice_notifiers_info net/core/dev.c:1667 [inline]
 call_netdevice_notifiers_mtu net/core/dev.c:1706 [inline]
 dev_set_mtu+0x23d/0x3c0 net/core/dev.c:6913
 team_port_del+0x683/0x910 drivers/net/team/team.c:1362
 team_del_slave drivers/net/team/team.c:1983 [inline]
 team_device_event+0x6d0/0x950 drivers/net/team/team.c:2969
 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93
 call_netdevice_notifiers_info net/core/dev.c:1667 [inline]
 call_netdevice_notifiers net/core/dev.c:1683 [inline]
 rollback_registered_many+0x765/0xba0 net/core/dev.c:7203
 unregister_netdevice_many.part.0+0x18/0x2e0 net/core/dev.c:8285
 unregister_netdevice_many net/core/dev.c:8284 [inline]
 default_device_exit_batch+0x2d8/0x380 net/core/dev.c:8746
 ops_exit_list+0xf9/0x150 net/core/net_namespace.c:145
 cleanup_net+0x3b3/0x840 net/core/net_namespace.c:484
 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116
 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250
 kthread+0x30d/0x420 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
team0 (unregistering): Port device team_slave_1 removed
team0 (unregistering): Port device team_slave_0 removed
bond0 (unregistering): Releasing backup interface bond_slave_1
bond0 (unregistering): Releasing backup interface bond_slave_0
bond0 (unregistering): Released all slaves
cramfs: wrong magic
cramfs: wrong magic
QAT: failed to copy from user cfg_data.
kauditd_printk_skb: 1 callbacks suppressed
audit: type=1804 audit(1619439675.102:6576): pid=18093 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir604440934/syzkaller.OHwGDP/1001/bus" dev="sda1" ino=15279 res=1
audit: type=1804 audit(1619439675.102:6577): pid=18093 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir604440934/syzkaller.OHwGDP/1001/bus" dev="sda1" ino=15279 res=1
rxrpc: AF_RXRPC: Leaked local ffff88804f507b40 {1}
------------[ cut here ]------------
kernel BUG at net/rxrpc/local_object.c:408!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 9275 Comm: kworker/u4:5 Not tainted 4.14.231-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
task: ffff88808fade480 task.stack: ffff888050ab8000
RIP: 0010:rxrpc_destroy_all_locals+0xe6/0x100 net/rxrpc/local_object.c:408
RSP: 0018:ffff888050abfc28 EFLAGS: 00010286
RAX: dffffc0000000000 RBX: ffff88804c551b80 RCX: fffffbfff17d77a8
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000286
RBP: ffff88804c551ba0 R08: ffff88808fade480 R09: dffffc0000000000
R10: 0000000000000000 R11: ffff88808fade480 R12: ffff88804c551ba0
R13: ffff88804c551bb0 R14: dffffc0000000000 R15: fffffbfff13c2baf
FS:  0000000000000000(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fee3e6f36b8 CR3: 00000000592f2000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 rxrpc_exit_net+0x158/0x260 net/rxrpc/net_ns.c:78
 ops_exit_list+0xa5/0x150 net/core/net_namespace.c:142
 cleanup_net+0x3b3/0x840 net/core/net_namespace.c:484
 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116
 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250
 kthread+0x30d/0x420 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Code: 00 00 00 00 00 fc ff df 48 83 eb 20 e8 64 82 d7 fa 4c 8d 63 20 4c 39 e5 0f 85 9d 7d a0 00 e8 52 82 d7 fa 4c 89 ef e8 6a 46 a4 00 <0f> 0b 48 89 ef e8 d0 26 01 fb eb c0 90 90 90 90 90 90 90 90 90 
RIP: rxrpc_destroy_all_locals+0xe6/0x100 net/rxrpc/local_object.c:408 RSP: ffff888050abfc28
---[ end trace 88dd820d812faf9d ]---