Started in network mode
Own node identity 9, cluster identity 4711
32-bit node address hash set to 9
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 8833 Comm: kworker/u4:6 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
Workqueue: netns cleanup_net
RIP: 0010:tipc_conn_close+0x48/0x140 net/tipc/topsrv.c:165
Code: fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 eb 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5d 08 48 8d 7b 20 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 be 00 00 00 4c 8b 6b 20 4d 8d a5 60 03 00 00 4c
RSP: 0018:ffff88809201fbb0 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff1101240296f
RDX: 0000000000000004 RSI: ffffffff87bb0f64 RDI: 0000000000000020
RBP: ffff8880ae635d00 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff888096a315d0
R13: ffffed1012d462c1 R14: ffff8880ae635d08 R15: ffff8880ae635d00
FS:  0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2ef23000 CR3: 00000000a575b000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]
 tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722
 ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153
 cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:554
 process_one_work+0x864/0x1570 kernel/workqueue.c:2153
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Modules linked in:
---[ end trace 12d901da7a3ff1c7 ]---
RIP: 0010:tipc_conn_close+0x48/0x140 net/tipc/topsrv.c:165
Code: fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 eb 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5d 08 48 8d 7b 20 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 be 00 00 00 4c 8b 6b 20 4d 8d a5 60 03 00 00 4c
IPVS: ftp: loaded support on port[0] = 21
audit: type=1804 audit(1663750420.292:44): pid=15197 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir21358673/syzkaller.Mg2mSh/274/bus" dev="sda1" ino=14481 res=1
RSP: 0018:ffff88809201fbb0 EFLAGS: 00010202
audit: type=1804 audit(1663750420.402:45): pid=15217 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir21358673/syzkaller.Mg2mSh/274/bus" dev="sda1" ino=14481 res=1
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff1101240296f
RDX: 0000000000000004 RSI: ffffffff87bb0f64 RDI: 0000000000000020
RBP: ffff8880ae635d00 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff888096a315d0
Started in network mode
Own node identity 9, cluster identity 4711
R13: ffffed1012d462c1 R14: ffff8880ae635d08 R15: ffff8880ae635d00
IPVS: ftp: loaded support on port[0] = 21
32-bit node address hash set to 9
FS:  0000000000000000(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
audit: type=1804 audit(1663750420.812:46): pid=15263 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir21358673/syzkaller.Mg2mSh/275/bus" dev="sda1" ino=14535 res=1
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
audit: type=1804 audit(1663750420.842:47): pid=15261 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir21358673/syzkaller.Mg2mSh/275/bus" dev="sda1" ino=14535 res=1
CR2: 00007fffa5cf7c20 CR3: 0000000091ba6000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess), 3 bytes skipped:
   0:	48 c1 ea 03          	shr    $0x3,%rdx
   4:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   8:	0f 85 eb 00 00 00    	jne    0xf9
   e:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  15:	fc ff df
  18:	48 8b 5d 08          	mov    0x8(%rbp),%rbx
  1c:	48 8d 7b 20          	lea    0x20(%rbx),%rdi
  20:	48 89 fa             	mov    %rdi,%rdx
  23:	48 c1 ea 03          	shr    $0x3,%rdx
* 27:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1) <-- trapping instruction
  2b:	0f 85 be 00 00 00    	jne    0xef
  31:	4c 8b 6b 20          	mov    0x20(%rbx),%r13
  35:	4d 8d a5 60 03 00 00 	lea    0x360(%r13),%r12
  3c:	4c                   	rex.WR