syzbot

ieee802154 phy0 wpan0: encryption failed: -22
ieee802154 phy1 wpan1: encryption failed: -22
------------[ cut here ]------------
Trying to vfree() nonexistent vm area (00000000b6f822c8)
WARNING: CPU: 1 PID: 16066 at mm/vmalloc.c:1515 __vunmap+0x332/0x3f0 mm/vmalloc.c:1515
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 16066 Comm: syz-executor.0 Not tainted 4.19.198-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 panic+0x26a/0x50e kernel/panic.c:186
 __warn.cold+0x20/0x5a kernel/panic.c:541
 report_bug+0x262/0x2b0 lib/bug.c:183
 fixup_bug arch/x86/kernel/traps.c:178 [inline]
 fixup_bug arch/x86/kernel/traps.c:173 [inline]
 do_error_trap+0x1d7/0x310 arch/x86/kernel/traps.c:296
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:1038
RIP: 0010:__vunmap+0x332/0x3f0 mm/vmalloc.c:1515
Code: a3 d1 ff 4c 89 e6 48 c7 c7 00 e1 72 88 e8 c6 64 61 06 0f 0b eb 94 e8 2d a3 d1 ff 4c 89 e6 48 c7 c7 60 e1 72 88 e8 ae 64 61 06 <0f> 0b e9 79 ff ff ff 4c 89 ff e8 0f 72 07 00 e9 25 ff ff ff 48 8b
RSP: 0018:ffff8880924573b0 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff814dfcf1 RDI: ffffed101248ae68
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: ffffc900075e0000
R13: fffffbfff164da66 R14: 0000607f45ca1c70 R15: ffffe8ffffca1c70
 vfree+0x65/0x100 mm/vmalloc.c:1598
 ipcomp_free_scratches+0xba/0x140 net/xfrm/xfrm_ipcomp.c:216
 ipcomp_free_data net/xfrm/xfrm_ipcomp.c:325 [inline]
 ipcomp_init_state+0x768/0xa00 net/xfrm/xfrm_ipcomp.c:377
 ipcomp6_init_state+0xc2/0x5b0 net/ipv6/ipcomp6.c:165
 __xfrm_init_state+0x555/0xd30 net/xfrm/xfrm_state.c:2347
 xfrm_state_construct net/xfrm/xfrm_user.c:626 [inline]
 xfrm_add_sa+0x1db2/0x33f0 net/xfrm/xfrm_user.c:683
 xfrm_user_rcv_msg+0x411/0x6b0 net/xfrm/xfrm_user.c:2681
 netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2457
 xfrm_netlink_rcv+0x6b/0x90 net/xfrm/xfrm_user.c:2689
 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]
 netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1346
 netlink_sendmsg+0x6bb/0xc40 net/netlink/af_netlink.c:1911
 sock_sendmsg_nosec net/socket.c:651 [inline]
 sock_sendmsg+0xc3/0x120 net/socket.c:661
 ___sys_sendmsg+0x7bb/0x8e0 net/socket.c:2225
 __sys_sendmsg net/socket.c:2263 [inline]
 __do_sys_sendmsg net/socket.c:2272 [inline]
 __se_sys_sendmsg net/socket.c:2270 [inline]
 __x64_sys_sendmsg+0x132/0x220 net/socket.c:2270
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4665e9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007efca4c76188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9
RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
RBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038
R13: 00007fffb167fcbf R14: 00007efca4c76300 R15: 0000000000022000
Kernel Offset: disabled
Rebooting in 86400 seconds..