syzkaller login: [ 81.340774][ T25] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.76' (ECDSA) to the list of known hosts. [ 86.241245][ T3600] chnl_net:caif_netlink_parms(): no params data found [ 86.283159][ T3600] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.290564][ T3600] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.298327][ T3600] device bridge_slave_0 entered promiscuous mode [ 86.307108][ T3600] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.315099][ T3600] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.322977][ T3600] device bridge_slave_1 entered promiscuous mode [ 86.343227][ T3600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.354846][ T3600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.375939][ T3600] team0: Port device team_slave_0 added [ 86.384085][ T3600] team0: Port device team_slave_1 added [ 86.401478][ T3600] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.408418][ T3600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.434635][ T3600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.448096][ T3600] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.455584][ T3600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.482414][ T3600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.508159][ T3600] device hsr_slave_0 entered promiscuous mode [ 86.515239][ T3600] device hsr_slave_1 entered promiscuous mode [ 86.592583][ T3600] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.603766][ T3600] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.613223][ T3600] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.622884][ T3600] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.644521][ T3600] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.651860][ T3600] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.660111][ T3600] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.667169][ T3600] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.708492][ T3600] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.724569][ T3600] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.732206][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.742465][ T3605] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.751903][ T3605] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.760637][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 86.779161][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 86.787717][ T3605] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.794802][ T3605] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.802380][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 86.811261][ T3605] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.818291][ T3605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.833530][ T135] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 86.847849][ T135] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 86.855944][ T135] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 86.865364][ T135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 86.877680][ T3600] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 86.890016][ T3600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 86.899495][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 86.915786][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 86.923580][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 86.936835][ T3600] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 86.954579][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 86.972174][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 86.981047][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 86.989315][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 86.999288][ T3600] device veth0_vlan entered promiscuous mode [ 87.011134][ T3600] device veth1_vlan entered promiscuous mode [ 87.029283][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 87.037283][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 87.045846][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 87.056925][ T3600] device veth0_macvtap entered promiscuous mode [ 87.066340][ T3600] device veth1_macvtap entered promiscuous mode [ 87.081858][ T3600] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.089361][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 87.099323][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 87.112751][ T3600] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.121324][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 87.131410][ T3600] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.140526][ T3600] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.149508][ T3600] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.158186][ T3600] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.216257][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.233487][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.244098][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.247371][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready executing program [ 87.252576][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.270216][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.299174][ T3608] FAULT_INJECTION: forcing a failure. [ 87.299174][ T3608] name failslab, interval 1, probability 0, space 0, times 1 [ 87.312887][ T3608] CPU: 1 PID: 3608 Comm: syz-executor292 Not tainted 5.16.0-rc5-syzkaller #0 [ 87.321667][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.331937][ T3608] Call Trace: [ 87.335210][ T3608] [ 87.338134][ T3608] dump_stack_lvl+0xcd/0x134 [ 87.342734][ T3608] should_fail.cold+0x5/0xa [ 87.347320][ T3608] ? ieee80211_alloc_chanctx+0x9d/0x3b0 [ 87.352851][ T3608] should_failslab+0x5/0x10 [ 87.357342][ T3608] __kmalloc+0x72/0x340 [ 87.361488][ T3608] ieee80211_alloc_chanctx+0x9d/0x3b0 [ 87.366850][ T3608] ieee80211_new_chanctx+0x74/0x2b0 [ 87.372033][ T3608] ieee80211_vif_use_channel+0x50b/0x6b0 [ 87.377652][ T3608] ieee80211_start_ap+0x6b1/0x2780 [ 87.382767][ T3608] nl80211_start_ap+0x288d/0x3dd0 [ 87.387782][ T3608] ? nl80211_join_ibss+0x12c0/0x12c0 [ 87.393052][ T3608] ? __rtnl_unlock+0x31/0x90 [ 87.397636][ T3608] ? netdev_run_todo+0x774/0xa80 [ 87.402557][ T3608] ? nla_get_range_signed+0x520/0x520 [ 87.407915][ T3608] ? generic_xdp_install+0x4a0/0x4a0 [ 87.413236][ T3608] ? nl80211_key_allowed+0x150/0x150 [ 87.418507][ T3608] ? __nla_parse+0x3d/0x50 [ 87.422926][ T3608] ? nl80211_pre_doit+0xa6/0x620 [ 87.427864][ T3608] genl_family_rcv_msg_doit+0x228/0x320 [ 87.433401][ T3608] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 87.440758][ T3608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.446990][ T3608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.453219][ T3608] ? ns_capable+0xd9/0x100 [ 87.457624][ T3608] genl_rcv_msg+0x328/0x580 [ 87.462117][ T3608] ? genl_get_cmd+0x480/0x480 [ 87.466778][ T3608] ? nl80211_join_ibss+0x12c0/0x12c0 [ 87.472138][ T3608] ? lock_release+0x720/0x720 [ 87.476804][ T3608] netlink_rcv_skb+0x153/0x420 [ 87.481556][ T3608] ? genl_get_cmd+0x480/0x480 [ 87.486307][ T3608] ? netlink_ack+0xa60/0xa60 [ 87.490886][ T3608] ? netlink_deliver_tap+0x1b1/0xc30 [ 87.496158][ T3608] genl_rcv+0x24/0x40 [ 87.500124][ T3608] netlink_unicast+0x533/0x7d0 [ 87.504877][ T3608] ? netlink_attachskb+0x880/0x880 [ 87.509983][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 87.516210][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 87.522433][ T3608] ? __phys_addr_symbol+0x2c/0x70 [ 87.527446][ T3608] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 87.533150][ T3608] ? __check_object_size+0x16e/0x3f0 [ 87.538423][ T3608] netlink_sendmsg+0x904/0xdf0 [ 87.543176][ T3608] ? netlink_unicast+0x7d0/0x7d0 [ 87.548100][ T3608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.554396][ T3608] ? netlink_unicast+0x7d0/0x7d0 [ 87.559322][ T3608] sock_sendmsg+0xcf/0x120 [ 87.563726][ T3608] ____sys_sendmsg+0x6e8/0x810 [ 87.568476][ T3608] ? kernel_sendmsg+0x50/0x50 [ 87.573136][ T3608] ? do_recvmmsg+0x6d0/0x6d0 [ 87.577710][ T3608] ? lock_chain_count+0x20/0x20 [ 87.582553][ T3608] ___sys_sendmsg+0xf3/0x170 [ 87.587126][ T3608] ? sendmsg_copy_msghdr+0x160/0x160 [ 87.592418][ T3608] ? __lock_acquire+0x162f/0x54a0 [ 87.597439][ T3608] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 87.603404][ T3608] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 87.609375][ T3608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.615605][ T3608] ? __fget_light+0x215/0x280 [ 87.620277][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 87.626511][ T3608] __sys_sendmsg+0xe5/0x1b0 [ 87.631004][ T3608] ? __sys_sendmsg_sock+0x30/0x30 [ 87.636029][ T3608] ? syscall_enter_from_user_mode+0x21/0x70 [ 87.641921][ T3608] do_syscall_64+0x35/0xb0 [ 87.646328][ T3608] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 87.652211][ T3608] RIP: 0033:0x7fed4288dec9 [ 87.656611][ T3608] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 87.676202][ T3608] RSP: 002b:00007fff0e896738 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 87.684600][ T3608] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fed4288dec9 [ 87.692557][ T3608] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 87.700532][ T3608] RBP: 00007fff0e8967b0 R08: 0000000000000002 R09: 000000000000000a [ 87.708497][ T3608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 executing program [ 87.716458][ T3608] R13: 00007fff0e89677c R14: 00007fff0e8967c0 R15: 00007fed42907e88 [ 87.724429][ T3608] [ 87.758370][ T3609] FAULT_INJECTION: forcing a failure. [ 87.758370][ T3609] name failslab, interval 1, probability 0, space 0, times 0 [ 87.772165][ T3609] CPU: 1 PID: 3609 Comm: syz-executor292 Not tainted 5.16.0-rc5-syzkaller #0 [ 87.780953][ T3609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.790995][ T3609] Call Trace: [ 87.794258][ T3609] [ 87.797173][ T3609] dump_stack_lvl+0xcd/0x134 [ 87.801754][ T3609] should_fail.cold+0x5/0xa [ 87.806254][ T3609] ? ieee80211_assign_beacon+0x14b/0xf30 [ 87.811884][ T3609] should_failslab+0x5/0x10 [ 87.816375][ T3609] __kmalloc+0x72/0x340 [ 87.820523][ T3609] ieee80211_assign_beacon+0x14b/0xf30 [ 87.825995][ T3609] ieee80211_start_ap+0x143d/0x2780 [ 87.831191][ T3609] nl80211_start_ap+0x288d/0x3dd0 [ 87.836211][ T3609] ? nl80211_join_ibss+0x12c0/0x12c0 [ 87.841487][ T3609] ? __rtnl_unlock+0x31/0x90 [ 87.846070][ T3609] ? netdev_run_todo+0x774/0xa80 [ 87.850998][ T3609] ? nla_get_range_signed+0x520/0x520 [ 87.856359][ T3609] ? generic_xdp_install+0x4a0/0x4a0 [ 87.861637][ T3609] ? nl80211_key_allowed+0x150/0x150 [ 87.866914][ T3609] ? __nla_parse+0x3d/0x50 [ 87.871321][ T3609] ? nl80211_pre_doit+0xa6/0x620 [ 87.876335][ T3609] genl_family_rcv_msg_doit+0x228/0x320 [ 87.881878][ T3609] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 87.889234][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.895466][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.901688][ T3609] ? ns_capable+0xd9/0x100 [ 87.906095][ T3609] genl_rcv_msg+0x328/0x580 [ 87.910591][ T3609] ? genl_get_cmd+0x480/0x480 [ 87.915434][ T3609] ? nl80211_join_ibss+0x12c0/0x12c0 [ 87.920882][ T3609] ? lock_release+0x720/0x720 [ 87.925638][ T3609] netlink_rcv_skb+0x153/0x420 [ 87.930389][ T3609] ? genl_get_cmd+0x480/0x480 [ 87.935057][ T3609] ? netlink_ack+0xa60/0xa60 [ 87.939640][ T3609] ? netlink_deliver_tap+0x1b1/0xc30 [ 87.944914][ T3609] genl_rcv+0x24/0x40 [ 87.948882][ T3609] netlink_unicast+0x533/0x7d0 [ 87.953632][ T3609] ? netlink_attachskb+0x880/0x880 [ 87.958733][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 87.964966][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 87.971193][ T3609] ? __phys_addr_symbol+0x2c/0x70 [ 87.976202][ T3609] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 87.981914][ T3609] ? __check_object_size+0x16e/0x3f0 [ 87.987190][ T3609] netlink_sendmsg+0x904/0xdf0 [ 87.991944][ T3609] ? netlink_unicast+0x7d0/0x7d0 [ 87.996872][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.003105][ T3609] ? netlink_unicast+0x7d0/0x7d0 [ 88.008030][ T3609] sock_sendmsg+0xcf/0x120 [ 88.012435][ T3609] ____sys_sendmsg+0x6e8/0x810 [ 88.017196][ T3609] ? kernel_sendmsg+0x50/0x50 [ 88.021860][ T3609] ? do_recvmmsg+0x6d0/0x6d0 [ 88.026439][ T3609] ? lock_chain_count+0x20/0x20 [ 88.031289][ T3609] ___sys_sendmsg+0xf3/0x170 [ 88.035873][ T3609] ? sendmsg_copy_msghdr+0x160/0x160 [ 88.041150][ T3609] ? __lock_acquire+0x162f/0x54a0 [ 88.046167][ T3609] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 88.052133][ T3609] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 88.058104][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.064329][ T3609] ? __fget_light+0x215/0x280 [ 88.068993][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 88.075225][ T3609] __sys_sendmsg+0xe5/0x1b0 [ 88.079717][ T3609] ? __sys_sendmsg_sock+0x30/0x30 [ 88.084734][ T3609] ? syscall_enter_from_user_mode+0x21/0x70 [ 88.090615][ T3609] do_syscall_64+0x35/0xb0 [ 88.095017][ T3609] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.100899][ T3609] RIP: 0033:0x7fed4288dec9 [ 88.105300][ T3609] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 88.124902][ T3609] RSP: 002b:00007fff0e896738 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 88.133297][ T3609] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fed4288dec9 [ 88.141860][ T3609] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 88.149812][ T3609] RBP: 00007fff0e8967b0 R08: 0000000000000002 R09: 000000000000000a [ 88.157770][ T3609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 88.165728][ T3609] R13: 00000000000154dc R14: 00007fff0e8967c0 R15: 00007fff0e896778 [ 88.173697][ T3609] [ 88.186749][ T3609] ------------[ cut here ]------------ [ 88.192958][ T3609] WARNING: CPU: 1 PID: 3609 at net/mac80211/chan.c:1862 ieee80211_vif_release_channel+0x1ad/0x220 [ 88.203745][ T3609] Modules linked in: [ 88.207651][ T3609] CPU: 0 PID: 3609 Comm: syz-executor292 Not tainted 5.16.0-rc5-syzkaller #0 [ 88.217151][ T3609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.229253][ T3609] RIP: 0010:ieee80211_vif_release_channel+0x1ad/0x220 [ 88.236200][ T3609] Code: c1 ea 03 80 3c 02 00 0f 85 82 00 00 00 48 8b ab 10 06 00 00 e9 60 ff ff ff e8 ff 0c d6 f8 0f 0b e9 e2 fe ff ff e8 f3 0c d6 f8 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 3c 02 [ 88.256249][ T3609] RSP: 0018:ffffc90001f6f350 EFLAGS: 00010293 [ 88.263441][ T3609] RAX: 0000000000000000 RBX: ffff88807c840c80 RCX: 0000000000000000 [ 88.271559][ T3609] RDX: ffff8880231e1d00 RSI: ffffffff88a1a4dd RDI: 0000000000000003 [ 88.279626][ T3609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 88.287588][ T3609] R10: ffffffff88a1a49c R11: 0000000000000000 R12: ffff88807c841290 [ 88.295674][ T3609] R13: 0000000000000001 R14: 00000000fffffff4 R15: 0000000000000000 [ 88.303912][ T3609] FS: 0000555556d17300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 88.318950][ T3609] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.325565][ T3609] CR2: 00005583abde5108 CR3: 00000000746e6000 CR4: 00000000003506f0 [ 88.333932][ T3609] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.341991][ T3609] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.350014][ T3609] Call Trace: [ 88.353283][ T3609] [ 88.356201][ T3609] ieee80211_start_ap+0x1b16/0x2780 [ 88.361876][ T3609] nl80211_start_ap+0x288d/0x3dd0 [ 88.367003][ T3609] ? nl80211_join_ibss+0x12c0/0x12c0 [ 88.373763][ T3609] ? __rtnl_unlock+0x31/0x90 [ 88.378408][ T3609] ? netdev_run_todo+0x774/0xa80 [ 88.383633][ T3609] ? nla_get_range_signed+0x520/0x520 [ 88.389125][ T3609] ? generic_xdp_install+0x4a0/0x4a0 [ 88.394414][ T3609] ? nl80211_key_allowed+0x150/0x150 [ 88.399789][ T3609] ? __nla_parse+0x3d/0x50 [ 88.404228][ T3609] ? nl80211_pre_doit+0xa6/0x620 [ 88.409390][ T3609] genl_family_rcv_msg_doit+0x228/0x320 [ 88.414967][ T3609] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 88.422426][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.428797][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.435073][ T3609] ? ns_capable+0xd9/0x100 [ 88.439934][ T3609] genl_rcv_msg+0x328/0x580 [ 88.444473][ T3609] ? genl_get_cmd+0x480/0x480 [ 88.449266][ T3609] ? nl80211_join_ibss+0x12c0/0x12c0 [ 88.454575][ T3609] ? lock_release+0x720/0x720 [ 88.459444][ T3609] netlink_rcv_skb+0x153/0x420 [ 88.464228][ T3609] ? genl_get_cmd+0x480/0x480 [ 88.469005][ T3609] ? netlink_ack+0xa60/0xa60 [ 88.473608][ T3609] ? netlink_deliver_tap+0x1b1/0xc30 [ 88.478969][ T3609] genl_rcv+0x24/0x40 [ 88.482960][ T3609] netlink_unicast+0x533/0x7d0 [ 88.487723][ T3609] ? netlink_attachskb+0x880/0x880 [ 88.492907][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 88.499211][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 88.505447][ T3609] ? __phys_addr_symbol+0x2c/0x70 [ 88.510534][ T3609] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 88.516276][ T3609] ? __check_object_size+0x16e/0x3f0 [ 88.521622][ T3609] netlink_sendmsg+0x904/0xdf0 [ 88.526485][ T3609] ? netlink_unicast+0x7d0/0x7d0 [ 88.531535][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.538022][ T3609] ? netlink_unicast+0x7d0/0x7d0 [ 88.543112][ T3609] sock_sendmsg+0xcf/0x120 [ 88.547548][ T3609] ____sys_sendmsg+0x6e8/0x810 [ 88.552427][ T3609] ? kernel_sendmsg+0x50/0x50 [ 88.557116][ T3609] ? do_recvmmsg+0x6d0/0x6d0 [ 88.561764][ T3609] ? lock_chain_count+0x20/0x20 [ 88.566630][ T3609] ___sys_sendmsg+0xf3/0x170 [ 88.571310][ T3609] ? sendmsg_copy_msghdr+0x160/0x160 [ 88.576612][ T3609] ? __lock_acquire+0x162f/0x54a0 [ 88.581733][ T3609] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 88.587732][ T3609] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 88.593943][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.594008][ T3609] ? __fget_light+0x215/0x280 [ 88.594039][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 88.611846][ T3609] __sys_sendmsg+0xe5/0x1b0 [ 88.616351][ T3609] ? __sys_sendmsg_sock+0x30/0x30 [ 88.621797][ T3609] ? syscall_enter_from_user_mode+0x21/0x70 [ 88.627722][ T3609] do_syscall_64+0x35/0xb0 [ 88.632575][ T3609] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.638916][ T3609] RIP: 0033:0x7fed4288dec9 [ 88.643353][ T3609] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 88.663300][ T3609] RSP: 002b:00007fff0e896738 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 88.672390][ T3609] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fed4288dec9 [ 88.680702][ T3609] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 88.689126][ T3609] RBP: 00007fff0e8967b0 R08: 0000000000000002 R09: 000000000000000a [ 88.697190][ T3609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 88.705890][ T3609] R13: 00000000000154dc R14: 00007fff0e8967c0 R15: 00007fff0e896778 [ 88.714253][ T3609] [ 88.717360][ T3609] Kernel panic - not syncing: panic_on_warn set ... [ 88.723930][ T3609] CPU: 1 PID: 3609 Comm: syz-executor292 Not tainted 5.16.0-rc5-syzkaller #0 [ 88.732674][ T3609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.742713][ T3609] Call Trace: [ 88.745977][ T3609] [ 88.748895][ T3609] dump_stack_lvl+0xcd/0x134 [ 88.753479][ T3609] panic+0x2b0/0x6dd [ 88.757447][ T3609] ? __warn_printk+0xf3/0xf3 [ 88.762029][ T3609] ? __warn.cold+0x1a/0x44 [ 88.766432][ T3609] ? ieee80211_vif_release_channel+0x1ad/0x220 [ 88.772573][ T3609] __warn.cold+0x35/0x44 [ 88.776805][ T3609] ? ieee80211_vif_release_channel+0x1ad/0x220 [ 88.782948][ T3609] report_bug+0x1bd/0x210 [ 88.787277][ T3609] handle_bug+0x3c/0x60 [ 88.791418][ T3609] exc_invalid_op+0x14/0x40 [ 88.795914][ T3609] asm_exc_invalid_op+0x12/0x20 [ 88.800798][ T3609] RIP: 0010:ieee80211_vif_release_channel+0x1ad/0x220 [ 88.807547][ T3609] Code: c1 ea 03 80 3c 02 00 0f 85 82 00 00 00 48 8b ab 10 06 00 00 e9 60 ff ff ff e8 ff 0c d6 f8 0f 0b e9 e2 fe ff ff e8 f3 0c d6 f8 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 3c 02 [ 88.827135][ T3609] RSP: 0018:ffffc90001f6f350 EFLAGS: 00010293 [ 88.833190][ T3609] RAX: 0000000000000000 RBX: ffff88807c840c80 RCX: 0000000000000000 [ 88.841143][ T3609] RDX: ffff8880231e1d00 RSI: ffffffff88a1a4dd RDI: 0000000000000003 [ 88.849106][ T3609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 88.857061][ T3609] R10: ffffffff88a1a49c R11: 0000000000000000 R12: ffff88807c841290 [ 88.865019][ T3609] R13: 0000000000000001 R14: 00000000fffffff4 R15: 0000000000000000 [ 88.872980][ T3609] ? ieee80211_vif_release_channel+0x16c/0x220 [ 88.879127][ T3609] ? ieee80211_vif_release_channel+0x1ad/0x220 [ 88.885277][ T3609] ieee80211_start_ap+0x1b16/0x2780 [ 88.890520][ T3609] nl80211_start_ap+0x288d/0x3dd0 [ 88.895537][ T3609] ? nl80211_join_ibss+0x12c0/0x12c0 [ 88.900816][ T3609] ? __rtnl_unlock+0x31/0x90 [ 88.905393][ T3609] ? netdev_run_todo+0x774/0xa80 [ 88.910317][ T3609] ? nla_get_range_signed+0x520/0x520 [ 88.915679][ T3609] ? generic_xdp_install+0x4a0/0x4a0 [ 88.920954][ T3609] ? nl80211_key_allowed+0x150/0x150 [ 88.926226][ T3609] ? __nla_parse+0x3d/0x50 [ 88.930656][ T3609] ? nl80211_pre_doit+0xa6/0x620 [ 88.935585][ T3609] genl_family_rcv_msg_doit+0x228/0x320 [ 88.941218][ T3609] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 88.948579][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.954822][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 88.961050][ T3609] ? ns_capable+0xd9/0x100 [ 88.965454][ T3609] genl_rcv_msg+0x328/0x580 [ 88.969947][ T3609] ? genl_get_cmd+0x480/0x480 [ 88.974608][ T3609] ? nl80211_join_ibss+0x12c0/0x12c0 [ 88.979881][ T3609] ? lock_release+0x720/0x720 [ 88.984550][ T3609] netlink_rcv_skb+0x153/0x420 [ 88.989300][ T3609] ? genl_get_cmd+0x480/0x480 [ 88.994084][ T3609] ? netlink_ack+0xa60/0xa60 [ 88.998684][ T3609] ? netlink_deliver_tap+0x1b1/0xc30 [ 89.003969][ T3609] genl_rcv+0x24/0x40 [ 89.007939][ T3609] netlink_unicast+0x533/0x7d0 [ 89.012696][ T3609] ? netlink_attachskb+0x880/0x880 [ 89.017800][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 89.024028][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 89.030253][ T3609] ? __phys_addr_symbol+0x2c/0x70 [ 89.035276][ T3609] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 89.040980][ T3609] ? __check_object_size+0x16e/0x3f0 [ 89.046253][ T3609] netlink_sendmsg+0x904/0xdf0 [ 89.051005][ T3609] ? netlink_unicast+0x7d0/0x7d0 [ 89.055931][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 89.062157][ T3609] ? netlink_unicast+0x7d0/0x7d0 [ 89.067080][ T3609] sock_sendmsg+0xcf/0x120 [ 89.071484][ T3609] ____sys_sendmsg+0x6e8/0x810 [ 89.076237][ T3609] ? kernel_sendmsg+0x50/0x50 [ 89.080900][ T3609] ? do_recvmmsg+0x6d0/0x6d0 [ 89.085477][ T3609] ? lock_chain_count+0x20/0x20 [ 89.090321][ T3609] ___sys_sendmsg+0xf3/0x170 [ 89.094904][ T3609] ? sendmsg_copy_msghdr+0x160/0x160 [ 89.100175][ T3609] ? __lock_acquire+0x162f/0x54a0 [ 89.105195][ T3609] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 89.111163][ T3609] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 89.117139][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 89.123402][ T3609] ? __fget_light+0x215/0x280 [ 89.128091][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 89.134327][ T3609] __sys_sendmsg+0xe5/0x1b0 [ 89.138816][ T3609] ? __sys_sendmsg_sock+0x30/0x30 [ 89.143833][ T3609] ? syscall_enter_from_user_mode+0x21/0x70 [ 89.149717][ T3609] do_syscall_64+0x35/0xb0 [ 89.154122][ T3609] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.160009][ T3609] RIP: 0033:0x7fed4288dec9 [ 89.164430][ T3609] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 89.184024][ T3609] RSP: 002b:00007fff0e896738 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 89.192422][ T3609] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fed4288dec9 [ 89.200382][ T3609] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 89.208348][ T3609] RBP: 00007fff0e8967b0 R08: 0000000000000002 R09: 000000000000000a [ 89.216302][ T3609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 89.224345][ T3609] R13: 00000000000154dc R14: 00007fff0e8967c0 R15: 00007fff0e896778 [ 89.232330][ T3609] [ 89.235777][ T3609] Kernel Offset: disabled [ 89.240193][ T3609] Rebooting in 86400 seconds..