Warning: Permanently added '10.128.0.225' (ECDSA) to the list of known hosts. syzkaller login: [ 33.861694] IPVS: ftp: loaded support on port[0] = 21 [ 33.930306] chnl_net:caif_netlink_parms(): no params data found [ 34.013906] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.020443] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.028578] device bridge_slave_0 entered promiscuous mode [ 34.036147] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.043087] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.049965] device bridge_slave_1 entered promiscuous mode [ 34.067430] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 34.076026] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 34.093573] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 34.100833] team0: Port device team_slave_0 added [ 34.106587] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 34.113869] team0: Port device team_slave_1 added [ 34.128659] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 34.134931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.160202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 34.171473] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 34.177793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.203013] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.216476] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 34.224046] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 34.242592] device hsr_slave_0 entered promiscuous mode [ 34.248235] device hsr_slave_1 entered promiscuous mode [ 34.254519] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 34.261431] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 34.323880] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.330273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.337116] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.343525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.374297] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 34.380370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.389788] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 34.398496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.406991] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.415164] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.422561] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 34.432437] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 34.438574] 8021q: adding VLAN 0 to HW filter on device team0 [ 34.448533] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 34.456476] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.462871] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.472358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 34.480041] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.486427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.504384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 34.512628] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 34.520080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.527865] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 34.539772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 34.550127] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 34.556273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 34.563581] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.576090] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 34.583791] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 34.590413] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 34.601155] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 34.633082] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 34.643055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.670659] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 34.678455] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 34.685773] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 34.695517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.703469] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.710242] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.719021] device veth0_vlan entered promiscuous mode [ 34.727398] device veth1_vlan entered promiscuous mode [ 34.734027] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 34.742920] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 34.754033] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 34.763397] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 34.770647] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 34.779063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.787720] device veth0_macvtap entered promiscuous mode [ 34.794895] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 34.803602] device veth1_macvtap entered promiscuous mode [ 34.812324] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 34.821864] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 34.831202] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.839416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 34.847646] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 34.857353] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.864554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 34.970957] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 34.978674] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.997436] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 35.001775] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 35.014733] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready executing program [ 35.023616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 35.030718] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 35.038681] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 35.055247] FAULT_INJECTION: forcing a failure. [ 35.055247] name failslab, interval 1, probability 0, space 0, times 1 [ 35.066881] CPU: 1 PID: 8106 Comm: syz-executor330 Not tainted 4.19.211-syzkaller #0 [ 35.074750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 35.084087] Call Trace: [ 35.086657] dump_stack+0x1fc/0x2ef [ 35.090274] should_fail.cold+0xa/0xf [ 35.094054] ? setup_fault_attr+0x200/0x200 [ 35.098352] ? lock_acquire+0x170/0x3c0 [ 35.102309] __should_failslab+0x115/0x180 [ 35.106526] should_failslab+0x5/0x10 [ 35.110302] __kmalloc+0x2ab/0x3c0 [ 35.113830] ? ieee80211_assign_beacon+0x141/0x9f0 [ 35.118739] ieee80211_assign_beacon+0x141/0x9f0 [ 35.123481] ? __ieee80211_vif_copy_chanctx_to_vlans+0x148/0x2e0 [ 35.129603] ieee80211_start_ap+0xa44/0x1730 [ 35.133992] ? check_preemption_disabled+0x41/0x280 [ 35.138989] nl80211_start_ap+0x12dc/0x2110 [ 35.143297] ? nl80211_set_beacon+0x8f0/0x8f0 [ 35.147791] ? nl80211_pre_doit+0xa2/0x620 [ 35.152004] ? __cfg80211_rdev_from_attrs+0x700/0x700 [ 35.157171] genl_family_rcv_msg+0x642/0xc40 [ 35.161572] ? genl_rcv+0x40/0x40 [ 35.165009] ? genl_rcv_msg+0x12f/0x160 [ 35.168971] ? mutex_trylock+0x1a0/0x1a0 [ 35.173015] ? __radix_tree_lookup+0x216/0x370 [ 35.177581] genl_rcv_msg+0xbf/0x160 [ 35.181287] netlink_rcv_skb+0x160/0x440 [ 35.185337] ? genl_family_rcv_msg+0xc40/0xc40 [ 35.189897] ? netlink_ack+0xae0/0xae0 [ 35.193761] ? genl_rcv+0x15/0x40 [ 35.197194] genl_rcv+0x24/0x40 [ 35.200455] netlink_unicast+0x4d5/0x690 [ 35.204495] ? netlink_sendskb+0x110/0x110 [ 35.208709] ? _copy_from_iter_full+0x229/0x7c0 [ 35.213357] ? __phys_addr_symbol+0x2c/0x70 [ 35.217659] ? __check_object_size+0x17b/0x3e0 [ 35.222222] netlink_sendmsg+0x6c3/0xc50 [ 35.226264] ? aa_af_perm+0x230/0x230 [ 35.230044] ? nlmsg_notify+0x1f0/0x1f0 [ 35.233998] ? kernel_recvmsg+0x220/0x220 [ 35.238129] ? nlmsg_notify+0x1f0/0x1f0 [ 35.242092] sock_sendmsg+0xc3/0x120 [ 35.245790] ___sys_sendmsg+0x7bb/0x8e0 [ 35.249745] ? check_preemption_disabled+0x41/0x280 [ 35.254738] ? copy_msghdr_from_user+0x440/0x440 [ 35.259475] ? proc_fail_nth_write+0x95/0x1d0 [ 35.263965] ? proc_tgid_io_accounting+0x7f0/0x7f0 [ 35.268880] ? debug_check_no_obj_freed+0x201/0x490 [ 35.273883] ? __vfs_write+0xff/0x770 [ 35.277666] ? proc_tgid_io_accounting+0x7f0/0x7f0 [ 35.282578] ? common_file_perm+0x4e5/0x850 [ 35.286883] ? kernel_read+0x110/0x110 [ 35.290754] ? trace_hardirqs_off+0x64/0x200 [ 35.295145] ? fsnotify+0x84e/0xe10 [ 35.298753] ? vfs_write+0x3d7/0x540 [ 35.302459] ? __fdget+0x1a0/0x230 [ 35.305983] __x64_sys_sendmsg+0x132/0x220 [ 35.310204] ? __sys_sendmsg+0x1b0/0x1b0 [ 35.314251] ? vfs_write+0x393/0x540 [ 35.317958] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 35.323305] ? trace_hardirqs_off_caller+0x6e/0x210 [ 35.328303] ? do_syscall_64+0x21/0x620 [ 35.332270] do_syscall_64+0xf9/0x620 [ 35.336058] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.341232] RIP: 0033:0x7f4df2d2aec9 [ 35.344933] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 35.363820] RSP: 002b:00007ffcd157d618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 35.371509] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f4df2d2aec9 [ 35.378757] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 35.386011] RBP: 00007ffcd157d680 R08: 0000000000000001 R09: 00007ffcd157d647 [ 35.393262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 35.400512] R13: 00007f4df2da64a0 R14: 00007ffcd157d6a0 R15: 00007ffcd157d66a [ 35.410915] ------------[ cut here ]------------ [ 35.416581] WARNING: CPU: 1 PID: 8106 at net/mac80211/chan.c:1754 ieee80211_vif_release_channel.cold+0x29/0x57 [ 35.426718] Kernel panic - not syncing: panic_on_warn set ... [ 35.426718] [ 35.434082] CPU: 1 PID: 8106 Comm: syz-executor330 Not tainted 4.19.211-syzkaller #0 [ 35.441947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 35.451277] Call Trace: [ 35.453846] dump_stack+0x1fc/0x2ef [ 35.457455] panic+0x26a/0x50e [ 35.460629] ? __warn_printk+0xf3/0xf3 [ 35.464499] ? ieee80211_vif_release_channel.cold+0x29/0x57 [ 35.470189] ? __probe_kernel_read+0x130/0x1b0 [ 35.474751] ? __warn.cold+0x5/0x5a [ 35.478359] ? __warn+0xe4/0x200 [ 35.481718] ? ieee80211_vif_release_channel.cold+0x29/0x57 [ 35.487479] __warn.cold+0x20/0x5a [ 35.491016] ? ieee80211_vif_release_channel.cold+0x29/0x57 [ 35.496715] report_bug+0x262/0x2b0 [ 35.500336] do_error_trap+0x1d7/0x310 [ 35.504205] ? math_error+0x310/0x310 [ 35.507987] ? __irq_work_queue_local+0x101/0x160 [ 35.512810] ? irq_work_queue+0x29/0x80 [ 35.516764] ? error_entry+0x72/0xd0 [ 35.520460] ? trace_hardirqs_off_caller+0x6e/0x210 [ 35.525462] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.530292] invalid_op+0x14/0x20 [ 35.533729] RIP: 0010:ieee80211_vif_release_channel.cold+0x29/0x57 [ 35.540030] Code: ff e8 1e fb 4d f9 48 c7 c7 20 1a 68 89 e8 7d 2c df ff 0f 0b e9 c8 4c 92 ff e8 06 fb 4d f9 48 c7 c7 20 1a 68 89 e8 65 2c df ff <0f> 0b b8 ff ff 37 00 4c 89 e2 48 c1 ea 03 48 c1 e0 2a 80 3c 02 00 [ 35.559045] RSP: 0018:ffff8880a4d47398 EFLAGS: 00010286 [ 35.564388] RAX: 0000000000000024 RBX: ffff8880af5212c0 RCX: 0000000000000000 [ 35.571636] RDX: 0000000000000000 RSI: ffffffff814dff01 RDI: ffffed10149a8e65 [ 35.578885] RBP: 0000000000000000 R08: 0000000000000024 R09: 0000000000000000 [ 35.586135] R10: 0000000000000005 R11: 0000000000000000 R12: ffff8880af5217f0 [ 35.593381] R13: 0000000000000001 R14: 00000000fffffff4 R15: ffff8880af5217f0 [ 35.600641] ? vprintk_func+0x81/0x180 [ 35.604514] ? ieee80211_vif_release_channel.cold+0x29/0x57 [ 35.610208] ieee80211_start_ap+0x11a0/0x1730 [ 35.614685] ? check_preemption_disabled+0x41/0x280 [ 35.619681] nl80211_start_ap+0x12dc/0x2110 [ 35.623985] ? nl80211_set_beacon+0x8f0/0x8f0 [ 35.628477] ? nl80211_pre_doit+0xa2/0x620 [ 35.632695] ? __cfg80211_rdev_from_attrs+0x700/0x700 [ 35.637866] genl_family_rcv_msg+0x642/0xc40 [ 35.642261] ? genl_rcv+0x40/0x40 [ 35.645691] ? genl_rcv_msg+0x12f/0x160 [ 35.649644] ? mutex_trylock+0x1a0/0x1a0 [ 35.653685] ? __radix_tree_lookup+0x216/0x370 [ 35.658246] genl_rcv_msg+0xbf/0x160 [ 35.661943] netlink_rcv_skb+0x160/0x440 [ 35.665985] ? genl_family_rcv_msg+0xc40/0xc40 [ 35.670544] ? netlink_ack+0xae0/0xae0 [ 35.674410] ? genl_rcv+0x15/0x40 [ 35.677844] genl_rcv+0x24/0x40 [ 35.681106] netlink_unicast+0x4d5/0x690 [ 35.685162] ? netlink_sendskb+0x110/0x110 [ 35.689376] ? _copy_from_iter_full+0x229/0x7c0 [ 35.694023] ? __phys_addr_symbol+0x2c/0x70 [ 35.698326] ? __check_object_size+0x17b/0x3e0 [ 35.702894] netlink_sendmsg+0x6c3/0xc50 [ 35.706935] ? aa_af_perm+0x230/0x230 [ 35.710712] ? nlmsg_notify+0x1f0/0x1f0 [ 35.714663] ? kernel_recvmsg+0x220/0x220 [ 35.718804] ? nlmsg_notify+0x1f0/0x1f0 [ 35.722761] sock_sendmsg+0xc3/0x120 [ 35.726461] ___sys_sendmsg+0x7bb/0x8e0 [ 35.730416] ? check_preemption_disabled+0x41/0x280 [ 35.735410] ? copy_msghdr_from_user+0x440/0x440 [ 35.740148] ? proc_fail_nth_write+0x95/0x1d0 [ 35.744622] ? proc_tgid_io_accounting+0x7f0/0x7f0 [ 35.749539] ? debug_check_no_obj_freed+0x201/0x490 [ 35.754534] ? __vfs_write+0xff/0x770 [ 35.758313] ? proc_tgid_io_accounting+0x7f0/0x7f0 [ 35.763221] ? common_file_perm+0x4e5/0x850 [ 35.767522] ? kernel_read+0x110/0x110 [ 35.771388] ? trace_hardirqs_off+0x64/0x200 [ 35.775773] ? fsnotify+0x84e/0xe10 [ 35.779376] ? vfs_write+0x3d7/0x540 [ 35.783069] ? __fdget+0x1a0/0x230 [ 35.786594] __x64_sys_sendmsg+0x132/0x220 [ 35.790812] ? __sys_sendmsg+0x1b0/0x1b0 [ 35.794859] ? vfs_write+0x393/0x540 [ 35.798555] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 35.803928] ? trace_hardirqs_off_caller+0x6e/0x210 [ 35.808925] ? do_syscall_64+0x21/0x620 [ 35.812877] do_syscall_64+0xf9/0x620 [ 35.816744] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.821909] RIP: 0033:0x7f4df2d2aec9 [ 35.825600] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 35.844475] RSP: 002b:00007ffcd157d618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 35.852160] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f4df2d2aec9 [ 35.859409] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 35.866655] RBP: 00007ffcd157d680 R08: 0000000000000001 R09: 00007ffcd157d647 [ 35.873912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 35.881164] R13: 00007f4df2da64a0 R14: 00007ffcd157d6a0 R15: 00007ffcd157d66a [ 35.888721] Kernel Offset: disabled [ 35.892383] Rebooting in 86400 seconds..