[   71.106176][ T2953] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.10.24' (ECDSA) to the list of known hosts.
[   72.723062][ T5897] ==================================================================
[   72.731256][ T5897] BUG: KASAN: slab-out-of-bounds in decrypt_internal+0x712/0x1bc0
[   72.739052][ T5897] Read of size 16 at addr ffff888011977660 by task syz-executor598/5897
[   72.747389][ T5897] 
[   72.749690][ T5897] CPU: 1 PID: 5897 Comm: syz-executor598 Not tainted 5.11.0-syzkaller #0
[   72.758072][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.768202][ T5897] Call Trace:
[   72.771470][ T5897]  dump_stack+0x9a/0xcc
[   72.775607][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   72.780709][ T5897]  print_address_description.constprop.0.cold+0x5b/0x2f8
[   72.787793][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   72.792969][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   72.798062][ T5897]  kasan_report.cold+0x79/0xd5
[   72.802817][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   72.808349][ T5897]  check_memory_region+0x13d/0x180
[   72.814015][ T5897]  memcpy+0x20/0x60
[   72.817806][ T5897]  decrypt_internal+0x712/0x1bc0
[   72.822727][ T5897]  ? tls_get_rec+0x520/0x520
[   72.827305][ T5897]  ? lock_release+0x710/0x710
[   72.831957][ T5897]  ? lock_downgrade+0x6d0/0x6d0
[   72.836775][ T5897]  ? sk_psock_get+0x2b0/0x2b0
[   72.841430][ T5897]  decrypt_skb_update+0xf9/0xb60
[   72.846340][ T5897]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[   72.852294][ T5897]  tls_sw_recvmsg+0x4b6/0x13d0
[   72.857043][ T5897]  ? decrypt_skb+0xa0/0xa0
[   72.861431][ T5897]  ? aa_sk_perm+0x1b5/0x810
[   72.865908][ T5897]  inet_recvmsg+0xf2/0x480
[   72.870299][ T5897]  ? inet_sendpage+0x120/0x120
[   72.875036][ T5897]  ____sys_recvmsg+0x25e/0x620
[   72.879798][ T5897]  ? move_addr_to_kernel.part.0+0xd0/0xd0
[   72.885496][ T5897]  ? iovec_from_user+0x143/0x290
[   72.890402][ T5897]  ? __copy_msghdr_from_user+0x86/0x3e0
[   72.895919][ T5897]  ? __import_iovec+0x54/0x540
[   72.900662][ T5897]  ? import_iovec+0xa4/0x150
[   72.905223][ T5897]  ___sys_recvmsg+0xe2/0x1a0
[   72.909833][ T5897]  ? __copy_msghdr_from_user+0x3e0/0x3e0
[   72.915444][ T5897]  ? mark_lock+0xee/0x1720
[   72.919834][ T5897]  ? mark_lock+0xee/0x1720
[   72.924224][ T5897]  ? slab_free_freelist_hook+0x5d/0x150
[   72.929751][ T5897]  ? lock_chain_count+0x20/0x20
[   72.934575][ T5897]  ? ___sys_sendmsg+0xe0/0x150
[   72.939336][ T5897]  ? ___sys_sendmsg+0xe0/0x150
[   72.944077][ T5897]  ? __fget_light+0x4c/0x220
[   72.948674][ T5897]  do_recvmmsg+0x1c8/0x540
[   72.953066][ T5897]  ? ___sys_recvmsg+0x1a0/0x1a0
[   72.957887][ T5897]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.963849][ T5897]  ? lock_downgrade+0x6d0/0x6d0
[   72.968675][ T5897]  __x64_sys_recvmmsg+0x19a/0x200
[   72.973671][ T5897]  ? __do_sys_socketcall+0x450/0x450
[   72.978940][ T5897]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[   72.984905][ T5897]  ? syscall_enter_from_user_mode+0x27/0x70
[   72.990779][ T5897]  do_syscall_64+0x2d/0x70
[   72.995172][ T5897]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   73.001037][ T5897] RIP: 0033:0x7f902135ff29
[   73.005537][ T5897] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   73.025121][ T5897] RSP: 002b:00007ffd654500e8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   73.033599][ T5897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f902135ff29
[   73.041545][ T5897] RDX: 0000000000000001 RSI: 0000000020002900 RDI: 0000000000000003
[   73.049493][ T5897] RBP: 00007f90213240d0 R08: 0000000000000000 R09: 0000000000000000
[   73.057465][ T5897] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9021324160
[   73.065465][ T5897] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   73.073459][ T5897] 
[   73.075768][ T5897] Allocated by task 5897:
[   73.080142][ T5897]  kasan_save_stack+0x1b/0x40
[   73.084830][ T5897]  ____kasan_kmalloc.constprop.0+0x82/0xa0
[   73.090607][ T5897]  tls_set_sw_offload+0x7ba/0x13b0
[   73.095705][ T5897]  tls_setsockopt+0x92a/0xd40
[   73.100391][ T5897]  __sys_setsockopt+0x1fd/0x4e0
[   73.105221][ T5897]  __x64_sys_setsockopt+0xb5/0x150
[   73.110311][ T5897]  do_syscall_64+0x2d/0x70
[   73.114711][ T5897]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   73.120579][ T5897] 
[   73.122885][ T5897] The buggy address belongs to the object at ffff888011977660
[   73.122885][ T5897]  which belongs to the cache kmalloc-16 of size 16
[   73.136756][ T5897] The buggy address is located 0 bytes inside of
[   73.136756][ T5897]  16-byte region [ffff888011977660, ffff888011977670)
[   73.150115][ T5897] The buggy address belongs to the page:
[   73.155722][ T5897] page:00000000f046585f refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888011977720 pfn:0x11977
[   73.167220][ T5897] flags: 0xfff00000000200(slab)
[   73.172150][ T5897] raw: 00fff00000000200 ffffea00052a1500 0000000500000005 ffff88800f441b40
[   73.180768][ T5897] raw: ffff888011977720 000000008080007a 00000001ffffffff 0000000000000000
[   73.189544][ T5897] page dumped because: kasan: bad access detected
[   73.195974][ T5897] page_owner tracks the page as allocated
[   73.201671][ T5897] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 219, ts 5856621958
[   73.215778][ T5897]  post_alloc_hook+0x144/0x1c0
[   73.220529][ T5897]  get_page_from_freelist+0x1c6e/0x3f80
[   73.226063][ T5897]  __alloc_pages_nodemask+0x2d6/0x730
[   73.231419][ T5897]  allocate_slab+0x2b6/0x4a0
[   73.235986][ T5897]  ___slab_alloc+0x476/0x790
[   73.240554][ T5897]  __slab_alloc.constprop.0+0x95/0xe0
[   73.245903][ T5897]  __kmalloc_node+0x1b4/0x430
[   73.250558][ T5897]  mempool_init_node+0x111/0x5c0
[   73.255471][ T5897]  mempool_init+0xd/0x10
[   73.259731][ T5897]  bioset_init+0x39b/0x720
[   73.264121][ T5897]  blk_alloc_queue+0xc2/0x690
[   73.268788][ T5897]  blk_mq_init_queue+0x35/0xb0
[   73.273524][ T5897]  scsi_mq_alloc_queue+0x37/0x160
[   73.278517][ T5897]  scsi_alloc_sdev+0x7c5/0xb50
[   73.283251][ T5897]  scsi_probe_and_add_lun+0x1a08/0x2ed0
[   73.288777][ T5897]  __scsi_scan_target+0x1ba/0xb20
[   73.293788][ T5897] page last free stack trace:
[   73.298436][ T5897]  free_pcp_prepare+0x2cb/0x410
[   73.303262][ T5897]  free_unref_page+0x12/0x1b0
[   73.307916][ T5897]  __mmdrop+0xb9/0x350
[   73.311960][ T5897]  free_bprm+0x5b/0x290
[   73.316141][ T5897]  kernel_execve+0x2cc/0x3e0
[   73.320994][ T5897]  call_usermodehelper_exec_async+0x2c1/0x500
[   73.327188][ T5897]  ret_from_fork+0x1f/0x30
[   73.331608][ T5897] 
[   73.333928][ T5897] Memory state around the buggy address:
[   73.339539][ T5897]  ffff888011977500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   73.347670][ T5897]  ffff888011977580: fa fb fc fc fa fb fc fc fb fb fc fc fb fb fc fc
[   73.355810][ T5897] >ffff888011977600: fb fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc
[   73.363852][ T5897]                                                           ^
[   73.371415][ T5897]  ffff888011977680: fb fb fc fc fa fb fc fc fa fb fc fc fb fb fc fc
[   73.379468][ T5897]  ffff888011977700: fa fb fc fc fb fb fc fc 00 00 fc fc fb fb fc fc
[   73.387510][ T5897] ==================================================================
[   73.395651][ T5897] Disabling lock debugging due to kernel taint
[   73.405210][ T5897] Kernel panic - not syncing: panic_on_warn set ...
[   73.411779][ T5897] CPU: 1 PID: 5897 Comm: syz-executor598 Tainted: G    B             5.11.0-syzkaller #0
[   73.421896][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   73.431943][ T5897] Call Trace:
[   73.435555][ T5897]  dump_stack+0x9a/0xcc
[   73.439794][ T5897]  panic+0x256/0x4eb
[   73.443754][ T5897]  ? __warn_printk+0xee/0xee
[   73.448319][ T5897]  ? preempt_schedule_common+0x59/0xc0
[   73.453747][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   73.458911][ T5897]  ? preempt_schedule_thunk+0x16/0x18
[   73.464298][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   73.469617][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   73.474710][ T5897]  end_report+0x58/0x5e
[   73.478839][ T5897]  kasan_report.cold+0x67/0xd5
[   73.483574][ T5897]  ? decrypt_internal+0x712/0x1bc0
[   73.488654][ T5897]  check_memory_region+0x13d/0x180
[   73.493732][ T5897]  memcpy+0x20/0x60
[   73.497506][ T5897]  decrypt_internal+0x712/0x1bc0
[   73.502410][ T5897]  ? tls_get_rec+0x520/0x520
[   73.506965][ T5897]  ? lock_release+0x710/0x710
[   73.511611][ T5897]  ? lock_downgrade+0x6d0/0x6d0
[   73.516461][ T5897]  ? sk_psock_get+0x2b0/0x2b0
[   73.521105][ T5897]  decrypt_skb_update+0xf9/0xb60
[   73.526015][ T5897]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[   73.531960][ T5897]  tls_sw_recvmsg+0x4b6/0x13d0
[   73.536691][ T5897]  ? decrypt_skb+0xa0/0xa0
[   73.541079][ T5897]  ? aa_sk_perm+0x1b5/0x810
[   73.545606][ T5897]  inet_recvmsg+0xf2/0x480
[   73.550000][ T5897]  ? inet_sendpage+0x120/0x120
[   73.554741][ T5897]  ____sys_recvmsg+0x25e/0x620
[   73.559485][ T5897]  ? move_addr_to_kernel.part.0+0xd0/0xd0
[   73.565264][ T5897]  ? iovec_from_user+0x143/0x290
[   73.570178][ T5897]  ? __copy_msghdr_from_user+0x86/0x3e0
[   73.575704][ T5897]  ? __import_iovec+0x54/0x540
[   73.580445][ T5897]  ? import_iovec+0xa4/0x150
[   73.585099][ T5897]  ___sys_recvmsg+0xe2/0x1a0
[   73.589679][ T5897]  ? __copy_msghdr_from_user+0x3e0/0x3e0
[   73.595285][ T5897]  ? mark_lock+0xee/0x1720
[   73.599673][ T5897]  ? mark_lock+0xee/0x1720
[   73.604057][ T5897]  ? slab_free_freelist_hook+0x5d/0x150
[   73.609575][ T5897]  ? lock_chain_count+0x20/0x20
[   73.614390][ T5897]  ? ___sys_sendmsg+0xe0/0x150
[   73.619122][ T5897]  ? ___sys_sendmsg+0xe0/0x150
[   73.623847][ T5897]  ? __fget_light+0x4c/0x220
[   73.628404][ T5897]  do_recvmmsg+0x1c8/0x540
[   73.632791][ T5897]  ? ___sys_recvmsg+0x1a0/0x1a0
[   73.637722][ T5897]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   73.643679][ T5897]  ? lock_downgrade+0x6d0/0x6d0
[   73.648508][ T5897]  __x64_sys_recvmmsg+0x19a/0x200
[   73.653526][ T5897]  ? __do_sys_socketcall+0x450/0x450
[   73.658840][ T5897]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[   73.664789][ T5897]  ? syscall_enter_from_user_mode+0x27/0x70
[   73.670652][ T5897]  do_syscall_64+0x2d/0x70
[   73.675038][ T5897]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   73.680899][ T5897] RIP: 0033:0x7f902135ff29
[   73.685284][ T5897] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   73.704864][ T5897] RSP: 002b:00007ffd654500e8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   73.713251][ T5897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f902135ff29
[   73.721196][ T5897] RDX: 0000000000000001 RSI: 0000000020002900 RDI: 0000000000000003
[   73.729137][ T5897] RBP: 00007f90213240d0 R08: 0000000000000000 R09: 0000000000000000
[   73.737074][ T5897] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9021324160
[   73.745012][ T5897] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   73.753074][ T5897] Kernel Offset: disabled
[   73.757376][ T5897] Rebooting in 86400 seconds..