DUID 00:04:83:15:3d:b3:f9:44:11:d6:e6:e1:d9:1f:49:4d:f4:66 forked to background, child pid 3190 [ 26.307837][ T3191] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.313255][ T3191] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 76.296976][ T1576] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.10.57' (ECDSA) to the list of known hosts. [ 291.864640][ T3628] cgroup: Unknown subsys name 'net' [ 292.015388][ T3628] cgroup: Unknown subsys name 'rlimit' [ 292.402043][ T47] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.402061][ T47] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.414405][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 292.439276][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.439294][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.440799][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 292.461084][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.461101][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.472397][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 292.502267][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.502284][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.522699][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 292.524519][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.524536][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.532069][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.532086][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.534732][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 292.535332][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 292.589379][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.589397][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.591023][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 292.593779][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 executing program [ 292.593794][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.595248][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 292.656846][ T1421] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 executing program executing program [ 292.656865][ T1421] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.659014][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 292.705193][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 executing program [ 292.705211][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.707007][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program [ 292.744393][ T1421] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.744411][ T1421] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.762634][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program [ 292.810159][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.810181][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.811918][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 292.997510][ T3654] skbuff: skb_over_panic: text:ffffffff883339c6 len:232 put:72 head:ffff8880705f4000 data:ffff8880705f4000 tail:0xe8 end:0xc0 dev: [ 292.998149][ T3654] ------------[ cut here ]------------ [ 292.998156][ T3654] kernel BUG at net/core/skbuff.c:113! [ 292.998175][ T3654] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 292.998196][ T3654] CPU: 0 PID: 3654 Comm: syz-executor806 Not tainted 5.19.0-rc2-syzkaller-00241-g4b35035bcf80 #0 [ 292.998222][ T3654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.998234][ T3654] RIP: 0010:skb_panic+0x16c/0x16e [ 292.998293][ T3654] Code: f8 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 e0 be d2 8a ff 74 24 10 ff 74 24 20 e8 85 05 c1 ff <0f> 0b e8 d7 d1 08 f8 4c 8b 64 24 18 e8 0d 8d 55 f8 48 c7 c1 00 cc [ 292.998314][ T3654] RSP: 0018:ffffc900032cee70 EFLAGS: 00010286 [ 292.998334][ T3654] RAX: 0000000000000086 RBX: ffff888070559780 RCX: 0000000000000000 [ 292.998347][ T3654] RDX: ffff888020038000 RSI: ffffffff8160dc98 RDI: fffff52000659dc0 [ 292.998362][ T3654] RBP: ffffffff8ad2cc40 R08: 0000000000000086 R09: 0000000000000000 [ 292.998375][ T3654] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff883339c6 [ 292.998389][ T3654] R13: 0000000000000048 R14: ffffffff8ad2bea0 R15: 00000000000000c0 [ 292.998404][ T3654] FS: 00007f3c052a8700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 292.998426][ T3654] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 292.998441][ T3654] CR2: 00007f86a1ecb870 CR3: 0000000070d80000 CR4: 00000000003506f0 [ 292.998455][ T3654] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 292.998467][ T3654] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 292.998479][ T3654] Call Trace: [ 292.998485][ T3654] [ 292.998495][ T3654] ? pfkey_send_acquire+0x1856/0x2520 [ 292.998581][ T3654] skb_put.cold+0x24/0x24 [ 292.998608][ T3654] pfkey_send_acquire+0x1856/0x2520 [ 292.998637][ T3654] km_query+0xac/0x220 [ 292.998677][ T3654] xfrm_state_find+0x2bfe/0x4f10 [ 292.998707][ T3654] ? xfrm_state_update+0xe10/0xe10 [ 292.998730][ T3654] ? mark_lock.part.0+0xee/0x1910 [ 292.998757][ T3654] ? lock_chain_count+0x20/0x20 [ 292.998783][ T3654] ? lock_chain_count+0x20/0x20 [ 292.998809][ T3654] ? mark_lock.part.0+0xee/0x1910 [ 292.998839][ T3654] xfrm_tmpl_resolve+0x2f3/0xd40 [ 292.998867][ T3654] ? __xfrm_dst_lookup+0x130/0x130 [ 292.998892][ T3654] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 292.998917][ T3654] ? __lock_acquire+0xbca/0x5660 [ 292.998945][ T3654] xfrm_resolve_and_create_bundle+0x123/0x2620 [ 292.998974][ T3654] ? xfrm_net_init+0xcb0/0xcb0 [ 292.998996][ T3654] ? xfrm_sk_policy_lookup+0x4e5/0x6e0 [ 292.999021][ T3654] ? xfrm_selector_match+0xf90/0xf90 [ 292.999043][ T3654] ? xfrm_expand_policies+0x257/0x630 [ 292.999067][ T3654] xfrm_lookup_with_ifid+0x22a/0x2240 [ 292.999092][ T3654] ? __xfrm_policy_check+0x2b00/0x2b00 [ 292.999115][ T3654] ? ip_route_output_key_hash+0x1c5/0x300 [ 292.999151][ T3654] ? lock_downgrade+0x6e0/0x6e0 [ 292.999178][ T3654] xfrm_lookup_route+0x36/0x1e0 [ 292.999201][ T3654] ip_route_output_flow+0x114/0x150 [ 292.999224][ T3654] udp_sendmsg+0x1999/0x2760 [ 292.999261][ T3654] ? ip_setup_cork+0x970/0x970 [ 292.999285][ T3654] ? wp_page_copy+0xdfe/0x1e20 [ 292.999308][ T3654] ? udp_unicast_rcv_skb+0x330/0x330 [ 292.999342][ T3654] ? aa_sk_perm+0x30f/0xaa0 [ 292.999411][ T3654] ? aa_af_perm+0x230/0x230 [ 292.999437][ T3654] inet_sendmsg+0x99/0xe0 [ 292.999458][ T3654] ? inet_send_prepare+0x4e0/0x4e0 [ 292.999479][ T3654] sock_sendmsg+0xcf/0x120 [ 292.999549][ T3654] ____sys_sendmsg+0x334/0x810 [ 292.999583][ T3654] ? kernel_sendmsg+0x50/0x50 [ 292.999607][ T3654] ? do_recvmmsg+0x6d0/0x6d0 [ 292.999629][ T3654] ? __lock_acquire+0x163e/0x5660 [ 292.999659][ T3654] ___sys_sendmsg+0xf3/0x170 [ 292.999681][ T3654] ? sendmsg_copy_msghdr+0x160/0x160 [ 292.999708][ T3654] ? find_held_lock+0x2d/0x110 [ 292.999734][ T3654] ? __might_fault+0xd1/0x170 [ 292.999758][ T3654] ? lock_downgrade+0x6e0/0x6e0 [ 292.999790][ T3654] __sys_sendmmsg+0x195/0x470 [ 292.999814][ T3654] ? __ia32_sys_sendmsg+0x220/0x220 [ 292.999835][ T3654] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 292.999870][ T3654] ? __context_tracking_exit+0xb8/0xe0 [ 292.999901][ T3654] ? lock_downgrade+0x6e0/0x6e0 [ 292.999928][ T3654] ? lock_downgrade+0x6e0/0x6e0 [ 292.999951][ T3654] ? restore_fpregs_from_fpstate+0xcc/0x1e0 [ 292.999977][ T3654] ? syscall_enter_from_user_mode+0x21/0x70 [ 292.999998][ T3654] __x64_sys_sendmmsg+0x99/0x100 [ 293.000021][ T3654] ? syscall_enter_from_user_mode+0x21/0x70 [ 293.000043][ T3654] do_syscall_64+0x35/0xb0 [ 293.000091][ T3654] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 293.000128][ T3654] RIP: 0033:0x7f3c0531c929 [ 293.000145][ T3654] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 16 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 293.000164][ T3654] RSP: 002b:00007f3c052a8208 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 293.000185][ T3654] RAX: ffffffffffffffda RBX: 00007f3c053ab298 RCX: 00007f3c0531c929 [ 293.000200][ T3654] RDX: 0400000000000354 RSI: 0000000020000180 RDI: 0000000000000003 [ 293.000213][ T3654] RBP: 00007f3c053ab290 R08: 0000000000000000 R09: 0000000000000000 [ 293.000227][ T3654] R10: 000002873dedf99c R11: 0000000000000246 R12: 00007f3c053ab29c [ 293.000241][ T3654] R13: 00007fffa7e162bf R14: 00007f3c052a8300 R15: 0000000000022000 [ 293.000263][ T3654] [ 293.000269][ T3654] Modules linked in: [ 293.029288][ T3654] ---[ end trace 0000000000000000 ]--- [ 293.029302][ T3654] RIP: 0010:skb_panic+0x16c/0x16e [ 293.029334][ T3654] Code: f8 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 e0 be d2 8a ff 74 24 10 ff 74 24 20 e8 85 05 c1 ff <0f> 0b e8 d7 d1 08 f8 4c 8b 64 24 18 e8 0d 8d 55 f8 48 c7 c1 00 cc [ 293.029354][ T3654] RSP: 0018:ffffc900032cee70 EFLAGS: 00010286 [ 293.029371][ T3654] RAX: 0000000000000086 RBX: ffff888070559780 RCX: 0000000000000000 [ 293.029385][ T3654] RDX: ffff888020038000 RSI: ffffffff8160dc98 RDI: fffff52000659dc0 [ 293.029399][ T3654] RBP: ffffffff8ad2cc40 R08: 0000000000000086 R09: 0000000000000000 [ 293.029412][ T3654] R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff883339c6 [ 293.029425][ T3654] R13: 0000000000000048 R14: ffffffff8ad2bea0 R15: 00000000000000c0 [ 293.029439][ T3654] FS: 00007f3c052a8700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 293.029462][ T3654] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 293.029477][ T3654] CR2: 00007fb02a7a5300 CR3: 0000000070d80000 CR4: 00000000003506f0 [ 293.029490][ T3654] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 293.029502][ T3654] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 293.029517][ T3654] Kernel panic - not syncing: Fatal exception [ 293.891091][ T3654] Kernel Offset: disabled [ 293.895412][ T3654] Rebooting in 86400 seconds..