[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.6' (ECDSA) to the list of known hosts. syzkaller login: [ 35.815622] IPVS: ftp: loaded support on port[0] = 21 [ 35.917181] chnl_net:caif_netlink_parms(): no params data found [ 36.014521] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.021415] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.028586] device bridge_slave_0 entered promiscuous mode [ 36.036457] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.043096] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.050734] device bridge_slave_1 entered promiscuous mode [ 36.068770] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 36.077520] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 36.096218] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 36.104061] team0: Port device team_slave_0 added [ 36.110647] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 36.117927] team0: Port device team_slave_1 added [ 36.133494] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.140016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.166215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.177925] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.184646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.210327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.221339] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.228774] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.248348] device hsr_slave_0 entered promiscuous mode [ 36.254138] device hsr_slave_1 entered promiscuous mode [ 36.260908] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.267863] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.331019] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.337418] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.344391] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.350812] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.382494] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 36.388572] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.397931] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 36.406771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.415444] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.422815] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.430723] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 36.440670] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 36.446725] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.456132] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.463857] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.470262] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.479510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.487532] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.493941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.512356] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 36.520559] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 36.528038] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.535648] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 36.547358] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 36.558084] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 36.564237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 36.571622] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.585762] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 36.593044] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 36.600896] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 36.612454] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.625284] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 36.634684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.667563] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 36.675012] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 36.683253] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 36.692953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.700674] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 36.707743] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 36.716666] device veth0_vlan entered promiscuous mode [ 36.725667] device veth1_vlan entered promiscuous mode [ 36.732107] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 36.741407] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 36.753380] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 36.762500] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 36.770430] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 36.777678] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.787208] device veth0_macvtap entered promiscuous mode [ 36.793839] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 36.802048] device veth1_macvtap entered promiscuous mode [ 36.811051] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 36.821079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 36.832521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.839481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 36.847712] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 36.859053] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.869411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 36.973420] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 36.981279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.988416] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.001961] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready executing program [ 37.023217] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 37.030104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.037210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.044741] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 37.062378] ------------[ cut here ]------------ [ 37.067511] WARNING: CPU: 0 PID: 407 at net/mac80211/sta_info.c:478 sta_info_insert_rcu.cold+0x29/0xd8 [ 37.077044] Kernel panic - not syncing: panic_on_warn set ... [ 37.077044] [ 37.084394] CPU: 0 PID: 407 Comm: kworker/u4:4 Not tainted 4.19.211-syzkaller #0 [ 37.091905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 37.101246] Workqueue: phy2 ieee80211_iface_work [ 37.105992] Call Trace: [ 37.108559] dump_stack+0x1fc/0x2ef [ 37.112173] panic+0x26a/0x50e [ 37.115346] ? __warn_printk+0xf3/0xf3 [ 37.119228] ? sta_info_insert_rcu.cold+0x29/0xd8 [ 37.124066] ? __probe_kernel_read+0x130/0x1b0 [ 37.128712] ? __warn.cold+0x5/0x5a [ 37.132334] ? __warn+0xe4/0x200 [ 37.135681] ? sta_info_insert_rcu.cold+0x29/0xd8 [ 37.140510] __warn.cold+0x20/0x5a [ 37.144040] ? sta_info_insert_rcu.cold+0x29/0xd8 [ 37.148880] report_bug+0x262/0x2b0 [ 37.152501] do_error_trap+0x1d7/0x310 [ 37.156367] ? math_error+0x310/0x310 [ 37.160152] ? __irq_work_queue_local+0x101/0x160 [ 37.164994] ? irq_work_queue+0x29/0x80 [ 37.168952] ? error_entry+0x72/0xd0 [ 37.172649] ? trace_hardirqs_off_caller+0x6e/0x210 [ 37.177645] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 37.182476] invalid_op+0x14/0x20 [ 37.185910] RIP: 0010:sta_info_insert_rcu.cold+0x29/0xd8 [ 37.191352] Code: ff e8 46 36 4e f9 48 c7 c7 60 4b 67 89 e8 a5 67 df ff 0f 0b e9 4f ca 82 ff e8 2e 36 4e f9 48 c7 c7 60 4b 67 89 e8 8d 67 df ff <0f> 0b 41 bc ea ff ff ff e9 b9 db 82 ff e8 10 36 4e f9 48 c7 c7 60 [ 37.210234] RSP: 0018:ffff8880b4b57a60 EFLAGS: 00010282 [ 37.215577] RAX: 0000000000000024 RBX: ffff8880b16715c0 RCX: 0000000000000000 [ 37.222842] RDX: 0000000000000000 RSI: ffffffff814dff01 RDI: ffffed101696af3e [ 37.230106] RBP: 0000000000000001 R08: 0000000000000024 R09: 0000000000000000 [ 37.237354] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000a7f2ff3f [ 37.244603] R13: ffff88809456aa48 R14: ffff88809456aa00 R15: ffff88809b859200 [ 37.251863] ? vprintk_func+0x81/0x180 [ 37.255736] ? check_preemption_disabled+0x41/0x280 [ 37.260735] ? minstrel_ht_rate_update+0x40/0x40 [ 37.265469] ? rate_control_rate_init+0x2fa/0x4f0 [ 37.270301] ieee80211_ibss_finish_sta+0x25b/0x360 [ 37.275207] ? ieee80211_sta_join_ibss+0xe50/0xe50 [ 37.280114] ? mark_held_locks+0xa6/0xf0 [ 37.284244] ? __local_bh_enable_ip+0x159/0x270 [ 37.288896] ieee80211_ibss_work+0x2b6/0xe10 [ 37.293284] ? ieee80211_ibss_rx_queued_mgmt+0x18b0/0x18b0 [ 37.298897] ? mark_held_locks+0xa6/0xf0 [ 37.302955] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 37.308052] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 37.312711] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 37.317802] ieee80211_iface_work+0x7ba/0x8a0 [ 37.322294] process_one_work+0x864/0x1570 [ 37.326515] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 37.331178] worker_thread+0x64c/0x1130 [ 37.335144] ? __kthread_parkme+0x133/0x1e0 [ 37.339458] ? process_one_work+0x1570/0x1570 [ 37.343957] kthread+0x33f/0x460 [ 37.347326] ? kthread_park+0x180/0x180 [ 37.351288] ret_from_fork+0x24/0x30 [ 37.355317] Kernel Offset: disabled [ 37.358997] Rebooting in 86400 seconds..