[ OK ] Started OpenBSD Secure Shell server. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ 45.379382][ T8383] sshd (8383) used greatest stack depth: 22728 bytes left [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. Starting Load/Save RF Kill Switch Status... [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.167' (ECDSA) to the list of known hosts. syzkaller login: [ 53.206692][ T8476] IPVS: ftp: loaded support on port[0] = 21 [ 53.265156][ T1377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.289636][ T1377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program [ 53.312930][ T4517] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.313909][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 53.320838][ T4517] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.343905][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 53.449014][ T8476] syz-executor423 uses obsolete (PF_INET,SOCK_PACKET) [ 53.459917][ T8476] ------------[ cut here ]------------ [ 53.480578][ T8476] wlan0: Failed check-sdata-in-driver check, flags: 0x4 [ 53.489013][ T8476] WARNING: CPU: 0 PID: 8476 at net/mac80211/driver-ops.h:172 drv_bss_info_changed+0x4f3/0x5f0 [ 53.507296][ T8476] Modules linked in: [ 53.511178][ T8476] CPU: 0 PID: 8476 Comm: syz-executor423 Not tainted 5.11.0-rc1-syzkaller #0 [ 53.520798][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.531290][ T8476] RIP: 0010:drv_bss_info_changed+0x4f3/0x5f0 [ 53.538099][ T8476] Code: 40 06 00 00 48 85 ed 0f 84 9c 00 00 00 e8 65 f4 2b f9 e8 60 f4 2b f9 8b 54 24 04 48 89 ee 48 c7 c7 c0 e3 61 8a e8 64 79 6c 00 <0f> 0b e9 dd fd ff ff e8 41 f4 2b f9 0f 0b e9 15 fd ff ff 4c 89 ff [ 53.559357][ T8476] RSP: 0018:ffffc900015df508 EFLAGS: 00010286 [ 53.565563][ T8476] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 53.573589][ T8476] RDX: ffff88801d57b780 RSI: ffffffff815b2b45 RDI: fffff520002bbe93 [ 53.581629][ T8476] RBP: ffff8880277cc000 R08: 0000000000000000 R09: 0000000000000000 [ 53.589678][ T8476] R10: ffffffff815abd1e R11: 0000000000000000 R12: ffff8880277ccbc0 [ 53.597718][ T8476] R13: 0000000002000000 R14: ffff8880277cdde0 R15: ffff8880277cddd8 [ 53.605885][ T8476] FS: 000000000165d880(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 [ 53.615348][ T8476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.621935][ T8476] CR2: 00007ffcd064b000 CR3: 000000001185d000 CR4: 0000000000350ee0 [ 53.630072][ T8476] Call Trace: [ 53.633410][ T8476] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 53.639486][ T8476] ieee80211_set_mcast_rate+0x37/0x40 [ 53.644945][ T8476] ? ieee80211_get_mesh_config+0x30/0x30 [ 53.650613][ T8476] nl80211_set_mcast_rate+0x317/0x610 [ 53.656040][ T8476] ? nl80211_tdls_cancel_channel_switch+0x5b0/0x5b0 [ 53.662686][ T8476] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 53.668957][ T8476] ? nl80211_pre_doit+0xa2/0x630 [ 53.673932][ T8476] genl_family_rcv_msg_doit+0x228/0x320 [ 53.679490][ T8476] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 53.686969][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 53.693311][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 53.700035][ T8476] ? ns_capable+0xde/0x100 [ 53.705034][ T8476] genl_rcv_msg+0x328/0x580 [ 53.710033][ T8476] ? genl_get_cmd+0x480/0x480 [ 53.715038][ T8476] ? nl80211_tdls_cancel_channel_switch+0x5b0/0x5b0 [ 53.721643][ T8476] ? lock_release+0x710/0x710 [ 53.726604][ T8476] netlink_rcv_skb+0x153/0x420 [ 53.731381][ T8476] ? genl_get_cmd+0x480/0x480 [ 53.736335][ T8476] ? netlink_ack+0xaa0/0xaa0 [ 53.740938][ T8476] genl_rcv+0x24/0x40 [ 53.744960][ T8476] netlink_unicast+0x533/0x7d0 [ 53.750312][ T8476] ? netlink_attachskb+0x870/0x870 [ 53.755724][ T8476] ? _copy_from_iter_full+0x275/0x850 [ 53.761560][ T8476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 53.768259][ T8476] ? __phys_addr_symbol+0x2c/0x70 [ 53.773331][ T8476] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 53.779097][ T8476] ? __check_object_size+0x171/0x3f0 [ 53.784415][ T8476] netlink_sendmsg+0x856/0xd90 [ 53.789198][ T8476] ? netlink_unicast+0x7d0/0x7d0 [ 53.794185][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 53.800456][ T8476] ? netlink_unicast+0x7d0/0x7d0 [ 53.805458][ T8476] sock_sendmsg+0xcf/0x120 [ 53.809883][ T8476] ____sys_sendmsg+0x6e8/0x810 [ 53.814700][ T8476] ? kernel_sendmsg+0x50/0x50 [ 53.819377][ T8476] ? do_recvmmsg+0x6c0/0x6c0 [ 53.824064][ T8476] ? find_held_lock+0x2d/0x110 [ 53.828855][ T8476] ___sys_sendmsg+0xf3/0x170 [ 53.833501][ T8476] ? sendmsg_copy_msghdr+0x160/0x160 [ 53.838797][ T8476] ? _copy_to_user+0xdc/0x150 [ 53.843517][ T8476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 53.849769][ T8476] ? sock_do_ioctl+0x168/0x2d0 [ 53.854570][ T8476] ? compat_ifr_data_ioctl+0x150/0x150 [ 53.860037][ T8476] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 53.865971][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 53.872280][ T8476] ? __fget_light+0x215/0x280 [ 53.876957][ T8476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 53.883238][ T8476] __sys_sendmsg+0xe5/0x1b0 [ 53.887760][ T8476] ? __sys_sendmsg_sock+0xb0/0xb0 [ 53.893004][ T8476] ? syscall_enter_from_user_mode+0x1d/0x50 [ 53.898934][ T8476] do_syscall_64+0x2d/0x70 [ 53.903533][ T8476] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 53.909435][ T8476] RIP: 0033:0x4417f9 [ 53.913374][ T8476] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 53.933182][ T8476] RSP: 002b:00007ffe200da188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.941690][ T8476] RAX: ffffffffffffffda RBX: 00007ffe200da1b0 RCX: 00000000004417f9 [ 53.949709][ T8476] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000005 [ 53.957764][ T8476] RBP: 0000000000000003 R08: 0000002100000000 R09: 0000002100000000 [ 53.965801][ T8476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 [ 53.973842][ T8476] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004 [ 53.982570][ T8476] Kernel panic - not syncing: panic_on_warn set ... [ 53.989158][ T8476] CPU: 1 PID: 8476 Comm: syz-executor423 Not tainted 5.11.0-rc1-syzkaller #0 [ 53.997912][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.007957][ T8476] Call Trace: [ 54.011226][ T8476] dump_stack+0x107/0x163 [ 54.015539][ T8476] panic+0x306/0x73d [ 54.019424][ T8476] ? __warn_printk+0xf3/0xf3 [ 54.023996][ T8476] ? __warn.cold+0x1a/0x44 [ 54.028573][ T8476] ? drv_bss_info_changed+0x4f3/0x5f0 [ 54.033987][ T8476] __warn.cold+0x35/0x44 [ 54.038228][ T8476] ? wake_up_klogd.part.0+0x8e/0xd0 [ 54.043417][ T8476] ? drv_bss_info_changed+0x4f3/0x5f0 [ 54.048768][ T8476] report_bug+0x1bd/0x210 [ 54.053091][ T8476] handle_bug+0x3c/0x60 [ 54.057225][ T8476] exc_invalid_op+0x14/0x40 [ 54.061969][ T8476] asm_exc_invalid_op+0x12/0x20 [ 54.066801][ T8476] RIP: 0010:drv_bss_info_changed+0x4f3/0x5f0 [ 54.072763][ T8476] Code: 40 06 00 00 48 85 ed 0f 84 9c 00 00 00 e8 65 f4 2b f9 e8 60 f4 2b f9 8b 54 24 04 48 89 ee 48 c7 c7 c0 e3 61 8a e8 64 79 6c 00 <0f> 0b e9 dd fd ff ff e8 41 f4 2b f9 0f 0b e9 15 fd ff ff 4c 89 ff [ 54.092652][ T8476] RSP: 0018:ffffc900015df508 EFLAGS: 00010286 [ 54.098802][ T8476] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 54.106755][ T8476] RDX: ffff88801d57b780 RSI: ffffffff815b2b45 RDI: fffff520002bbe93 [ 54.114704][ T8476] RBP: ffff8880277cc000 R08: 0000000000000000 R09: 0000000000000000 [ 54.122654][ T8476] R10: ffffffff815abd1e R11: 0000000000000000 R12: ffff8880277ccbc0 [ 54.130599][ T8476] R13: 0000000002000000 R14: ffff8880277cdde0 R15: ffff8880277cddd8 [ 54.138552][ T8476] ? wake_up_klogd.part.0+0x8e/0xd0 [ 54.143734][ T8476] ? vprintk_func+0x95/0x1e0 [ 54.148315][ T8476] ? drv_bss_info_changed+0x4f3/0x5f0 [ 54.153667][ T8476] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 54.159982][ T8476] ieee80211_set_mcast_rate+0x37/0x40 [ 54.165341][ T8476] ? ieee80211_get_mesh_config+0x30/0x30 [ 54.170952][ T8476] nl80211_set_mcast_rate+0x317/0x610 [ 54.176300][ T8476] ? nl80211_tdls_cancel_channel_switch+0x5b0/0x5b0 [ 54.182878][ T8476] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 54.189095][ T8476] ? nl80211_pre_doit+0xa2/0x630 [ 54.194012][ T8476] genl_family_rcv_msg_doit+0x228/0x320 [ 54.199729][ T8476] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 54.207079][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 54.213655][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 54.219877][ T8476] ? ns_capable+0xde/0x100 [ 54.224274][ T8476] genl_rcv_msg+0x328/0x580 [ 54.228760][ T8476] ? genl_get_cmd+0x480/0x480 [ 54.233511][ T8476] ? nl80211_tdls_cancel_channel_switch+0x5b0/0x5b0 [ 54.240081][ T8476] ? lock_release+0x710/0x710 [ 54.244751][ T8476] netlink_rcv_skb+0x153/0x420 [ 54.249506][ T8476] ? genl_get_cmd+0x480/0x480 [ 54.254163][ T8476] ? netlink_ack+0xaa0/0xaa0 [ 54.258738][ T8476] genl_rcv+0x24/0x40 [ 54.262708][ T8476] netlink_unicast+0x533/0x7d0 [ 54.267811][ T8476] ? netlink_attachskb+0x870/0x870 [ 54.272900][ T8476] ? _copy_from_iter_full+0x275/0x850 [ 54.278267][ T8476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 54.284510][ T8476] ? __phys_addr_symbol+0x2c/0x70 [ 54.289524][ T8476] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 54.295242][ T8476] ? __check_object_size+0x171/0x3f0 [ 54.300518][ T8476] netlink_sendmsg+0x856/0xd90 [ 54.305266][ T8476] ? netlink_unicast+0x7d0/0x7d0 [ 54.310196][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 54.316423][ T8476] ? netlink_unicast+0x7d0/0x7d0 [ 54.321362][ T8476] sock_sendmsg+0xcf/0x120 [ 54.326039][ T8476] ____sys_sendmsg+0x6e8/0x810 [ 54.330801][ T8476] ? kernel_sendmsg+0x50/0x50 [ 54.335455][ T8476] ? do_recvmmsg+0x6c0/0x6c0 [ 54.340114][ T8476] ? find_held_lock+0x2d/0x110 [ 54.344862][ T8476] ___sys_sendmsg+0xf3/0x170 [ 54.350038][ T8476] ? sendmsg_copy_msghdr+0x160/0x160 [ 54.355480][ T8476] ? _copy_to_user+0xdc/0x150 [ 54.360135][ T8476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 54.366352][ T8476] ? sock_do_ioctl+0x168/0x2d0 [ 54.371097][ T8476] ? compat_ifr_data_ioctl+0x150/0x150 [ 54.376533][ T8476] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 54.382408][ T8476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 54.388625][ T8476] ? __fget_light+0x215/0x280 [ 54.393280][ T8476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 54.399502][ T8476] __sys_sendmsg+0xe5/0x1b0 [ 54.405374][ T8476] ? __sys_sendmsg_sock+0xb0/0xb0 [ 54.410470][ T8476] ? syscall_enter_from_user_mode+0x1d/0x50 [ 54.416343][ T8476] do_syscall_64+0x2d/0x70 [ 54.420733][ T8476] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 54.426603][ T8476] RIP: 0033:0x4417f9 [ 54.430473][ T8476] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 54.450754][ T8476] RSP: 002b:00007ffe200da188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 54.462957][ T8476] RAX: ffffffffffffffda RBX: 00007ffe200da1b0 RCX: 00000000004417f9 [ 54.470919][ T8476] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000005 [ 54.478932][ T8476] RBP: 0000000000000003 R08: 0000002100000000 R09: 0000002100000000 [ 54.486882][ T8476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 [ 54.494832][ T8476] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004 [ 54.506350][ T8476] Kernel Offset: disabled [ 54.511008][ T8476] Rebooting in 86400 seconds..