[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.10.13' (ECDSA) to the list of known hosts.
syzkaller login: [   39.836143] audit: type=1400 audit(1601603962.020:8): avc:  denied  { execmem } for  pid=6485 comm="syz-executor188" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   39.848982] IPVS: ftp: loaded support on port[0] = 21
[   39.935963] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[   39.945813] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.961642] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[   39.981695] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   39.995134] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[   40.001601] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.008903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.017119] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   40.028683] ================================================================================
[   40.037357] UBSAN: Undefined behaviour in net/mac80211/cfg.c:491:9
[   40.043824] index 255 is out of range for type 'ieee80211_key *[6]'
[   40.050224] CPU: 0 PID: 6486 Comm: syz-executor188 Not tainted 4.19.149-syzkaller #0
[   40.058401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   40.067799] Call Trace:
[   40.070393]  dump_stack+0x22c/0x33e
[   40.074033]  ubsan_epilogue+0xe/0x3a
[   40.077926]  __ubsan_handle_out_of_bounds.cold+0x63/0x6f
[   40.083496]  ieee80211_del_key+0x48a/0x490
[   40.087736]  nl80211_del_key+0x41e/0xc50
[   40.091848]  ? nl80211_parse_key+0x1120/0x1120
[   40.096427]  ? validate_nla+0x2c6/0x970
[   40.100405]  ? nl80211_pre_doit+0xa2/0x660
[   40.104724]  ? nl80211_vendor_cmd_dump+0x15e0/0x15e0
[   40.109825]  genl_family_rcv_msg+0x6bf/0xd50
[   40.114292]  ? genl_family_attrbuf+0x120/0x120
[   40.118869]  ? genl_rcv_msg+0x15d/0x1b0
[   40.122842]  ? ww_mutex_unlock+0x2f0/0x2f0
[   40.127094]  ? __lock_acquire+0x6ec/0x3ff0
[   40.131328]  ? __radix_tree_lookup+0x251/0x3f0
[   40.135910]  genl_rcv_msg+0xdf/0x1b0
[   40.139622]  netlink_rcv_skb+0x160/0x440
[   40.143678]  ? genl_family_rcv_msg+0xd50/0xd50
[   40.148257]  ? netlink_ack+0xae0/0xae0
[   40.152139]  ? genl_rcv+0x15/0x40
[   40.155592]  genl_rcv+0x24/0x40
[   40.167114]  netlink_unicast+0x4d5/0x690
[   40.171177]  ? netlink_sendskb+0x110/0x110
[   40.175414]  netlink_sendmsg+0x717/0xcc0
[   40.179474]  ? nlmsg_notify+0x1a0/0x1a0
[   40.183531]  ? __sock_recv_ts_and_drops+0x540/0x540
[   40.188550]  ? nlmsg_notify+0x1a0/0x1a0
[   40.192523]  sock_sendmsg+0xc7/0x130
[   40.196320]  ___sys_sendmsg+0x7bb/0x8f0
[   40.200387]  ? copy_msghdr_from_user+0x440/0x440
[   40.205143]  ? selinux_file_alloc_security+0xe4/0x1c0
[   40.210328]  ? rcu_read_lock_sched_held+0x174/0x1e0
[   40.215343]  ? sock_ioctl+0x30e/0x5f0
[   40.219139]  ? routing_ioctl+0x570/0x570
[   40.223196]  ? mark_held_locks+0xf0/0xf0
[   40.227251]  ? percpu_counter_add_batch+0x126/0x180
[   40.232268]  ? routing_ioctl+0x570/0x570
[   40.236325]  ? do_vfs_ioctl+0x110/0x12e0
[   40.240380]  ? selinux_file_ioctl+0x44f/0x5e0
[   40.244886]  ? ioctl_preallocate+0x200/0x200
[   40.249291]  ? __fget_light+0x1a2/0x230
[   40.253266]  __x64_sys_sendmsg+0x132/0x220
[   40.257500]  ? __sys_sendmsg+0x1b0/0x1b0
[   40.261562]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   40.266918]  ? trace_hardirqs_off_caller+0x6e/0x210
[   40.271933]  ? do_syscall_64+0x21/0x670
[   40.275998]  do_syscall_64+0xf9/0x670
[   40.279796]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   40.285021] RIP: 0033:0x441759
[   40.288209] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   40.307107] RSP: 002b:00007fff3d5ebe68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.314812] RAX: ffffffffffffffda RBX: 00007fff3d5ebe90 RCX: 0000000000441759
[   40.322075] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003
[   40.329384] RBP: 0000000000000003 R08: 0000001d00000000 R09: 0000001d00000000
[   40.336649]