[ 9.865715][ T2658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9.875982][ T2658] eql: remember to turn off Van-Jacobson compression on your slave devices [ 9.901441][ T125] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 9.904490][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.104' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 32.068432][ T3080] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.244607][ T3099] ------------[ cut here ]------------ [ 32.246033][ T3099] wlan1: Failed check-sdata-in-driver check, flags: 0x0 [ 32.248021][ T3099] WARNING: CPU: 1 PID: 3099 at net/mac80211/main.c:235 ieee80211_bss_info_change_notify+0x1d4/0x2f4 [ 32.250504][ T3099] Modules linked in: [ 32.251365][ T3099] CPU: 1 PID: 3099 Comm: syz-executor137 Not tainted 6.1.0-rc8-syzkaller-33330-ga5541c0811a0 #0 [ 32.253647][ T3099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 32.255954][ T3099] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 32.257667][ T3099] pc : ieee80211_bss_info_change_notify+0x1d4/0x2f4 [ 32.259085][ T3099] lr : ieee80211_bss_info_change_notify+0x1d4/0x2f4 [ 32.260489][ T3099] sp : ffff80000ffb3700 [ 32.261454][ T3099] x29: ffff80000ffb3700 x28: ffff0000c6799a40 x27: 0000000000000000 [ 32.263327][ T3099] x26: ffff80000d37c000 x25: ffff0000c68206c0 x24: ffff80000d95e000 [ 32.265139][ T3099] x23: 0000000000000000 x22: 0000000000000000 x21: ffff0000c3bf0c80 [ 32.266910][ T3099] x20: 0000000000400000 x19: ffff0000c6820e00 x18: 000000000000005a [ 32.268696][ T3099] x17: 0000000000000000 x16: ffff80000dbe6158 x15: ffff0000c6799a40 [ 32.270475][ T3099] x14: 0000000000000000 x13: 00000000ffffffff x12: ffff0000c6799a40 [ 32.272308][ T3099] x11: ff808000081c4d64 x10: 0000000000000000 x9 : 9e145f44d4a1cc00 [ 32.274190][ T3099] x8 : 9e145f44d4a1cc00 x7 : ffff80000816678c x6 : 0000000000000000 [ 32.275995][ T3099] x5 : 0000000000000080 x4 : 0000000000000001 x3 : 0000000000000000 [ 32.277851][ T3099] x2 : 0000000000000006 x1 : 0000000100000000 x0 : 0000000000000035 [ 32.279661][ T3099] Call trace: [ 32.280441][ T3099] ieee80211_bss_info_change_notify+0x1d4/0x2f4 [ 32.281934][ T3099] ieee80211_ocb_leave+0xf0/0x170 [ 32.283086][ T3099] ieee80211_leave_ocb+0x20/0x30 [ 32.284208][ T3099] cfg80211_leave_ocb+0xcc/0x150 [ 32.285425][ T3099] cfg80211_change_iface+0x2f8/0x5e8 [ 32.286682][ T3099] nl80211_set_interface+0x15c/0x33c [ 32.287913][ T3099] genl_rcv_msg+0x458/0x4f4 [ 32.289000][ T3099] netlink_rcv_skb+0xe8/0x1d4 [ 32.290137][ T3099] genl_rcv+0x38/0x50 [ 32.291037][ T3099] netlink_unicast_kernel+0xfc/0x1dc [ 32.292241][ T3099] netlink_unicast+0x164/0x248 [ 32.293383][ T3099] netlink_sendmsg+0x484/0x584 [ 32.294494][ T3099] ____sys_sendmsg+0x2f8/0x440 [ 32.295626][ T3099] __sys_sendmsg+0x1ac/0x228 [ 32.296631][ T3099] __arm64_sys_sendmsg+0x2c/0x3c [ 32.297720][ T3099] el0_svc_common+0x138/0x220 [ 32.298805][ T3099] do_el0_svc+0x48/0x140 [ 32.299791][ T3099] el0_svc+0x58/0x150 [ 32.300670][ T3099] el0t_64_sync_handler+0x84/0xf0 [ 32.301759][ T3099] el0t_64_sync+0x190/0x194 [ 32.302785][ T3099] irq event stamp: 712 [ 32.303634][ T3099] hardirqs last enabled at (711): [] finish_lock_switch+0x94/0xe8 [ 32.305870][ T3099] hardirqs last disabled at (712): [] el1_dbg+0x24/0x80 [ 32.307831][ T3099] softirqs last enabled at (690): [] _stext+0x2e4/0x37c [ 32.309819][ T3099] softirqs last disabled at (679): [] ____do_softirq+0x14/0x20 [ 32.311860][ T3099] ---[ end trace 0000000000000000 ]--- [ 32.317731][ T3099] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.327617][ T3102] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.336545][ T3104] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.347323][ T3106] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.361467][ T3109] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.371704][ T3110] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.380271][ T3113] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.389917][ T3114] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 32.399177][ T3118] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.082237][ T4115] validate_nla: 571 callbacks suppressed [ 37.082245][ T4115] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.098389][ T4116] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.109669][ T4118] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.119052][ T4120] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.129562][ T4122] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.138703][ T4124] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.149547][ T4125] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.158675][ T4127] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.169597][ T4129] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 37.178815][ T4131] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.087583][ T4840] validate_nla: 661 callbacks suppressed [ 42.087591][ T4840] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.098943][ T4841] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.107283][ T4842] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.115733][ T4843] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.123678][ T4844] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.134554][ T4845] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.143611][ T4846] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.153405][ T4847] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.162726][ T4848] netlink: 'syz-executor137': attribute type 27 has an invalid length. [ 42.170923][ T4849] netlink: 'syz-executor137': attribute type 27 has an invalid length.