Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.193' (ECDSA) to the list of known hosts. syzkaller login: [ 56.348766][ T8432] IPVS: ftp: loaded support on port[0] = 21 executing program [ 56.421716][ T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.441176][ T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program [ 56.465527][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 56.475906][ T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.486386][ T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.496470][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 56.528506][ T8473] ------------[ cut here ]------------ [ 56.535162][ T8473] WARNING: CPU: 0 PID: 8473 at net/mac80211/ieee80211_i.h:1457 sta_info_alloc+0x191d/0x1f90 [ 56.545485][ T8473] Modules linked in: [ 56.549395][ T8473] CPU: 0 PID: 8473 Comm: syz-executor082 Not tainted 5.11.0-rc6-syzkaller #0 [ 56.558315][ T8473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.568500][ T8473] RIP: 0010:sta_info_alloc+0x191d/0x1f90 [ 56.574313][ T8473] Code: 85 8f 03 00 00 49 8b 9f 60 01 00 00 e9 04 f7 ff ff e8 07 eb 24 f9 8b 5c 24 08 83 e3 01 83 c3 01 e9 ab fb ff ff e8 f3 ea 24 f9 <0f> 0b e8 ec 12 ac 00 31 ff 89 c3 89 c6 e8 61 f2 24 f9 85 db 74 1d [ 56.594094][ T8473] RSP: 0018:ffffc900016af3e0 EFLAGS: 00010293 [ 56.600168][ T8473] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 56.608209][ T8473] RDX: ffff88801af20000 RSI: ffffffff884dd07d RDI: 0000000000000003 [ 56.616268][ T8473] RBP: ffff888017538c80 R08: 0000000000000000 R09: 0000000000000000 [ 56.624286][ T8473] R10: ffffffff884dcfba R11: 0000000000000000 R12: 0000000000000000 [ 56.632427][ T8473] R13: 0000000000000008 R14: dffffc0000000000 R15: ffff888018816000 [ 56.640404][ T8473] FS: 000000000087a300(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 56.649403][ T8473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.656056][ T8473] CR2: 00007ffc2b9b8dd8 CR3: 0000000025ade000 CR4: 0000000000350ef0 [ 56.664887][ T8473] Call Trace: [ 56.668454][ T8473] ieee80211_add_station+0x28c/0x660 [ 56.673819][ T8473] nl80211_new_station+0xdd0/0x13c0 [ 56.679025][ T8473] ? rdev_set_cqm_rssi_range_config+0x330/0x330 [ 56.685345][ T8473] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 56.691594][ T8473] ? nl80211_pre_doit+0xa2/0x630 [ 56.696638][ T8473] genl_family_rcv_msg_doit+0x228/0x320 [ 56.702326][ T8473] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 56.709701][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 56.716128][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 56.722461][ T8473] ? ns_capable+0xde/0x100 [ 56.726881][ T8473] genl_rcv_msg+0x328/0x580 [ 56.731376][ T8473] ? genl_get_cmd+0x480/0x480 [ 56.736109][ T8473] ? rdev_set_cqm_rssi_range_config+0x330/0x330 [ 56.742435][ T8473] ? lock_release+0x710/0x710 [ 56.747222][ T8473] netlink_rcv_skb+0x153/0x420 [ 56.751994][ T8473] ? genl_get_cmd+0x480/0x480 [ 56.756895][ T8473] ? netlink_ack+0xaa0/0xaa0 [ 56.761666][ T8473] genl_rcv+0x24/0x40 [ 56.766166][ T8473] netlink_unicast+0x533/0x7d0 [ 56.771055][ T8473] ? netlink_attachskb+0x870/0x870 [ 56.776332][ T8473] ? _copy_from_iter_full+0x275/0x850 [ 56.781758][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 56.788046][ T8473] ? __phys_addr_symbol+0x2c/0x70 [ 56.793688][ T8473] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 56.799403][ T8473] ? __check_object_size+0x171/0x3f0 [ 56.804733][ T8473] netlink_sendmsg+0x856/0xd90 [ 56.809510][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 56.814510][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 56.820778][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 56.825749][ T8473] sock_sendmsg+0xcf/0x120 [ 56.830168][ T8473] ____sys_sendmsg+0x6e8/0x810 [ 56.835083][ T8473] ? kernel_sendmsg+0x50/0x50 [ 56.839783][ T8473] ? do_recvmmsg+0x6c0/0x6c0 [ 56.844420][ T8473] ? stack_trace_save+0x8c/0xc0 [ 56.849277][ T8473] ? stack_trace_consume_entry+0x160/0x160 [ 56.855207][ T8473] ___sys_sendmsg+0xf3/0x170 [ 56.859806][ T8473] ? sendmsg_copy_msghdr+0x160/0x160 [ 56.865264][ T8473] ? task_work_run+0xdd/0x190 [ 56.870153][ T8473] ? syscall_exit_to_user_mode+0x19/0x50 [ 56.875880][ T8473] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 56.881954][ T8473] ? debug_object_active_state+0x260/0x350 [ 56.887820][ T8473] ? lock_downgrade+0x6d0/0x6d0 [ 56.892852][ T8473] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 56.898657][ T8473] ? lockdep_hardirqs_on+0x79/0x100 [ 56.903896][ T8473] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 56.909910][ T8473] ? debug_object_active_state+0x260/0x350 [ 56.915954][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 56.922940][ T8473] ? __fget_light+0x215/0x280 [ 56.928350][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 56.934708][ T8473] __sys_sendmsg+0xe5/0x1b0 [ 56.939233][ T8473] ? __sys_sendmsg_sock+0xb0/0xb0 [ 56.944368][ T8473] ? syscall_enter_from_user_mode+0x1d/0x50 [ 56.950292][ T8473] do_syscall_64+0x2d/0x70 [ 56.955058][ T8473] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 56.961204][ T8473] RIP: 0033:0x441029 [ 56.965325][ T8473] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 56.985749][ T8473] RSP: 002b:00007ffc2b9b9e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 56.994840][ T8473] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 0000000000441029 [ 57.002929][ T8473] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 57.010910][ T8473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 57.019214][ T8473] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000dcd2 [ 57.027427][ T8473] R13: 00007ffc2b9b9ea0 R14: 00007ffc2b9b9e90 R15: 00007ffc2b9b9e64 [ 57.035484][ T8473] Kernel panic - not syncing: panic_on_warn set ... [ 57.042066][ T8473] CPU: 0 PID: 8473 Comm: syz-executor082 Not tainted 5.11.0-rc6-syzkaller #0 [ 57.051160][ T8473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.061224][ T8473] Call Trace: [ 57.064894][ T8473] dump_stack+0x107/0x163 [ 57.069239][ T8473] panic+0x306/0x73d [ 57.073264][ T8473] ? __warn_printk+0xf3/0xf3 [ 57.077877][ T8473] ? __warn.cold+0x1a/0x44 [ 57.082416][ T8473] ? sta_info_alloc+0x191d/0x1f90 [ 57.087584][ T8473] __warn.cold+0x35/0x44 [ 57.091944][ T8473] ? sta_info_alloc+0x191d/0x1f90 [ 57.097226][ T8473] report_bug+0x1bd/0x210 [ 57.101768][ T8473] handle_bug+0x3c/0x60 [ 57.105939][ T8473] exc_invalid_op+0x14/0x40 [ 57.110451][ T8473] asm_exc_invalid_op+0x12/0x20 [ 57.115400][ T8473] RIP: 0010:sta_info_alloc+0x191d/0x1f90 [ 57.121037][ T8473] Code: 85 8f 03 00 00 49 8b 9f 60 01 00 00 e9 04 f7 ff ff e8 07 eb 24 f9 8b 5c 24 08 83 e3 01 83 c3 01 e9 ab fb ff ff e8 f3 ea 24 f9 <0f> 0b e8 ec 12 ac 00 31 ff 89 c3 89 c6 e8 61 f2 24 f9 85 db 74 1d [ 57.140650][ T8473] RSP: 0018:ffffc900016af3e0 EFLAGS: 00010293 [ 57.146826][ T8473] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 57.154887][ T8473] RDX: ffff88801af20000 RSI: ffffffff884dd07d RDI: 0000000000000003 [ 57.162863][ T8473] RBP: ffff888017538c80 R08: 0000000000000000 R09: 0000000000000000 [ 57.170836][ T8473] R10: ffffffff884dcfba R11: 0000000000000000 R12: 0000000000000000 [ 57.178898][ T8473] R13: 0000000000000008 R14: dffffc0000000000 R15: ffff888018816000 [ 57.186990][ T8473] ? sta_info_alloc+0x185a/0x1f90 [ 57.192027][ T8473] ? sta_info_alloc+0x191d/0x1f90 [ 57.197082][ T8473] ieee80211_add_station+0x28c/0x660 [ 57.202381][ T8473] nl80211_new_station+0xdd0/0x13c0 [ 57.207705][ T8473] ? rdev_set_cqm_rssi_range_config+0x330/0x330 [ 57.214057][ T8473] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 57.220323][ T8473] ? nl80211_pre_doit+0xa2/0x630 [ 57.225445][ T8473] genl_family_rcv_msg_doit+0x228/0x320 [ 57.231001][ T8473] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 57.238670][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.244986][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.251237][ T8473] ? ns_capable+0xde/0x100 [ 57.255668][ T8473] genl_rcv_msg+0x328/0x580 [ 57.260367][ T8473] ? genl_get_cmd+0x480/0x480 [ 57.265056][ T8473] ? rdev_set_cqm_rssi_range_config+0x330/0x330 [ 57.271306][ T8473] ? lock_release+0x710/0x710 [ 57.276000][ T8473] netlink_rcv_skb+0x153/0x420 [ 57.280765][ T8473] ? genl_get_cmd+0x480/0x480 [ 57.285455][ T8473] ? netlink_ack+0xaa0/0xaa0 [ 57.290051][ T8473] genl_rcv+0x24/0x40 [ 57.294051][ T8473] netlink_unicast+0x533/0x7d0 [ 57.298811][ T8473] ? netlink_attachskb+0x870/0x870 [ 57.303927][ T8473] ? _copy_from_iter_full+0x275/0x850 [ 57.309289][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 57.315519][ T8473] ? __phys_addr_symbol+0x2c/0x70 [ 57.320535][ T8473] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 57.326247][ T8473] ? __check_object_size+0x171/0x3f0 [ 57.331542][ T8473] netlink_sendmsg+0x856/0xd90 [ 57.336302][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 57.341264][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.347518][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 57.352489][ T8473] sock_sendmsg+0xcf/0x120 [ 57.356932][ T8473] ____sys_sendmsg+0x6e8/0x810 [ 57.361711][ T8473] ? kernel_sendmsg+0x50/0x50 [ 57.366500][ T8473] ? do_recvmmsg+0x6c0/0x6c0 [ 57.371102][ T8473] ? stack_trace_save+0x8c/0xc0 [ 57.376046][ T8473] ? stack_trace_consume_entry+0x160/0x160 [ 57.381875][ T8473] ___sys_sendmsg+0xf3/0x170 [ 57.386491][ T8473] ? sendmsg_copy_msghdr+0x160/0x160 [ 57.391770][ T8473] ? task_work_run+0xdd/0x190 [ 57.396447][ T8473] ? syscall_exit_to_user_mode+0x19/0x50 [ 57.402100][ T8473] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.408192][ T8473] ? debug_object_active_state+0x260/0x350 [ 57.414001][ T8473] ? lock_downgrade+0x6d0/0x6d0 [ 57.418857][ T8473] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 57.424687][ T8473] ? lockdep_hardirqs_on+0x79/0x100 [ 57.429986][ T8473] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 57.435803][ T8473] ? debug_object_active_state+0x260/0x350 [ 57.441621][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.447877][ T8473] ? __fget_light+0x215/0x280 [ 57.452567][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 57.458909][ T8473] __sys_sendmsg+0xe5/0x1b0 [ 57.463426][ T8473] ? __sys_sendmsg_sock+0xb0/0xb0 [ 57.468465][ T8473] ? syscall_enter_from_user_mode+0x1d/0x50 [ 57.474460][ T8473] do_syscall_64+0x2d/0x70 [ 57.478907][ T8473] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.484850][ T8473] RIP: 0033:0x441029 [ 57.488861][ T8473] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 57.508729][ T8473] RSP: 002b:00007ffc2b9b9e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 57.517172][ T8473] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 0000000000441029 [ 57.525149][ T8473] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 57.533145][ T8473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 57.541135][ T8473] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000dcd2 [ 57.549108][ T8473] R13: 00007ffc2b9b9ea0 R14: 00007ffc2b9b9e90 R15: 00007ffc2b9b9e64 [ 57.561715][ T8473] Kernel Offset: disabled [ 57.566179][ T8473] Rebooting in 86400 seconds..