Warning: Permanently added '10.128.0.92' (ED25519) to the list of known hosts. executing program [ 44.478880][ T4025] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.480683][ T4025] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.617714][ T4036] ------------[ cut here ]------------ [ 44.618822][ T4036] wlan1: Failed check-sdata-in-driver check, flags: 0x0 [ 44.620821][ T4036] WARNING: CPU: 1 PID: 4036 at net/mac80211/driver-ops.h:172 ieee80211_bss_info_change_notify+0x400/0x8a4 [ 44.623258][ T4036] Modules linked in: [ 44.624034][ T4036] CPU: 1 PID: 4036 Comm: syz-executor108 Not tainted 5.15.176-syzkaller #0 [ 44.625679][ T4036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 44.627886][ T4036] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 44.629527][ T4036] pc : ieee80211_bss_info_change_notify+0x400/0x8a4 [ 44.630914][ T4036] lr : ieee80211_bss_info_change_notify+0x400/0x8a4 [ 44.632173][ T4036] sp : ffff80001f2a6ef0 [ 44.633051][ T4036] x29: ffff80001f2a6ef0 x28: 1fffe00019b7c35a x27: dfff800000000000 [ 44.634592][ T4036] x26: 1fffe00019b7c453 x25: dfff800000000000 x24: 0000000000000000 [ 44.636253][ T4036] x23: 0000000000000000 x22: ffff0000cdbe0c80 x21: ffff0000cdbe2298 [ 44.638020][ T4036] x20: 0000000000400000 x19: ffff800016fbe000 x18: 0000000000000001 [ 44.639693][ T4036] x17: 0000000000000000 x16: ffff800011b4c240 x15: 00000000ffffffff [ 44.641392][ T4036] x14: ffff0000d484b680 x13: 0000000000000001 x12: 0000000000000001 [ 44.643077][ T4036] x11: 0000000000000000 x10: 0000000000000000 x9 : 1fd8c51ed279ba00 [ 44.644717][ T4036] x8 : 1fd8c51ed279ba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 44.646338][ T4036] x5 : ffff80001f2a6658 x4 : ffff800014c40660 x3 : ffff8000085567f8 [ 44.648044][ T4036] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000035 [ 44.649717][ T4036] Call trace: [ 44.650331][ T4036] ieee80211_bss_info_change_notify+0x400/0x8a4 [ 44.651577][ T4036] ieee80211_ocb_leave+0x220/0x2e8 [ 44.652806][ T4036] ieee80211_leave_ocb+0x20/0x30 [ 44.653760][ T4036] __cfg80211_leave_ocb+0x218/0x730 [ 44.654843][ T4036] cfg80211_leave_ocb+0x5c/0xa0 [ 44.655866][ T4036] cfg80211_change_iface+0x52c/0x143c [ 44.656966][ T4036] nl80211_set_interface+0x404/0x710 [ 44.658029][ T4036] genl_rcv_msg+0xc18/0x1018 [ 44.658933][ T4036] netlink_rcv_skb+0x20c/0x3b8 [ 44.659942][ T4036] genl_rcv+0x38/0x50 [ 44.660751][ T4036] netlink_unicast+0x664/0x938 [ 44.661826][ T4036] netlink_sendmsg+0x844/0xb38 [ 44.662786][ T4036] ____sys_sendmsg+0x584/0x870 [ 44.663795][ T4036] ___sys_sendmsg+0x214/0x294 [ 44.664772][ T4036] __arm64_sys_sendmsg+0x1ac/0x25c [ 44.665805][ T4036] invoke_syscall+0x98/0x2b8 [ 44.666752][ T4036] el0_svc_common+0x138/0x258 [ 44.667763][ T4036] do_el0_svc+0x58/0x14c [ 44.668782][ T4036] el0_svc+0x7c/0x1f0 [ 44.670070][ T4036] el0t_64_sync_handler+0x84/0xe4 [ 44.671121][ T4036] el0t_64_sync+0x1a0/0x1a4 [ 44.671974][ T4036] irq event stamp: 928 [ 44.672814][ T4036] hardirqs last enabled at (927): [] __up_console_sem+0xb4/0x100 [ 44.674624][ T4036] hardirqs last disabled at (928): [] el1_dbg+0x24/0x80 [ 44.676301][ T4036] softirqs last enabled at (910): [] ieee80211_ocb_leave+0x1d0/0x2e8 [ 44.678516][ T4036] softirqs last disabled at (908): [] ieee80211_ocb_leave+0x7c/0x2e8 [ 44.680570][ T4036] ---[ end trace dc048b0f85c3b01a ]--- [ 44.694849][ T4036] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.696744][ T4036] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.714145][ T4042] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.717802][ T4042] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.738188][ T4044] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.739898][ T4044] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.765000][ T4047] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.767053][ T4047] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.782928][ T4050] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.784623][ T4050] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.804157][ T4053] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.805961][ T4053] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.825716][ T4055] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.828362][ T4055] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.850441][ T4058] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.852262][ T4058] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 44.870222][ T4060] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 44.872069][ T4060] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.496285][ T4672] validate_nla: 312 callbacks suppressed [ 49.496298][ T4672] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.499284][ T4672] __nla_validate_parse: 312 callbacks suppressed [ 49.499294][ T4672] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.519671][ T4673] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.521399][ T4673] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.542334][ T4674] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.544087][ T4674] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.559903][ T4675] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.561692][ T4675] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.580929][ T4676] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.582678][ T4676] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.602298][ T4677] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.603981][ T4677] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.624266][ T4678] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.626522][ T4678] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.645605][ T4679] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.649726][ T4679] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.670757][ T4680] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.672394][ T4680] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 49.687973][ T4681] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 49.689715][ T4681] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 54.515006][ T5028] validate_nla: 346 callbacks suppressed [ 54.515019][ T5028] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 54.518231][ T5028] __nla_validate_parse: 346 callbacks suppressed [ 54.518243][ T5028] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 54.533354][ T5029] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 54.534950][ T5029] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 54.554704][ T5030] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 54.558655][ T5030] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 54.577486][ T5031] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 54.579160][ T5031] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 54.597801][ T5032] netlink: 'syz-executor108': attribute type 27 has an invalid length. [ 54.599517][ T5032] netlink: 52 bytes leftover after parsing attributes in process `syz-executor108'. [ 54.621594][ T5033] netlink: 'syz-executor108': attribute type 27 has an invalid length.