[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.146' (ECDSA) to the list of known hosts. syzkaller login: [ 72.943708][ T8512] IPVS: ftp: loaded support on port[0] = 21 [ 73.031190][ T1261] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.046475][ T1261] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.062231][ T4031] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready executing program [ 73.082497][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.090653][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.099083][ T4031] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 73.116871][ T8512] ------------[ cut here ]------------ [ 73.122587][ T8512] wlan1: Failed check-sdata-in-driver check, flags: 0x4 [ 73.130224][ T8512] WARNING: CPU: 1 PID: 8512 at net/mac80211/driver-ops.h:172 drv_bss_info_changed+0x579/0x680 [ 73.140798][ T8512] Modules linked in: [ 73.144702][ T8512] CPU: 1 PID: 8512 Comm: syz-executor249 Not tainted 5.10.0-next-20201217-syzkaller #0 [ 73.154428][ T8512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.164607][ T8512] RIP: 0010:drv_bss_info_changed+0x579/0x680 [ 73.170688][ T8512] Code: 00 00 48 85 db 0f 84 9e 00 00 00 e8 01 9a 15 f9 49 89 dc e8 f9 99 15 f9 44 89 ea 4c 89 e6 48 c7 c7 20 b7 86 8a e8 75 da 6c 00 <0f> 0b e9 76 fd ff ff e8 db 99 15 f9 0f 0b e9 ae fc ff ff 4c 89 ff [ 73.190457][ T8512] RSP: 0018:ffffc900015af500 EFLAGS: 00010282 [ 73.196520][ T8512] RAX: 0000000000000000 RBX: ffff8880233d0000 RCX: 0000000000000000 [ 73.205697][ T8512] RDX: ffff888022005100 RSI: ffffffff815b95f5 RDI: fffff520002b5e92 [ 73.215208][ T8512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 73.223272][ T8512] R10: ffffffff815b7a4b R11: 0000000000000000 R12: ffff8880233d0000 [ 73.231346][ T8512] R13: 0000000000000004 R14: ffff8880233d1de0 R15: ffff8880233d1dd8 [ 73.239374][ T8512] FS: 00000000011c1880(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 73.248391][ T8512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.254973][ T8512] CR2: 0000000020000340 CR3: 0000000020c36000 CR4: 00000000001506e0 [ 73.263008][ T8512] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.271111][ T8512] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.279142][ T8512] Call Trace: [ 73.282449][ T8512] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 73.288591][ T8512] ieee80211_set_mcast_rate+0x37/0x40 [ 73.293971][ T8512] ? ieee80211_get_mesh_config+0x30/0x30 [ 73.299667][ T8512] nl80211_set_mcast_rate+0x317/0x630 [ 73.305065][ T8512] ? nl80211_tdls_cancel_channel_switch+0x5c0/0x5c0 [ 73.311752][ T8512] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 73.318089][ T8512] ? nl80211_pre_doit+0xa2/0x670 [ 73.323054][ T8512] genl_family_rcv_msg_doit+0x228/0x320 [ 73.329838][ T8512] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 73.337330][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.343651][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.350014][ T8512] ? ns_capable_common+0x117/0x140 [ 73.355150][ T8512] genl_rcv_msg+0x32f/0x590 [ 73.359714][ T8512] ? genl_get_cmd+0x480/0x480 [ 73.364401][ T8512] ? nl80211_tdls_cancel_channel_switch+0x5c0/0x5c0 [ 73.371073][ T8512] ? lock_release+0x710/0x710 [ 73.375767][ T8512] netlink_rcv_skb+0x153/0x420 [ 73.380586][ T8512] ? genl_get_cmd+0x480/0x480 [ 73.385273][ T8512] ? netlink_ack+0xab0/0xab0 [ 73.389962][ T8512] genl_rcv+0x24/0x40 [ 73.393956][ T8512] netlink_unicast+0x533/0x7d0 [ 73.398797][ T8512] ? netlink_attachskb+0x870/0x870 [ 73.403931][ T8512] ? _copy_from_iter_full+0x275/0x850 [ 73.409411][ T8512] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 73.415664][ T8512] ? __phys_addr_symbol+0x2c/0x70 [ 73.420742][ T8512] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 73.426476][ T8512] ? __check_object_size+0x171/0x3f0 [ 73.431850][ T8512] netlink_sendmsg+0x907/0xe40 [ 73.436629][ T8512] ? netlink_unicast+0x7d0/0x7d0 [ 73.441627][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.447979][ T8512] ? netlink_unicast+0x7d0/0x7d0 [ 73.452963][ T8512] sock_sendmsg+0xcf/0x120 [ 73.458523][ T8512] ____sys_sendmsg+0x6e8/0x810 [ 73.463325][ T8512] ? kernel_sendmsg+0x50/0x50 [ 73.469146][ T8512] ? do_recvmmsg+0x6c0/0x6c0 [ 73.473739][ T8512] ? find_held_lock+0x2d/0x110 [ 73.478892][ T8512] ___sys_sendmsg+0xf3/0x170 [ 73.483515][ T8512] ? sendmsg_copy_msghdr+0x160/0x160 [ 73.488949][ T8512] ? _copy_to_user+0xdc/0x150 [ 73.493642][ T8512] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 73.499954][ T8512] ? sock_do_ioctl+0x1cd/0x2f0 [ 73.504731][ T8512] ? kernel_sendpage_locked+0x100/0x100 [ 73.510352][ T8512] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 73.516263][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.522556][ T8512] ? __fget_light+0x215/0x280 [ 73.527320][ T8512] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 73.533569][ T8512] __sys_sendmsg+0xe5/0x1b0 [ 73.538116][ T8512] ? __sys_sendmsg_sock+0xb0/0xb0 [ 73.543183][ T8512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 73.549163][ T8512] do_syscall_64+0x2d/0x70 [ 73.553591][ T8512] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 73.559549][ T8512] RIP: 0033:0x441789 [ 73.563469][ T8512] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 73.583156][ T8512] RSP: 002b:00007ffec0a20568 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.591864][ T8512] RAX: ffffffffffffffda RBX: 00007ffec0a20590 RCX: 0000000000441789 [ 73.600221][ T8512] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 73.608373][ T8512] RBP: 0000000000000003 R08: 0000002100000000 R09: 0000002100000000 [ 73.616351][ T8512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 [ 73.624393][ T8512] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004 [ 73.632467][ T8512] Kernel panic - not syncing: panic_on_warn set ... [ 73.639041][ T8512] CPU: 1 PID: 8512 Comm: syz-executor249 Not tainted 5.10.0-next-20201217-syzkaller #0 [ 73.648665][ T8512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.658705][ T8512] Call Trace: [ 73.661970][ T8512] dump_stack+0x107/0x163 [ 73.666291][ T8512] panic+0x343/0x77f [ 73.670185][ T8512] ? __warn_printk+0xf3/0xf3 [ 73.674782][ T8512] ? __warn.cold+0x1a/0x44 [ 73.679199][ T8512] ? drv_bss_info_changed+0x579/0x680 [ 73.684561][ T8512] __warn.cold+0x35/0x44 [ 73.688788][ T8512] ? drv_bss_info_changed+0x579/0x680 [ 73.694146][ T8512] report_bug+0x1bd/0x210 [ 73.698467][ T8512] handle_bug+0x3c/0x60 [ 73.702642][ T8512] exc_invalid_op+0x14/0x40 [ 73.707143][ T8512] asm_exc_invalid_op+0x12/0x20 [ 73.711991][ T8512] RIP: 0010:drv_bss_info_changed+0x579/0x680 [ 73.717981][ T8512] Code: 00 00 48 85 db 0f 84 9e 00 00 00 e8 01 9a 15 f9 49 89 dc e8 f9 99 15 f9 44 89 ea 4c 89 e6 48 c7 c7 20 b7 86 8a e8 75 da 6c 00 <0f> 0b e9 76 fd ff ff e8 db 99 15 f9 0f 0b e9 ae fc ff ff 4c 89 ff [ 73.737587][ T8512] RSP: 0018:ffffc900015af500 EFLAGS: 00010282 [ 73.743657][ T8512] RAX: 0000000000000000 RBX: ffff8880233d0000 RCX: 0000000000000000 [ 73.751651][ T8512] RDX: ffff888022005100 RSI: ffffffff815b95f5 RDI: fffff520002b5e92 [ 73.759622][ T8512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 73.767612][ T8512] R10: ffffffff815b7a4b R11: 0000000000000000 R12: ffff8880233d0000 [ 73.775591][ T8512] R13: 0000000000000004 R14: ffff8880233d1de0 R15: ffff8880233d1dd8 [ 73.783566][ T8512] ? wake_up_klogd+0xcb/0x100 [ 73.788251][ T8512] ? vprintk_func+0x95/0x1e0 [ 73.792851][ T8512] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 73.798918][ T8512] ieee80211_set_mcast_rate+0x37/0x40 [ 73.804303][ T8512] ? ieee80211_get_mesh_config+0x30/0x30 [ 73.809928][ T8512] nl80211_set_mcast_rate+0x317/0x630 [ 73.815295][ T8512] ? nl80211_tdls_cancel_channel_switch+0x5c0/0x5c0 [ 73.821915][ T8512] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 73.828167][ T8512] ? nl80211_pre_doit+0xa2/0x670 [ 73.833142][ T8512] genl_family_rcv_msg_doit+0x228/0x320 [ 73.838689][ T8512] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 73.846060][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.852325][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.858563][ T8512] ? ns_capable_common+0x117/0x140 [ 73.863676][ T8512] genl_rcv_msg+0x32f/0x590 [ 73.868177][ T8512] ? genl_get_cmd+0x480/0x480 [ 73.872844][ T8512] ? nl80211_tdls_cancel_channel_switch+0x5c0/0x5c0 [ 73.879431][ T8512] ? lock_release+0x710/0x710 [ 73.884113][ T8512] netlink_rcv_skb+0x153/0x420 [ 73.888871][ T8512] ? genl_get_cmd+0x480/0x480 [ 73.893542][ T8512] ? netlink_ack+0xab0/0xab0 [ 73.898135][ T8512] genl_rcv+0x24/0x40 [ 73.902108][ T8512] netlink_unicast+0x533/0x7d0 [ 73.906869][ T8512] ? netlink_attachskb+0x870/0x870 [ 73.911970][ T8512] ? _copy_from_iter_full+0x275/0x850 [ 73.917447][ T8512] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 73.923697][ T8512] ? __phys_addr_symbol+0x2c/0x70 [ 73.928744][ T8512] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 73.934465][ T8512] ? __check_object_size+0x171/0x3f0 [ 73.939756][ T8512] netlink_sendmsg+0x907/0xe40 [ 73.944527][ T8512] ? netlink_unicast+0x7d0/0x7d0 [ 73.949463][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.955703][ T8512] ? netlink_unicast+0x7d0/0x7d0 [ 73.960634][ T8512] sock_sendmsg+0xcf/0x120 [ 73.965064][ T8512] ____sys_sendmsg+0x6e8/0x810 [ 73.969932][ T8512] ? kernel_sendmsg+0x50/0x50 [ 73.974601][ T8512] ? do_recvmmsg+0x6c0/0x6c0 [ 73.979200][ T8512] ? find_held_lock+0x2d/0x110 [ 73.983994][ T8512] ___sys_sendmsg+0xf3/0x170 [ 73.988585][ T8512] ? sendmsg_copy_msghdr+0x160/0x160 [ 73.993880][ T8512] ? _copy_to_user+0xdc/0x150 [ 73.998556][ T8512] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 74.004798][ T8512] ? sock_do_ioctl+0x1cd/0x2f0 [ 74.009562][ T8512] ? kernel_sendpage_locked+0x100/0x100 [ 74.015106][ T8512] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 74.021006][ T8512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.027243][ T8512] ? __fget_light+0x215/0x280 [ 74.031931][ T8512] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 74.038191][ T8512] __sys_sendmsg+0xe5/0x1b0 [ 74.042692][ T8512] ? __sys_sendmsg_sock+0xb0/0xb0 [ 74.047724][ T8512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 74.053629][ T8512] do_syscall_64+0x2d/0x70 [ 74.058055][ T8512] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.063960][ T8512] RIP: 0033:0x441789 [ 74.067860][ T8512] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.087472][ T8512] RSP: 002b:00007ffec0a20568 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.095878][ T8512] RAX: ffffffffffffffda RBX: 00007ffec0a20590 RCX: 0000000000441789 [ 74.103853][ T8512] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 74.111814][ T8512] RBP: 0000000000000003 R08: 0000002100000000 R09: 0000002100000000 [ 74.119883][ T8512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 [ 74.127844][ T8512] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004 [ 74.136652][ T8512] Kernel Offset: disabled [ 74.141079][ T8512] Rebooting in 86400 seconds..