Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.34' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 62.636829][ T6905] device wlan0 entered promiscuous mode [ 62.655234][ T6905] ------------[ cut here ]------------ [ 62.660897][ T6905] WARNING: CPU: 1 PID: 6905 at net/mac80211/ieee80211_i.h:1460 ieee80211_get_sband+0x2e3/0x3e0 [ 62.675460][ T6905] Kernel panic - not syncing: panic_on_warn set ... [ 62.682076][ T6905] CPU: 1 PID: 6905 Comm: syz-executor526 Not tainted 5.9.0-rc8-syzkaller #0 [ 62.690736][ T6905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.700814][ T6905] Call Trace: [ 62.704106][ T6905] dump_stack+0x198/0x1fd [ 62.708444][ T6905] panic+0x382/0x7fb [ 62.713099][ T6905] ? __warn_printk+0xf3/0xf3 [ 62.717756][ T6905] ? printk+0xba/0xed [ 62.721721][ T6905] ? log_store.cold+0x16/0x16 [ 62.726404][ T6905] ? __warn.cold+0x5/0x4b [ 62.730721][ T6905] ? __warn+0xd6/0x1f2 [ 62.734778][ T6905] ? ieee80211_get_sband+0x2e3/0x3e0 [ 62.740294][ T6905] __warn.cold+0x20/0x4b [ 62.744523][ T6905] ? ieee80211_get_sband+0x2e3/0x3e0 [ 62.749802][ T6905] report_bug+0x1bd/0x210 [ 62.754139][ T6905] handle_bug+0x38/0x90 [ 62.758284][ T6905] exc_invalid_op+0x14/0x40 [ 62.762780][ T6905] asm_exc_invalid_op+0x12/0x20 [ 62.767629][ T6905] RIP: 0010:ieee80211_get_sband+0x2e3/0x3e0 [ 62.774055][ T6905] Code: f9 48 c7 c2 e0 5f 61 89 be 7b 02 00 00 48 c7 c7 40 60 61 89 c6 05 b6 fb 80 03 01 e8 3c a2 85 f9 e9 b8 fd ff ff e8 cd ac 9f f9 <0f> 0b e8 46 75 60 00 31 ff 89 c3 89 c6 e8 1b a9 9f f9 85 db 74 19 [ 62.793652][ T6905] RSP: 0018:ffffc900056573d8 EFLAGS: 00010293 [ 62.799724][ T6905] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff87d6db35 [ 62.807697][ T6905] RDX: ffff8880a6a2a180 RSI: ffffffff87d6dbb3 RDI: 0000000000000005 [ 62.815667][ T6905] RBP: ffff88809ec40c80 R08: 0000000000000001 R09: ffffffff8d1119e7 [ 62.823638][ T6905] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 62.831608][ T6905] R13: ffff88809ecccc00 R14: ffff88809ec40c80 R15: ffffc9000565751c [ 62.839598][ T6905] ? ieee80211_get_sband+0x265/0x3e0 [ 62.844865][ T6905] ? ieee80211_get_sband+0x2e3/0x3e0 [ 62.850260][ T6905] ? ieee80211_get_sband+0x2e3/0x3e0 [ 62.855572][ T6905] sta_apply_parameters+0x4e/0x1dc0 [ 62.860759][ T6905] ieee80211_add_station+0x320/0x660 [ 62.866030][ T6905] nl80211_new_station+0xdce/0x1420 [ 62.871206][ T6905] ? nl80211_set_station+0x1220/0x1220 [ 62.876660][ T6905] ? nl80211_pre_doit+0xa2/0x630 [ 62.881586][ T6905] genl_family_rcv_msg_doit+0x228/0x320 [ 62.887112][ T6905] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 62.894481][ T6905] ? ns_capable+0xde/0x100 [ 62.898900][ T6905] genl_rcv_msg+0x328/0x580 [ 62.903394][ T6905] ? genl_get_cmd+0x480/0x480 [ 62.908142][ T6905] ? lock_acquire+0x1f3/0xaf0 [ 62.913520][ T6905] ? nl80211_set_station+0x1220/0x1220 [ 62.918979][ T6905] ? lock_release+0x8f0/0x8f0 [ 62.923665][ T6905] netlink_rcv_skb+0x15a/0x430 [ 62.928418][ T6905] ? genl_get_cmd+0x480/0x480 [ 62.933077][ T6905] ? netlink_ack+0xa10/0xa10 [ 62.938351][ T6905] ? __kmalloc_node_track_caller+0x38/0x60 [ 62.944154][ T6905] genl_rcv+0x24/0x40 [ 62.948126][ T6905] netlink_unicast+0x533/0x7d0 [ 62.952891][ T6905] ? netlink_attachskb+0x810/0x810 [ 62.958005][ T6905] ? __phys_addr_symbol+0x2c/0x70 [ 62.963020][ T6905] ? __check_object_size+0x171/0x3e4 [ 62.968299][ T6905] netlink_sendmsg+0x856/0xd90 [ 62.973061][ T6905] ? netlink_unicast+0x7d0/0x7d0 [ 62.977996][ T6905] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 62.983280][ T6905] ? netlink_unicast+0x7d0/0x7d0 [ 62.989161][ T6905] sock_sendmsg+0xcf/0x120 [ 62.993573][ T6905] ____sys_sendmsg+0x6e8/0x810 [ 62.998318][ T6905] ? kernel_sendmsg+0x50/0x50 [ 63.002968][ T6905] ? do_recvmmsg+0x6d0/0x6d0 [ 63.007540][ T6905] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 63.013502][ T6905] ? find_held_lock+0x2d/0x110 [ 63.018247][ T6905] ? __might_fault+0x11f/0x1d0 [ 63.023023][ T6905] ___sys_sendmsg+0xf3/0x170 [ 63.027607][ T6905] ? sendmsg_copy_msghdr+0x160/0x160 [ 63.032925][ T6905] ? __fget_files+0x272/0x400 [ 63.037606][ T6905] ? lock_downgrade+0x830/0x830 [ 63.042438][ T6905] ? __might_fault+0x190/0x1d0 [ 63.047195][ T6905] ? __fget_files+0x294/0x400 [ 63.052306][ T6905] ? __fget_light+0xea/0x280 [ 63.057029][ T6905] __sys_sendmsg+0xe5/0x1b0 [ 63.061668][ T6905] ? __sys_sendmsg_sock+0xb0/0xb0 [ 63.067427][ T6905] ? check_preemption_disabled+0x50/0x130 [ 63.073132][ T6905] ? syscall_enter_from_user_mode+0x1d/0x60 [ 63.079012][ T6905] do_syscall_64+0x2d/0x70 [ 63.083421][ T6905] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.089288][ T6905] RIP: 0033:0x446309 [ 63.093180][ T6905] Code: e8 bc b5 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0f fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 63.112781][ T6905] RSP: 002b:00007f4a00236d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 63.121326][ T6905] RAX: ffffffffffffffda RBX: 00000000006dbc78 RCX: 0000000000446309 [ 63.129301][ T6905] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 000000000000000a [ 63.137255][ T6905] RBP: 00000000006dbc70 R08: 0000000000000000 R09: 0000000000000000 [ 63.145203][ T6905] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc7c [ 63.153212][ T6905] R13: 0000000000000000 R14: 000000306e616c77 R15: 0000000000660006 [ 63.162701][ T6905] Kernel Offset: disabled [ 63.167119][ T6905] Rebooting in 86400 seconds..