Starting OpenBSD Secure Shell server... Starting getty on tty2-tty6 if dbus and logind are not available... [ OK ] Started Regular background program processing daemon. Starting Permit User Sessions... [ OK ] Started System Logging Service. [ OK ] Found device /dev/ttyS0. [ 68.400666][ T8071] sshd (8071) used greatest stack depth: 22984 bytes left [ OK ] Started Permit User Sessions. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Warning: Permanently added '10.128.15.199' (ECDSA) to the list of known hosts. executing program executing program [ 87.262323][ T38] audit: type=1400 audit(1618491763.102:8): avc: denied { execmem } for pid=8391 comm="syz-executor754" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 executing program [ 87.337490][ T4834] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 87.372960][ T8405] general protection fault, probably for non-canonical address 0xfbd59c0000000020: 0000 [#1] PREEMPT SMP KASAN [ 87.384741][ T8405] KASAN: maybe wild-memory-access in range [0xdead000000000100-0xdead000000000107] [ 87.394031][ T8405] CPU: 1 PID: 8405 Comm: syz-executor754 Not tainted 5.12.0-rc7-syzkaller #0 [ 87.402909][ T8405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.412993][ T8405] RIP: 0010:ieee80211_chanctx_num_assigned+0xb1/0x140 [ 87.419865][ T8405] Code: a8 f6 ff ff 48 39 c5 74 3b 49 bd 00 00 00 00 00 fc ff df e8 d1 53 0c f9 48 8d bb 58 09 00 00 41 83 c4 01 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 75 68 48 8b 83 58 09 00 00 48 8d 98 a8 f6 ff ff 48 [ 87.439666][ T8405] RSP: 0018:ffffc90001927330 EFLAGS: 00010a02 [ 87.445753][ T8405] RAX: 1bd5a00000000020 RBX: deacfffffffff7a8 RCX: 0000000000000000 [ 87.453737][ T8405] RDX: ffff888013908140 RSI: ffffffff8866d1ff RDI: dead000000000100 [ 87.461713][ T8405] RBP: ffff88801e237520 R08: 0000000000000000 R09: 0000000000000001 [ 87.469674][ T8405] R10: ffffffff8866d25b R11: 0000000000000000 R12: 0000000000000002 [ 87.477642][ T8405] R13: dffffc0000000000 R14: ffff88801e237500 R15: 0000000000000000 [ 87.485610][ T8405] FS: 00000000021e9300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 87.494530][ T8405] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.501105][ T8405] CR2: 00007ffc350a3e58 CR3: 000000002deb7000 CR4: 00000000001506e0 [ 87.509077][ T8405] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 87.517033][ T8405] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 87.524987][ T8405] Call Trace: [ 87.528252][ T8405] ieee80211_assign_vif_chanctx+0x7bd/0x1240 [ 87.534239][ T8405] __ieee80211_vif_release_channel+0x236/0x430 [ 87.540381][ T8405] ieee80211_vif_release_channel+0x117/0x220 [ 87.546350][ T8405] ieee80211_ibss_disconnect+0x44e/0x7b0 [ 87.551973][ T8405] ieee80211_ibss_leave+0x12/0x150 [ 87.557070][ T8405] __cfg80211_leave_ibss+0x1a2/0x4d0 [ 87.562383][ T8405] cfg80211_leave_ibss+0x57/0x80 [ 87.567310][ T8405] cfg80211_change_iface+0x820/0xf30 [ 87.572596][ T8405] nl80211_set_interface+0x65c/0x8d0 [ 87.577883][ T8405] ? nl80211_notify_iface+0x180/0x180 [ 87.583277][ T8405] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 87.589663][ T8405] ? nl80211_pre_doit+0xa6/0x5c0 [ 87.594594][ T8405] genl_family_rcv_msg_doit+0x228/0x320 [ 87.600418][ T8405] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 87.607876][ T8405] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.614194][ T8405] ? cap_capable+0x1f1/0x280 [ 87.618794][ T8405] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.625023][ T8405] ? ns_capable+0xde/0x100 [ 87.629472][ T8405] genl_rcv_msg+0x328/0x580 [ 87.633972][ T8405] ? genl_get_cmd+0x480/0x480 [ 87.638646][ T8405] ? nl80211_notify_iface+0x180/0x180 [ 87.644011][ T8405] ? lock_release+0x720/0x720 [ 87.648684][ T8405] netlink_rcv_skb+0x153/0x420 [ 87.653432][ T8405] ? genl_get_cmd+0x480/0x480 [ 87.658109][ T8405] ? netlink_ack+0xaa0/0xaa0 [ 87.662689][ T8405] genl_rcv+0x24/0x40 [ 87.666660][ T8405] netlink_unicast+0x533/0x7d0 [ 87.671411][ T8405] ? netlink_attachskb+0x870/0x870 [ 87.676509][ T8405] netlink_sendmsg+0x856/0xd90 [ 87.681269][ T8405] ? netlink_unicast+0x7d0/0x7d0 [ 87.686204][ T8405] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.692443][ T8405] ? netlink_unicast+0x7d0/0x7d0 [ 87.697885][ T8405] sock_sendmsg+0xcf/0x120 [ 87.702319][ T8405] ____sys_sendmsg+0x6e8/0x810 [ 87.707083][ T8405] ? kernel_sendmsg+0x50/0x50 [ 87.711750][ T8405] ? do_recvmmsg+0x6d0/0x6d0 [ 87.716328][ T8405] ? lock_chain_count+0x20/0x20 [ 87.721604][ T8405] ? find_held_lock+0x2d/0x110 [ 87.726355][ T8405] ___sys_sendmsg+0xf3/0x170 [ 87.730932][ T8405] ? sendmsg_copy_msghdr+0x160/0x160 [ 87.736204][ T8405] ? __lock_acquire+0x16b3/0x54c0 [ 87.741220][ T8405] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 87.747286][ T8405] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 87.753954][ T8405] ? __fget_light+0x215/0x280 [ 87.758725][ T8405] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 87.764959][ T8405] __sys_sendmsg+0xe5/0x1b0 [ 87.769450][ T8405] ? __sys_sendmsg_sock+0x30/0x30 [ 87.774460][ T8405] ? syscall_enter_from_user_mode+0x27/0x70 [ 87.780374][ T8405] do_syscall_64+0x2d/0x70 [ 87.784863][ T8405] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 87.790766][ T8405] RIP: 0033:0x440bf9 [ 87.794658][ T8405] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 87.814273][ T8405] RSP: 002b:00007ffc350a4ec8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 87.822675][ T8405] RAX: ffffffffffffffda RBX: 000000000001557f RCX: 0000000000440bf9 [ 87.830632][ T8405] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 87.838597][ T8405] RBP: 0000000000000000 R08: 00007ffc350a5068 R09: 00007ffc350a5068 [ 87.847868][ T8405] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc350a4edc [ 87.855823][ T8405] R13: 431bde82d7b634db R14: 00000000004b5018 R15: 00000000004004b8 [ 87.863784][ T8405] Modules linked in: Debian GNU/Linux 9 syzkaller ttyS0 [ 87.890130][ T8405] ---[ end trace 15d6aca3128782a4 ]--- [ 87.895691][ T8405] RIP: 0010:ieee80211_chanctx_num_assigned+0xb1/0x140 [ 87.902683][ T8405] Code: a8 f6 ff ff 48 39 c5 74 3b 49 bd 00 00 00 00 00 fc ff df e8 d1 53 0c f9 48 8d bb 58 09 00 00 41 83 c4 01 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 75 68 48 8b 83 58 09 00 00 48 8d 98 a8 f6 ff ff 48 syzkaller login: [ 87.925089][ T8405] RSP: 0018:ffffc90001927330 EFLAGS: 00010a02 [ 87.931248][ T8405] RAX: 1bd5a00000000020 RBX: deacfffffffff7a8 RCX: 0000000000000000 [ 87.946634][ T8405] RDX: ffff888013908140 RSI: ffffffff8866d1ff RDI: dead000000000100 [ 87.964051][ T8405] RBP: ffff88801e237520 R08: 0000000000000000 R09: 0000000000000001 [ 87.972068][ T8405] R10: ffffffff8866d25b R11: 0000000000000000 R12: 0000000000000002 [ 87.980373][ T8405] R13: dffffc0000000000 R14: ffff88801e237500 R15: 0000000000000000 [ 87.988892][ T8405] FS: 00000000021e9300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 87.998323][ T8405] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.005157][ T8405] CR2: 00005568cdc96a80 CR3: 000000002deb7000 CR4: 00000000001506e0 [ 88.013244][ T8405] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.021542][ T8405] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.029595][ T8405] Kernel panic - not syncing: Fatal exception [ 88.036366][ T8405] Kernel Offset: disabled [ 88.040690][ T8405] Rebooting in 86400 seconds..