
Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts.
syzkaller login: [   57.804612][ T6885] IPVS: ftp: loaded support on port[0] = 21
[   57.896987][ T6851] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.904928][ T6851] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.932244][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[   57.933812][   T36] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   57.941285][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.977408][ T2658] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   58.005697][ T6885] netlink: 8 bytes leftover after parsing attributes in process `syz-executor536'.
[   58.017460][ T6885] ================================================================================
[   58.027057][ T6885] UBSAN: array-index-out-of-bounds in net/mac80211/cfg.c:524:9
[   58.034580][ T6885] index 255 is out of range for type 'ieee80211_key *[8]'
[   58.041730][ T6885] CPU: 0 PID: 6885 Comm: syz-executor536 Not tainted 5.9.0-rc6-syzkaller #0
[   58.050426][ T6885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.060463][ T6885] Call Trace:
[   58.063748][ T6885]  dump_stack+0x198/0x1fd
[   58.068083][ T6885]  ubsan_epilogue+0xb/0x5a
[   58.072491][ T6885]  __ubsan_handle_out_of_bounds.cold+0x62/0x6c
[   58.078625][ T6885]  ? lock_is_held_type+0xbb/0xf0
[   58.083543][ T6885]  ieee80211_del_key+0x428/0x440
[   58.088467][ T6885]  nl80211_del_key+0x493/0x980
[   58.093211][ T6885]  ? cfg80211_tdls_oper_request+0x7f0/0x7f0
[   58.099087][ T6885]  ? nl80211_pre_doit+0xa2/0x630
[   58.104009][ T6885]  ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580
[   58.110766][ T6885]  genl_rcv_msg+0x61d/0x980
[   58.115252][ T6885]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250
[   58.122173][ T6885]  ? lock_release+0x8f0/0x8f0
[   58.126841][ T6885]  netlink_rcv_skb+0x15a/0x430
[   58.131586][ T6885]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250
[   58.138501][ T6885]  ? netlink_ack+0xa10/0xa10
[   58.143086][ T6885]  ? __kmalloc_node_track_caller+0x38/0x60
[   58.148884][ T6885]  genl_rcv+0x24/0x40
[   58.152847][ T6885]  netlink_unicast+0x533/0x7d0
[   58.157593][ T6885]  ? netlink_attachskb+0x810/0x810
[   58.162695][ T6885]  ? __phys_addr_symbol+0x2c/0x70
[   58.167727][ T6885]  ? __check_object_size+0x171/0x3e4
[   58.172991][ T6885]  netlink_sendmsg+0x856/0xd90
[   58.177742][ T6885]  ? netlink_unicast+0x7d0/0x7d0
[   58.182682][ T6885]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[   58.187960][ T6885]  ? netlink_unicast+0x7d0/0x7d0
[   58.192888][ T6885]  sock_sendmsg+0xcf/0x120
[   58.197298][ T6885]  ____sys_sendmsg+0x6e8/0x810
[   58.202041][ T6885]  ? kernel_sendmsg+0x50/0x50
[   58.206710][ T6885]  ? do_recvmmsg+0x6d0/0x6d0
[   58.211281][ T6885]  ? stack_trace_consume_entry+0x160/0x160
[   58.217093][ T6885]  ___sys_sendmsg+0xf3/0x170
[   58.221680][ T6885]  ? sendmsg_copy_msghdr+0x160/0x160
[   58.226955][ T6885]  ? syscall_exit_to_user_mode+0x7e/0x2e0
[   58.232677][ T6885]  ? lock_downgrade+0x830/0x830
[   58.237519][ T6885]  ? check_preemption_disabled+0x50/0x130
[   58.243215][ T6885]  ? _raw_spin_unlock_irqrestore+0x6f/0x90
[   58.248998][ T6885]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[   58.254951][ T6885]  ? _raw_spin_unlock_irqrestore+0x6f/0x90
[   58.260736][ T6885]  ? lockdep_hardirqs_on+0x53/0x100
[   58.265915][ T6885]  ? _raw_spin_unlock_irqrestore+0x5c/0x90
[   58.271700][ T6885]  ? debug_object_active_state+0x260/0x350
[   58.277485][ T6885]  ? debug_object_init_on_stack+0x20/0x20
[   58.283196][ T6885]  ? __fget_light+0x215/0x280
[   58.287864][ T6885]  __sys_sendmsg+0xe5/0x1b0
[   58.292360][ T6885]  ? __sys_sendmsg_sock+0xb0/0xb0
[   58.297363][ T6885]  ? lock_is_held_type+0xbb/0xf0
[   58.302383][ T6885]  ? check_preemption_disabled+0x50/0x130
[   58.308079][ T6885]  ? syscall_enter_from_user_mode+0x1d/0x60
[   58.314001][ T6885]  do_syscall_64+0x2d/0x70
[   58.318443][ T6885]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   58.324312][ T6885] RIP: 0033:0x441719
[   58.328223][ T6885] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   58.347809][ T6885] RSP: 002b:00007ffeef974e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.356207][ T6885] RAX: ffffffffffffffda RBX: 00007ffeef974e50 RCX: 0000000000441719
[   58.364158][ T6885] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003
[   58.372113][ T6885] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000002000000000
[   58.380070][ T6885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032
[   58.388019][ T6885] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004
[   58.396824][ T6885] ================================================================================
[   58.406105][ T6885] Kernel panic - not syncing: panic_on_warn set ...
[   58.412711][ T6885] CPU: 0 PID: 6885 Comm: syz-executor536 Not tainted 5.9.0-rc6-syzkaller #0
[   58.421375][ T6885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.431434][ T6885] Call Trace:
[   58.434718][ T6885]  dump_stack+0x198/0x1fd
[   58.439050][ T6885]  panic+0x382/0x7fb
[   58.442923][ T6885]  ? __warn_printk+0xf3/0xf3
[   58.447508][ T6885]  ? ubsan_epilogue+0x3e/0x5a
[   58.452168][ T6885]  ? ubsan_epilogue+0x35/0x5a
[   58.456844][ T6885]  ubsan_epilogue+0x54/0x5a
[   58.461326][ T6885]  __ubsan_handle_out_of_bounds.cold+0x62/0x6c
[   58.467463][ T6885]  ? lock_is_held_type+0xbb/0xf0
[   58.472646][ T6885]  ieee80211_del_key+0x428/0x440
[   58.477581][ T6885]  nl80211_del_key+0x493/0x980
[   58.482327][ T6885]  ? cfg80211_tdls_oper_request+0x7f0/0x7f0
[   58.488204][ T6885]  ? nl80211_pre_doit+0xa2/0x630
[   58.493131][ T6885]  ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580
[   58.499871][ T6885]  genl_rcv_msg+0x61d/0x980
[   58.504354][ T6885]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250
[   58.511285][ T6885]  ? lock_release+0x8f0/0x8f0
[   58.515941][ T6885]  netlink_rcv_skb+0x15a/0x430
[   58.520697][ T6885]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250
[   58.527612][ T6885]  ? netlink_ack+0xa10/0xa10
[   58.532190][ T6885]  ? __kmalloc_node_track_caller+0x38/0x60
[   58.537976][ T6885]  genl_rcv+0x24/0x40
[   58.541949][ T6885]  netlink_unicast+0x533/0x7d0
[   58.546694][ T6885]  ? netlink_attachskb+0x810/0x810
[   58.551798][ T6885]  ? __phys_addr_symbol+0x2c/0x70
[   58.556800][ T6885]  ? __check_object_size+0x171/0x3e4
[   58.562074][ T6885]  netlink_sendmsg+0x856/0xd90
[   58.566837][ T6885]  ? netlink_unicast+0x7d0/0x7d0
[   58.571795][ T6885]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[   58.577071][ T6885]  ? netlink_unicast+0x7d0/0x7d0
[   58.582000][ T6885]  sock_sendmsg+0xcf/0x120
[   58.586405][ T6885]  ____sys_sendmsg+0x6e8/0x810
[   58.591161][ T6885]  ? kernel_sendmsg+0x50/0x50
[   58.595814][ T6885]  ? do_recvmmsg+0x6d0/0x6d0
[   58.600386][ T6885]  ? stack_trace_consume_entry+0x160/0x160
[   58.606184][ T6885]  ___sys_sendmsg+0xf3/0x170
[   58.610774][ T6885]  ? sendmsg_copy_msghdr+0x160/0x160
[   58.616037][ T6885]  ? syscall_exit_to_user_mode+0x7e/0x2e0
[   58.621759][ T6885]  ? lock_downgrade+0x830/0x830
[   58.626589][ T6885]  ? check_preemption_disabled+0x50/0x130
[   58.632292][ T6885]  ? _raw_spin_unlock_irqrestore+0x6f/0x90
[   58.638078][ T6885]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[   58.644049][ T6885]  ? _raw_spin_unlock_irqrestore+0x6f/0x90
[   58.649835][ T6885]  ? lockdep_hardirqs_on+0x53/0x100
[   58.655025][ T6885]  ? _raw_spin_unlock_irqrestore+0x5c/0x90
[   58.660811][ T6885]  ? debug_object_active_state+0x260/0x350
[   58.666595][ T6885]  ? debug_object_init_on_stack+0x20/0x20
[   58.672294][ T6885]  ? __fget_light+0x215/0x280
[   58.676959][ T6885]  __sys_sendmsg+0xe5/0x1b0
[   58.681442][ T6885]  ? __sys_sendmsg_sock+0xb0/0xb0
[   58.686453][ T6885]  ? lock_is_held_type+0xbb/0xf0
[   58.691375][ T6885]  ? check_preemption_disabled+0x50/0x130
[   58.697080][ T6885]  ? syscall_enter_from_user_mode+0x1d/0x60
[   58.702966][ T6885]  do_syscall_64+0x2d/0x70
[   58.707363][ T6885]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   58.713232][ T6885] RIP: 0033:0x441719
[   58.717111][ T6885] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   58.736796][ T6885] RSP: 002b:00007ffeef974e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.745181][ T6885] RAX: ffffffffffffffda RBX: 00007ffeef974e50 RCX: 0000000000441719
[   58.753141][ T6885] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003
[   58.761089][ T6885] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000002000000000
[   58.769036][ T6885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032
[   58.777002][ T6885] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004
[   58.786141][ T6885] Kernel Offset: disabled
[   58.790526][ T6885] Rebooting in 86400 seconds..