[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.237' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   86.441054][   T35] audit: type=1400 audit(1612380681.410:8): avc:  denied  { execmem } for  pid=8467 comm="syz-executor626" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
executing program
[   86.499680][ T4868] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   86.525847][ T8477] general protection fault, probably for non-canonical address 0xfbd59c0000000020: 0000 [#1] PREEMPT SMP KASAN
[   86.538944][ T8477] KASAN: maybe wild-memory-access in range [0xdead000000000100-0xdead000000000107]
[   86.548243][ T8477] CPU: 1 PID: 8477 Comm: syz-executor626 Not tainted 5.11.0-rc6-syzkaller #0
[   86.557133][ T8477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   86.567396][ T8477] RIP: 0010:ieee80211_chanctx_num_assigned+0xb1/0x140
[   86.574201][ T8477] Code: a8 f6 ff ff 48 39 c5 74 3b 49 bd 00 00 00 00 00 fc ff df e8 31 f4 13 f9 48 8d bb 58 09 00 00 41 83 c4 01 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 75 68 48 8b 83 58 09 00 00 48 8d 98 a8 f6 ff ff 48
[   86.594037][ T8477] RSP: 0018:ffffc9000163f330 EFLAGS: 00010a02
[   86.600218][ T8477] RAX: 1bd5a00000000020 RBX: deacfffffffff7a8 RCX: 0000000000000000
[   86.609335][ T8477] RDX: ffff888030038280 RSI: ffffffff885ecbef RDI: dead000000000100
[   86.617332][ T8477] RBP: ffff88801f154920 R08: 0000000000000000 R09: 0000000000000001
[   86.625334][ T8477] R10: ffffffff885ecc4b R11: 0000000000000000 R12: 0000000000000002
[   86.633317][ T8477] R13: dffffc0000000000 R14: ffff88801f154900 R15: 0000000000000000
[   86.641300][ T8477] FS:  0000000001ad6300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[   86.650852][ T8477] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.657464][ T8477] CR2: 00000000004b4120 CR3: 000000002aa53000 CR4: 00000000001506e0
[   86.665483][ T8477] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   86.673820][ T8477] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   86.682070][ T8477] Call Trace:
[   86.685854][ T8477]  ieee80211_assign_vif_chanctx+0x7b8/0x1230
[   86.691876][ T8477]  __ieee80211_vif_release_channel+0x236/0x430
[   86.698051][ T8477]  ieee80211_vif_release_channel+0x117/0x220
[   86.704049][ T8477]  ieee80211_ibss_disconnect+0x44e/0x7b0
[   86.709698][ T8477]  ieee80211_ibss_leave+0x12/0xe0
[   86.714738][ T8477]  __cfg80211_leave_ibss+0x19a/0x4c0
[   86.720059][ T8477]  cfg80211_leave_ibss+0x57/0x80
[   86.725030][ T8477]  cfg80211_change_iface+0x7f2/0xf10
[   86.731383][ T8477]  nl80211_set_interface+0x65c/0x8d0
[   86.736706][ T8477]  ? nl80211_notify_iface+0x180/0x180
[   86.742113][ T8477]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[   86.748858][ T8477]  ? nl80211_pre_doit+0xa2/0x630
[   86.753830][ T8477]  genl_family_rcv_msg_doit+0x228/0x320
[   86.759672][ T8477]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[   86.767480][ T8477]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   86.774128][ T8477]  ? cap_capable+0x1f1/0x280
[   86.779080][ T8477]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   86.785376][ T8477]  ? ns_capable+0xde/0x100
[   86.789910][ T8477]  genl_rcv_msg+0x328/0x580
[   86.794538][ T8477]  ? genl_get_cmd+0x480/0x480
[   86.799268][ T8477]  ? nl80211_notify_iface+0x180/0x180
[   86.804668][ T8477]  ? lock_release+0x710/0x710
[   86.809377][ T8477]  netlink_rcv_skb+0x153/0x420
[   86.814174][ T8477]  ? genl_get_cmd+0x480/0x480
[   86.818882][ T8477]  ? netlink_ack+0xaa0/0xaa0
[   86.823501][ T8477]  genl_rcv+0x24/0x40
[   86.827538][ T8477]  netlink_unicast+0x533/0x7d0
[   86.832365][ T8477]  ? netlink_attachskb+0x870/0x870
[   86.837504][ T8477]  ? _copy_from_iter_full+0x275/0x850
[   86.842908][ T8477]  netlink_sendmsg+0x856/0xd90
[   86.847709][ T8477]  ? netlink_unicast+0x7d0/0x7d0
[   86.852687][ T8477]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   86.858954][ T8477]  ? netlink_unicast+0x7d0/0x7d0
[   86.863921][ T8477]  sock_sendmsg+0xcf/0x120
[   86.868365][ T8477]  ____sys_sendmsg+0x6e8/0x810
[   86.873432][ T8477]  ? kernel_sendmsg+0x50/0x50
[   86.878126][ T8477]  ? do_recvmmsg+0x6c0/0x6c0
[   86.882767][ T8477]  ? find_held_lock+0x2d/0x110
[   86.887574][ T8477]  ___sys_sendmsg+0xf3/0x170
[   86.892188][ T8477]  ? sendmsg_copy_msghdr+0x160/0x160
[   86.897508][ T8477]  ? _copy_to_user+0xdc/0x150
[   86.902211][ T8477]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   86.908587][ T8477]  ? sock_do_ioctl+0x168/0x2d0
[   86.913377][ T8477]  ? compat_ifr_data_ioctl+0x150/0x150
[   86.918863][ T8477]  ? __sanitizer_cov_trace_switch+0x63/0xf0
[   86.924971][ T8477]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   86.931241][ T8477]  ? __fget_light+0x215/0x280
[   86.936036][ T8477]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   86.942317][ T8477]  __sys_sendmsg+0xe5/0x1b0
[   86.946859][ T8477]  ? __sys_sendmsg_sock+0xb0/0xb0
[   86.951915][ T8477]  ? syscall_enter_from_user_mode+0x1d/0x50
[   86.957862][ T8477]  do_syscall_64+0x2d/0x70
[   86.962353][ T8477]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   86.968277][ T8477] RIP: 0033:0x440dc9
[   86.972194][ T8477] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   86.991834][ T8477] RSP: 002b:00007ffd470ae628 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.000304][ T8477] RAX: ffffffffffffffda RBX: 00000000000151a7 RCX: 0000000000440dc9
[   87.008317][ T8477] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[   87.016482][ T8477] RBP: 0000000000000000 R08: 00007ffd470ae7c8 R09: 00007ffd470ae7c8
[   87.024755][ T8477] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd470ae63c
[   87.033006][ T8477] R13: 431bde82d7b634db R14: 00000000004b4018 R15: 00000000004004b8
[   87.041008][ T8477] Modules linked in:
[   87.047318][ T8477] ---[ end trace e91a66e3df39bd64 ]---
[   87.052950][ T8477] RIP: 0010:ieee80211_chanctx_num_assigned+0xb1/0x140
[   87.060582][ T8477] Code: a8 f6 ff ff 48 39 c5 74 3b 49 bd 00 00 00 00 00 fc ff df e8 31 f4 13 f9 48 8d bb 58 09 00 00 41 83 c4 01 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 75 68 48 8b 83 58 09 00 00 48 8d 98 a8 f6 ff ff 48
[   87.082036][ T8477] RSP: 0018:ffffc9000163f330 EFLAGS: 00010a02
[   87.094952][ T8477] RAX: 1bd5a00000000020 RBX: deacfffffffff7a8 RCX: 0000000000000000
[   87.103039][ T8477] RDX: ffff888030038280 RSI: ffffffff885ecbef RDI: dead000000000100
[   87.111590][ T8477] RBP: ffff88801f154920 R08: 0000000000000000 R09: 0000000000000001
[   87.120119][ T8477] R10: ffffffff885ecc4b R11: 0000000000000000 R12: 0000000000000002
[   87.128785][ T8477] R13: dffffc0000000000 R14: ffff88801f154900 R15: 0000000000000000
[   87.140117][ T8477] FS:  0000000001ad6300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[   87.156635][ T8477] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.168485][ T8477] CR2: 000055d8023ec169 CR3: 000000002aa53000 CR4: 00000000001506f0
[   87.176985][ T8477] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   87.185475][ T8477] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   87.193781][ T8477] Kernel panic - not syncing: Fatal exception
[   87.200528][ T8477] Kernel Offset: disabled
[   87.204860][ T8477] Rebooting in 86400 seconds..