[ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.41' (ECDSA) to the list of known hosts. syzkaller login: [ 65.462265][ T8354] IPVS: ftp: loaded support on port[0] = 21 [ 65.541288][ T201] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.556275][ T201] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.594727][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 65.621027][ T201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.630952][ T201] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program executing program [ 65.641271][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 65.682354][ T8395] ------------[ cut here ]------------ [ 65.688091][ T8395] WARNING: CPU: 0 PID: 8395 at net/wireless/sme.c:532 cfg80211_connect+0x1409/0x2040 [ 65.697671][ T8395] Modules linked in: [ 65.701568][ T8395] CPU: 0 PID: 8395 Comm: syz-executor086 Not tainted 5.11.0-syzkaller #0 [ 65.712758][ T8395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.722918][ T8395] RIP: 0010:cfg80211_connect+0x1409/0x2040 [ 65.729797][ T8395] Code: 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 80 3c 02 00 0f 85 8d 0a 00 00 49 83 bd 48 01 00 00 00 0f 84 97 f7 ff ff e8 27 7a 2b f9 <0f> 0b e8 20 7a 2b f9 4c 89 fa 48 b8 00 00 00 00 00 fc ff df 48 c1 [ 65.749495][ T8395] RSP: 0018:ffffc9000167f298 EFLAGS: 00010293 [ 65.756309][ T8395] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 65.764273][ T8395] RDX: ffff888012811bc0 RSI: ffffffff8847d709 RDI: ffffffff8a846820 [ 65.772600][ T8395] RBP: ffff88801d47ccf2 R08: 0000000000000001 R09: ffff88801d47ccf7 [ 65.780809][ T8395] R10: ffffed1003a8f99e R11: 0000000000000000 R12: ffffc9000167f438 [ 65.788887][ T8395] R13: ffff88801d47cbd0 R14: ffff88801d47cd18 R15: ffff88801d47cd20 [ 65.796995][ T8395] FS: 00000000011c7300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 65.806013][ T8395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 65.812601][ T8395] CR2: 0000000020000080 CR3: 000000001eb2d000 CR4: 00000000001506f0 [ 65.820625][ T8395] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 65.828678][ T8395] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 65.836806][ T8395] Call Trace: [ 65.840095][ T8395] ? __cfg80211_disconnected+0x1470/0x1470 [ 65.845969][ T8395] ? memset+0x20/0x40 [ 65.849979][ T8395] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 65.855747][ T8395] ? ieee80211_get_channel_khz+0x14a/0x1e0 [ 65.861663][ T8395] nl80211_connect+0x1647/0x22a0 [ 65.866687][ T8395] ? nl80211_parse_connkeys+0xa50/0xa50 [ 65.872241][ T8395] ? __mutex_unlock_slowpath+0xe2/0x610 [ 65.877850][ T8395] ? lock_is_held_type+0xd5/0x130 [ 65.882883][ T8395] ? wait_for_completion_io+0x270/0x270 [ 65.889571][ T8395] ? nl80211_pre_doit+0xa4/0x5a0 [ 65.894517][ T8395] genl_family_rcv_msg_doit+0x228/0x320 [ 65.900157][ T8395] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 65.907634][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 65.913882][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 65.920167][ T8395] ? ns_capable+0xde/0x100 [ 65.924606][ T8395] genl_rcv_msg+0x328/0x580 [ 65.929193][ T8395] ? genl_get_cmd+0x480/0x480 [ 65.933985][ T8395] ? nl80211_parse_connkeys+0xa50/0xa50 [ 65.939869][ T8395] ? lock_release+0x710/0x710 [ 65.944583][ T8395] ? lock_acquire+0x1bb/0x730 [ 65.949342][ T8395] netlink_rcv_skb+0x153/0x420 [ 65.954115][ T8395] ? genl_get_cmd+0x480/0x480 [ 65.958852][ T8395] ? netlink_ack+0xaa0/0xaa0 [ 65.963470][ T8395] genl_rcv+0x24/0x40 [ 65.967526][ T8395] netlink_unicast+0x533/0x7d0 [ 65.972303][ T8395] ? netlink_attachskb+0x870/0x870 [ 65.977505][ T8395] ? _copy_from_iter_full+0x279/0x850 [ 65.982886][ T8395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 65.989555][ T8395] ? __phys_addr_symbol+0x2c/0x70 [ 65.994606][ T8395] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 66.000408][ T8395] ? __check_object_size+0x171/0x3f0 [ 66.005840][ T8395] netlink_sendmsg+0x856/0xd90 [ 66.010606][ T8395] ? netlink_unicast+0x7d0/0x7d0 [ 66.016674][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 66.022959][ T8395] ? netlink_unicast+0x7d0/0x7d0 [ 66.027998][ T8395] sock_sendmsg+0xcf/0x120 [ 66.032421][ T8395] ____sys_sendmsg+0x6e8/0x810 [ 66.037416][ T8395] ? kernel_sendmsg+0x50/0x50 [ 66.042107][ T8395] ? do_recvmmsg+0x6d0/0x6d0 [ 66.046790][ T8395] ? lock_is_held_type+0xd5/0x130 [ 66.051823][ T8395] ? rcu_read_lock_sched_held+0x3a/0x70 [ 66.057420][ T8395] ? kfree+0x2ec/0x3b0 [ 66.061517][ T8395] ___sys_sendmsg+0xf3/0x170 [ 66.066179][ T8395] ? sendmsg_copy_msghdr+0x160/0x160 [ 66.071481][ T8395] ? _copy_to_user+0xdc/0x150 [ 66.076475][ T8395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 66.082741][ T8395] ? sock_do_ioctl+0x168/0x2d0 [ 66.087601][ T8395] ? compat_ifr_data_ioctl+0x150/0x150 [ 66.093073][ T8395] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 66.099030][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 66.105360][ T8395] ? __fget_light+0x215/0x280 [ 66.110056][ T8395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 66.116400][ T8395] __sys_sendmsg+0xe5/0x1b0 [ 66.120914][ T8395] ? __sys_sendmsg_sock+0xb0/0xb0 [ 66.126025][ T8395] ? syscall_enter_from_user_mode+0x1d/0x50 [ 66.131934][ T8395] do_syscall_64+0x2d/0x70 [ 66.136503][ T8395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 66.142413][ T8395] RIP: 0033:0x441019 [ 66.147404][ T8395] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 66.167174][ T8395] RSP: 002b:00007fff0a8734b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.175713][ T8395] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441019 [ 66.183711][ T8395] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 66.191770][ T8395] RBP: 0000000000000000 R08: 0000000c00000000 R09: 0000000c00000000 [ 66.199822][ T8395] R10: 0000000c00000000 R11: 0000000000000246 R12: 0000000000010075 [ 66.207870][ T8395] R13: 00007fff0a873510 R14: 00007fff0a873500 R15: 00007fff0a8734d4 [ 66.215923][ T8395] Kernel panic - not syncing: panic_on_warn set ... [ 66.222496][ T8395] CPU: 0 PID: 8395 Comm: syz-executor086 Not tainted 5.11.0-syzkaller #0 [ 66.230889][ T8395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.240926][ T8395] Call Trace: [ 66.244191][ T8395] dump_stack+0xfa/0x151 [ 66.248427][ T8395] panic+0x306/0x73d [ 66.252309][ T8395] ? __warn_printk+0xf3/0xf3 [ 66.256888][ T8395] ? __warn.cold+0x1a/0x44 [ 66.261294][ T8395] ? cfg80211_connect+0x1409/0x2040 [ 66.266480][ T8395] __warn.cold+0x35/0x44 [ 66.270709][ T8395] ? cfg80211_connect+0x1409/0x2040 [ 66.275902][ T8395] report_bug+0x1bd/0x210 [ 66.280233][ T8395] handle_bug+0x3c/0x60 [ 66.284387][ T8395] exc_invalid_op+0x14/0x40 [ 66.288889][ T8395] asm_exc_invalid_op+0x12/0x20 [ 66.293749][ T8395] RIP: 0010:cfg80211_connect+0x1409/0x2040 [ 66.299549][ T8395] Code: 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 80 3c 02 00 0f 85 8d 0a 00 00 49 83 bd 48 01 00 00 00 0f 84 97 f7 ff ff e8 27 7a 2b f9 <0f> 0b e8 20 7a 2b f9 4c 89 fa 48 b8 00 00 00 00 00 fc ff df 48 c1 [ 66.319149][ T8395] RSP: 0018:ffffc9000167f298 EFLAGS: 00010293 [ 66.325224][ T8395] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 66.333233][ T8395] RDX: ffff888012811bc0 RSI: ffffffff8847d709 RDI: ffffffff8a846820 [ 66.341196][ T8395] RBP: ffff88801d47ccf2 R08: 0000000000000001 R09: ffff88801d47ccf7 [ 66.349156][ T8395] R10: ffffed1003a8f99e R11: 0000000000000000 R12: ffffc9000167f438 [ 66.357115][ T8395] R13: ffff88801d47cbd0 R14: ffff88801d47cd18 R15: ffff88801d47cd20 [ 66.365082][ T8395] ? cfg80211_connect+0x1409/0x2040 [ 66.370289][ T8395] ? cfg80211_connect+0x1409/0x2040 [ 66.375479][ T8395] ? __cfg80211_disconnected+0x1470/0x1470 [ 66.381272][ T8395] ? memset+0x20/0x40 [ 66.385243][ T8395] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 66.390964][ T8395] ? ieee80211_get_channel_khz+0x14a/0x1e0 [ 66.396760][ T8395] nl80211_connect+0x1647/0x22a0 [ 66.401701][ T8395] ? nl80211_parse_connkeys+0xa50/0xa50 [ 66.407248][ T8395] ? __mutex_unlock_slowpath+0xe2/0x610 [ 66.412782][ T8395] ? lock_is_held_type+0xd5/0x130 [ 66.417807][ T8395] ? wait_for_completion_io+0x270/0x270 [ 66.423380][ T8395] ? nl80211_pre_doit+0xa4/0x5a0 [ 66.428308][ T8395] genl_family_rcv_msg_doit+0x228/0x320 [ 66.433845][ T8395] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 66.441203][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 66.447442][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 66.453673][ T8395] ? ns_capable+0xde/0x100 [ 66.458103][ T8395] genl_rcv_msg+0x328/0x580 [ 66.462603][ T8395] ? genl_get_cmd+0x480/0x480 [ 66.467276][ T8395] ? nl80211_parse_connkeys+0xa50/0xa50 [ 66.472821][ T8395] ? lock_release+0x710/0x710 [ 66.477495][ T8395] ? lock_acquire+0x1bb/0x730 [ 66.482168][ T8395] netlink_rcv_skb+0x153/0x420 [ 66.486929][ T8395] ? genl_get_cmd+0x480/0x480 [ 66.491621][ T8395] ? netlink_ack+0xaa0/0xaa0 [ 66.496247][ T8395] genl_rcv+0x24/0x40 [ 66.500222][ T8395] netlink_unicast+0x533/0x7d0 [ 66.504999][ T8395] ? netlink_attachskb+0x870/0x870 [ 66.510146][ T8395] ? _copy_from_iter_full+0x279/0x850 [ 66.515527][ T8395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 66.521820][ T8395] ? __phys_addr_symbol+0x2c/0x70 [ 66.526846][ T8395] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 66.532567][ T8395] ? __check_object_size+0x171/0x3f0 [ 66.537865][ T8395] netlink_sendmsg+0x856/0xd90 [ 66.542639][ T8395] ? netlink_unicast+0x7d0/0x7d0 [ 66.547585][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 66.553833][ T8395] ? netlink_unicast+0x7d0/0x7d0 [ 66.558770][ T8395] sock_sendmsg+0xcf/0x120 [ 66.563178][ T8395] ____sys_sendmsg+0x6e8/0x810 [ 66.567949][ T8395] ? kernel_sendmsg+0x50/0x50 [ 66.572619][ T8395] ? do_recvmmsg+0x6d0/0x6d0 [ 66.577211][ T8395] ? lock_is_held_type+0xd5/0x130 [ 66.582240][ T8395] ? rcu_read_lock_sched_held+0x3a/0x70 [ 66.587778][ T8395] ? kfree+0x2ec/0x3b0 [ 66.591840][ T8395] ___sys_sendmsg+0xf3/0x170 [ 66.596420][ T8395] ? sendmsg_copy_msghdr+0x160/0x160 [ 66.601705][ T8395] ? _copy_to_user+0xdc/0x150 [ 66.606371][ T8395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 66.612601][ T8395] ? sock_do_ioctl+0x168/0x2d0 [ 66.617354][ T8395] ? compat_ifr_data_ioctl+0x150/0x150 [ 66.622820][ T8395] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 66.628709][ T8395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 66.634939][ T8395] ? __fget_light+0x215/0x280 [ 66.639604][ T8395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 66.645837][ T8395] __sys_sendmsg+0xe5/0x1b0 [ 66.650329][ T8395] ? __sys_sendmsg_sock+0xb0/0xb0 [ 66.655363][ T8395] ? syscall_enter_from_user_mode+0x1d/0x50 [ 66.661267][ T8395] do_syscall_64+0x2d/0x70 [ 66.665695][ T8395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 66.671587][ T8395] RIP: 0033:0x441019 [ 66.675472][ T8395] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 66.695069][ T8395] RSP: 002b:00007fff0a8734b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.703474][ T8395] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441019 [ 66.711432][ T8395] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 66.719391][ T8395] RBP: 0000000000000000 R08: 0000000c00000000 R09: 0000000c00000000 [ 66.727358][ T8395] R10: 0000000c00000000 R11: 0000000000000246 R12: 0000000000010075 [ 66.735313][ T8395] R13: 00007fff0a873510 R14: 00007fff0a873500 R15: 00007fff0a8734d4 [ 66.744283][ T8395] Kernel Offset: disabled [ 66.748709][ T8395] Rebooting in 86400 seconds..