[ OK ] Started Regular background program processing daemon. [ OK ] Started Daily Cleanup of Temporary Directories. [ OK ] Reached target Timers. Starting System Logging Service... [ OK ] Started Permit User Sessions. [ OK ] Found device /dev/ttyS0. [ 62.633448][ T8147] sshd (8147) used greatest stack depth: 22920 bytes left [ OK ] Started System Logging Service. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.9' (ECDSA) to the list of known hosts. syzkaller login: [ 82.239798][ T35] audit: type=1400 audit(1609157251.051:8): avc: denied { execmem } for pid=8454 comm="syz-executor767" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 82.260295][ T8455] IPVS: ftp: loaded support on port[0] = 21 [ 82.358684][ T22] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.369329][ T22] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program [ 82.407478][ T189] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.415675][ T3215] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 82.417395][ T189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.441741][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 82.477071][ T8455] ------------[ cut here ]------------ [ 82.482946][ T8455] wlan1: Failed check-sdata-in-driver check, flags: 0x4 [ 82.490302][ T8455] WARNING: CPU: 1 PID: 8455 at net/mac80211/driver-ops.h:172 drv_bss_info_changed+0x4f3/0x5f0 [ 82.501023][ T8455] Modules linked in: [ 82.505051][ T8455] CPU: 0 PID: 8455 Comm: syz-executor767 Not tainted 5.11.0-rc1-syzkaller #0 [ 82.514211][ T8455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.524602][ T8455] RIP: 0010:drv_bss_info_changed+0x4f3/0x5f0 [ 82.530769][ T8455] Code: 40 06 00 00 48 85 ed 0f 84 9c 00 00 00 e8 b5 84 2b f9 e8 b0 84 2b f9 8b 54 24 04 48 89 ee 48 c7 c7 20 66 61 8a e8 74 79 6c 00 <0f> 0b e9 dd fd ff ff e8 91 84 2b f9 0f 0b e9 15 fd ff ff 4c 89 ff [ 82.550580][ T8455] RSP: 0018:ffffc90001b07508 EFLAGS: 00010286 [ 82.556821][ T8455] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.564949][ T8455] RDX: ffff88802732c040 RSI: ffffffff815b2a55 RDI: fffff52000360e93 [ 82.573031][ T8455] RBP: ffff888026f88000 R08: 0000000000000000 R09: 0000000000000000 [ 82.581169][ T8455] R10: ffffffff815abbfe R11: 0000000000000000 R12: ffff888026f88bc0 [ 82.589169][ T8455] R13: 0000000002000000 R14: ffff888026f89de0 R15: ffff888026f89dd8 [ 82.597249][ T8455] FS: 0000000001532880(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 82.606342][ T8455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.613015][ T8455] CR2: 000055b871f90270 CR3: 000000002acf3000 CR4: 00000000001506f0 [ 82.621129][ T8455] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.629113][ T8455] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.637204][ T8455] Call Trace: [ 82.640517][ T8455] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 82.646751][ T8455] ieee80211_set_mcast_rate+0x37/0x40 [ 82.652249][ T8455] ? ieee80211_get_mesh_config+0x30/0x30 [ 82.657904][ T8455] nl80211_set_mcast_rate+0x317/0x610 [ 82.663476][ T8455] ? nl80211_nan_add_func+0x1940/0x1940 [ 82.669062][ T8455] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 82.675845][ T8455] ? nl80211_pre_doit+0xa2/0x630 [ 82.681186][ T8455] genl_family_rcv_msg_doit+0x228/0x320 [ 82.686775][ T8455] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 82.694288][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 82.700576][ T8455] ? cap_capable+0x1f1/0x270 [ 82.705326][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 82.711785][ T8455] ? ns_capable+0xde/0x100 [ 82.716242][ T8455] genl_rcv_msg+0x328/0x580 [ 82.720878][ T8455] ? genl_get_cmd+0x480/0x480 [ 82.725587][ T8455] ? nl80211_nan_add_func+0x1940/0x1940 [ 82.731275][ T8455] ? lock_release+0x710/0x710 [ 82.735996][ T8455] netlink_rcv_skb+0x153/0x420 [ 82.740866][ T8455] ? genl_get_cmd+0x480/0x480 [ 82.745572][ T8455] ? netlink_ack+0xaa0/0xaa0 [ 82.750173][ T8455] genl_rcv+0x24/0x40 [ 82.754306][ T8455] netlink_unicast+0x533/0x7d0 [ 82.759155][ T8455] ? netlink_attachskb+0x870/0x870 [ 82.764451][ T8455] ? _copy_from_iter_full+0x275/0x850 [ 82.769869][ T8455] netlink_sendmsg+0x856/0xd90 [ 82.774780][ T8455] ? netlink_unicast+0x7d0/0x7d0 [ 82.779742][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 82.786079][ T8455] ? netlink_unicast+0x7d0/0x7d0 [ 82.791214][ T8455] sock_sendmsg+0xcf/0x120 [ 82.795653][ T8455] ____sys_sendmsg+0x6e8/0x810 [ 82.800470][ T8455] ? kernel_sendmsg+0x50/0x50 [ 82.805349][ T8455] ? do_recvmmsg+0x6c0/0x6c0 [ 82.810029][ T8455] ? find_held_lock+0x2d/0x110 [ 82.814965][ T8455] ___sys_sendmsg+0xf3/0x170 [ 82.819720][ T8455] ? sendmsg_copy_msghdr+0x160/0x160 [ 82.825126][ T8455] ? _copy_to_user+0xdc/0x150 [ 82.829838][ T8455] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 82.836260][ T8455] ? sock_do_ioctl+0x168/0x2d0 [ 82.841201][ T8455] ? compat_ifr_data_ioctl+0x150/0x150 [ 82.846702][ T8455] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 82.852755][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 82.859030][ T8455] ? __fget_light+0x215/0x280 [ 82.863898][ T8455] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 82.870208][ T8455] __sys_sendmsg+0xe5/0x1b0 [ 82.874878][ T8455] ? __sys_sendmsg_sock+0xb0/0xb0 [ 82.879939][ T8455] ? syscall_enter_from_user_mode+0x1d/0x50 [ 82.885970][ T8455] do_syscall_64+0x2d/0x70 [ 82.890416][ T8455] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 82.896660][ T8455] RIP: 0033:0x441789 [ 82.900577][ T8455] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.920396][ T8455] RSP: 002b:00007ffc50168e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.928918][ T8455] RAX: ffffffffffffffda RBX: 00007ffc50168eb0 RCX: 0000000000441789 [ 82.937090][ T8455] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 82.945254][ T8455] RBP: 0000000000000003 R08: 0000002100000000 R09: 0000002100000000 [ 82.953423][ T8455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 [ 82.961489][ T8455] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004 [ 82.969609][ T8455] Kernel panic - not syncing: panic_on_warn set ... [ 82.976213][ T8455] CPU: 0 PID: 8455 Comm: syz-executor767 Not tainted 5.11.0-rc1-syzkaller #0 [ 82.984990][ T8455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.995053][ T8455] Call Trace: [ 82.998481][ T8455] dump_stack+0x107/0x163 [ 83.002841][ T8455] panic+0x306/0x73d [ 83.006745][ T8455] ? __warn_printk+0xf3/0xf3 [ 83.011349][ T8455] ? __warn.cold+0x1a/0x44 [ 83.015786][ T8455] ? drv_bss_info_changed+0x4f3/0x5f0 [ 83.021164][ T8455] __warn.cold+0x35/0x44 [ 83.025417][ T8455] ? wake_up_klogd.part.0+0x8e/0xd0 [ 83.030647][ T8455] ? drv_bss_info_changed+0x4f3/0x5f0 [ 83.036053][ T8455] report_bug+0x1bd/0x210 [ 83.040414][ T8455] handle_bug+0x3c/0x60 [ 83.044577][ T8455] exc_invalid_op+0x14/0x40 [ 83.049105][ T8455] asm_exc_invalid_op+0x12/0x20 [ 83.053966][ T8455] RIP: 0010:drv_bss_info_changed+0x4f3/0x5f0 [ 83.059957][ T8455] Code: 40 06 00 00 48 85 ed 0f 84 9c 00 00 00 e8 b5 84 2b f9 e8 b0 84 2b f9 8b 54 24 04 48 89 ee 48 c7 c7 20 66 61 8a e8 74 79 6c 00 <0f> 0b e9 dd fd ff ff e8 91 84 2b f9 0f 0b e9 15 fd ff ff 4c 89 ff [ 83.079629][ T8455] RSP: 0018:ffffc90001b07508 EFLAGS: 00010286 [ 83.085703][ T8455] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.093699][ T8455] RDX: ffff88802732c040 RSI: ffffffff815b2a55 RDI: fffff52000360e93 [ 83.101671][ T8455] RBP: ffff888026f88000 R08: 0000000000000000 R09: 0000000000000000 [ 83.109666][ T8455] R10: ffffffff815abbfe R11: 0000000000000000 R12: ffff888026f88bc0 [ 83.117661][ T8455] R13: 0000000002000000 R14: ffff888026f89de0 R15: ffff888026f89dd8 [ 83.125666][ T8455] ? wake_up_klogd.part.0+0x8e/0xd0 [ 83.130904][ T8455] ? vprintk_func+0x95/0x1e0 [ 83.135746][ T8455] ? drv_bss_info_changed+0x4f3/0x5f0 [ 83.141140][ T8455] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 83.147238][ T8455] ieee80211_set_mcast_rate+0x37/0x40 [ 83.152620][ T8455] ? ieee80211_get_mesh_config+0x30/0x30 [ 83.158258][ T8455] nl80211_set_mcast_rate+0x317/0x610 [ 83.163642][ T8455] ? nl80211_nan_add_func+0x1940/0x1940 [ 83.169209][ T8455] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 83.175459][ T8455] ? nl80211_pre_doit+0xa2/0x630 [ 83.180435][ T8455] genl_family_rcv_msg_doit+0x228/0x320 [ 83.186014][ T8455] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 83.193392][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 83.199656][ T8455] ? cap_capable+0x1f1/0x270 [ 83.204258][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 83.210535][ T8455] ? ns_capable+0xde/0x100 [ 83.214963][ T8455] genl_rcv_msg+0x328/0x580 [ 83.219540][ T8455] ? genl_get_cmd+0x480/0x480 [ 83.224220][ T8455] ? nl80211_nan_add_func+0x1940/0x1940 [ 83.229771][ T8455] ? lock_release+0x710/0x710 [ 83.234454][ T8455] netlink_rcv_skb+0x153/0x420 [ 83.239217][ T8455] ? genl_get_cmd+0x480/0x480 [ 83.243893][ T8455] ? netlink_ack+0xaa0/0xaa0 [ 83.248556][ T8455] genl_rcv+0x24/0x40 [ 83.252599][ T8455] netlink_unicast+0x533/0x7d0 [ 83.257365][ T8455] ? netlink_attachskb+0x870/0x870 [ 83.262474][ T8455] ? _copy_from_iter_full+0x275/0x850 [ 83.267867][ T8455] netlink_sendmsg+0x856/0xd90 [ 83.272742][ T8455] ? netlink_unicast+0x7d0/0x7d0 [ 83.277768][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 83.284010][ T8455] ? netlink_unicast+0x7d0/0x7d0 [ 83.288963][ T8455] sock_sendmsg+0xcf/0x120 [ 83.293395][ T8455] ____sys_sendmsg+0x6e8/0x810 [ 83.298207][ T8455] ? kernel_sendmsg+0x50/0x50 [ 83.302883][ T8455] ? do_recvmmsg+0x6c0/0x6c0 [ 83.307504][ T8455] ? find_held_lock+0x2d/0x110 [ 83.312277][ T8455] ___sys_sendmsg+0xf3/0x170 [ 83.316884][ T8455] ? sendmsg_copy_msghdr+0x160/0x160 [ 83.322277][ T8455] ? _copy_to_user+0xdc/0x150 [ 83.326958][ T8455] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 83.333245][ T8455] ? sock_do_ioctl+0x168/0x2d0 [ 83.338023][ T8455] ? compat_ifr_data_ioctl+0x150/0x150 [ 83.343499][ T8455] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 83.349396][ T8455] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 83.355640][ T8455] ? __fget_light+0x215/0x280 [ 83.360330][ T8455] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 83.366593][ T8455] __sys_sendmsg+0xe5/0x1b0 [ 83.371107][ T8455] ? __sys_sendmsg_sock+0xb0/0xb0 [ 83.376177][ T8455] ? syscall_enter_from_user_mode+0x1d/0x50 [ 83.382090][ T8455] do_syscall_64+0x2d/0x70 [ 83.386519][ T8455] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 83.392431][ T8455] RIP: 0033:0x441789 [ 83.396352][ T8455] Code: e8 dc 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0d fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 83.415982][ T8455] RSP: 002b:00007ffc50168e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 83.424400][ T8455] RAX: ffffffffffffffda RBX: 00007ffc50168eb0 RCX: 0000000000441789 [ 83.432393][ T8455] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 83.440376][ T8455] RBP: 0000000000000003 R08: 0000002100000000 R09: 0000002100000000 [ 83.448350][ T8455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 [ 83.456323][ T8455] R13: 0000000000000000 R14: 000000000000000c R15: 0000000000000004 [ 83.465045][ T8455] Kernel Offset: disabled [ 83.469572][ T8455] Rebooting in 86400 seconds..