[ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Warning: Permanently added '10.128.0.218' (ECDSA) to the list of known hosts. [ 78.196205][ T37] audit: type=1400 audit(1618498781.537:8): avc: denied { execmem } for pid=8387 comm="syz-executor036" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 78.212314][ T8388] IPVS: ftp: loaded support on port[0] = 21 Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 78.310147][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.325848][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.352734][ T2926] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.372050][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.381139][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.391036][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.412121][ T8388] ------------[ cut here ]------------ [ 78.417889][ T8388] wlan1: Failed check-sdata-in-driver check, flags: 0x4 [ 78.426759][ T8388] WARNING: CPU: 0 PID: 8388 at net/mac80211/driver-ops.h:172 drv_bss_info_changed+0x4f8/0x5f0 [ 78.437932][ T8388] Modules linked in: [ 78.441825][ T8388] CPU: 0 PID: 8388 Comm: syz-executor036 Not tainted 5.12.0-rc7-syzkaller #0 [ 78.451077][ T8388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.461395][ T8388] RIP: 0010:drv_bss_info_changed+0x4f8/0x5f0 [ 78.468212][ T8388] Code: 40 06 00 00 48 85 ed 0f 84 9c 00 00 00 e8 f0 27 1e f9 e8 eb 27 1e f9 8b 54 24 04 48 89 ee 48 c7 c7 e0 45 84 8a e8 da 34 6d 00 <0f> 0b e9 dd fd ff ff e8 cc 27 1e f9 0f 0b e9 15 fd ff ff 4c 89 ff [ 78.488004][ T8388] RSP: 0018:ffffc90001987508 EFLAGS: 00010286 [ 78.495162][ T8388] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.503329][ T8388] RDX: ffff888022f22240 RSI: ffffffff815b8155 RDI: fffff52000330e93 [ 78.511318][ T8388] RBP: ffff888035690000 R08: 0000000000000000 R09: 0000000000000000 [ 78.519379][ T8388] R10: ffffffff815b0ebe R11: 0000000000000000 R12: ffff888035690c00 [ 78.527432][ T8388] R13: 0000000002000000 R14: ffff888035691e20 R15: ffff888035691e18 [ 78.535484][ T8388] FS: 0000000001d08300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 78.544557][ T8388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.551481][ T8388] CR2: 00007f0d08804000 CR3: 000000001a44d000 CR4: 00000000001506f0 [ 78.559732][ T8388] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.567997][ T8388] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.576079][ T8388] Call Trace: [ 78.579371][ T8388] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 78.585512][ T8388] ieee80211_set_mcast_rate+0x37/0x40 [ 78.591005][ T8388] ? ieee80211_get_mesh_config+0x30/0x30 [ 78.596699][ T8388] nl80211_set_mcast_rate+0x317/0x610 [ 78.602092][ T8388] ? nl80211_nan_add_func+0x1940/0x1940 [ 78.608732][ T8388] ? nl80211_pre_doit+0xa6/0x5c0 [ 78.615541][ T8388] genl_family_rcv_msg_doit+0x228/0x320 [ 78.621131][ T8388] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 78.628599][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 78.634920][ T8388] ? cap_capable+0x1f1/0x280 [ 78.639521][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 78.646196][ T8388] ? ns_capable+0xde/0x100 [ 78.650710][ T8388] genl_rcv_msg+0x328/0x580 [ 78.655675][ T8388] ? genl_get_cmd+0x480/0x480 [ 78.660411][ T8388] ? nl80211_nan_add_func+0x1940/0x1940 [ 78.666013][ T8388] ? lock_release+0x720/0x720 [ 78.670704][ T8388] netlink_rcv_skb+0x153/0x420 [ 78.675543][ T8388] ? genl_get_cmd+0x480/0x480 [ 78.680281][ T8388] ? netlink_ack+0xaa0/0xaa0 [ 78.684962][ T8388] genl_rcv+0x24/0x40 [ 78.688952][ T8388] netlink_unicast+0x533/0x7d0 [ 78.694056][ T8388] ? netlink_attachskb+0x870/0x870 [ 78.699183][ T8388] netlink_sendmsg+0x856/0xd90 [ 78.704041][ T8388] ? netlink_unicast+0x7d0/0x7d0 [ 78.708990][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 78.715304][ T8388] ? netlink_unicast+0x7d0/0x7d0 [ 78.720256][ T8388] sock_sendmsg+0xcf/0x120 [ 78.724732][ T8388] ____sys_sendmsg+0x6e8/0x810 [ 78.729518][ T8388] ? kernel_sendmsg+0x50/0x50 [ 78.735098][ T8388] ? do_recvmmsg+0x6d0/0x6d0 [ 78.739750][ T8388] ? lock_chain_count+0x20/0x20 [ 78.744893][ T8388] ? find_held_lock+0x2d/0x110 [ 78.749700][ T8388] ___sys_sendmsg+0xf3/0x170 [ 78.754472][ T8388] ? sendmsg_copy_msghdr+0x160/0x160 [ 78.759764][ T8388] ? __lock_acquire+0x16b3/0x54c0 [ 78.765053][ T8388] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 78.771061][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 78.777414][ T8388] ? __fget_light+0x215/0x280 [ 78.782118][ T8388] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 78.788634][ T8388] __sys_sendmsg+0xe5/0x1b0 [ 78.793245][ T8388] ? __sys_sendmsg_sock+0x30/0x30 [ 78.798286][ T8388] ? syscall_enter_from_user_mode+0x27/0x70 [ 78.804295][ T8388] do_syscall_64+0x2d/0x70 [ 78.808730][ T8388] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.814760][ T8388] RIP: 0033:0x440879 [ 78.818671][ T8388] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 78.838361][ T8388] RSP: 002b:00007ffebbd0cb08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.846880][ T8388] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000440879 [ 78.854923][ T8388] RDX: 0000000000000080 RSI: 00000000200002c0 RDI: 0000000000000004 [ 78.863610][ T8388] RBP: 0000000000000003 R08: 0000000c00000001 R09: 0000000c00000001 [ 78.871577][ T8388] R10: 0000000c00000001 R11: 0000000000000246 R12: 0000000000000031 [ 78.879630][ T8388] R13: 00007ffebbd0cb50 R14: 00007ffebbd0cb3a R15: 00000000004b7410 [ 78.887696][ T8388] Kernel panic - not syncing: panic_on_warn set ... [ 78.894279][ T8388] CPU: 0 PID: 8388 Comm: syz-executor036 Not tainted 5.12.0-rc7-syzkaller #0 [ 78.903021][ T8388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.913073][ T8388] Call Trace: [ 78.916340][ T8388] dump_stack+0x141/0x1d7 [ 78.920660][ T8388] panic+0x306/0x73d [ 78.924553][ T8388] ? __warn_printk+0xf3/0xf3 [ 78.929128][ T8388] ? __warn.cold+0x1a/0x44 [ 78.933527][ T8388] ? drv_bss_info_changed+0x4f8/0x5f0 [ 78.938885][ T8388] __warn.cold+0x35/0x44 [ 78.943114][ T8388] ? wake_up_klogd.part.0+0x8e/0xd0 [ 78.948300][ T8388] ? drv_bss_info_changed+0x4f8/0x5f0 [ 78.953656][ T8388] report_bug+0x1bd/0x210 [ 78.957975][ T8388] handle_bug+0x3c/0x60 [ 78.962115][ T8388] exc_invalid_op+0x14/0x40 [ 78.966600][ T8388] asm_exc_invalid_op+0x12/0x20 [ 78.971436][ T8388] RIP: 0010:drv_bss_info_changed+0x4f8/0x5f0 [ 78.977402][ T8388] Code: 40 06 00 00 48 85 ed 0f 84 9c 00 00 00 e8 f0 27 1e f9 e8 eb 27 1e f9 8b 54 24 04 48 89 ee 48 c7 c7 e0 45 84 8a e8 da 34 6d 00 <0f> 0b e9 dd fd ff ff e8 cc 27 1e f9 0f 0b e9 15 fd ff ff 4c 89 ff [ 78.997008][ T8388] RSP: 0018:ffffc90001987508 EFLAGS: 00010286 [ 79.003063][ T8388] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.011114][ T8388] RDX: ffff888022f22240 RSI: ffffffff815b8155 RDI: fffff52000330e93 [ 79.019075][ T8388] RBP: ffff888035690000 R08: 0000000000000000 R09: 0000000000000000 [ 79.027030][ T8388] R10: ffffffff815b0ebe R11: 0000000000000000 R12: ffff888035690c00 [ 79.034987][ T8388] R13: 0000000002000000 R14: ffff888035691e20 R15: ffff888035691e18 [ 79.042946][ T8388] ? wake_up_klogd.part.0+0x8e/0xd0 [ 79.048135][ T8388] ? vprintk_func+0x95/0x1e0 [ 79.052725][ T8388] ? drv_bss_info_changed+0x4f8/0x5f0 [ 79.058108][ T8388] ieee80211_bss_info_change_notify+0x9a/0xc0 [ 79.064164][ T8388] ieee80211_set_mcast_rate+0x37/0x40 [ 79.069537][ T8388] ? ieee80211_get_mesh_config+0x30/0x30 [ 79.075168][ T8388] nl80211_set_mcast_rate+0x317/0x610 [ 79.080537][ T8388] ? nl80211_nan_add_func+0x1940/0x1940 [ 79.086064][ T8388] ? nl80211_pre_doit+0xa6/0x5c0 [ 79.090984][ T8388] genl_family_rcv_msg_doit+0x228/0x320 [ 79.096526][ T8388] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 79.103882][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 79.110108][ T8388] ? cap_capable+0x1f1/0x280 [ 79.114684][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 79.120909][ T8388] ? ns_capable+0xde/0x100 [ 79.125324][ T8388] genl_rcv_msg+0x328/0x580 [ 79.129813][ T8388] ? genl_get_cmd+0x480/0x480 [ 79.134473][ T8388] ? nl80211_nan_add_func+0x1940/0x1940 [ 79.140017][ T8388] ? lock_release+0x720/0x720 [ 79.144679][ T8388] netlink_rcv_skb+0x153/0x420 [ 79.149426][ T8388] ? genl_get_cmd+0x480/0x480 [ 79.154098][ T8388] ? netlink_ack+0xaa0/0xaa0 [ 79.158671][ T8388] genl_rcv+0x24/0x40 [ 79.162635][ T8388] netlink_unicast+0x533/0x7d0 [ 79.167382][ T8388] ? netlink_attachskb+0x870/0x870 [ 79.172476][ T8388] netlink_sendmsg+0x856/0xd90 [ 79.177226][ T8388] ? netlink_unicast+0x7d0/0x7d0 [ 79.182149][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 79.188376][ T8388] ? netlink_unicast+0x7d0/0x7d0 [ 79.193298][ T8388] sock_sendmsg+0xcf/0x120 [ 79.197702][ T8388] ____sys_sendmsg+0x6e8/0x810 [ 79.202451][ T8388] ? kernel_sendmsg+0x50/0x50 [ 79.207118][ T8388] ? do_recvmmsg+0x6d0/0x6d0 [ 79.211690][ T8388] ? lock_chain_count+0x20/0x20 [ 79.216536][ T8388] ? find_held_lock+0x2d/0x110 [ 79.221298][ T8388] ___sys_sendmsg+0xf3/0x170 [ 79.225888][ T8388] ? sendmsg_copy_msghdr+0x160/0x160 [ 79.231169][ T8388] ? __lock_acquire+0x16b3/0x54c0 [ 79.236178][ T8388] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 79.242160][ T8388] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 79.248388][ T8388] ? __fget_light+0x215/0x280 [ 79.253049][ T8388] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 79.259276][ T8388] __sys_sendmsg+0xe5/0x1b0 [ 79.263766][ T8388] ? __sys_sendmsg_sock+0x30/0x30 [ 79.268776][ T8388] ? syscall_enter_from_user_mode+0x27/0x70 [ 79.274656][ T8388] do_syscall_64+0x2d/0x70 [ 79.279055][ T8388] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.284935][ T8388] RIP: 0033:0x440879 [ 79.288810][ T8388] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 79.308407][ T8388] RSP: 002b:00007ffebbd0cb08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 79.316813][ T8388] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000440879 [ 79.324785][ T8388] RDX: 0000000000000080 RSI: 00000000200002c0 RDI: 0000000000000004 [ 79.332854][ T8388] RBP: 0000000000000003 R08: 0000000c00000001 R09: 0000000c00000001 [ 79.340809][ T8388] R10: 0000000c00000001 R11: 0000000000000246 R12: 0000000000000031 [ 79.348764][ T8388] R13: 00007ffebbd0cb50 R14: 00007ffebbd0cb3a R15: 00000000004b7410 [ 79.356926][ T8388] Kernel Offset: disabled [ 79.361368][ T8388] Rebooting in 86400 seconds..