[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.115' (ECDSA) to the list of known hosts. syzkaller login: [ 290.758644] IPVS: ftp: loaded support on port[0] = 21 [ 290.771794] IPVS: ftp: loaded support on port[0] = 21 [ 290.784161] IPVS: ftp: loaded support on port[0] = 21 [ 290.785616] IPVS: ftp: loaded support on port[0] = 21 [ 290.807117] IPVS: ftp: loaded support on port[0] = 21 [ 290.814003] IPVS: ftp: loaded support on port[0] = 21 [ 290.981444] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 291.002933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.012863] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.021612] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 291.051954] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 291.087002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.111394] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.122286] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 291.154516] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready executing program [ 291.198876] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.224460] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 291.230485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.242933] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 291.249522] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 291.258125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.266542] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.286679] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 291.301667] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 291.310537] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.317659] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.326526] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 291.346121] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 291.357425] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 291.370704] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.378086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.399959] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.416561] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 291.423139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.451719] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.459432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.474541] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 291.501551] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 291.515520] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 291.528678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.532100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.538666] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready executing program [ 291.543484] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.551120] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 291.556481] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.587445] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 291.596681] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program executing program [ 291.605953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.614256] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 291.623490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.633974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.644542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.654357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program executing program executing program [ 292.194666] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 308.988240] WARNING: CPU: 1 PID: 8738 at net/mac80211/tx.c:4154 __ieee80211_beacon_get+0x1678/0x1a30 [ 308.997673] Kernel panic - not syncing: panic_on_warn set ... [ 308.997673] [ 309.005038] CPU: 1 PID: 8738 Comm: syz-executor152 Not tainted 4.19.211-syzkaller #0 [ 309.012911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 309.022263] Call Trace: [ 309.024842] [ 309.026997] dump_stack+0x1fc/0x2ef [ 309.030625] panic+0x26a/0x50e [ 309.033813] ? __warn_printk+0xf3/0xf3 [ 309.037703] ? __ieee80211_beacon_get+0x1678/0x1a30 [ 309.042717] ? __probe_kernel_read+0x130/0x1b0 [ 309.047292] ? __warn.cold+0x5/0x5a [ 309.050914] ? __warn+0xe4/0x200 [ 309.054281] ? __ieee80211_beacon_get+0x1678/0x1a30 [ 309.059292] __warn.cold+0x20/0x5a [ 309.062916] ? __lock_acquire+0x6de/0x3ff0 [ 309.067147] ? __ieee80211_beacon_get+0x1678/0x1a30 [ 309.072159] report_bug+0x262/0x2b0 [ 309.075785] do_error_trap+0x1d7/0x310 [ 309.079674] ? math_error+0x310/0x310 [ 309.083471] ? mark_held_locks+0xf0/0xf0 [ 309.087530] ? error_entry+0x72/0xd0 [ 309.091247] ? trace_hardirqs_off_caller+0x6e/0x210 [ 309.096270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.101118] invalid_op+0x14/0x20 [ 309.104572] RIP: 0010:__ieee80211_beacon_get+0x1678/0x1a30 [ 309.110194] Code: 85 70 03 00 00 41 0f b6 45 24 31 ff 44 8d 60 ff 45 88 65 24 44 89 e6 e8 e6 9f bf f9 45 84 e4 0f 85 4f f5 ff ff e8 a8 9e bf f9 <0f> 0b e9 43 f5 ff ff e8 9c 9e bf f9 e8 c7 c6 ad f9 31 ff 41 89 c4 [ 309.129870] RSP: 0018:ffff8880ba107c18 EFLAGS: 00010206 [ 309.135217] RAX: ffff8880a53d8200 RBX: ffff888098752cf8 RCX: ffffffff87a2e6ba [ 309.142473] RDX: 0000000000000100 RSI: ffffffff87a2e6c8 RDI: 0000000000000001 [ 309.149826] RBP: ffff888096e113c0 R08: 0000000000000000 R09: 0000000000000000 [ 309.157089] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 309.164356] R13: ffff8880b30bb400 R14: 0000000000000000 R15: ffff8880ba107d60 [ 309.171652] ? __ieee80211_beacon_get+0x166a/0x1a30 [ 309.176674] ? __ieee80211_beacon_get+0x1678/0x1a30 [ 309.181679] ? __ieee80211_beacon_get+0x1678/0x1a30 [ 309.186690] ? ieee80211_csa_update_counter+0x470/0x470 [ 309.192041] ? lock_downgrade+0x720/0x720 [ 309.196536] ? lock_acquire+0x170/0x3c0 [ 309.200511] ? debug_object_deactivate+0xfc/0x2e0 [ 309.205354] ? mark_held_locks+0xf0/0xf0 [ 309.209418] ieee80211_beacon_get_tim+0x88/0x890 [ 309.214181] ? ieee80211_beacon_get_template+0x30/0x30 [ 309.219460] ? lock_acquire+0x170/0x3c0 [ 309.223431] ? clockevents_program_event+0x141/0x350 [ 309.228535] mac80211_hwsim_beacon_tx+0xff/0x680 [ 309.233290] __iterate_interfaces+0x2e1/0x4a0 [ 309.237783] ? hwsim_send_ps_poll+0x510/0x510 [ 309.242278] ? hwsim_send_ps_poll+0x510/0x510 [ 309.246776] ieee80211_iterate_active_interfaces_atomic+0x8d/0x170 [ 309.253101] mac80211_hwsim_beacon+0xc9/0x190 [ 309.257597] __tasklet_hrtimer_trampoline+0x29/0xa0 [ 309.262611] tasklet_action_common.constprop.0+0x265/0x360 [ 309.268241] __do_softirq+0x265/0x980 [ 309.272047] irq_exit+0x215/0x260 [ 309.275499] smp_apic_timer_interrupt+0x136/0x550 [ 309.280341] apic_timer_interrupt+0xf/0x20 [ 309.284567] [ 309.286801] RIP: 0010:___sys_recvmsg+0x389/0x570 [ 309.291554] Code: 03 80 3c 02 00 0f 85 f7 01 00 00 31 ff 44 89 fe 48 8b 5b 38 e8 78 ab f4 fa 45 85 ff 0f 88 28 01 00 00 e8 fa a9 f4 fa 0f 01 cb <48> 89 d8 31 db 48 2b 44 24 30 49 89 45 28 0f 01 ca 48 63 db e8 de [ 309.310460] RSP: 0018:ffff88808f5afa70 EFLAGS: 00040293 ORIG_RAX: ffffffffffffff13 [ 309.318166] RAX: ffff8880a53d8200 RBX: 0000000000000000 RCX: ffffffff866ddb68 [ 309.325954] RDX: 0000000000000000 RSI: ffffffff866ddb76 RDI: 0000000000000005 [ 309.333262] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 309.340527] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000 [ 309.347789] R13: 00000000201ae0c0 R14: 0000000000000000 R15: 0000000000000002 [ 309.355075] ? ___sys_recvmsg+0x378/0x570 [ 309.359218] ? ___sys_recvmsg+0x386/0x570 [ 309.363372] ? ___sys_sendmsg+0x8e0/0x8e0 [ 309.367522] ? mark_held_locks+0xf0/0xf0 [ 309.371589] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 309.376167] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 309.380925] ? rcu_nmi_exit+0xb3/0x180 [ 309.384832] ? retint_kernel+0x2d/0x2d [ 309.388738] ? __might_fault+0x11f/0x1d0 [ 309.392812] ? lock_downgrade+0x720/0x720 [ 309.397486] ? lock_acquire+0x170/0x3c0 [ 309.401476] __sys_recvmmsg+0x254/0x6d0 [ 309.405459] ? __ia32_sys_recvmsg+0x220/0x220 [ 309.409966] ? finish_task_switch+0x146/0x760 [ 309.414463] do_sys_recvmmsg+0x172/0x190 [ 309.418523] ? finish_task_switch+0x118/0x760 [ 309.423015] ? __sys_recvmmsg+0x6d0/0x6d0 [ 309.427163] ? ret_from_fork+0x8/0x30 [ 309.430988] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 309.436352] __x64_sys_recvmmsg+0xba/0x150 [ 309.440593] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 309.445173] do_syscall_64+0xf9/0x620 [ 309.448991] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.454174] RIP: 0033:0x7fb6d4bade89 [ 309.457885] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 309.476780] RSP: 002b:00007fb6d4b3c308 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 309.484482] RAX: ffffffffffffffda RBX: 00007fb6d4c364f8 RCX: 00007fb6d4bade89 [ 309.491745] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003 [ 309.499019] RBP: 00007fb6d4c364f0 R08: 0000000000000000 R09: 0000000000000000 [ 309.506287] R10: 0000000000000002 R11: 0000000000000246 R12: 00007fb6d4c364fc [ 309.513560] R13: 00007fb6d4c033b4 R14: 0031313230386c6e R15: 0000000000022000 [ 309.521078] Kernel Offset: disabled [ 309.524750] Rebooting in 86400 seconds..