[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.10.56' (ECDSA) to the list of known hosts.
executing program
executing program
syzkaller login: [   56.630725][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   56.664550][ T8471] general protection fault, probably for non-canonical address 0xfbd59c0000000020: 0000 [#1] PREEMPT SMP KASAN
[   56.676490][ T8471] KASAN: maybe wild-memory-access in range [0xdead000000000100-0xdead000000000107]
[   56.685777][ T8471] CPU: 0 PID: 8471 Comm: syz-executor679 Not tainted 5.11.0-rc6-syzkaller #0
[   56.694542][ T8471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.704686][ T8471] RIP: 0010:ieee80211_chanctx_num_assigned+0xb1/0x140
[   56.711570][ T8471] Code: a8 f6 ff ff 48 39 c5 74 3b 49 bd 00 00 00 00 00 fc ff df e8 c1 76 14 f9 48 8d bb 58 09 00 00 41 83 c4 01 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 75 68 48 8b 83 58 09 00 00 48 8d 98 a8 f6 ff ff 48
[   56.731891][ T8471] RSP: 0018:ffffc900015df330 EFLAGS: 00010212
[   56.738292][ T8471] RAX: 1bd5a00000000020 RBX: deacfffffffff7a8 RCX: 0000000000000000
[   56.746684][ T8471] RDX: ffff888017650000 RSI: ffffffff885e5a9f RDI: dead000000000100
[   56.754869][ T8471] RBP: ffff888021788d20 R08: 0000000000000000 R09: 0000000000000001
[   56.763032][ T8471] R10: ffffffff885e5afb R11: 0000000000000000 R12: 0000000000000002
[   56.771250][ T8471] R13: dffffc0000000000 R14: ffff888021788d00 R15: 0000000000000000
[   56.779642][ T8471] FS:  00000000020c23c0(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[   56.789036][ T8471] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.796256][ T8471] CR2: 00000000004b6110 CR3: 000000001380d000 CR4: 0000000000350ef0
[   56.804717][ T8471] Call Trace:
[   56.808080][ T8471]  ieee80211_assign_vif_chanctx+0x7b8/0x1230
[   56.814161][ T8471]  __ieee80211_vif_release_channel+0x236/0x430
[   56.820491][ T8471]  ieee80211_vif_release_channel+0x117/0x220
[   56.826775][ T8471]  ieee80211_ibss_disconnect+0x44e/0x7b0
[   56.832410][ T8471]  ieee80211_ibss_leave+0x12/0xe0
[   56.837520][ T8471]  __cfg80211_leave_ibss+0x19a/0x4c0
[   56.842803][ T8471]  cfg80211_leave_ibss+0x57/0x80
[   56.847828][ T8471]  cfg80211_change_iface+0x7f2/0xf10
[   56.853122][ T8471]  nl80211_set_interface+0x65c/0x8d0
[   56.858407][ T8471]  ? nl80211_notify_iface+0x180/0x180
[   56.863792][ T8471]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[   56.870061][ T8471]  ? nl80211_pre_doit+0xa2/0x630
[   56.875000][ T8471]  genl_family_rcv_msg_doit+0x228/0x320
[   56.880546][ T8471]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[   56.887914][ T8471]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.894170][ T8471]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.900411][ T8471]  ? ns_capable+0xde/0x100
[   56.904824][ T8471]  genl_rcv_msg+0x328/0x580
[   56.909326][ T8471]  ? genl_get_cmd+0x480/0x480
[   56.914004][ T8471]  ? nl80211_notify_iface+0x180/0x180
[   56.919395][ T8471]  ? lock_release+0x710/0x710
[   56.924076][ T8471]  netlink_rcv_skb+0x153/0x420
[   56.928837][ T8471]  ? genl_get_cmd+0x480/0x480
[   56.933515][ T8471]  ? netlink_ack+0xaa0/0xaa0
[   56.938126][ T8471]  genl_rcv+0x24/0x40
[   56.942102][ T8471]  netlink_unicast+0x533/0x7d0
[   56.946873][ T8471]  ? netlink_attachskb+0x870/0x870
[   56.952055][ T8471]  ? _copy_from_iter_full+0x275/0x850
[   56.957438][ T8471]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   56.963678][ T8471]  ? __phys_addr_symbol+0x2c/0x70
[   56.968740][ T8471]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   56.974675][ T8471]  ? __check_object_size+0x171/0x3f0
[   56.980008][ T8471]  netlink_sendmsg+0x856/0xd90
[   56.984778][ T8471]  ? netlink_unicast+0x7d0/0x7d0
[   56.989701][ T8471]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.995943][ T8471]  ? netlink_unicast+0x7d0/0x7d0
[   57.000868][ T8471]  sock_sendmsg+0xcf/0x120
[   57.005270][ T8471]  ____sys_sendmsg+0x6e8/0x810
[   57.010037][ T8471]  ? kernel_sendmsg+0x50/0x50
[   57.014702][ T8471]  ? do_recvmmsg+0x6c0/0x6c0
[   57.019371][ T8471]  ? find_held_lock+0x2d/0x110
[   57.024122][ T8471]  ___sys_sendmsg+0xf3/0x170
[   57.028713][ T8471]  ? sendmsg_copy_msghdr+0x160/0x160
[   57.033995][ T8471]  ? _copy_to_user+0xdc/0x150
[   57.038655][ T8471]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   57.044881][ T8471]  ? sock_do_ioctl+0x168/0x2d0
[   57.049629][ T8471]  ? compat_ifr_data_ioctl+0x150/0x150
[   57.055070][ T8471]  ? __sanitizer_cov_trace_switch+0x63/0xf0
[   57.060959][ T8471]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   57.067204][ T8471]  ? __fget_light+0x215/0x280
[   57.071864][ T8471]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   57.078174][ T8471]  __sys_sendmsg+0xe5/0x1b0
[   57.082676][ T8471]  ? __sys_sendmsg_sock+0xb0/0xb0
[   57.087685][ T8471]  ? syscall_enter_from_user_mode+0x1d/0x50
[   57.093578][ T8471]  do_syscall_64+0x2d/0x70
[   57.097981][ T8471]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   57.103861][ T8471] RIP: 0033:0x4415b9
[   57.107743][ T8471] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c4 ff ff ff f7 d8 64 89 01 48
[   57.127331][ T8471] RSP: 002b:00007ffe1aab43c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.135910][ T8471] RAX: ffffffffffffffda RBX: 000000000000dd13 RCX: 00000000004415b9
[   57.143970][ T8471] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004
[   57.151927][ T8471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   57.159983][ T8471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe1aab43fc
[   57.167954][ T8471] R13: 431bde82d7b634db R14: 00007ffe1aab4410 R15: 00000000004004b8
[   57.175921][ T8471] Modules linked in:
[   57.181389][ T8471] ---[ end trace acd08ff3c58f91de ]---
[   57.186858][ T8471] RIP: 0010:ieee80211_chanctx_num_assigned+0xb1/0x140
[   57.193758][ T8471] Code: a8 f6 ff ff 48 39 c5 74 3b 49 bd 00 00 00 00 00 fc ff df e8 c1 76 14 f9 48 8d bb 58 09 00 00 41 83 c4 01 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 75 68 48 8b 83 58 09 00 00 48 8d 98 a8 f6 ff ff 48
[   57.213503][ T8471] RSP: 0018:ffffc900015df330 EFLAGS: 00010212
[   57.219577][ T8471] RAX: 1bd5a00000000020 RBX: deacfffffffff7a8 RCX: 0000000000000000
[   57.228545][ T8471] RDX: ffff888017650000 RSI: ffffffff885e5a9f RDI: dead000000000100
[   57.236907][ T8471] RBP: ffff888021788d20 R08: 0000000000000000 R09: 0000000000000001
[   57.252783][ T8471] R10: ffffffff885e5afb R11: 0000000000000000 R12: 0000000000000002
[   57.261082][ T8471] R13: dffffc0000000000 R14: ffff888021788d00 R15: 0000000000000000
[   57.269058][ T8471] FS:  00000000020c23c0(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[   57.278537][ T8471] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   57.285406][ T8471] CR2: 00007f5e2c48a080 CR3: 000000001380d000 CR4: 0000000000350ef0
[   57.294072][ T8471] Kernel panic - not syncing: Fatal exception
[   57.303809][ T8471] Kernel Offset: disabled
[   57.308132][ T8471] Rebooting in 86400 seconds..