Warning: Permanently added '10.128.0.9' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 42.799549] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready executing program executing program [ 42.865506] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.883803] kasan: CONFIG_KASAN_INLINE enabled [ 42.890098] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 42.915215] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 42.921471] Modules linked in: [ 42.924871] CPU: 0 PID: 8019 Comm: syz-executor135 Not tainted 4.14.202-syzkaller #0 [ 42.932784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.942485] task: ffff888095b4c000 task.stack: ffff888094488000 [ 42.948548] RIP: 0010:ieee80211_chanctx_num_assigned+0xa5/0x120 [ 42.954603] RSP: 0018:ffff88809448f4a8 EFLAGS: 00010a02 [ 42.960256] RAX: 1bd5a00000000020 RBX: deacfffffffff920 RCX: 1ffffffff1279ee0 [ 42.967643] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: dead000000000100 [ 42.974917] RBP: ffff8880af104220 R08: 0000000000000000 R09: 000000000004058d [ 42.982458] R10: ffff888095b4c950 R11: ffff888095b4c000 R12: 0000000000000002 [ 42.989729] R13: dffffc0000000000 R14: ffff8880af104200 R15: 0000000000000000 [ 42.996998] FS: 00007fe1c8e6b700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 43.005334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.011309] CR2: 00007ff7ebdec018 CR3: 00000000aadf5000 CR4: 00000000001406f0 [ 43.018581] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.025886] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.033152] Call Trace: [ 43.035741] ieee80211_assign_vif_chanctx+0x65e/0x1370 [ 43.041021] __ieee80211_vif_release_channel+0x1ef/0x3f0 [ 43.046473] ieee80211_vif_release_channel+0xef/0x1f0 [ 43.051670] ieee80211_ibss_disconnect+0x527/0xd40 [ 43.056604] ieee80211_ibss_leave+0x12/0xd8 [ 43.060930] __cfg80211_leave_ibss+0x14c/0x6d0 [ 43.065687] cfg80211_leave_ibss+0x54/0x70 [ 43.069924] cfg80211_change_iface+0x791/0x13d0 [ 43.074598] nl80211_set_interface+0x588/0x760 [ 43.079201] ? nl80211_nan_del_func+0x830/0x830 [ 43.083878] ? nl80211_dump_interface+0x640/0x640 [ 43.088826] ? nl80211_pre_doit+0x79/0x510 [ 43.093078] genl_family_rcv_msg+0x572/0xb20 [ 43.097753] ? genl_rcv+0x40/0x40 [ 43.101204] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 43.106663] ? trace_hardirqs_on+0x10/0x10 [ 43.110895] ? sock_sendmsg+0xb5/0x100 [ 43.114790] genl_rcv_msg+0xaf/0x140 [ 43.118600] netlink_rcv_skb+0x125/0x390 [ 43.122674] ? genl_family_rcv_msg+0xb20/0xb20 [ 43.127258] ? netlink_ack+0x9a0/0x9a0 [ 43.131569] ? lock_acquire+0x170/0x3f0 [ 43.135536] genl_rcv+0x24/0x40 [ 43.139019] netlink_unicast+0x437/0x610 [ 43.143063] ? netlink_sendskb+0xd0/0xd0 [ 43.147179] ? __check_object_size+0x179/0x22c [ 43.151779] netlink_sendmsg+0x62e/0xb80 [ 43.155826] ? nlmsg_notify+0x170/0x170 [ 43.159775] ? kernel_recvmsg+0x210/0x210 [ 43.164027] ? security_socket_sendmsg+0x83/0xb0 [ 43.168763] ? nlmsg_notify+0x170/0x170 [ 43.172714] sock_sendmsg+0xb5/0x100 [ 43.176413] ___sys_sendmsg+0x6c8/0x800 [ 43.180398] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 43.185149] ? do_futex+0x12b/0x1930 [ 43.188843] ? __fget+0x1fe/0x360 [ 43.192275] ? lock_acquire+0x170/0x3f0 [ 43.196242] ? lock_downgrade+0x740/0x740 [ 43.200368] ? __fget+0x225/0x360 [ 43.203799] ? __fdget+0x196/0x1f0 [ 43.207336] ? sockfd_lookup_light+0xb2/0x160 [ 43.211838] __sys_sendmsg+0xa3/0x120 [ 43.215619] ? SyS_shutdown+0x160/0x160 [ 43.219574] SyS_sendmsg+0x27/0x40 [ 43.223106] ? __sys_sendmsg+0x120/0x120 [ 43.227161] do_syscall_64+0x1d5/0x640 [ 43.231032] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 43.236214] RIP: 0033:0x447629 [ 43.239395] RSP: 002b:00007fe1c8e6ad98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 43.247092] RAX: ffffffffffffffda RBX: 00000000006dcc78 RCX: 0000000000447629 [ 43.254353] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000005 [ 43.261777] RBP: 00000000006dcc70 R08: 0000000000000005 R09: 0000000000000000 [ 43.269028] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006dcc7c [ 43.276350] R13: 0000000000000000 R14: 000000306e616c77 R15: 0000000000000300 [ 43.283691] Code: 98 20 f8 ff ff 48 39 c5 74 3b 49 bd 00 00 00 00 00 fc ff df e8 cd ff 7b fa 48 8d bb e0 07 00 00 41 83 c4 01 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 75 5d 48 8b 83 e0 07 00 00 48 8d 98 20 f8 ff ff [ 43.302775] RIP: ieee80211_chanctx_num_assigned+0xa5/0x120 RSP: ffff88809448f4a8 [ 43.312136] ---[ end trace 42bdb776e0c3a453 ]--- [ 43.316954] Kernel panic - not syncing: Fatal exception [ 43.323080] Kernel Offset: disabled [ 43.326692] Rebooting in 86400 seconds..