Warning: Permanently added '[localhost]:52432' (ED25519) to the list of known hosts.
[  142.956855][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.963708][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.016897][  T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.031982][  T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.046354][  T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.057866][  T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.092359][  T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.108584][  T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.120341][  T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.125985][  T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.174480][  T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.189414][  T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.234370][  T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.260018][  T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.313698][  T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.367403][  T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  143.634002][   T15] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[  143.645515][   T15] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.665712][ T5338] warning: `syz-executor906' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  143.764192][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.792014][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  144.207466][   T15] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.243360][   T15] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  144.531580][  T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.701306][  T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
executing program
executing program
executing program
executing program
[  146.669492][  T131] wlan1: Trigger new scan to find an IBSS to join
[  146.672718][  T131] ------------[ cut here ]------------
[  146.675019][  T131] UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5
[  146.688352][  T131] index 0 is out of range for type 'struct ieee80211_channel *[] __counted_by(n_channels)' (aka 'struct ieee80211_channel *[]')
[  146.714098][ T5342] loop0: detected capacity change from 0 to 32768
[  146.793167][  T131] CPU: 0 UID: 0 PID: 131 Comm: kworker/u4:5 Not tainted 6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  146.793187][  T131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.793194][  T131] Workqueue: events_unbound cfg80211_wiphy_work
[  146.793383][  T131] Call Trace:
[  146.793389][  T131]  <TASK>
[  146.793394][  T131]  dump_stack_lvl+0x189/0x250
[  146.793414][  T131]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.793430][  T131]  ? __pfx__printk+0x10/0x10
[  146.793447][  T131]  ubsan_epilogue+0xa/0x40
[  146.793458][  T131]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  146.793509][  T131]  ieee80211_request_ibss_scan+0x600/0x8b0
[  146.793531][  T131]  ieee80211_ibss_work+0xde7/0x1060
[  146.793570][  T131]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  146.793592][  T131]  ? ieee80211_iface_work+0xf39/0xfe0
[  146.793605][  T131]  ? rcu_is_watching+0x15/0xb0
[  146.793625][  T131]  cfg80211_wiphy_work+0x2dc/0x460
[  146.793640][  T131]  ? process_scheduled_works+0x9ec/0x17a0
[  146.793659][  T131]  process_scheduled_works+0xadb/0x17a0
[  146.793692][  T131]  ? __pfx_process_scheduled_works+0x10/0x10
[  146.793718][  T131]  worker_thread+0x8a0/0xda0
[  146.793730][  T131]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  146.793752][  T131]  ? __kthread_parkme+0x7b/0x200
[  146.793769][  T131]  kthread+0x70e/0x8a0
[  146.793784][  T131]  ? __pfx_worker_thread+0x10/0x10
[  146.793793][  T131]  ? __pfx_kthread+0x10/0x10
[  146.793806][  T131]  ? __pfx_kthread+0x10/0x10
[  146.793817][  T131]  ? _raw_spin_unlock_irq+0x23/0x50
[  146.793832][  T131]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.793843][  T131]  ? __pfx_kthread+0x10/0x10
[  146.793854][  T131]  ret_from_fork+0x4b/0x80
[  146.793864][  T131]  ? __pfx_kthread+0x10/0x10
[  146.793876][  T131]  ret_from_fork_asm+0x1a/0x30
[  146.793895][  T131]  </TASK>
[  146.794274][  T131] ---[ end trace ]---
executing program
executing program
[  147.837582][  T131] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  147.840524][  T131] CPU: 0 UID: 0 PID: 131 Comm: kworker/u4:5 Not tainted 6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  147.847762][  T131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.860255][  T131] Workqueue: events_unbound cfg80211_wiphy_work
[  147.880405][  T131] Call Trace:
[  147.881916][  T131]  <TASK>
[  147.883727][  T131]  dump_stack_lvl+0x99/0x250
[  147.885677][  T131]  ? __asan_memcpy+0x40/0x70
[  147.887555][  T131]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.891567][  T131]  ? __pfx__printk+0x10/0x10
[  147.896346][  T131]  panic+0x2db/0x790
[  147.901946][  T131]  ? __pfx_panic+0x10/0x10
[  147.908144][  T131]  ? _printk+0xcf/0x120
[  147.911200][  T131]  ? __pfx__printk+0x10/0x10
[  147.915214][  T131]  check_panic_on_warn+0x89/0xb0
[  147.919386][  T131]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  147.923238][  T131]  ieee80211_request_ibss_scan+0x600/0x8b0
[  147.928173][  T131]  ieee80211_ibss_work+0xde7/0x1060
[  147.931099][  T131]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  147.934114][  T131]  ? ieee80211_iface_work+0xf39/0xfe0
[  147.936941][  T131]  ? rcu_is_watching+0x15/0xb0
[  147.939358][  T131]  cfg80211_wiphy_work+0x2dc/0x460
[  147.942104][  T131]  ? process_scheduled_works+0x9ec/0x17a0
[  147.949843][  T131]  process_scheduled_works+0xadb/0x17a0
[  147.953759][  T131]  ? __pfx_process_scheduled_works+0x10/0x10
[  147.959152][  T131]  worker_thread+0x8a0/0xda0
[  147.963607][  T131]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  147.967034][  T131]  ? __kthread_parkme+0x7b/0x200
[  147.970218][  T131]  kthread+0x70e/0x8a0
[  147.972874][  T131]  ? __pfx_worker_thread+0x10/0x10
[  147.978599][  T131]  ? __pfx_kthread+0x10/0x10
[  147.985608][  T131]  ? __pfx_kthread+0x10/0x10
[  147.988604][  T131]  ? _raw_spin_unlock_irq+0x23/0x50
[  147.992019][  T131]  ? lockdep_hardirqs_on+0x9c/0x150
[  147.995835][  T131]  ? __pfx_kthread+0x10/0x10
[  147.998424][  T131]  ret_from_fork+0x4b/0x80
[  148.003479][  T131]  ? __pfx_kthread+0x10/0x10
[  148.010116][  T131]  ret_from_fork_asm+0x1a/0x30
[  148.015619][  T131]  </TASK>
[  148.018863][  T131] Kernel Offset: disabled
[  148.024408][  T131] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:05:41  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000032 RBX=0000000000000032 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90001a6f210
R8 =ffff888000d18237 R9 =1ffff110001a3046 R10=dffffc0000000000 R11=ffffffff853d7f30
R12=dffffc0000000000 R13=ffffffff99846c87 R14=ffffffff99b4bbc0 R15=0000000000000000
RIP=ffffffff853d7fac RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808d6cc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fdb5f9bd000 CR3=000000003e185000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000440401 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe21703350 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000c00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65723d73726f7272 6500747865003036 36396f7369007265 6c6c616b7a797300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40571856574a5757 4000515d40001513 131c4a564c005740 4949444e5f5c5600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000