------------[ cut here ]------------
WARNING: CPU: 0 PID: 4416 at net/mac80211/tx.c:4929 __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:4929 [inline]
WARNING: CPU: 0 PID: 4416 at net/mac80211/tx.c:4929 __ieee80211_beacon_get+0x1518/0x1aa4 net/mac80211/tx.c:5248
Modules linked in:
CPU: 0 PID: 4416 Comm: syz-executor359 Not tainted 6.1.87-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
pstate: 00401005 (nzcv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--)
pc : __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:4929 [inline]
pc : __ieee80211_beacon_get+0x1518/0x1aa4 net/mac80211/tx.c:5248
lr : __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:4929 [inline]
lr : __ieee80211_beacon_get+0x1518/0x1aa4 net/mac80211/tx.c:5248
sp : ffff8000080078e0
x29: ffff800008007aa0 x28: ffff700001000f30 x27: ffff0000c3e14000
x26: ffff0000d82e0ea0 x25: ffff0000db30a260 x24: ffff800008007b40
x23: ffff0000c3e04458 x22: ffff0000db308c80 x21: 0000000000000000
x20: ffff0000db30a798 x19: dfff800000000000 x18: 0000000000000150
x17: 00000000ffff0000 x16: ffff8000084fae94 x15: 0000000000000000
x14: 0000000000000007 x13: ffff0000c38f0000 x12: 0000000000ff0100
x11: 0000000000ff0100 x10: 0000000000000000 x9 : ffff800011ab29ec
x8 : ffff0000c38f0000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800011ab178c
x2 : 000000000000000a x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:4929 [inline]
 __ieee80211_beacon_get+0x1518/0x1aa4 net/mac80211/tx.c:5248
 ieee80211_beacon_get_tim+0xb4/0x4ec net/mac80211/tx.c:5335
 ieee80211_beacon_get include/net/mac80211.h:5245 [inline]
 mac80211_hwsim_beacon_tx+0x1fc/0x94c drivers/net/wireless/mac80211_hwsim.c:2086
 __iterate_interfaces+0x204/0x484 net/mac80211/util.c:788
 ieee80211_iterate_active_interfaces_atomic+0xd4/0x180 net/mac80211/util.c:824
 mac80211_hwsim_beacon+0xcc/0x1c8 drivers/net/wireless/mac80211_hwsim.c:2142
 __run_hrtimer kernel/time/hrtimer.c:1686 [inline]
 __hrtimer_run_queues+0x4b0/0xdc0 kernel/time/hrtimer.c:1750
 hrtimer_run_softirq+0x158/0x21c kernel/time/hrtimer.c:1767
 __do_softirq+0x314/0xe38 kernel/softirq.c:571
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:893
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:85
 invoke_softirq kernel/softirq.c:452 [inline]
 __irq_exit_rcu+0x264/0x4d4 kernel/softirq.c:650
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:662
 __el1_irq arch/arm64/kernel/entry-common.c:472 [inline]
 el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:486
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:491
 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:581
 check_region_inline mm/kasan/generic.c:175 [inline]
 kasan_check_range+0x24/0x2a4 mm/kasan/generic.c:189
 __kasan_check_read+0x2c/0x3c mm/kasan/shadow.c:31
 instrument_atomic_read include/linux/instrumented.h:72 [inline]
 atomic_long_read include/linux/atomic/atomic-instrumented.h:1265 [inline]
 zone_page_state include/linux/vmstat.h:204 [inline]
 zone_watermark_fast+0x50/0x1e8 mm/page_alloc.c:4041
 get_page_from_freelist+0x39c/0x3190 mm/page_alloc.c:4233
 __alloc_pages+0x220/0x730 mm/page_alloc.c:5547
 alloc_pages+0x494/0x760
 alloc_slab_page+0xa0/0x15c mm/slub.c:1794
 allocate_slab mm/slub.c:1939 [inline]
 new_slab+0xa0/0x2f4 mm/slub.c:1992
 ___slab_alloc+0x8bc/0xee0 mm/slub.c:3180
 __slab_alloc mm/slub.c:3279 [inline]
 slab_alloc_node mm/slub.c:3364 [inline]
 slab_alloc mm/slub.c:3406 [inline]
 __kmem_cache_alloc_lru mm/slub.c:3413 [inline]
 kmem_cache_alloc+0x2cc/0x37c mm/slub.c:3422
 kmem_cache_zalloc include/linux/slab.h:682 [inline]
 alloc_buffer_head+0x2c/0x150 fs/buffer.c:2899
 alloc_page_buffers+0x398/0x980 fs/buffer.c:829
 create_empty_buffers+0x4c/0x5c4 fs/buffer.c:1543
 ext4_block_write_begin+0x27c/0x1130 fs/ext4/inode.c:1082
 ext4_da_write_begin+0x4c0/0xa68 fs/ext4/inode.c:3012
 generic_perform_write+0x278/0x55c mm/filemap.c:3817
 ext4_buffered_write_iter+0x2e0/0x538 fs/ext4/file.c:285
 ext4_file_write_iter+0x18c/0x1638
 call_write_iter include/linux/fs.h:2265 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x610/0x914 fs/read_write.c:584
 ksys_write+0x15c/0x26c fs/read_write.c:637
 __do_sys_write fs/read_write.c:649 [inline]
 __se_sys_write fs/read_write.c:646 [inline]
 __arm64_sys_write+0x7c/0x90 fs/read_write.c:646
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 66009
hardirqs last  enabled at (66008): [<ffff80001223c6dc>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (66008): [<ffff80001223c6dc>] _raw_spin_unlock_irqrestore+0x48/0xac kernel/locking/spinlock.c:194
hardirqs last disabled at (66009): [<ffff800012158694>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last  enabled at (61956): [<ffff800008020d7c>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last  enabled at (61956): [<ffff800008020d7c>] __do_softirq+0xc1c/0xe38 kernel/softirq.c:600
softirqs last disabled at (65979): [<ffff80000802a99c>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80
---[ end trace 0000000000000000 ]---