program: r0 = socket$inet_dccp(0x2, 0x6, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000480)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r6 = socket(0x10, 0x3, 0x0) sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)="1c00000021006bcd210002006e04000081000010000000017aa60864", 0x1c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_X86_SET_MCE(r8, 0x4040ae9e, &(0x7f0000000400)={0x34a9c003bf07aadc, 0xffff1000, 0x8, 0x3, 0x1}) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) close(r7) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r11, 0x5761, &(0x7f0000000040)={0x1, 0x0, [{}]}) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r10, 0x5761, 0x0) sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="50000000080211000001ffffffffffff0802110000000000000000000000000064000100000602020202020201010b"], 0x48) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0) sendmsg$kcm(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="4da1517fa82dd6a313ea90c86b89ddf97aedd40003105ce56cfd3de4d78d4754b0e5c5e30f2b554f6aea42eb3174aa4d2db8bc209763b446972a48a710f1cd7f297283ca33d191a38df315f255750fbe6a9cebf284515aa49dae6565ce0bd5b7e08b23fdfab7c86427aa90d073f86e7ad0c2dcc7eeb0337fba82ca74028a77108518213719f508dd448b2bce28702dd7487cffbccb847da2f035418e1236616b907b20cb19b8024a5773a60a3b3d0faef6ff9ab315e044d33c03d0e1ac391914a862d22335570944fd86e993e87d30693a8da133ad3b71d4a271a7c4be9a0accb50dae78", 0xe4}, {&(0x7f0000000680)="f4935df93e47cd741e9a0b6c34b2258069974e11b52f5863f9061b8ebfec3baa67b9c303d632ed3e99776b1fc91f1266b1eac9713e1640eb5975928078514f051698ea82119b6486ed9edeec868e2f730c2d2e28db18203ad0de76f576ff070af14e39ad35aa08baded91bd1ef607e0c72eadf1eb79323f8ee72c87104084c5fa470f75ec178da49714da088477698ee7ddf934a653a69a7398ddf7d63edf43107825db95788ff6cb9c0ac7e8088d6eb4b92a6775c33d175b14607bef69e65e8f8f20325739f984f37e650be2f58b16efc5f7dfdbaffe63f1efb9c379f6f9f01d1cd71f0fe4d2b0e691ae70e273687cdb958acf2592988ce0966e30da5ada64a2d87d171dcd12577f1609af75c7c317433497545fd6ecd276f6f8dc061855e4e5b128fc1a027bd9236797ed5dc04566910b627c5db5b2a07c23f1d2f50d1967e111ebf361d81a2782694a100edb95d7e5f4f3456a4f50db7003cf8760206deef358d67be65340afca78b3fbbc666812cf73855069777bced08802b9a7a1c3721205d7ba78a41701d73dc46c875146531cba2aedc354fbf2ffa5713849872cce85967217f7bdae5b6d5f14a0014c6a13bc832ca04c949567f962c4377b1511a7a793fa798ccd2428fe04d31fa4347f90985a75868f37f75502fc3094eb8e6201695a6ef4e71b26e6010e0d8642650a21fbc5498e6f389c43b94823c1f281c3e651145837b1bca57601685659fd8292a493a63c86084133390076d816610157f7bcba6f07f803b7d7b1d6f0a40d541c9328b5ee2716dd941d13b994ca20b330e9a66969fbaae598b944250e151dd8c436a2083c583f4b88b6e2d334319e4fd845211bd48729e71692c510ba82d2927874886849f1dedbd980402c31afea70111e9e5ba3b2b3884b65664739ff5b98c82e80ce9ceb9becb2dc992065cbe19c4197bcab624c0779ad5acced8439912c7e6d815878ffc989c14b5954be7c0ff1cd0938902df00aed2043559b2fe32d72f5e8c64585d5f2bf0cb3101a8bf36028fa69e7a7c0619e0cec8e79dd04b50c451d59ef528f15588db59a7eeef5e3b521b81aaa1190def6ff3f67dfb4100bca7fe0889f8b8bce0aeec4008a61e445c3e3d11233b3e883c001c626a76582bb0bec2837bda49a4aa7f667a9b77baa6aab075429bfffd4fe1be98e8abec22a773d89201c7f21289f9e4362794fa255d86fe83d671f2f2f4a25519307dcfc82ba0961572b79b860246e16b98d99bdfcc09b28776e25a16453f45ab50cf7d8198f603fd6a219f0d801786638c799582a3f0c6500a9407cc1fec3a6043545e33064a78774279cafe0dc8b58551d5e8c74e46a0f1b71c667d45f431a298bc41d507ad278148c8cbde0877786bbf0cb5844c784f0f517ee9e000e8a09c0d3e0e4870344a68c1724029583b689ffec23eb054e3c391392e0516a86d2f6e922e9938f07302f4564add6c1ed738c5728caa3fb8b10ec17881c89f5188b3f17c2056d81888a3384796cb93a67cbb756c912d80a6e397dfd81822ca97165ceec68a7c501fccfa5394feef98e3426b82d47c2d2841cf9017f8130d768ea4c33b963e1960c536b029cd11d4bb5278b589aa37eb512e3bb515913d5e8b0683815ee7b649a61fa14b7cb902413d87b219867d8b68ca23a32a1198d0b83fc72e7012f7cec976d3807c0aba2b17cc4f14a4c6cf7088a14deb48fcc954361371ab3a1fb1a2e191f4786e27393da0059b33b2caa79b7f5bd3aeaf396a2e83070a41fc2fc2247f55790605d1f85d68b899beb3ce66a0456a068af863e38b2964e9d0d53e4ccd9b824a66abaa694fb5951340094423277a80f9ef8fd287df4cbc6ccca93dfacb3fa8718fe16d4eddda26ff7d787e237ec9150e1b174ad6c213d1ad874b845c0a6179d16b346c7dcd41142020f2b596b57ada8b72e77bfd3618fd8752356100cfbd2de5e8ce99a0f0cbc9573c9003443d5c5ebc0373c14d084f5df7529517f321901601edfd38916c86033686e9fbfa5e71ef50d0178e18b9ff901f454b013269ae0f3efc362cd98be34138ac6597a6f2f427fdd104537bad1d0c6ea52ed4449f39b341e301bab465da39595217d3f94d81ad9ba7ffe4099353e545e0de0299251c1852d7ac1a5b0a3b031e91a488a857a6234640561066ff2988a4d41ff722c4d34cb57e013bddae8a362d9e5527143494eac8ea5862c6d0cdfa8a45e3a20165fc812e2071d89b53be5534e4386949b0508c21c09f32ec38bddb0e9f1986bd31c639495983d8bd17eb6c0d16264a479abbb65c95fc6e9a83e4e9814f8e84e42fed6a4e8d663ec6daa236d4c017a7eeab0e76dff3aa471b69901d510a2e0d249a1675e6603bbb58199cf6dab3c802a821a137fa99ccd650b3361e1a9274b08677af91bc4b23ab8d0851e2d28ac81f7e5f92efdfce132e3fe60271e6fce8fcd6c052b95dadfbd1644f687085232fd80c2ff067eef6f892f713f0e1bcdbb1fe8942f3a14fe624b9e74bd1db985e675c8e01ef40bb7de945eb134903318ea39c5772ce79a3c24a113b7ecc799c499bee68aa662137fe7bca8f14c1fce267be06caf5c58862361291a066d5682d3c0f8a3d81c1d030de5adc061e5ac9963014fa8dc905c9922692979054f05799c26e7f26039cccc342bd6764e77bd43ce3557317e21d051d083f66be4f18f82a8b94b2ab5fb0e75add60ee1d12970e037dfe12732d548005c161f924f5908f9aca89518bedaf2590fdab127d6cea4a7d2538250c0a9b73a32f054aa391c8563e0c480b6601523a03a4c720e1a505d93508ebc9ef3c8d77d8ad68b41f0ab05aae77002c39321e0fbcd06f48dab3ad60c21b3b23f99d45f254ec2f89fe7e162768a6d7ac5dfb32447266753c73e6dbf021e46099c53c112d3df1a9c3d1cf5582af97264a8e4b99cb4ba815c5bf588a3a1fca1edf8ea15ea80439b82f2f6a4d1b4ef93ab7534ca36130611b1c25f34c1a490c3ea8af5a9914a7ddf8b5e64221795a3bb9bc5234ec4b09e936f997badc952bb9b99144fa4f514ac57d9a16ee1ea973910a69a8abcce5f0756b05368b4aa33d0e2d9518a8e0de08cbb6fb42dc67cbf33be747c2c3b97541a5f34d31e2d09e2fb45147825127f87e14d6692968d8f860a47080c0c8c0f7089f9d9fce887b49a6cd902c3a536ba0c86ae28dfb83dcd99a4cb0da74feb26c6a83f5831eb0270265dd8424c650a8046ff88cc76277a987138b1de4449bd4408c21c27f3d359c30b9dd575d230c8cef9095110244c4c8ae7ae903dff8572bf0fb5020e8a9d3413b7e9793fc0ae005f679467a791527c8105e4ea32b0f7f084c9efcccb042204c0af600f7c4fa47edf247541b0267f6cfe479b068cca99e9b54919122e4c830455308fed7102f20ad900e54fb7277633379dfc6a8213caa1b874fc6900daed8ea00103197d45f6d342f1c02060b6b0cf478df4c986b16d97910bd62a7bc1a9da5fefc08357410c88d4c9bd43d84a1223a6a619e33774a1e1deb3b3b7c3b50a53d14dbb6178763ddcddd0047065befe681a6d53a803c8beb3bc57d295800a09392df57985e2308c87fb82dcc7c1978ae40c2ccee2e0f11767538021a0b0a334cc127ad4cb02aeedf0f776f916b6611058cdb3c01e8bd5e7547909457b6f3a8499efdb666b3f31c86cf049e640540f35a2eefb27ec3cc2f28efc2c7e88f542dc2888b2b9a719cc855725d38ce86cb2e5947b4b1cead55bf2d8b6058bc908ee843e7f0c8da4a2e09bacbd8463a54f4b31db2f5ea2e48655cc8ecf9382319bacb029e5344fda636c29a521fc008f5bf77fcf339f94be9eb2002cf6490381f2bffb7263d851df548c5afed20eeb6178eff3b160039b5c588a8fd139736d2cdd43e7eb865241a2f7872997068b0b9d692296e4eb0a6e61fbf332fc3be526b4d3de73a89beb402cf98e46cc9439134259add085f861b3ee020e7c13ec05d2119aefc494d70761e35b160386ff44dd98335720c4522cb1dcc70f2afd717170c3139ee8d4f33a9cd2e2311ca1510fa77e4b1778423394a664128f1cef23a8893e723f11b5c93cd36a38a1dd72d5fba53aff1cbd74a9b16497eb6389c95fe7efa4dc400cb8a0191082bd0614c1c1bf56abfd553b1f162d9ccb9438634abc7296623fec8f458308d7d2b534661be6540b39d2ee29313fda1e728b5b6cbe6f11c8cb938e0c307ea3af110e3320ef516b8ac3a8622ce9ca0eeeeea9fe661047fb2109ae0be448f1eff10c6f4a9568e22eb3145453772f7972ccc3b6b238e21c02e40c6846a146e5fe13dbb7f2d675edfc15976b849dbb2690b4c6ee6725d7d87a539f03f3783065b8e51b2f1e8740eda959aa6bad136b4ae0eaa9680d07e23aa2fc914d4dab02121d8e2a52f4dbf8dd85f1e6821206f33246d2909ba0e4c909339527885450a647ad2a98a49f17186200604ad60d131dd2982fb46b5009210307ac65de33e8dfef7e8c7736d9647140490ea615fc98da6c6027ac68a46a9dcb073ab5e671ff2afa7c88dc0d5c95539492b2ea61658f6e40baf504a5a7c3623854dcf07cbf16a1f3e971383f00a28281fc0a358e7922878b8b8e746d011be6e4ed3493b23c909be657a391cf35ab2394ab906054efd703a7a4d487623bc954fc74604ec1048d6c53b95d203fe0576aee1c824003e815d4e68abca28db81fccbef17e08476706f19388701953495607e6b3dbdc7f07b4e83401153d95beefc0b44ac626fe439899cd9c83d22081941e6d463055b3e422960c707f8a1d85f107ee043ac5b4f5baa2ee7273dc2ed26d88f21c75eed558da4907fb8b2ca710a2f31e4421fb3aaaa1ea15447b7ada6ee6f865e09fefbd0f084afca14b437651d6d5f2b11c1244fec19c05094319dd7555cb9d728585dd5ec422bfa0e09b5b2a4bc8fc1dd13529831b489b14152db6832a996ded9fdc1d3a23b06368715c9bc8da027a71a0d6758b31c290ac1e4b8a81c2dda64b8931e8ed5ba6b9832347ca228057a62b0dc04cd4356a1c7f7789bbd857afb8f7ae333cea45bd36623be87b9c9ec67ca6e815de00288488859bbae5bea7713849c5266a6440d10082671a07c9599df307cd89d86350a6c8351d84782b27d1ff675f1a8a7563121c8a504a946963b011514298ac653b1894104c277cf3fbef03f39ba65a42b0e133a349623354ba45f355ab89e25d894001fd06ba3b3e51909c67fe8da84e15fccb0fedd377e24121ab6271ed2d68011a588acb9e48525aa46be4a79e245bf203e2e799decab24e5f0f229a0dda2df50bcfea39853a7232bdd95c68a7323c90fdd0bad8707dcfb43da10a537e10061a132eefdfb835f04a1a4b7917b6d30e65ae32c84886ffe51f9de4d0f16fa3d8184623425f20a45f7624fa69057f35dc32861501842d317f4a900495f82af2538c39a6b79a7af92e2f20c276dc669ef097a410170a08bbf1959c5e6cdd77530b003728b414265fa2ecee4993781269bf76f84b9cbc7fb0418024465fb6202f17d1b6db79ba902afbc441dca3915670c23a119340c2d9ef9cb0bae071fbd30d61445469b3bc9cab995ca0f9cf322a919735cd41273aac792aff05db629eecd130d7d3895ed21e651bf0be67dbc835c15ffe0d8ac804e914395a38a896ba5c93eefee07666b3c8b1283b406b85117f56a4770d075b06d095dd6541020b479351d426b6325c35b2ef54c82a1e40ea007d184106b47a33560a0cd64cdb579b5cb594aa7aa775d225fc45b0bd006a56dece780ad7e713edba4af0287242cb9e2ef24114d", 0x1000}, {&(0x7f0000001680)="f3ab05c18a87da47215552603ffa228142633c320a992735d51f1c0c328503e62848a8edf3bd7d79ec664beb1c9ba5bfbde58effa93095753b4e69f198367c316785807f1492be482e30a64d518290752363cb9b240f8b4c97f669956c2a73f0bb888970de8f4a5a866475e3244d6c0cdb465f5374fb8b7490a8de23dfe025eabb2c7a0fcfe7d3a8d29524452f46de9997677d8dc020fba74649afc68922dd6ff71dd1", 0xa3}, {&(0x7f0000001740)="c444d049f54c03283cfc8f71d6b7e2e96170ef3cceff4890a1e15420ee77e01b8f098ffd167c0f1b6202fbd953076638c902e17688e22999180187ba864a1323172f5cfb8a7988d5241449cd83a94bfdfaa78210cb383dab22099182c8dadf1ceab72c06b934ef59882baacfa6489b9a2c112821b6f3932df71d04a268ded7c22ba2a2060677ef5e0a8b55279aa1cc40cd947429e7d04e50c197ca03ddf04f4fc1ec6898129252e84ebf057e79297f5df140f8536969e8bcfc3725b545bda84c7d52b587ffe4d66d9a137b7ba1e235c55d21d0b6157856af8eaf72d5742d370d320c9b", 0xe3}, {&(0x7f00000002c0)="a899abede6bf447c5434e235aac31340b2e6e1879b4624c2aa8b5a100f536d51e0be2f0a0df1e9dcb08d038275a75d3a939e6306c64807a1c67fdd831909af2bd35b034ba8e7d0dfd497457ed6", 0x4d}], 0x5}, 0x0) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f00000021c0)=ANY=[@ANYBLOB="b00000000802110000010802110000000802110000001000000002"], 0x1e) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000440)=ANY=[@ANYBLOB="10000000080211000001080211000000080211000000200004a000000c0001"], 0x3c) r12 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_MGMT(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)={0x5c, r14, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x2}, @NL80211_ATTR_IE={0x1b, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x1e}, 0x14, 0x0, @device_a, 0xe, 0x101, 0xb2}}]}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) [ 72.537719][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.540267][ T1309] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.543413][ T4666] Bluetooth: hci0: command tx timeout [ 72.693073][ T5320] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 72.730451][ T8] wlan1: No basic rates, using min rate instead [ 72.734284][ T8] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01) [ 72.738040][ T8] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 72.749001][ T1041] wlan1: authenticated [ 72.752041][ T5320] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 72.756077][ T8] wlan1: associating to AP 08:02:11:00:00:00 with corrupt probe response [ 72.760879][ T1041] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0xa004 status=0 aid=12) [ 72.764222][ T1041] wlan1: No basic rates, using min rate instead [ 72.768241][ T5320] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 72.774312][ T1041] wlan1: associated [ 72.779743][ T5320] ------------[ cut here ]------------ [ 72.781973][ T5320] WARNING: CPU: 0 PID: 5320 at net/mac80211/tdls.c:611 ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 72.786891][ T5320] Modules linked in: [ 72.788476][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 72.792479][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.796996][ T5320] RIP: 0010:ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 72.799929][ T5320] Code: f5 ff ff e8 16 6e 4a f6 90 0f 0b 90 4c 8b 7c 24 10 e9 7e fe ff ff e8 03 6e 4a f6 90 0f 0b 90 e9 70 fe ff ff e8 f5 6d 4a f6 90 <0f> 0b 90 e9 62 fe ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c c7 [ 72.807415][ T5320] RSP: 0018:ffffc9000d47f0c0 EFLAGS: 00010287 [ 72.809833][ T5320] RAX: ffffffff8b55147b RBX: ffff888040d3cd80 RCX: 0000000000100000 [ 72.812879][ T5320] RDX: ffffc9000e5d2000 RSI: 00000000000002e3 RDI: 00000000000002e4 [ 72.815741][ T5320] RBP: ffffc9000d47f260 R08: ffffffff901983b7 R09: 1ffffffff2033076 [ 72.819005][ T5320] R10: dffffc0000000000 R11: fffffbfff2033077 R12: dffffc0000000000 [ 72.822006][ T5320] R13: 0000000000000017 R14: 0000000000000000 R15: ffff88803f0f5c80 [ 72.825013][ T5320] FS: 00007f0f00e996c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000 [ 72.828681][ T5320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.831271][ T5320] CR2: 00000000200021c0 CR3: 0000000040622000 CR4: 0000000000352ef0 [ 72.834393][ T5320] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.837616][ T5320] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.840671][ T5320] Call Trace: [ 72.841949][ T5320] [ 72.843110][ T5320] ? __warn+0x165/0x4d0 [ 72.844693][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 72.847593][ T5320] ? report_bug+0x2b3/0x500 [ 72.849363][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 72.852013][ T5320] ? handle_bug+0x60/0x90 [ 72.853784][ T5320] ? exc_invalid_op+0x1a/0x50 [ 72.855659][ T5320] ? asm_exc_invalid_op+0x1a/0x20 [ 72.857889][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0x329b/0x4080 [ 72.860884][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 72.863508][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0xe6/0x4080 [ 72.866115][ T5320] ? __pfx_ieee80211_tdls_build_mgmt_packet_data+0x10/0x10 [ 72.869012][ T5320] ? __pfx_lock_release+0x10/0x10 [ 72.871006][ T5320] ? ieee80211_tdls_prep_mgmt_packet+0x3b/0x860 [ 72.873460][ T5320] ? __pfx_lock_release+0x10/0x10 [ 72.875254][ T5320] ? sta_info_get+0x50/0x2b0 [ 72.877098][ T5320] ? ieee80211_tdls_prep_mgmt_packet+0x3b/0x860 [ 72.879318][ T5320] ieee80211_tdls_prep_mgmt_packet+0x3b6/0x860 [ 72.881947][ T5320] ? ieee80211_tdls_prep_mgmt_packet+0x3b/0x860 [ 72.884339][ T5320] ieee80211_tdls_mgmt+0x8cf/0x10a0 [ 72.886480][ T5320] nl80211_tdls_mgmt+0x4d8/0x770 [ 72.888642][ T5320] genl_rcv_msg+0xb14/0xec0 [ 72.890443][ T5320] ? __pfx_genl_rcv_msg+0x10/0x10 [ 72.892389][ T5320] ? __pfx_lock_acquire+0x10/0x10 [ 72.894427][ T5320] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 72.896775][ T5320] ? __pfx_nl80211_tdls_mgmt+0x10/0x10 [ 72.898906][ T5320] ? __pfx_nl80211_post_doit+0x10/0x10 [ 72.901091][ T5320] ? __pfx___might_resched+0x10/0x10 [ 72.903098][ T5320] netlink_rcv_skb+0x1e3/0x430 [ 72.904955][ T5320] ? __pfx_genl_rcv_msg+0x10/0x10 [ 72.906932][ T5320] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 72.909005][ T5320] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 72.911032][ T5320] genl_rcv+0x28/0x40 [ 72.912498][ T5320] netlink_unicast+0x7f6/0x990 [ 72.914553][ T5320] ? __pfx_netlink_unicast+0x10/0x10 [ 72.916950][ T5320] ? __virt_addr_valid+0x45f/0x530 [ 72.919079][ T5320] ? __phys_addr_symbol+0x2f/0x70 [ 72.921108][ T5320] ? __check_object_size+0x47a/0x730 [ 72.923278][ T5320] netlink_sendmsg+0x8e4/0xcb0 [ 72.925260][ T5320] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.927744][ T5320] ? aa_sock_msg_perm+0x91/0x160 [ 72.930186][ T5320] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.932734][ T5320] __sock_sendmsg+0x221/0x270 [ 72.934822][ T5320] ____sys_sendmsg+0x52a/0x7e0 [ 72.936905][ T5320] ? __pfx_____sys_sendmsg+0x10/0x10 [ 72.938736][ T5320] ? __fget_files+0x2a/0x410 [ 72.940449][ T5320] ? __fget_files+0x2a/0x410 [ 72.942093][ T5320] __sys_sendmsg+0x269/0x350 [ 72.943603][ T5320] ? __pfx___sys_sendmsg+0x10/0x10 [ 72.945428][ T5320] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.947801][ T5320] ? do_syscall_64+0x100/0x230 [ 72.949697][ T5320] ? do_syscall_64+0xb6/0x230 [ 72.951493][ T5320] do_syscall_64+0xf3/0x230 [ 72.953232][ T5320] ? clear_bhb_loop+0x35/0x90 [ 72.955089][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.957441][ T5320] RIP: 0033:0x7f0efff85d29 [ 72.959124][ T5320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.966116][ T5320] RSP: 002b:00007f0f00e99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.969331][ T5320] RAX: ffffffffffffffda RBX: 00007f0f00175fa0 RCX: 00007f0efff85d29 [ 72.972340][ T5320] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 72.975049][ T5320] RBP: 00007f0f00001b08 R08: 0000000000000000 R09: 0000000000000000 [ 72.977949][ T5320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.980860][ T5320] R13: 0000000000000000 R14: 00007f0f00175fa0 R15: 00007ffe23266438 [ 72.983782][ T5320] [ 72.985048][ T5320] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 72.987963][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 72.991887][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.995924][ T5320] Call Trace: [ 72.997226][ T5320] [ 72.998418][ T5320] dump_stack_lvl+0x241/0x360 [ 73.000260][ T5320] ? __pfx_dump_stack_lvl+0x10/0x10 [ 73.002258][ T5320] ? __pfx__printk+0x10/0x10 [ 73.004059][ T5320] ? _printk+0xd5/0x120 [ 73.005702][ T5320] ? __init_begin+0x41000/0x41000 [ 73.007694][ T5320] ? vscnprintf+0x5d/0x90 [ 73.009361][ T5320] panic+0x349/0x880 [ 73.010890][ T5320] ? __warn+0x174/0x4d0 [ 73.012540][ T5320] ? __pfx_panic+0x10/0x10 [ 73.014320][ T5320] __warn+0x344/0x4d0 [ 73.015890][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 73.018652][ T5320] report_bug+0x2b3/0x500 [ 73.020495][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 73.023176][ T5320] handle_bug+0x60/0x90 [ 73.024767][ T5320] exc_invalid_op+0x1a/0x50 [ 73.026609][ T5320] asm_exc_invalid_op+0x1a/0x20 [ 73.028504][ T5320] RIP: 0010:ieee80211_tdls_build_mgmt_packet_data+0x329c/0x4080 [ 73.031246][ T5320] Code: f5 ff ff e8 16 6e 4a f6 90 0f 0b 90 4c 8b 7c 24 10 e9 7e fe ff ff e8 03 6e 4a f6 90 0f 0b 90 e9 70 fe ff ff e8 f5 6d 4a f6 90 <0f> 0b 90 e9 62 fe ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c c7 [ 73.038227][ T5320] RSP: 0018:ffffc9000d47f0c0 EFLAGS: 00010287 [ 73.040416][ T5320] RAX: ffffffff8b55147b RBX: ffff888040d3cd80 RCX: 0000000000100000 [ 73.043007][ T5320] RDX: ffffc9000e5d2000 RSI: 00000000000002e3 RDI: 00000000000002e4 [ 73.045865][ T5320] RBP: ffffc9000d47f260 R08: ffffffff901983b7 R09: 1ffffffff2033076 [ 73.048792][ T5320] R10: dffffc0000000000 R11: fffffbfff2033077 R12: dffffc0000000000 [ 73.051646][ T5320] R13: 0000000000000017 R14: 0000000000000000 R15: ffff88803f0f5c80 [ 73.054373][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0x329b/0x4080 [ 73.057094][ T5320] ? ieee80211_tdls_build_mgmt_packet_data+0xe6/0x4080 [ 73.059587][ T5320] ? __pfx_ieee80211_tdls_build_mgmt_packet_data+0x10/0x10 [ 73.062307][ T5320] ? __pfx_lock_release+0x10/0x10 [ 73.064173][ T5320] ? ieee80211_tdls_prep_mgmt_packet+0x3b/0x860 [ 73.066510][ T5320] ? __pfx_lock_release+0x10/0x10 [ 73.068407][ T5320] ? sta_info_get+0x50/0x2b0 [ 73.070153][ T5320] ? ieee80211_tdls_prep_mgmt_packet+0x3b/0x860 [ 73.072371][ T5320] ieee80211_tdls_prep_mgmt_packet+0x3b6/0x860 [ 73.074726][ T5320] ? ieee80211_tdls_prep_mgmt_packet+0x3b/0x860 [ 73.076941][ T5320] ieee80211_tdls_mgmt+0x8cf/0x10a0 [ 73.078881][ T5320] nl80211_tdls_mgmt+0x4d8/0x770 [ 73.080753][ T5320] genl_rcv_msg+0xb14/0xec0 [ 73.082440][ T5320] ? __pfx_genl_rcv_msg+0x10/0x10 [ 73.084229][ T5320] ? __pfx_lock_acquire+0x10/0x10 [ 73.086052][ T5320] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 73.087993][ T5320] ? __pfx_nl80211_tdls_mgmt+0x10/0x10 [ 73.089992][ T5320] ? __pfx_nl80211_post_doit+0x10/0x10 [ 73.091891][ T5320] ? __pfx___might_resched+0x10/0x10 [ 73.093787][ T5320] netlink_rcv_skb+0x1e3/0x430 [ 73.095481][ T5320] ? __pfx_genl_rcv_msg+0x10/0x10 [ 73.097357][ T5320] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 73.099278][ T5320] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 73.101214][ T5320] genl_rcv+0x28/0x40 [ 73.102611][ T5320] netlink_unicast+0x7f6/0x990 [ 73.104325][ T5320] ? __pfx_netlink_unicast+0x10/0x10 [ 73.106223][ T5320] ? __virt_addr_valid+0x45f/0x530 [ 73.107990][ T5320] ? __phys_addr_symbol+0x2f/0x70 [ 73.109763][ T5320] ? __check_object_size+0x47a/0x730 [ 73.111528][ T5320] netlink_sendmsg+0x8e4/0xcb0 [ 73.113160][ T5320] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.115168][ T5320] ? aa_sock_msg_perm+0x91/0x160 [ 73.117152][ T5320] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.119193][ T5320] __sock_sendmsg+0x221/0x270 [ 73.120996][ T5320] ____sys_sendmsg+0x52a/0x7e0 [ 73.122537][ T5320] ? __pfx_____sys_sendmsg+0x10/0x10 [ 73.124326][ T5320] ? __fget_files+0x2a/0x410 [ 73.125923][ T5320] ? __fget_files+0x2a/0x410 [ 73.127597][ T5320] __sys_sendmsg+0x269/0x350 [ 73.129245][ T5320] ? __pfx___sys_sendmsg+0x10/0x10 [ 73.131097][ T5320] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 73.133215][ T5320] ? do_syscall_64+0x100/0x230 [ 73.135047][ T5320] ? do_syscall_64+0xb6/0x230 [ 73.136547][ T5320] do_syscall_64+0xf3/0x230 [ 73.138140][ T5320] ? clear_bhb_loop+0x35/0x90 [ 73.139768][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.141922][ T5320] RIP: 0033:0x7f0efff85d29 [ 73.143460][ T5320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.150301][ T5320] RSP: 002b:00007f0f00e99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.153504][ T5320] RAX: ffffffffffffffda RBX: 00007f0f00175fa0 RCX: 00007f0efff85d29 [ 73.156484][ T5320] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 73.159493][ T5320] RBP: 00007f0f00001b08 R08: 0000000000000000 R09: 0000000000000000 [ 73.162361][ T5320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 73.165365][ T5320] R13: 0000000000000000 R14: 00007f0f00175fa0 R15: 00007ffe23266438 [ 73.168338][ T5320] [ 73.169815][ T5320] Kernel Offset: disabled [ 73.171491][ T5320] Rebooting in 86400 seconds..