program: syz_80211_inject_frame(&(0x7f0000000240)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="80000000080211000001080211000000aa09b799c0d70000000000000000000064000110000602020202020201010b"], 0xb5) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$unix(0x1, 0x2, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000a40)=@data_frame={@msdu=@type01={{0x0, 0x2, 0x5}, {0x3}, @broadcast, @initial, @broadcast, {0x3, 0x5}}, @random="aaa881251867d98f5dd55398577bc1337878b0c20e73cf8056cd762c42da8e8e92b4a976898e31bf67a1d46f22ba4d4159dd42646736c8a0bf7f11ccaae6f39dd89a5f262f5a5a920ad28fae8c287689b80441e0f9b2bd0295c4eb6e6d52862015480d590a3f0ea4ffc508c3d23e09bf2267df2abe7970713fd0733c23c1c47d7788786404989f43c338345e373c1ef677ca34286589ec0584080deba151c0d7dfaa85186df470cf355a8e9d1938254d96e595da515dcab9a7c3aaa4ad81b1b07914892ac0613d7d4532e250909ca1c47fa46050a7f2355f8a7eb2b1ec814b470affe8ac8827508e594bb3239da9f4a071a33ed16adfb4b644cd3f81ce9d2ad60a85ad8a6fe595a4526a465ccb4f0973663c4ee97d976c399d1ad4d37fc0bbbbbc42c01002639d6ea2d37debdc1524b9315b31c38832cb6eb1c506ac04002077ccc829544be6336b67596fbe845cdc50e33e2980e642564b6738af21b48d016d7b84cc7d5848d321f4d8aea2b589aa1061e9b425a2784de0fcd1a23637f5fbad59737da70d6c521b96f237bd3c458c9c4e3a9df53d17c139ec0b8c871837170a28eb1818f2b0b6b6e93fd2f298e5533cd7aa61437b57efefda025bdd645ee6f2def610911cf0e83ffafeee1bf1c3376785649b3abfdac2eb682954d25d1ed4eec2336f7523080d7e3ae6326f845eba2237f2897d8d55ea5804128162ff98104cf2fb4c6612854d9035e7ad771f2897dd193cd921b7650bb6811a1d57fe2d2df5ca079b2bcbdbc93851278d4bfd485b8ea087b9829ee42ca2a7436d42d27ba9703b4756bf0f841f43f3613bf8627407ceae7f36ac629511ce35b87c244029cc86f9646342e7c0d1b320bbd1069d76c07ae52b47daf028c929ee6b04f07c44183cc50a5f3eb4d437b481d041c5f18536558a9bd8e4ded60d129aa7bfe2a330e26437ad60cd5098a9cc0b7cb918b08ec0cf0f69cb12caafb24b7ad4ae3f451e066884e5036c828afbefb5e2c62e1b6e1d095abd20cf0b8d6228106d3b12dcb540afeffdc99fd25e1d85249d878b0e7c154cb8f75cd5ff0f0d928647d1d3c144369acdbc0af672fe2520b393af9b9b24e6a73287d69ec4dd3ff453df8b5bf8d1d810f2a3679a83f5e250e9636aadf39ff2ad992b58431d003a54b703d979cc498f658d883342a9ee7285ee5a670aecc71c1b137a18c19fc33a631133e209968d4b11535c09a691f73964397c144773499c33c3474ee0da54fa6fcef58f51c659317cbca63c493d8e966bfd6b56e105a0fd4a98f6cee7707f43e97a877c45c611fc021db4ef23cb1141746c0965443e8081c5a2602e460fa6e31105ba9d6ea5b1fc3b53dbe6245a9dd0a723287763c9ef2f6751390aa6e4d06bf7c05819fd23171b767cd7642d3b5ea8f91a482b775769528fe98df307b794980a91b024a0c225863d37d1104e86b5c6f7d1593a6ab914800e442fff864d61eeff230f7114f98117c59d4219f28fac1c39f341fa7d1f30385e758ddd277445e14b793d35c8ccc88eb5e109a07b4b2b7e743aea735dd8866bc7581605c1979447769870bd66a3fc130f1760e12a46ec536f4bbfaa02322d6a644e2d7dc10b9caebb7e56d31375a13f663b5f7219bba38d4b975c408c9a22e7d2047629da2d69303daf6aae285daf113991efb5dd6c8fc3374ab580dfbacddfaa82536152b9dce0762ce82ea66d0b067a2a06a21607e05a04cdd6c13be4662be1679bb5d74c23c7bf122819f4a7e22cf472b177bf7a1c85ecc8021d0a835a6ca61255bc4203487042a0da2acfa73ace893d495a43a06160a4864bc8d42f82f595a603e3dafe390041cc7f997f89bf7d04f4479b82104950a3e2ea3d8c82178b7182be112480f1d52da72e53d73260df285c3e2db08592cb05e801c94444e11546ad3dde9f8b59bd05bc0cbe34a10f203884620c77bfbcb4fa09480b588b8aa44596edffa50886e0a74ed71aa3d30b3d5d08b6c800b6eeed971ee904c7b2674fd89293a29019f6f7454f70d60cd52a88745a38b8d2c99fef1f9816759aef79ca25b4aab055a1a6f3d46b2dbf176c05df33078bfaf249f34019f3402fa2f0093fcac279e67d6b015028fa5c28879416e3e888a3e4f365e28fc42b680a1f94a52cc4eb4199e73ebe05ff744448e41c7f5d8a5a0278875445bcdc4c061e694f290070e96b9069e98473655e24b96e862bbe49718d273e77cfe0246a43e3626eb827cf3effed7f527b4111fbfce761a49e8d0848e7eb4c8328eaf075d3a6aa4084efc8b54f46e4441e9c5db50da28c6acb1f4c18bd8c645451508f5ef6777749221e656883e95ad9aebcd8097a5d04daa24f4287afe08e5224bfd4e8495439d40c6ab2eae6dd3c46973967d554b1d08f411d30e2320feebc986a322fc3ceaf9341"}, 0x6c6) (async) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000a40)=@data_frame={@msdu=@type01={{0x0, 0x2, 0x5}, {0x3}, @broadcast, @initial, @broadcast, {0x3, 0x5}}, @random="aaa881251867d98f5dd55398577bc1337878b0c20e73cf8056cd762c42da8e8e92b4a976898e31bf67a1d46f22ba4d4159dd42646736c8a0bf7f11ccaae6f39dd89a5f262f5a5a920ad28fae8c287689b80441e0f9b2bd0295c4eb6e6d52862015480d590a3f0ea4ffc508c3d23e09bf2267df2abe7970713fd0733c23c1c47d7788786404989f43c338345e373c1ef677ca34286589ec0584080deba151c0d7dfaa85186df470cf355a8e9d1938254d96e595da515dcab9a7c3aaa4ad81b1b07914892ac0613d7d4532e250909ca1c47fa46050a7f2355f8a7eb2b1ec814b470affe8ac8827508e594bb3239da9f4a071a33ed16adfb4b644cd3f81ce9d2ad60a85ad8a6fe595a4526a465ccb4f0973663c4ee97d976c399d1ad4d37fc0bbbbbc42c01002639d6ea2d37debdc1524b9315b31c38832cb6eb1c506ac04002077ccc829544be6336b67596fbe845cdc50e33e2980e642564b6738af21b48d016d7b84cc7d5848d321f4d8aea2b589aa1061e9b425a2784de0fcd1a23637f5fbad59737da70d6c521b96f237bd3c458c9c4e3a9df53d17c139ec0b8c871837170a28eb1818f2b0b6b6e93fd2f298e5533cd7aa61437b57efefda025bdd645ee6f2def610911cf0e83ffafeee1bf1c3376785649b3abfdac2eb682954d25d1ed4eec2336f7523080d7e3ae6326f845eba2237f2897d8d55ea5804128162ff98104cf2fb4c6612854d9035e7ad771f2897dd193cd921b7650bb6811a1d57fe2d2df5ca079b2bcbdbc93851278d4bfd485b8ea087b9829ee42ca2a7436d42d27ba9703b4756bf0f841f43f3613bf8627407ceae7f36ac629511ce35b87c244029cc86f9646342e7c0d1b320bbd1069d76c07ae52b47daf028c929ee6b04f07c44183cc50a5f3eb4d437b481d041c5f18536558a9bd8e4ded60d129aa7bfe2a330e26437ad60cd5098a9cc0b7cb918b08ec0cf0f69cb12caafb24b7ad4ae3f451e066884e5036c828afbefb5e2c62e1b6e1d095abd20cf0b8d6228106d3b12dcb540afeffdc99fd25e1d85249d878b0e7c154cb8f75cd5ff0f0d928647d1d3c144369acdbc0af672fe2520b393af9b9b24e6a73287d69ec4dd3ff453df8b5bf8d1d810f2a3679a83f5e250e9636aadf39ff2ad992b58431d003a54b703d979cc498f658d883342a9ee7285ee5a670aecc71c1b137a18c19fc33a631133e209968d4b11535c09a691f73964397c144773499c33c3474ee0da54fa6fcef58f51c659317cbca63c493d8e966bfd6b56e105a0fd4a98f6cee7707f43e97a877c45c611fc021db4ef23cb1141746c0965443e8081c5a2602e460fa6e31105ba9d6ea5b1fc3b53dbe6245a9dd0a723287763c9ef2f6751390aa6e4d06bf7c05819fd23171b767cd7642d3b5ea8f91a482b775769528fe98df307b794980a91b024a0c225863d37d1104e86b5c6f7d1593a6ab914800e442fff864d61eeff230f7114f98117c59d4219f28fac1c39f341fa7d1f30385e758ddd277445e14b793d35c8ccc88eb5e109a07b4b2b7e743aea735dd8866bc7581605c1979447769870bd66a3fc130f1760e12a46ec536f4bbfaa02322d6a644e2d7dc10b9caebb7e56d31375a13f663b5f7219bba38d4b975c408c9a22e7d2047629da2d69303daf6aae285daf113991efb5dd6c8fc3374ab580dfbacddfaa82536152b9dce0762ce82ea66d0b067a2a06a21607e05a04cdd6c13be4662be1679bb5d74c23c7bf122819f4a7e22cf472b177bf7a1c85ecc8021d0a835a6ca61255bc4203487042a0da2acfa73ace893d495a43a06160a4864bc8d42f82f595a603e3dafe390041cc7f997f89bf7d04f4479b82104950a3e2ea3d8c82178b7182be112480f1d52da72e53d73260df285c3e2db08592cb05e801c94444e11546ad3dde9f8b59bd05bc0cbe34a10f203884620c77bfbcb4fa09480b588b8aa44596edffa50886e0a74ed71aa3d30b3d5d08b6c800b6eeed971ee904c7b2674fd89293a29019f6f7454f70d60cd52a88745a38b8d2c99fef1f9816759aef79ca25b4aab055a1a6f3d46b2dbf176c05df33078bfaf249f34019f3402fa2f0093fcac279e67d6b015028fa5c28879416e3e888a3e4f365e28fc42b680a1f94a52cc4eb4199e73ebe05ff744448e41c7f5d8a5a0278875445bcdc4c061e694f290070e96b9069e98473655e24b96e862bbe49718d273e77cfe0246a43e3626eb827cf3effed7f527b4111fbfce761a49e8d0848e7eb4c8328eaf075d3a6aa4084efc8b54f46e4441e9c5db50da28c6acb1f4c18bd8c645451508f5ef6777749221e656883e95ad9aebcd8097a5d04daa24f4287afe08e5224bfd4e8495439d40c6ab2eae6dd3c46973967d554b1d08f411d30e2320feebc986a322fc3ceaf9341"}, 0x6c6) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='00'], 0x30}, 0x1, 0x0, 0x0, 0x18004}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000800000001a000000280022800414008004000080040000808341f1680200008014000080040000800400008004000080060021"], 0x44}}, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r7, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000f0ff00000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r8) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (async) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) (async) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) [ 85.600122][ T5304] Bluetooth: hci0: command tx timeout [ 85.685861][ T5322] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 85.763860][ T5323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 85.808383][ T5322] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 85.816429][ T5323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 85.837231][ T5322] netlink: 'syz.0.0': attribute type 10 has an invalid length. [ 85.895882][ T5322] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 85.964765][ T5323] wlan1: No basic rates, using min rate instead [ 85.969879][ T5323] ------------[ cut here ]------------ [ 85.978193][ T5323] WARNING: CPU: 0 PID: 5323 at net/mac80211/mlme.c:1124 ieee80211_prep_channel+0x490c/0x60f0 [ 85.991255][ T5323] Modules linked in: [ 85.996400][ T5323] CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(full) [ 86.005478][ T5323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.018626][ T5323] RIP: 0010:ieee80211_prep_channel+0x490c/0x60f0 [ 86.025121][ T5323] Code: c6 05 1b fa 82 04 01 48 c7 c7 97 e0 8c 8c be e8 03 00 00 48 c7 c2 00 e2 8c 8c e8 cf 41 b8 f6 e9 17 ba ff ff e8 35 c9 d9 f6 90 <0f> 0b 90 48 8b 7c 24 48 e8 47 ff 30 f7 48 c7 44 24 48 ea ff ff ff [ 86.043808][ T5323] RSP: 0018:ffffc9000d5fe500 EFLAGS: 00010293 [ 86.046830][ T5323] RAX: ffffffff8ae628bb RBX: 0000000000000000 RCX: ffff88801f680000 [ 86.050031][ T5323] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.053426][ T5323] RBP: ffffc9000d5fe8a8 R08: ffff88801f680000 R09: 000000000000000e [ 86.057444][ T5323] R10: 000000000000000d R11: 0000000000000000 R12: ffffc9000d5fe7b0 [ 86.064259][ T5323] R13: dffffc0000000000 R14: 1ffff11008760ceb R15: ffffc9000d5fe7b0 [ 86.072563][ T5323] FS: 00007fc13449a6c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000 [ 86.079994][ T5323] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.085257][ T5323] CR2: 0000200000002280 CR3: 0000000035542000 CR4: 0000000000352ef0 [ 86.088953][ T5323] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 86.094366][ T5323] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 86.098518][ T5323] Call Trace: [ 86.100676][ T5323] [ 86.102126][ T5323] ? __pfx_llist_add_batch+0x10/0x10 [ 86.107859][ T5323] ? prb_read_valid+0x3c/0x60 [ 86.113824][ T5323] ? tick_nohz_tick_stopped+0x86/0xb0 [ 86.117726][ T5323] ? ieee80211_prep_channel+0x202/0x60f0 [ 86.124357][ T5323] ? __irq_work_queue_local+0x13a/0x3e0 [ 86.128419][ T5323] ? __pfx_ieee80211_prep_channel+0x10/0x10 [ 86.132363][ T5323] ? __lruvec_stat_mod_folio+0x79/0x2f0 [ 86.135546][ T5323] ? ieee80211_prep_connection+0x50f/0x1600 [ 86.138436][ T5323] ieee80211_prep_connection+0xeb9/0x1600 [ 86.141800][ T5323] ieee80211_mgd_auth+0xee3/0x1770 [ 86.147405][ T5323] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.154463][ T5323] ? __pfx_ieee80211_mgd_auth+0x10/0x10 [ 86.158386][ T5323] ? rcu_is_watching+0x15/0xb0 [ 86.161271][ T5323] cfg80211_mlme_auth+0x632/0x9c0 [ 86.165084][ T5323] cfg80211_conn_do_work+0x501/0xd10 [ 86.167892][ T5323] ? __pfx_cfg80211_conn_do_work+0x10/0x10 [ 86.170705][ T5323] ? do_raw_spin_lock+0x121/0x290 [ 86.173147][ T5323] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 86.175863][ T5323] ? rcu_is_watching+0x15/0xb0 [ 86.178248][ T5323] ? trace_cfg80211_return_bss+0x7a/0x1f0 [ 86.180715][ T5323] ? __cfg80211_get_bss+0x600/0x7a0 [ 86.182907][ T5323] ? cfg80211_connect+0x17c9/0x21a0 [ 86.186466][ T5323] cfg80211_connect+0x1862/0x21a0 [ 86.189973][ T5323] nl80211_connect+0x17bc/0x1cd0 [ 86.192642][ T5323] ? __pfx___mutex_trylock_common+0x10/0x10 [ 86.196783][ T5323] ? __pfx_nl80211_connect+0x10/0x10 [ 86.201640][ T5323] ? trace_contention_end+0x39/0x120 [ 86.206112][ T5323] ? nl80211_pre_doit+0x4f1/0x930 [ 86.208950][ T5323] genl_family_rcv_msg_doit+0x212/0x300 [ 86.213180][ T5323] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 86.219124][ T5323] ? bpf_lsm_capable+0x9/0x20 [ 86.221980][ T5323] ? security_capable+0x7e/0x2e0 [ 86.224929][ T5323] genl_rcv_msg+0x60e/0x790 [ 86.227569][ T5323] ? __pfx_genl_rcv_msg+0x10/0x10 [ 86.230959][ T5323] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 86.234061][ T5323] ? __pfx_nl80211_connect+0x10/0x10 [ 86.236576][ T5323] ? __pfx_nl80211_post_doit+0x10/0x10 [ 86.239162][ T5323] ? ref_tracker_free+0x63a/0x7d0 [ 86.244327][ T5323] ? __copy_skb_header+0xa7/0x550 [ 86.246903][ T5323] netlink_rcv_skb+0x219/0x490 [ 86.248861][ T5323] ? __pfx_genl_rcv_msg+0x10/0x10 [ 86.252660][ T5323] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 86.256016][ T5323] ? down_read+0x1ad/0x2e0 [ 86.258788][ T5323] genl_rcv+0x28/0x40 [ 86.261462][ T5323] netlink_unicast+0x75b/0x8d0 [ 86.263826][ T5323] netlink_sendmsg+0x805/0xb30 [ 86.267215][ T5323] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.271946][ T5323] ? aa_sock_msg_perm+0x94/0x160 [ 86.276143][ T5323] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 86.283900][ T5323] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.288883][ T5323] __sock_sendmsg+0x219/0x270 [ 86.291187][ T5323] ____sys_sendmsg+0x505/0x830 [ 86.293246][ T5323] ? __pfx_____sys_sendmsg+0x10/0x10 [ 86.295456][ T5323] ? import_iovec+0x74/0xa0 [ 86.297309][ T5323] ___sys_sendmsg+0x21f/0x2a0 [ 86.299250][ T5323] ? __pfx____sys_sendmsg+0x10/0x10 [ 86.302023][ T5323] ? __fget_files+0x2a/0x420 [ 86.304222][ T5323] ? __fget_files+0x3a0/0x420 [ 86.306623][ T5323] __x64_sys_sendmsg+0x19b/0x260 [ 86.308967][ T5323] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 86.311617][ T5323] ? do_syscall_64+0xba/0x210 [ 86.314405][ T5323] do_syscall_64+0xf6/0x210 [ 86.316618][ T5323] ? clear_bhb_loop+0x60/0xb0 [ 86.318577][ T5323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.321172][ T5323] RIP: 0033:0x7fc13358e969 [ 86.323048][ T5323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.335236][ T5323] RSP: 002b:00007fc13449a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 86.339109][ T5323] RAX: ffffffffffffffda RBX: 00007fc1337b6080 RCX: 00007fc13358e969 [ 86.342553][ T5323] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 86.345766][ T5323] RBP: 00007fc133610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 86.348957][ T5323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.352764][ T5323] R13: 0000000000000000 R14: 00007fc1337b6080 R15: 00007ffd87e6a698 [ 86.356427][ T5323] [ 86.357970][ T5323] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 86.361639][ T5323] CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(full) [ 86.366275][ T5323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.370921][ T5323] Call Trace: [ 86.372923][ T5323] [ 86.375301][ T5323] dump_stack_lvl+0x99/0x250 [ 86.377946][ T5323] ? __asan_memcpy+0x40/0x70 [ 86.379962][ T5323] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.382138][ T5323] ? __pfx__printk+0x10/0x10 [ 86.384142][ T5323] panic+0x2db/0x790 [ 86.386009][ T5323] ? __pfx_panic+0x10/0x10 [ 86.388087][ T5323] ? show_trace_log_lvl+0x4fb/0x550 [ 86.390496][ T5323] __warn+0x31b/0x4b0 [ 86.392836][ T5323] ? ieee80211_prep_channel+0x490c/0x60f0 [ 86.395850][ T5323] ? ieee80211_prep_channel+0x490c/0x60f0 [ 86.398280][ T5323] report_bug+0x2be/0x4f0 [ 86.400272][ T5323] ? ieee80211_prep_channel+0x490c/0x60f0 [ 86.403332][ T5323] ? ieee80211_prep_channel+0x490c/0x60f0 [ 86.406271][ T5323] ? ieee80211_prep_channel+0x490e/0x60f0 [ 86.408753][ T5323] handle_bug+0x84/0x160 [ 86.410678][ T5323] exc_invalid_op+0x1a/0x50 [ 86.412845][ T5323] asm_exc_invalid_op+0x1a/0x20 [ 86.415821][ T5323] RIP: 0010:ieee80211_prep_channel+0x490c/0x60f0 [ 86.420046][ T5323] Code: c6 05 1b fa 82 04 01 48 c7 c7 97 e0 8c 8c be e8 03 00 00 48 c7 c2 00 e2 8c 8c e8 cf 41 b8 f6 e9 17 ba ff ff e8 35 c9 d9 f6 90 <0f> 0b 90 48 8b 7c 24 48 e8 47 ff 30 f7 48 c7 44 24 48 ea ff ff ff [ 86.428579][ T5323] RSP: 0018:ffffc9000d5fe500 EFLAGS: 00010293 [ 86.431398][ T5323] RAX: ffffffff8ae628bb RBX: 0000000000000000 RCX: ffff88801f680000 [ 86.435000][ T5323] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.439440][ T5323] RBP: ffffc9000d5fe8a8 R08: ffff88801f680000 R09: 000000000000000e [ 86.443047][ T5323] R10: 000000000000000d R11: 0000000000000000 R12: ffffc9000d5fe7b0 [ 86.446541][ T5323] R13: dffffc0000000000 R14: 1ffff11008760ceb R15: ffffc9000d5fe7b0 [ 86.450189][ T5323] ? ieee80211_prep_channel+0x490b/0x60f0 [ 86.452799][ T5323] ? __pfx_llist_add_batch+0x10/0x10 [ 86.455752][ T5323] ? prb_read_valid+0x3c/0x60 [ 86.458453][ T5323] ? tick_nohz_tick_stopped+0x86/0xb0 [ 86.461701][ T5323] ? ieee80211_prep_channel+0x202/0x60f0 [ 86.465771][ T5323] ? __irq_work_queue_local+0x13a/0x3e0 [ 86.468007][ T5323] ? __pfx_ieee80211_prep_channel+0x10/0x10 [ 86.470366][ T5323] ? __lruvec_stat_mod_folio+0x79/0x2f0 [ 86.473223][ T5323] ? ieee80211_prep_connection+0x50f/0x1600 [ 86.475972][ T5323] ieee80211_prep_connection+0xeb9/0x1600 [ 86.478541][ T5323] ieee80211_mgd_auth+0xee3/0x1770 [ 86.480932][ T5323] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.483638][ T5323] ? __pfx_ieee80211_mgd_auth+0x10/0x10 [ 86.486161][ T5323] ? rcu_is_watching+0x15/0xb0 [ 86.488461][ T5323] cfg80211_mlme_auth+0x632/0x9c0 [ 86.490813][ T5323] cfg80211_conn_do_work+0x501/0xd10 [ 86.493437][ T5323] ? __pfx_cfg80211_conn_do_work+0x10/0x10 [ 86.497122][ T5323] ? do_raw_spin_lock+0x121/0x290 [ 86.500077][ T5323] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 86.503622][ T5323] ? rcu_is_watching+0x15/0xb0 [ 86.506327][ T5323] ? trace_cfg80211_return_bss+0x7a/0x1f0 [ 86.509766][ T5323] ? __cfg80211_get_bss+0x600/0x7a0 [ 86.512819][ T5323] ? cfg80211_connect+0x17c9/0x21a0 [ 86.515885][ T5323] cfg80211_connect+0x1862/0x21a0 [ 86.518250][ T5323] nl80211_connect+0x17bc/0x1cd0 [ 86.520769][ T5323] ? __pfx___mutex_trylock_common+0x10/0x10 [ 86.523534][ T5323] ? __pfx_nl80211_connect+0x10/0x10 [ 86.525948][ T5323] ? trace_contention_end+0x39/0x120 [ 86.528354][ T5323] ? nl80211_pre_doit+0x4f1/0x930 [ 86.530440][ T5323] genl_family_rcv_msg_doit+0x212/0x300 [ 86.533467][ T5323] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 86.538628][ T5323] ? bpf_lsm_capable+0x9/0x20 [ 86.540635][ T5323] ? security_capable+0x7e/0x2e0 [ 86.542835][ T5323] genl_rcv_msg+0x60e/0x790 [ 86.544963][ T5323] ? __pfx_genl_rcv_msg+0x10/0x10 [ 86.547307][ T5323] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 86.551047][ T5323] ? __pfx_nl80211_connect+0x10/0x10 [ 86.553900][ T5323] ? __pfx_nl80211_post_doit+0x10/0x10 [ 86.574462][ T5323] ? ref_tracker_free+0x63a/0x7d0 [ 86.576893][ T5323] ? __copy_skb_header+0xa7/0x550 [ 86.583543][ T5323] netlink_rcv_skb+0x219/0x490 [ 86.585908][ T5323] ? __pfx_genl_rcv_msg+0x10/0x10 [ 86.592794][ T5323] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 86.595089][ T5323] ? down_read+0x1ad/0x2e0 [ 86.597141][ T5323] genl_rcv+0x28/0x40 [ 86.599091][ T5323] netlink_unicast+0x75b/0x8d0 [ 86.601521][ T5323] netlink_sendmsg+0x805/0xb30 [ 86.604255][ T5323] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.629726][ T5323] ? aa_sock_msg_perm+0x94/0x160 [ 86.633046][ T5323] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 86.635739][ T5323] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.638472][ T5323] __sock_sendmsg+0x219/0x270 [ 86.640703][ T5323] ____sys_sendmsg+0x505/0x830 [ 86.659490][ T5323] ? __pfx_____sys_sendmsg+0x10/0x10 [ 86.662990][ T5323] ? import_iovec+0x74/0xa0 [ 86.665134][ T5323] ___sys_sendmsg+0x21f/0x2a0 [ 86.678950][ T5323] ? __pfx____sys_sendmsg+0x10/0x10 [ 86.681350][ T5323] ? __fget_files+0x2a/0x420 [ 86.684697][ T5323] ? __fget_files+0x3a0/0x420 [ 86.686654][ T5323] __x64_sys_sendmsg+0x19b/0x260 [ 86.696720][ T5323] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 86.699296][ T5323] ? do_syscall_64+0xba/0x210 [ 86.708399][ T5323] do_syscall_64+0xf6/0x210 [ 86.710261][ T5323] ? clear_bhb_loop+0x60/0xb0 [ 86.712259][ T5323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.714666][ T5323] RIP: 0033:0x7fc13358e969 [ 86.716698][ T5323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.731839][ T5323] RSP: 002b:00007fc13449a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 86.756360][ T5323] RAX: ffffffffffffffda RBX: 00007fc1337b6080 RCX: 00007fc13358e969 [ 86.759459][ T5323] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 86.762743][ T5323] RBP: 00007fc133610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 86.778058][ T5323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.790682][ T5323] R13: 0000000000000000 R14: 00007fc1337b6080 R15: 00007ffd87e6a698 [ 86.807698][ T5323] [ 86.809792][ T5323] Kernel Offset: disabled [ 86.812274][ T5323] Rebooting in 86400 seconds..