./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor953715959

<...>
DUID 00:04:53:46:a9:9d:03:7a:46:b2:48:ff:4a:ea:3f:46:f2:43
forked to background, child pid 4692
[   48.970724][ T4693] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.004477][ T4693] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.167' (ECDSA) to the list of known hosts.
execve("./syz-executor953715959", ["./syz-executor953715959"], 0x7fff48467660 /* 10 vars */) = 0
brk(NULL)                               = 0x555556c7d000
brk(0x555556c7dc40)                     = 0x555556c7dc40
arch_prctl(ARCH_SET_FS, 0x555556c7d300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor953715959", 4096) = 27
brk(0x555556c9ec40)                     = 0x555556c9ec40
brk(0x555556c9f000)                     = 0x555556c9f000
mprotect(0x7f6e02e9f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c7d5d0) = 5028
./strace-static-x86_64: Process 5028 attached
[pid  5028] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5028] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5028] setsid()                    = 1
[pid  5028] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5028] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5028] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5028] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5028] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5028] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5028] unshare(CLONE_NEWNS)        = 0
[pid  5028] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5028] unshare(CLONE_NEWIPC)       = 0
[pid  5028] unshare(CLONE_NEWCGROUP)    = 0
[pid  5028] unshare(CLONE_NEWUTS)       = 0
[pid  5028] unshare(CLONE_SYSVSEM)      = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "16777216", 8)     = 8
[pid  5028] close(3)                    = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "536870912", 9)    = 9
[pid  5028] close(3)                    = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "1024", 4)         = 4
[pid  5028] close(3)                    = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "8192", 4)         = 4
[pid  5028] close(3)                    = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "1024", 4)         = 4
[pid  5028] close(3)                    = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "1024", 4)         = 4
[pid  5028] close(3)                    = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5028] close(3)                    = 0
[pid  5028] getpid()                    = 1
[pid  5028] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5028] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5028] unshare(CLONE_NEWNET)       = 0
[pid  5028] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5028] write(3, "0 65535", 7)      = 7
[pid  5028] close(3)                    = 0
[pid  5028] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid  5028] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid  5028] close(3)                    = 0
[pid  5028] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5028] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5028] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x29\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1c\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5028] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5028] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5028] recvfrom(3, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  5028] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5028] sendto(3, [{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5028] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5028] access("/proc/net", R_OK)   = 0
[pid  5028] access("/proc/net/unix", R_OK) = 0
[pid  5028] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5028] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  5028] close(4)                    = 0
[pid  5028] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5028] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5028] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5028] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5028] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5028] close(4)                    = 0
[pid  5028] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5028] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5028] sendto(3, [{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5028] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5028] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5028] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5028] close(4)                    = 0
[pid  5028] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5028] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5028] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5028] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5028] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5028] close(4)                    = 0
syzkaller login: [   77.217235][ T5031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.226382][ T5031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid  5028] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5028] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5028] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5028] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  5028] close(4)                    = 0
[pid  5028] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5028] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5028] recvfrom(4, [{nlmsg_len=1444, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0b\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1444
[pid  5028] close(4)                    = 0
[pid  5028] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5028] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5028] close(4)                    = 0
[pid  5028] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5028] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5028] recvfrom(4, [{nlmsg_len=1444, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1444
[pid  5028] close(4)                    = 0
[pid  5028] close(3)                    = 0
[pid  5028] mkdir("/dev/binderfs", 0777) = 0
[pid  5028] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5028] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5028] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5032 attached
, child_tidptr=0x555556c7d5d0) = 2
[pid  5032] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5032] setpgid(0, 0)               = 0
[pid  5032] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5032] write(3, "1000", 4)         = 4
[pid  5032] close(3)                    = 0
[pid  5032] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[   77.267570][ T5031] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.275816][ T5031] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid  5032] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5032] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5032] recvfrom(4, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=2}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  5032] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=2}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5032] close(4)                    = 0
[pid  5032] ioctl(3, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  5032] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x30\x00\x00\x00\x23\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x08\x00\x05\x00\x07\x00\x00\x00\x0a\x00\x18\x00\x03\x03\x03\x03\x03\x03\x00\x00", iov_len=48}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
[pid  5032] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5032] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x34\x00\x00\x00\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x14\x00\x1b\x00\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x01", iov_len=52}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 52
[pid  5032] close(3)                    = 0
[pid  5032] close(4)                    = 0
[pid  5032] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5032] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5032] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5032] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5032] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5032] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5032] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5032] exit_group(0)               = ?
[pid  5032] +++ exited with 0 +++
[pid  5028] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
[pid  5028] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c7d5d0) = 3
./strace-static-x86_64: Process 5033 attached
[pid  5033] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5033] setpgid(0, 0)               = 0
[pid  5033] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5033] write(3, "1000", 4)         = 4
[pid  5033] close(3)                    = 0
[pid  5033] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5033] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5033] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5033] recvfrom(4, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  5033] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[   77.353467][ T5032] netlink: 'syz-executor953': attribute type 27 has an invalid length.
[pid  5033] close(4)                    = 0
[pid  5033] ioctl(3, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[   77.415538][ T5033] ------------[ cut here ]------------
[   77.421356][ T5033] wlan0: Failed check-sdata-in-driver check, flags: 0x0
[   77.430030][ T5033] WARNING: CPU: 0 PID: 5033 at net/mac80211/main.c:236 ieee80211_bss_info_change_notify+0x305/0x9c0
[   77.441037][ T5033] Modules linked in:
[   77.445267][ T5033] CPU: 0 PID: 5033 Comm: syz-executor953 Not tainted 6.4.0-next-20230630-syzkaller #0
[   77.455130][ T5033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   77.465295][ T5033] RIP: 0010:ieee80211_bss_info_change_notify+0x305/0x9c0
[   77.472409][ T5033] Code: f8 08 00 00 4d 85 f6 0f 84 c7 05 00 00 e8 b3 c4 f0 f7 e8 ae c4 f0 f7 8b 54 24 08 4c 89 f6 48 c7 c7 a0 25 a1 8b e8 0b 15 b8 f7 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 48 8b 14 24 48 c1 ea 03 0f b6
[   77.492163][ T5033] RSP: 0018:ffffc90003a8f338 EFLAGS: 00010286
[   77.498389][ T5033] RAX: 0000000000000000 RBX: ffff888072f54c80 RCX: 0000000000000000
[   77.506502][ T5033] RDX: ffff888027d71dc0 RSI: ffffffff814c65a7 RDI: 0000000000000001
[   77.514548][ T5033] RBP: ffff88807d730e20 R08: 0000000000000001 R09: 0000000000000000
[   77.522550][ T5033] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000a00
[   77.530620][ T5033] R13: ffff888072f56898 R14: ffff888072f54000 R15: 0000000000000000
[   77.538696][ T5033] FS:  0000555556c7d300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   77.547763][ T5033] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.554419][ T5033] CR2: 0000000020000200 CR3: 00000000721df000 CR4: 00000000003506f0
[   77.562447][ T5033] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   77.570549][ T5033] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   77.578622][ T5033] Call Trace:
[   77.581919][ T5033]  <TASK>
[   77.584960][ T5033]  ? __warn+0xe6/0x390
[   77.589094][ T5033]  ? preempt_schedule_notrace+0x5f/0xd0
[   77.594752][ T5033]  ? ieee80211_bss_info_change_notify+0x305/0x9c0
[   77.601231][ T5033]  ? report_bug+0x2da/0x500
[   77.605876][ T5033]  ? handle_bug+0x3c/0x70
[   77.610255][ T5033]  ? exc_invalid_op+0x18/0x50
[   77.615019][ T5033]  ? asm_exc_invalid_op+0x1a/0x20
[   77.620116][ T5033]  ? __warn_printk+0x187/0x310
[   77.625006][ T5033]  ? ieee80211_bss_info_change_notify+0x305/0x9c0
[   77.631488][ T5033]  ? ieee80211_bss_info_change_notify+0x305/0x9c0
[   77.638025][ T5033]  ieee80211_ibss_disconnect+0x408/0x9c0
[   77.643768][ T5033]  ieee80211_ibss_leave+0x16/0x160
[   77.648925][ T5033]  __cfg80211_leave_ibss+0x1a1/0x5c0
[   77.654329][ T5033]  cfg80211_leave_ibss+0x58/0x80
[   77.659340][ T5033]  cfg80211_change_iface+0x45d/0xe00
[   77.664781][ T5033]  nl80211_set_interface+0x695/0x960
[   77.670128][ T5033]  ? nl80211_notify_iface+0x190/0x190
[   77.675615][ T5033]  ? nl80211_pre_doit+0x120/0xab0
[   77.680702][ T5033]  genl_family_rcv_msg_doit.isra.0+0x1e6/0x2d0
[   77.687000][ T5033]  ? genl_start+0x660/0x660
[   77.691593][ T5033]  ? ns_capable+0xe0/0x110
[   77.696148][ T5033]  genl_rcv_msg+0x4ff/0x7e0
[   77.700725][ T5033]  ? genl_family_rcv_msg_doit.isra.0+0x2d0/0x2d0
[   77.707217][ T5033]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.713264][ T5033]  ? validate_beacon_tx_rate+0x8d0/0x8d0
[   77.719029][ T5033]  ? nl80211_notify_iface+0x190/0x190
[   77.724564][ T5033]  ? cfg80211_vendor_cmd_reply+0x2f0/0x2f0
[   77.730461][ T5033]  netlink_rcv_skb+0x165/0x440
[   77.735350][ T5033]  ? genl_family_rcv_msg_doit.isra.0+0x2d0/0x2d0
[   77.741754][ T5033]  ? netlink_ack+0x1360/0x1360
[   77.746694][ T5033]  ? down_write_killable+0x250/0x250
[   77.752059][ T5033]  ? netlink_deliver_tap+0x1b1/0xcf0
[   77.757459][ T5033]  genl_rcv+0x28/0x40
[   77.761487][ T5033]  netlink_unicast+0x547/0x7f0
[   77.766365][ T5033]  ? netlink_attachskb+0x890/0x890
[   77.771533][ T5033]  ? __virt_addr_valid+0x61/0x2e0
[   77.776671][ T5033]  ? __phys_addr_symbol+0x30/0x70
[   77.781745][ T5033]  ? __check_object_size+0x323/0x730
[   77.787146][ T5033]  netlink_sendmsg+0x925/0xe30
[   77.791969][ T5033]  ? netlink_unicast+0x7f0/0x7f0
[   77.797011][ T5033]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   77.802369][ T5033]  ? netlink_unicast+0x7f0/0x7f0
[   77.807472][ T5033]  sock_sendmsg+0xde/0x190
[   77.811960][ T5033]  ____sys_sendmsg+0x739/0x920
[   77.816856][ T5033]  ? copy_msghdr_from_user+0xfc/0x150
[   77.822277][ T5033]  ? kernel_sendmsg+0x50/0x50
[   77.827080][ T5033]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.833130][ T5033]  ___sys_sendmsg+0x110/0x1b0
[   77.837919][ T5033]  ? do_recvmmsg+0x6f0/0x6f0
[   77.842588][ T5033]  ? lock_sync+0x190/0x190
[   77.847162][ T5033]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   77.852424][ T5033]  ? do_raw_spin_lock+0x124/0x2b0
[   77.857584][ T5033]  ? spin_bug+0x1c0/0x1c0
[   77.861971][ T5033]  ? _raw_spin_lock_irq+0x45/0x50
[   77.867155][ T5033]  ? __fget_light+0x201/0x270
[   77.871917][ T5033]  __sys_sendmsg+0xf7/0x1c0
[   77.876552][ T5033]  ? __sys_sendmsg_sock+0x40/0x40
[   77.881624][ T5033]  ? lock_downgrade+0x690/0x690
[   77.886601][ T5033]  ? lockdep_hardirqs_on+0x7d/0x100
[   77.891878][ T5033]  ? _raw_spin_unlock_irq+0x2e/0x50
[   77.897206][ T5033]  ? ptrace_notify+0xfe/0x140
[   77.901935][ T5033]  do_syscall_64+0x39/0xb0
[   77.906548][ T5033]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   77.912509][ T5033] RIP: 0033:0x7f6e02e2b349
[   77.917031][ T5033] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   77.936794][ T5033] RSP: 002b:00007ffc61ef4a58 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.945314][ T5033] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f6e02e2b349
[   77.953322][ T5033] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[   77.961390][ T5033] RBP: 0000000000000000 R08: 00007ffc61ef4a87 R09: 00007ffc61ef4a87
[   77.969471][ T5033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000012de7
[   77.977566][ T5033] R13: 00007ffc61ef4ad0 R14: 00007ffc61ef4ac0 R15: 00007ffc61ef4a8c
[   77.985651][ T5033]  </TASK>
[   77.988715][ T5033] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   77.996023][ T5033] CPU: 0 PID: 5033 Comm: syz-executor953 Not tainted 6.4.0-next-20230630-syzkaller #0
[   78.005591][ T5033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   78.015662][ T5033] Call Trace:
[   78.018977][ T5033]  <TASK>
[   78.021926][ T5033]  dump_stack_lvl+0xd9/0x150
[   78.026552][ T5033]  panic+0x686/0x730
[   78.030479][ T5033]  ? panic_smp_self_stop+0xa0/0xa0
[   78.035624][ T5033]  ? show_trace_log_lvl+0x284/0x390
[   78.040872][ T5033]  ? ieee80211_bss_info_change_notify+0x305/0x9c0
[   78.047318][ T5033]  check_panic_on_warn+0xb1/0xc0
[   78.052291][ T5033]  __warn+0xf2/0x390
[   78.056216][ T5033]  ? preempt_schedule_notrace+0x5f/0xd0
[   78.061798][ T5033]  ? ieee80211_bss_info_change_notify+0x305/0x9c0
[   78.068246][ T5033]  report_bug+0x2da/0x500
[   78.072609][ T5033]  handle_bug+0x3c/0x70
[   78.076793][ T5033]  exc_invalid_op+0x18/0x50
[   78.081329][ T5033]  asm_exc_invalid_op+0x1a/0x20
[   78.086206][ T5033] RIP: 0010:ieee80211_bss_info_change_notify+0x305/0x9c0
[   78.093261][ T5033] Code: f8 08 00 00 4d 85 f6 0f 84 c7 05 00 00 e8 b3 c4 f0 f7 e8 ae c4 f0 f7 8b 54 24 08 4c 89 f6 48 c7 c7 a0 25 a1 8b e8 0b 15 b8 f7 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 48 8b 14 24 48 c1 ea 03 0f b6
[   78.112894][ T5033] RSP: 0018:ffffc90003a8f338 EFLAGS: 00010286
[   78.118987][ T5033] RAX: 0000000000000000 RBX: ffff888072f54c80 RCX: 0000000000000000
[   78.126990][ T5033] RDX: ffff888027d71dc0 RSI: ffffffff814c65a7 RDI: 0000000000000001
[   78.135000][ T5033] RBP: ffff88807d730e20 R08: 0000000000000001 R09: 0000000000000000
[   78.143020][ T5033] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000a00
[   78.151058][ T5033] R13: ffff888072f56898 R14: ffff888072f54000 R15: 0000000000000000
[   78.159082][ T5033]  ? __warn_printk+0x187/0x310
[   78.163898][ T5033]  ? ieee80211_bss_info_change_notify+0x305/0x9c0
[   78.170460][ T5033]  ieee80211_ibss_disconnect+0x408/0x9c0
[   78.176161][ T5033]  ieee80211_ibss_leave+0x16/0x160
[   78.181335][ T5033]  __cfg80211_leave_ibss+0x1a1/0x5c0
[   78.186676][ T5033]  cfg80211_leave_ibss+0x58/0x80
[   78.191666][ T5033]  cfg80211_change_iface+0x45d/0xe00
[   78.197013][ T5033]  nl80211_set_interface+0x695/0x960
[   78.202362][ T5033]  ? nl80211_notify_iface+0x190/0x190
[   78.207798][ T5033]  ? nl80211_pre_doit+0x120/0xab0
[   78.212878][ T5033]  genl_family_rcv_msg_doit.isra.0+0x1e6/0x2d0
[   78.219078][ T5033]  ? genl_start+0x660/0x660
[   78.223629][ T5033]  ? ns_capable+0xe0/0x110
[   78.228170][ T5033]  genl_rcv_msg+0x4ff/0x7e0
[   78.232746][ T5033]  ? genl_family_rcv_msg_doit.isra.0+0x2d0/0x2d0
[   78.239124][ T5033]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   78.245157][ T5033]  ? validate_beacon_tx_rate+0x8d0/0x8d0
[   78.250847][ T5033]  ? nl80211_notify_iface+0x190/0x190
[   78.256252][ T5033]  ? cfg80211_vendor_cmd_reply+0x2f0/0x2f0
[   78.262106][ T5033]  netlink_rcv_skb+0x165/0x440
[   78.266925][ T5033]  ? genl_family_rcv_msg_doit.isra.0+0x2d0/0x2d0
[   78.273298][ T5033]  ? netlink_ack+0x1360/0x1360
[   78.278103][ T5033]  ? down_write_killable+0x250/0x250
[   78.283431][ T5033]  ? netlink_deliver_tap+0x1b1/0xcf0
[   78.288760][ T5033]  genl_rcv+0x28/0x40
[   78.292798][ T5033]  netlink_unicast+0x547/0x7f0
[   78.297599][ T5033]  ? netlink_attachskb+0x890/0x890
[   78.302740][ T5033]  ? __virt_addr_valid+0x61/0x2e0
[   78.307797][ T5033]  ? __phys_addr_symbol+0x30/0x70
[   78.312847][ T5033]  ? __check_object_size+0x323/0x730
[   78.318165][ T5033]  netlink_sendmsg+0x925/0xe30
[   78.322962][ T5033]  ? netlink_unicast+0x7f0/0x7f0
[   78.327936][ T5033]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   78.333261][ T5033]  ? netlink_unicast+0x7f0/0x7f0
[   78.338245][ T5033]  sock_sendmsg+0xde/0x190
[   78.342728][ T5033]  ____sys_sendmsg+0x739/0x920
[   78.347552][ T5033]  ? copy_msghdr_from_user+0xfc/0x150
[   78.352963][ T5033]  ? kernel_sendmsg+0x50/0x50
[   78.357693][ T5033]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   78.363733][ T5033]  ___sys_sendmsg+0x110/0x1b0
[   78.368464][ T5033]  ? do_recvmmsg+0x6f0/0x6f0
[   78.373112][ T5033]  ? lock_sync+0x190/0x190
[   78.377570][ T5033]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   78.382801][ T5033]  ? do_raw_spin_lock+0x124/0x2b0
[   78.387871][ T5033]  ? spin_bug+0x1c0/0x1c0
[   78.392256][ T5033]  ? _raw_spin_lock_irq+0x45/0x50
[   78.397327][ T5033]  ? __fget_light+0x201/0x270
[   78.402053][ T5033]  __sys_sendmsg+0xf7/0x1c0
[   78.406597][ T5033]  ? __sys_sendmsg_sock+0x40/0x40
[   78.411650][ T5033]  ? lock_downgrade+0x690/0x690
[   78.416547][ T5033]  ? lockdep_hardirqs_on+0x7d/0x100
[   78.421779][ T5033]  ? _raw_spin_unlock_irq+0x2e/0x50
[   78.427024][ T5033]  ? ptrace_notify+0xfe/0x140
[   78.431738][ T5033]  do_syscall_64+0x39/0xb0
[   78.436183][ T5033]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   78.442115][ T5033] RIP: 0033:0x7f6e02e2b349
[   78.446554][ T5033] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   78.466180][ T5033] RSP: 002b:00007ffc61ef4a58 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.474616][ T5033] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f6e02e2b349
[   78.482602][ T5033] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[   78.490590][ T5033] RBP: 0000000000000000 R08: 00007ffc61ef4a87 R09: 00007ffc61ef4a87
[   78.498581][ T5033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000012de7
[   78.506570][ T5033] R13: 00007ffc61ef4ad0 R14: 00007ffc61ef4ac0 R15: 00007ffc61ef4a8c
[   78.514578][ T5033]  </TASK>
[   78.517924][ T5033] Kernel Offset: disabled
[   78.522381][ T5033] Rebooting in 86400 seconds..