./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor315887902

<...>
Warning: Permanently added '10.128.1.104' (ED25519) to the list of known hosts.
execve("./syz-executor315887902", ["./syz-executor315887902"], 0x7fff4be68f00 /* 10 vars */) = 0
brk(NULL)                               = 0x55555604b000
brk(0x55555604bd00)                     = 0x55555604bd00
arch_prctl(ARCH_SET_FS, 0x55555604b380) = 0
set_tid_address(0x55555604b650)         = 5057
set_robust_list(0x55555604b660, 24)     = 0
rseq(0x55555604bca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor315887902", 4096) = 27
getrandom("\x89\x4e\x8c\x1b\x81\xbf\x11\xbf", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55555604bd00
brk(0x55555606cd00)                     = 0x55555606cd00
brk(0x55555606d000)                     = 0x55555606d000
mprotect(0x7f741e780000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555604b650) = 5058
./strace-static-x86_64: Process 5058 attached
[pid  5058] set_robust_list(0x55555604b660, 24) = 0
[pid  5058] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5058] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5058] setsid()                    = 1
[pid  5058] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5058] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5058] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5058] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5058] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5058] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5058] unshare(CLONE_NEWNS)        = 0
[pid  5058] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5058] unshare(CLONE_NEWIPC)       = 0
[pid  5058] unshare(CLONE_NEWCGROUP)    = 0
[pid  5058] unshare(CLONE_NEWUTS)       = 0
[pid  5058] unshare(CLONE_SYSVSEM)      = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "16777216", 8)     = 8
[pid  5058] close(3)                    = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "536870912", 9)    = 9
[pid  5058] close(3)                    = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "1024", 4)         = 4
[pid  5058] close(3)                    = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "8192", 4)         = 4
[pid  5058] close(3)                    = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "1024", 4)         = 4
[pid  5058] close(3)                    = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "1024", 4)         = 4
[pid  5058] close(3)                    = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5058] close(3)                    = 0
[pid  5058] getpid()                    = 1
[pid  5058] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5058] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5058] unshare(CLONE_NEWNET)       = 0
[pid  5058] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5058] write(3, "0 65535", 7)      = 7
[pid  5058] close(3)                    = 0
[pid  5058] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid  5058] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid  5058] close(3)                    = 0
[pid  5058] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5058] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5058] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x2a\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1c\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5058] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5058] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5058] recvfrom(3, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5058] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5058] sendto(3, [{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5058] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5058] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5058] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  5058] close(4)                    = 0
[pid  5058] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5058] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[   58.179070][ T5058] ieee80211 phy3: Selected rate control algorithm 'minstrel_ht'
[   58.192922][ T5058] mac80211_hwsim hwsim2: WBRF is not supported
[pid  5058] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5058] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5058] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5058] close(4)                    = 0
[pid  5058] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5058] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5058] sendto(3, [{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5058] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5058] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5058] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5058] close(4)                    = 0
[pid  5058] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5058] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[   58.267578][ T4408] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.275958][ T4408] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.289076][ T5058] ieee80211 phy4: Selected rate control algorithm 'minstrel_ht'
[   58.301466][ T5058] mac80211_hwsim hwsim3: WBRF is not supported
[pid  5058] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5058] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5058] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5058] close(4)                    = 0
[pid  5058] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5058] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5058] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5058] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  5058] close(4)                    = 0
[pid  5058] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5058] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5058] recvfrom(4, [{nlmsg_len=1460, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0b\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1460
[pid  5058] close(4)                    = 0
[pid  5058] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[   58.365939][ T4408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.375015][ T4408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid  5058] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5058] close(4)                    = 0
[pid  5058] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5058] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5058] recvfrom(4, [{nlmsg_len=1460, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1460
[pid  5058] close(4)                    = 0
[pid  5058] close(3)                    = 0
[pid  5058] mkdir("/dev/binderfs", 0777) = 0
[pid  5058] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5058] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555604b650) = 2
./strace-static-x86_64: Process 5061 attached
[pid  5061] set_robust_list(0x55555604b660, 24) = 0
[pid  5061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5061] setpgid(0, 0)               = 0
[pid  5061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5061] write(3, "1000", 4)         = 4
[pid  5061] close(3)                    = 0
[pid  5061] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5061] ioctl(3, SIOCSIWSCAN, 0x20000000) = 0
[pid  5061] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5061] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5061] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5061] recvfrom(5, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=2}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5061] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=2}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5061] close(5)                    = 0
[pid  5061] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5061] ioctl(5, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5061] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x40\x00\x00\x00\x23\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x24\x00\x5a\x80\x20\x00\x01\x80\x14\x00\x03\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x04\x00\x01\x00", iov_len=64}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
[   58.508163][ T5061] warning: `syz-executor315' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[pid  5061] close(3)                    = 0
[pid  5061] close(4)                    = 0
[pid  5061] close(5)                    = 0
[pid  5061] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5061] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5061] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5061] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5061] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5061] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5061] exit_group(0)               = ?
[pid  5061] +++ exited with 0 +++
[pid  5058] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[pid  5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555604b650) = 3
./strace-static-x86_64: Process 5062 attached
[pid  5062] set_robust_list(0x55555604b660, 24) = 0
[pid  5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5062] setpgid(0, 0)               = 0
[pid  5062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5062] write(3, "1000", 4)         = 4
[pid  5062] close(3)                    = 0
[pid  5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5062] ioctl(3, SIOCSIWSCAN, 0x20000000) = -1 EBUSY (Device or resource busy)
[pid  5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5062] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5062] recvfrom(5, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5062] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5062] close(5)                    = 0
[pid  5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5062] ioctl(5, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5062] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x40\x00\x00\x00\x23\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x24\x00\x5a\x80\x20\x00\x01\x80\x14\x00\x03\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x04\x00\x01\x00", iov_len=64}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
[pid  5062] close(3)                    = 0
[pid  5062] close(4)                    = 0
[pid  5062] close(5)                    = 0
[pid  5062] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5062] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5062] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5062] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5062] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5062] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5062] exit_group(0)               = ?
[pid  5062] +++ exited with 0 +++
[pid  5058] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5063 attached
, child_tidptr=0x55555604b650) = 4
[pid  5063] set_robust_list(0x55555604b660, 24) = 0
[pid  5063] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5063] setpgid(0, 0)               = 0
[pid  5063] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5063] write(3, "1000", 4)         = 4
[pid  5063] close(3)                    = 0
[pid  5063] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5063] ioctl(3, SIOCSIWSCAN, 0x20000000) = -1 EBUSY (Device or resource busy)
[pid  5063] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5063] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5063] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5063] recvfrom(5, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=4}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5063] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5063] close(5)                    = 0
[pid  5063] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5063] ioctl(5, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5063] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x40\x00\x00\x00\x23\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x24\x00\x5a\x80\x20\x00\x01\x80\x14\x00\x03\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x04\x00\x01\x00", iov_len=64}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
[pid  5063] close(3)                    = 0
[pid  5063] close(4)                    = 0
[pid  5063] close(5)                    = 0
[pid  5063] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5063] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5063] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5063] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5063] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5063] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5063] exit_group(0)               = ?
[pid  5063] +++ exited with 0 +++
[pid  5058] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5064 attached
, child_tidptr=0x55555604b650) = 5
[pid  5064] set_robust_list(0x55555604b660, 24) = 0
[pid  5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5064] setpgid(0, 0)               = 0
[pid  5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1000", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5064] ioctl(3, SIOCSIWSCAN, 0x20000000) = -1 EBUSY (Device or resource busy)
[pid  5064] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5064] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5064] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5064] recvfrom(5, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=5}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5064] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5064] close(5)                    = 0
[pid  5064] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5064] ioctl(5, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5064] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x40\x00\x00\x00\x23\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x24\x00\x5a\x80\x20\x00\x01\x80\x14\x00\x03\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x04\x00\x01\x00", iov_len=64}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
[pid  5064] close(3)                    = 0
[pid  5064] close(4)                    = 0
[pid  5064] close(5)                    = 0
[pid  5064] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5064] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5064] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5064] exit_group(0)               = ?
[pid  5064] +++ exited with 0 +++
[pid  5058] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5058] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached
, child_tidptr=0x55555604b650) = 6
[pid  5065] set_robust_list(0x55555604b660, 24) = 0
[pid  5065] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5065] setpgid(0, 0)               = 0
[pid  5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5065] write(3, "1000", 4)         = 4
[pid  5065] close(3)                    = 0
[pid  5065] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5065] ioctl(3, SIOCSIWSCAN, 0x20000000) = -1 EBUSY (Device or resource busy)
[pid  5065] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5065] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5065] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5065] recvfrom(5, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=6}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5065] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=6}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5065] close(5)                    = 0
[pid  5065] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5065] ioctl(5, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5065] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x40\x00\x00\x00\x23\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x24\x00\x5a\x80\x20\x00\x01\x80\x14\x00\x03\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x04\x00\x01\x00", iov_len=64}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
[pid  5065] close(3)                    = 0
[pid  5065] close(4)                    = 0
[pid  5065] close(5)                    = 0
[pid  5065] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5065] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5065] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5065] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5065] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5065] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5065] exit_group(0)               = ?
[pid  5065] +++ exited with 0 +++
[pid  5058] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555604b650) = 7
./strace-static-x86_64: Process 5066 attached
[pid  5066] set_robust_list(0x55555604b660, 24) = 0
[pid  5066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5066] setpgid(0, 0)               = 0
[pid  5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5066] write(3, "1000", 4)         = 4
[pid  5066] close(3)                    = 0
[pid  5066] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5066] ioctl(3, SIOCSIWSCAN, 0x20000000) = -1 EBUSY (Device or resource busy)
[pid  5066] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5066] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5066] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5066] recvfrom(5, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=7}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5066] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=7}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5066] close(5)                    = 0
[pid  5066] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5066] ioctl(5, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5066] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x40\x00\x00\x00\x23\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x24\x00\x5a\x80\x20\x00\x01\x80\x14\x00\x03\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x04\x00\x01\x00", iov_len=64}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
[pid  5066] close(3)                    = 0
[pid  5066] close(4)                    = 0
[pid  5066] close(5)                    = 0
[pid  5066] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5066] exit_group(0)               = ?
[pid  5066] +++ exited with 0 +++
[pid  5058] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached
, child_tidptr=0x55555604b650) = 8
[pid  5067] set_robust_list(0x55555604b660, 24) = 0
[pid  5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5067] setpgid(0, 0)               = 0
[pid  5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5067] write(3, "1000", 4)         = 4
[pid  5067] close(3)                    = 0
[pid  5067] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5067] ioctl(3, SIOCSIWSCAN, 0x20000000) = -1 EBUSY (Device or resource busy)
[pid  5067] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5067] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5067] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5067] recvfrom(5, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=8}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x49\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5067] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=8}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5067] close(5)                    = 0
[pid  5067] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  5067] ioctl(5, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[   59.824874][ T4408] ------------[ cut here ]------------
[   59.830352][ T4408] no supported rates for sta (null) (0xffffffff, band 1) in rate_mask 0x0 with flags 0x0
[   59.840670][ T4408] WARNING: CPU: 1 PID: 4408 at net/mac80211/rate.c:379 __rate_control_send_low+0x6d9/0x800
[   59.850688][ T4408] Modules linked in:
[   59.854587][ T4408] CPU: 1 PID: 4408 Comm: kworker/u4:9 Not tainted 6.7.0-rc8-next-20240105-syzkaller #0
[   59.864240][ T4408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   59.874316][ T4408] Workqueue: events_unbound cfg80211_wiphy_work
[   59.880571][ T4408] RIP: 0010:__rate_control_send_low+0x6d9/0x800
[   59.886827][ T4408] Code: a4 a0 d4 00 00 00 e8 b6 cc 82 f7 44 8b 44 24 3c 45 89 e9 89 d9 48 8b 74 24 18 44 89 e2 48 c7 c7 a0 92 0d 8c e8 68 bd 48 f7 90 <0f> 0b 90 90 e9 ff fc ff ff 48 8b 7c 24 30 e8 74 81 da f7 e9 e1 fb
[   59.906454][ T4408] RSP: 0018:ffffc9000e33f530 EFLAGS: 00010282
[   59.912530][ T4408] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff814e1619
[   59.920501][ T4408] RDX: ffff88802ed65940 RSI: ffffffff814e1626 RDI: 0000000000000001
[   59.928485][ T4408] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[   59.936468][ T4408] R10: 0000000000000000 R11: 0000000000000001 R12: 00000000ffffffff
[   59.944451][ T4408] R13: 0000000000000000 R14: 0000000000000008 R15: dffffc0000000000
[   59.952447][ T4408] FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   59.961380][ T4408] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.967976][ T4408] CR2: 0000000020000000 CR3: 000000007a939000 CR4: 00000000003506f0
[   59.975977][ T4408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.983957][ T4408] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.991935][ T4408] Call Trace:
[   59.995211][ T4408]  <TASK>
[   59.998156][ T4408]  ? show_regs+0x8e/0xa0
[   60.002418][ T4408]  ? __warn+0xe5/0x390
[   60.006496][ T4408]  ? __wake_up_klogd.part.0+0x99/0xf0
[   60.011879][ T4408]  ? __rate_control_send_low+0x6d9/0x800
[   60.017515][ T4408]  ? report_bug+0x3bc/0x580
[   60.022036][ T4408]  ? handle_bug+0x3d/0x70
[   60.026379][ T4408]  ? exc_invalid_op+0x17/0x40
[   60.031046][ T4408]  ? asm_exc_invalid_op+0x1a/0x20
[   60.036085][ T4408]  ? __warn_printk+0x199/0x350
[   60.040856][ T4408]  ? __warn_printk+0x1a6/0x350
[   60.045635][ T4408]  ? __rate_control_send_low+0x6d9/0x800
[   60.051274][ T4408]  rate_control_send_low+0x296/0x820
[   60.056578][ T4408]  rate_control_get_rate+0x1be/0x590
[   60.061883][ T4408]  ieee80211_tx_h_rate_ctrl+0xa70/0x19e0
[   60.067503][ T4408]  ? ieee80211_probereq_get+0x290/0x290
[   60.073065][ T4408]  invoke_tx_handlers_late+0xd15/0x2c10
[   60.078613][ T4408]  ? ieee80211_queue_skb+0x472/0x1fd0
[   60.083996][ T4408]  ? ieee80211_ie_build_eht_cap+0x3e0/0x3e0
[   60.089909][ T4408]  ? invoke_tx_handlers_early+0x663/0x26f0
[   60.095737][ T4408]  ieee80211_tx+0x302/0x420
[   60.100251][ T4408]  ? ieee80211_tx_prepare_skb+0x470/0x470
[   60.105996][ T4408]  ? rcu_is_watching+0x12/0xb0
[   60.110769][ T4408]  ? lock_acquire+0x477/0x530
[   60.115469][ T4408]  ? ieee80211_skb_resize+0x22a/0x620
[   60.120844][ T4408]  ? ieee80211_set_qos_hdr+0xba/0x3e0
[   60.126238][ T4408]  ieee80211_xmit+0x30e/0x3e0
[   60.130920][ T4408]  __ieee80211_tx_skb_tid_band+0x29b/0x700
[   60.136745][ T4408]  ieee80211_scan_state_send_probe+0x33a/0x9c0
[   60.142925][ T4408]  ieee80211_scan_work+0x7e9/0x2040
[   60.148112][ T4408]  ? rcu_is_watching+0x12/0xb0
[   60.152888][ T4408]  ? cfg80211_wiphy_work+0x22a/0x330
[   60.158178][ T4408]  ? reacquire_held_locks+0x4c0/0x4c0
[   60.163569][ T4408]  ? ieee80211_run_deferred_scan+0x3e0/0x3e0
[   60.169563][ T4408]  ? rcu_is_watching+0x12/0xb0
[   60.174346][ T4408]  cfg80211_wiphy_work+0x24e/0x330
[   60.179464][ T4408]  process_one_work+0x8a4/0x15f0
[   60.184424][ T4408]  ? lock_sync+0x190/0x190
[   60.188841][ T4408]  ? workqueue_congested+0x300/0x300
[   60.194166][ T4408]  ? assign_work+0x1a0/0x250
[   60.198793][ T4408]  worker_thread+0x8b6/0x1290
[   60.203502][ T4408]  ? process_one_work+0x15f0/0x15f0
[   60.208720][ T4408]  kthread+0x2c1/0x3a0
[   60.212812][ T4408]  ? trace_irq_enable.constprop.0+0xe0/0x110
[   60.218819][ T4408]  ? kthread_complete_and_exit+0x40/0x40
[   60.224473][ T4408]  ret_from_fork+0x45/0x80
[   60.228902][ T4408]  ? kthread_complete_and_exit+0x40/0x40
[   60.234551][ T4408]  ret_from_fork_asm+0x11/0x20
[   60.239332][ T4408]  </TASK>
[   60.242366][ T4408] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   60.249638][ T4408] CPU: 1 PID: 4408 Comm: kworker/u4:9 Not tainted 6.7.0-rc8-next-20240105-syzkaller #0
[   60.259249][ T4408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   60.269309][ T4408] Workqueue: events_unbound cfg80211_wiphy_work
[   60.275538][ T4408] Call Trace:
[   60.278797][ T4408]  <TASK>
[   60.281711][ T4408]  dump_stack_lvl+0xd9/0x1b0
[   60.286294][ T4408]  panic+0x6dc/0x790
[   60.290178][ T4408]  ? panic_smp_self_stop+0xa0/0xa0
[   60.295282][ T4408]  ? show_trace_log_lvl+0x363/0x4f0
[   60.300470][ T4408]  ? check_panic_on_warn+0x1f/0xb0
[   60.305571][ T4408]  ? __rate_control_send_low+0x6d9/0x800
[   60.311184][ T4408]  check_panic_on_warn+0xab/0xb0
[   60.316110][ T4408]  __warn+0xf1/0x390
[   60.319990][ T4408]  ? __wake_up_klogd.part.0+0x99/0xf0
[   60.325346][ T4408]  ? __rate_control_send_low+0x6d9/0x800
[   60.330988][ T4408]  report_bug+0x3bc/0x580
[   60.335310][ T4408]  handle_bug+0x3d/0x70
[   60.339457][ T4408]  exc_invalid_op+0x17/0x40
[   60.343953][ T4408]  asm_exc_invalid_op+0x1a/0x20
[   60.348789][ T4408] RIP: 0010:__rate_control_send_low+0x6d9/0x800
[   60.355026][ T4408] Code: a4 a0 d4 00 00 00 e8 b6 cc 82 f7 44 8b 44 24 3c 45 89 e9 89 d9 48 8b 74 24 18 44 89 e2 48 c7 c7 a0 92 0d 8c e8 68 bd 48 f7 90 <0f> 0b 90 90 e9 ff fc ff ff 48 8b 7c 24 30 e8 74 81 da f7 e9 e1 fb
[   60.374619][ T4408] RSP: 0018:ffffc9000e33f530 EFLAGS: 00010282
[   60.380670][ T4408] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff814e1619
[   60.388625][ T4408] RDX: ffff88802ed65940 RSI: ffffffff814e1626 RDI: 0000000000000001
[   60.396577][ T4408] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[   60.404529][ T4408] R10: 0000000000000000 R11: 0000000000000001 R12: 00000000ffffffff
[   60.412480][ T4408] R13: 0000000000000000 R14: 0000000000000008 R15: dffffc0000000000
[   60.420435][ T4408]  ? __warn_printk+0x199/0x350
[   60.425191][ T4408]  ? __warn_printk+0x1a6/0x350
[   60.429947][ T4408]  rate_control_send_low+0x296/0x820
[   60.435219][ T4408]  rate_control_get_rate+0x1be/0x590
[   60.440491][ T4408]  ieee80211_tx_h_rate_ctrl+0xa70/0x19e0
[   60.446115][ T4408]  ? ieee80211_probereq_get+0x290/0x290
[   60.451651][ T4408]  invoke_tx_handlers_late+0xd15/0x2c10
[   60.457180][ T4408]  ? ieee80211_queue_skb+0x472/0x1fd0
[   60.462536][ T4408]  ? ieee80211_ie_build_eht_cap+0x3e0/0x3e0
[   60.468418][ T4408]  ? invoke_tx_handlers_early+0x663/0x26f0
[   60.474208][ T4408]  ieee80211_tx+0x302/0x420
[   60.478696][ T4408]  ? ieee80211_tx_prepare_skb+0x470/0x470
[   60.484403][ T4408]  ? rcu_is_watching+0x12/0xb0
[   60.489154][ T4408]  ? lock_acquire+0x477/0x530
[   60.493816][ T4408]  ? ieee80211_skb_resize+0x22a/0x620
[   60.499186][ T4408]  ? ieee80211_set_qos_hdr+0xba/0x3e0
[   60.504549][ T4408]  ieee80211_xmit+0x30e/0x3e0
[   60.509212][ T4408]  __ieee80211_tx_skb_tid_band+0x29b/0x700
[   60.515005][ T4408]  ieee80211_scan_state_send_probe+0x33a/0x9c0
[   60.521150][ T4408]  ieee80211_scan_work+0x7e9/0x2040
[   60.526335][ T4408]  ? rcu_is_watching+0x12/0xb0
[   60.531086][ T4408]  ? cfg80211_wiphy_work+0x22a/0x330
[   60.536355][ T4408]  ? reacquire_held_locks+0x4c0/0x4c0
[   60.541709][ T4408]  ? ieee80211_run_deferred_scan+0x3e0/0x3e0
[   60.547673][ T4408]  ? rcu_is_watching+0x12/0xb0
[   60.552423][ T4408]  cfg80211_wiphy_work+0x24e/0x330
[   60.557519][ T4408]  process_one_work+0x8a4/0x15f0
[   60.562450][ T4408]  ? lock_sync+0x190/0x190
[   60.566848][ T4408]  ? workqueue_congested+0x300/0x300
[   60.572124][ T4408]  ? assign_work+0x1a0/0x250
[   60.576703][ T4408]  worker_thread+0x8b6/0x1290
[   60.581369][ T4408]  ? process_one_work+0x15f0/0x15f0
[   60.586553][ T4408]  kthread+0x2c1/0x3a0
[   60.590605][ T4408]  ? trace_irq_enable.constprop.0+0xe0/0x110
[   60.596575][ T4408]  ? kthread_complete_and_exit+0x40/0x40
[   60.602193][ T4408]  ret_from_fork+0x45/0x80
[   60.606606][ T4408]  ? kthread_complete_and_exit+0x40/0x40
[   60.612245][ T4408]  ret_from_fork_asm+0x11/0x20
[   60.617000][ T4408]  </TASK>
[   60.620184][ T4408] Kernel Offset: disabled
[   60.624513][ T4408] Rebooting in 86400 seconds..