./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1795459526

<...>
Warning: Permanently added '10.128.1.56' (ED25519) to the list of known hosts.
execve("./syz-executor1795459526", ["./syz-executor1795459526"], 0x7ffd7b19f950 /* 10 vars */) = 0
brk(NULL)                               = 0x5555556f5000
brk(0x5555556f5d00)                     = 0x5555556f5d00
arch_prctl(ARCH_SET_FS, 0x5555556f5380) = 0
set_tid_address(0x5555556f5650)         = 5021
set_robust_list(0x5555556f5660, 24)     = 0
rseq(0x5555556f5ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1795459526", 4096) = 28
getrandom("\xa6\xbf\xe6\x26\xfb\xd0\x23\xea", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555556f5d00
brk(0x555555716d00)                     = 0x555555716d00
brk(0x555555717000)                     = 0x555555717000
mprotect(0x7f05d97b8000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5022 attached
, child_tidptr=0x5555556f5650) = 5022
[pid  5022] set_robust_list(0x5555556f5660, 24) = 0
[pid  5022] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5022] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5022] setsid()                    = 1
[pid  5022] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5022] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5022] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5022] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5022] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5022] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5022] unshare(CLONE_NEWNS)        = 0
[pid  5022] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5022] unshare(CLONE_NEWIPC)       = 0
[pid  5022] unshare(CLONE_NEWCGROUP)    = 0
[pid  5022] unshare(CLONE_NEWUTS)       = 0
[pid  5022] unshare(CLONE_SYSVSEM)      = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "16777216", 8)     = 8
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "536870912", 9)    = 9
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "1024", 4)         = 4
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "8192", 4)         = 4
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "1024", 4)         = 4
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "1024", 4)         = 4
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5022] close(3)                    = 0
[pid  5022] getpid()                    = 1
[pid  5022] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5022] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5022] unshare(CLONE_NEWNET)       = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "0 65535", 7)      = 7
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid  5022] dup2(3, 200)                = 200
[pid  5022] close(3)                    = 0
[pid  5022] ioctl(200, TUNSETIFF, 0x7ffc24048240) = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "0", 1)            = 1
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid  5022] write(3, "0", 1)            = 1
[pid  5022] close(3)                    = 0
[pid  5022] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] close(3)                    = 0
[pid  5022] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid  5022] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid  5022] close(3)                    = 0
[pid  5022] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5022] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5022] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x29\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1c\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5022] recvfrom(3, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] sendto(3, [{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5022] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=12}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5022] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5022] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] sendto(3, [{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5022] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=13}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0d\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5022] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5022] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0d\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5022] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=12}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5022] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5022] recvfrom(4, [{nlmsg_len=1444, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1444
[   45.696699][   T22] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.704858][   T22] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.732831][   T22] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[pid  5022] close(4)                    = 0
[pid  5022] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5022] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=13}) = 0
[pid  5022] close(4)                    = 0
[pid  5022] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5022] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5022] recvfrom(4, [{nlmsg_len=1444, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0d\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1444
[pid  5022] close(4)                    = 0
[pid  5022] close(3)                    = 0
[pid  5022] mkdir("/dev/binderfs", 0777) = 0
[pid  5022] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5022] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5022] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5022] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5022] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5022] recvfrom(4, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  5022] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] close(4)                    = 0
[pid  5022] ioctl(3, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=13}) = 0
[pid  5022] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x24\x00\x00\x00\x23\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x08\x00\x03\x00\x0d\x00\x00\x00\x08\x00\x05\x00\x02\x00\x00\x00", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 36
[pid  5022] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x3c\x00\x00\x00\x23\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x2e\x00\x00\x00\x08\x00\x03\x00\x0d\x00\x00\x00\x0a\x00\x34\x00\x02\x02\x02\x02\x02\x02\x00\x00\x04\x00\xd0\x00\x08\x00\x35\x00\x00\x00\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00", iov_len=60}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 60
[pid  5022] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5022] sendto(4, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5022] recvfrom(4, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=-801279833}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x29\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1c\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5022] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=-801279833}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] sendto(4, [{nlmsg_len=20, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x01\x00\x00\x00"], 20, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 20
[pid  5022] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=-801279833}, {error=0, msg={nlmsg_len=20, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5022] sendto(4, [{nlmsg_len=108, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00\x08\x00\x06\x00\x00\x00\x00\x00\x0a\x00\x01\x00\x08\x02\x11\x00\x00\x01\x00\x00\x3a\x00\x03\x00\x50\x00\x00\x00\x08\x02\x11\x00\x00\x01\x08\x02\x11\x00\x00\x00\x08\x02\x11\x00\x00\x01\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x64\x00\x01\x00\x00\x06\x02\x02\x02\x02\x02\x02\x01\x08\x82\x84\x8b\x96\x0c\x12\x18\x24\x00\x00"], 108, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 108
[pid  5022] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=-801279833}, {error=0, msg={nlmsg_len=108, nlmsg_type=0x29 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[   45.741003][   T22] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid  5022] close(4)                    = 0
[pid  5022] exit_group(1)               = ?
[   45.784174][ T5022] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   45.821676][    T7] wlan1: authenticate with 08:02:11:00:00:01
[   45.828478][    T7] ------------[ cut here ]------------
[   45.834080][    T7] WARNING: CPU: 0 PID: 7 at net/mac80211/sta_info.c:728 sta_info_insert_rcu+0x20d/0x1970
[   45.844003][    T7] Modules linked in:
[   45.847903][    T7] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.5.0-rc7-syzkaller-00104-g4f9e7fabf864 #0
[   45.857755][    T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   45.867879][    T7] Workqueue: events cfg80211_conn_work
[   45.873748][    T7] RIP: 0010:sta_info_insert_rcu+0x20d/0x1970
[   45.879740][    T7] Code: f7 45 85 ff 74 1f e8 22 d2 df f7 45 89 e7 31 ff 41 83 e7 01 44 89 fe e8 41 cd df f7 45 84 ff 0f 84 f6 00 00 00 e8 03 d2 df f7 <0f> 0b c7 44 24 08 ea ff ff ff e8 f4 d1 df f7 48 8b 7c 24 20 4c 89
[   45.899504][    T7] RSP: 0018:ffffc900000c71f0 EFLAGS: 00010293
[   45.905605][    T7] RAX: 0000000000000000 RBX: ffff8880279c0c80 RCX: 0000000000000000
[   45.913630][    T7] RDX: ffff888016643b80 RSI: ffffffff89a6369d RDI: 0000000000000005
[   45.921624][    T7] RBP: 0000000000000100 R08: 0000000000000005 R09: 0000000000000000
[   45.929755][    T7] R10: 0000000000000000 R11: 000000000000000f R12: 0000000000110208
[   45.937770][    T7] R13: ffff88807ca0c048 R14: ffff88807ca0c000 R15: 0000000000000000
[   45.945777][    T7] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   45.954750][    T7] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   45.961358][    T7] CR2: 00007f05d97c0270 CR3: 000000000c776000 CR4: 0000000000350ef0
[   45.969398][    T7] Call Trace:
[   45.972718][    T7]  <TASK>
[   45.975650][    T7]  ? __warn+0xe6/0x380
[   45.979701][    T7]  ? sta_info_insert_rcu+0x20d/0x1970
[   45.985145][    T7]  ? report_bug+0x3bc/0x580
[   45.989689][    T7]  ? handle_bug+0x3c/0x70
[   45.994088][    T7]  ? exc_invalid_op+0x17/0x40
[   45.998789][    T7]  ? asm_exc_invalid_op+0x1a/0x20
[   46.003974][    T7]  ? sta_info_insert_rcu+0x20d/0x1970
[   46.010131][    T7]  ? sta_info_insert_rcu+0x20d/0x1970
[   46.015504][    T7]  sta_info_insert+0x16/0xd0
[   46.020181][    T7]  ieee80211_prep_connection+0xb51/0x14f0
[   46.025991][    T7]  ieee80211_mgd_auth+0xa1a/0x1490
[   46.031178][    T7]  ? reacquire_held_locks+0x4b0/0x4b0
[   46.036562][    T7]  ? ieee80211_mlme_notify_scan_completed+0x3b0/0x3b0
[   46.043363][    T7]  ? mark_held_locks+0x9f/0xe0
[   46.048140][    T7]  ? rcu_is_watching+0x12/0xb0
[   46.052962][    T7]  cfg80211_mlme_auth+0x3b3/0x710
[   46.058011][    T7]  cfg80211_conn_do_work+0x64e/0xfe0
[   46.063346][    T7]  ? cfg80211_conn_scan+0x1020/0x1020
[   46.068774][    T7]  ? arch_stack_walk+0x8b/0xf0
[   46.073602][    T7]  cfg80211_conn_work+0x29c/0x3f0
[   46.078678][    T7]  ? __cfg80211_connect_result+0x2c40/0x2c40
[   46.084718][    T7]  ? save_trace+0x2ff/0xb30
[   46.089253][    T7]  ? _find_first_zero_bit+0x94/0xb0
[   46.094499][    T7]  ? add_lock_to_list+0x17d/0x380
[   46.099632][    T7]  ? lockdep_unlock+0x11b/0x290
[   46.104517][    T7]  ? __lock_acquire+0x250f/0x5de0
[   46.109566][    T7]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   46.115627][    T7]  ? lock_sync+0x190/0x190
[   46.120180][    T7]  ? reacquire_held_locks+0x4b0/0x4b0
[   46.125570][    T7]  ? do_raw_spin_lock+0x12e/0x2b0
[   46.130685][    T7]  ? spin_bug+0x1d0/0x1d0
[   46.135036][    T7]  process_one_work+0xaa2/0x16f0
[   46.140013][    T7]  ? wiphy_rfkill_start_polling+0x100/0x100
[   46.145922][    T7]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   46.151352][    T7]  ? spin_bug+0x1d0/0x1d0
[   46.155700][    T7]  worker_thread+0x687/0x1110
[   46.160420][    T7]  ? process_one_work+0x16f0/0x16f0
[   46.165632][    T7]  kthread+0x33a/0x430
[   46.169687][    T7]  ? kthread_complete_and_exit+0x40/0x40
[   46.175373][    T7]  ret_from_fork+0x2c/0x70
[   46.179933][    T7]  ? kthread_complete_and_exit+0x40/0x40
[   46.185570][    T7]  ret_from_fork_asm+0x11/0x20
[   46.190417][    T7]  </TASK>
[   46.193441][    T7] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   46.200699][    T7] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.5.0-rc7-syzkaller-00104-g4f9e7fabf864 #0
[   46.210486][    T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   46.220522][    T7] Workqueue: events cfg80211_conn_work
[   46.225974][    T7] Call Trace:
[   46.229232][    T7]  <TASK>
[   46.232434][    T7]  dump_stack_lvl+0xd9/0x1b0
[   46.237012][    T7]  panic+0x6a4/0x750
[   46.240895][    T7]  ? panic_smp_self_stop+0xa0/0xa0
[   46.246092][    T7]  ? show_trace_log_lvl+0x29d/0x3c0
[   46.251288][    T7]  ? sta_info_insert_rcu+0x20d/0x1970
[   46.256663][    T7]  check_panic_on_warn+0xab/0xb0
[   46.261623][    T7]  __warn+0xf2/0x380
[   46.265520][    T7]  ? sta_info_insert_rcu+0x20d/0x1970
[   46.270892][    T7]  report_bug+0x3bc/0x580
[   46.275216][    T7]  handle_bug+0x3c/0x70
[   46.279365][    T7]  exc_invalid_op+0x17/0x40
[   46.283880][    T7]  asm_exc_invalid_op+0x1a/0x20
[   46.288744][    T7] RIP: 0010:sta_info_insert_rcu+0x20d/0x1970
[   46.294723][    T7] Code: f7 45 85 ff 74 1f e8 22 d2 df f7 45 89 e7 31 ff 41 83 e7 01 44 89 fe e8 41 cd df f7 45 84 ff 0f 84 f6 00 00 00 e8 03 d2 df f7 <0f> 0b c7 44 24 08 ea ff ff ff e8 f4 d1 df f7 48 8b 7c 24 20 4c 89
[   46.314466][    T7] RSP: 0018:ffffc900000c71f0 EFLAGS: 00010293
[   46.320550][    T7] RAX: 0000000000000000 RBX: ffff8880279c0c80 RCX: 0000000000000000
[   46.328524][    T7] RDX: ffff888016643b80 RSI: ffffffff89a6369d RDI: 0000000000000005
[   46.336494][    T7] RBP: 0000000000000100 R08: 0000000000000005 R09: 0000000000000000
[   46.344480][    T7] R10: 0000000000000000 R11: 000000000000000f R12: 0000000000110208
[   46.352447][    T7] R13: ffff88807ca0c048 R14: ffff88807ca0c000 R15: 0000000000000000
[   46.360421][    T7]  ? sta_info_insert_rcu+0x20d/0x1970
[   46.365812][    T7]  sta_info_insert+0x16/0xd0
[   46.370425][    T7]  ieee80211_prep_connection+0xb51/0x14f0
[   46.376152][    T7]  ieee80211_mgd_auth+0xa1a/0x1490
[   46.381260][    T7]  ? reacquire_held_locks+0x4b0/0x4b0
[   46.386718][    T7]  ? ieee80211_mlme_notify_scan_completed+0x3b0/0x3b0
[   46.393484][    T7]  ? mark_held_locks+0x9f/0xe0
[   46.398271][    T7]  ? rcu_is_watching+0x12/0xb0
[   46.403070][    T7]  cfg80211_mlme_auth+0x3b3/0x710
[   46.408096][    T7]  cfg80211_conn_do_work+0x64e/0xfe0
[   46.413413][    T7]  ? cfg80211_conn_scan+0x1020/0x1020
[   46.418856][    T7]  ? arch_stack_walk+0x8b/0xf0
[   46.423691][    T7]  cfg80211_conn_work+0x29c/0x3f0
[   46.428738][    T7]  ? __cfg80211_connect_result+0x2c40/0x2c40
[   46.434761][    T7]  ? save_trace+0x2ff/0xb30
[   46.439290][    T7]  ? _find_first_zero_bit+0x94/0xb0
[   46.444500][    T7]  ? add_lock_to_list+0x17d/0x380
[   46.449566][    T7]  ? lockdep_unlock+0x11b/0x290
[   46.454420][    T7]  ? __lock_acquire+0x250f/0x5de0
[   46.459548][    T7]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   46.465544][    T7]  ? lock_sync+0x190/0x190
[   46.469985][    T7]  ? reacquire_held_locks+0x4b0/0x4b0
[   46.475357][    T7]  ? do_raw_spin_lock+0x12e/0x2b0
[   46.480383][    T7]  ? spin_bug+0x1d0/0x1d0
[   46.484733][    T7]  process_one_work+0xaa2/0x16f0
[   46.489668][    T7]  ? wiphy_rfkill_start_polling+0x100/0x100
[   46.495566][    T7]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   46.500952][    T7]  ? spin_bug+0x1d0/0x1d0
[   46.505300][    T7]  worker_thread+0x687/0x1110
[   46.509981][    T7]  ? process_one_work+0x16f0/0x16f0
[   46.515431][    T7]  kthread+0x33a/0x430
[   46.519490][    T7]  ? kthread_complete_and_exit+0x40/0x40
[   46.525380][    T7]  ret_from_fork+0x2c/0x70
[   46.529788][    T7]  ? kthread_complete_and_exit+0x40/0x40
[   46.535411][    T7]  ret_from_fork_asm+0x11/0x20
[   46.540208][    T7]  </TASK>
[   46.543783][    T7] Kernel Offset: disabled
[   46.548196][    T7] Rebooting in 86400 seconds..