./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1228682247

<...>
Warning: Permanently added '10.128.1.14' (ECDSA) to the list of known hosts.
execve("./syz-executor1228682247", ["./syz-executor1228682247"], 0x7fff2f65ecd0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555f0d000
brk(0x555555f0dc40)                     = 0x555555f0dc40
arch_prctl(ARCH_SET_FS, 0x555555f0d300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1228682247", 4096) = 28
brk(0x555555f2ec40)                     = 0x555555f2ec40
brk(0x555555f2f000)                     = 0x555555f2f000
mprotect(0x7fa3b5ab1000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f0d5d0) = 4996
./strace-static-x86_64: Process 4996 attached
[pid  4996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  4996] setpgid(0, 0)               = 0
[pid  4996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  4996] write(3, "1000", 4)         = 4
[pid  4996] close(3)                    = 0
[pid  4996] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  4996] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  4996] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  4996] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  4996] recvfrom(5, [{nlmsg_len=2496, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=4996}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x45\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  4996] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4996}, {error=0, msg={nlmsg_len=32, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4996] close(5)                    = 0
[pid  4996] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=9}) = 0
[pid  4996] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x24\x00\x00\x00\x23\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x08\x00\x03\x00\x09\x00\x00\x00\x08\x00\x05\x00\x02\x00\x00\x00", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 36
[pid  4996] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
[pid  4996] sendto(5, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  4996] recvfrom(5, [{nlmsg_len=2496, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=-238593192}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x45\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid  4996] recvfrom(5, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=-238593192}, {error=0, msg={nlmsg_len=32, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  4996] close(5)                    = 0
[pid  4996] ioctl(3, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=9}) = 0
[pid  4996] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x24\x00\x00\x00\x23\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x08\x00\x03\x00\x09\x00\x00\x00\x08\x00\x05\x00\x0b\x00\x00\x00", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 36
[pid  4996] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5
[   63.419213][ T4996] netlink: 'syz-executor122': attribute type 27 has an invalid length.
[   63.668365][ T5006] ------------[ cut here ]------------
[   63.674243][ T5006] wlan1: Failed check-sdata-in-driver check, flags: 0x0
[   63.682136][ T5006] WARNING: CPU: 1 PID: 5006 at net/mac80211/main.c:236 ieee80211_bss_info_change_notify+0x491/0x650
[   63.693423][ T5006] Modules linked in:
[   63.697368][ T5006] CPU: 1 PID: 5006 Comm: syz-executor122 Not tainted 6.4.0-rc3-syzkaller-00004-g421ca22e3138 #0
[   63.707962][ T5006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   63.718104][ T5006] RIP: 0010:ieee80211_bss_info_change_notify+0x491/0x650
[   63.725237][ T5006] Code: 45 c4 bf f7 49 8b 86 f8 08 00 00 49 81 c6 18 09 00 00 48 85 c0 4c 0f 45 f0 48 c7 c7 60 8c ee 8b 4c 89 f6 89 ea e8 6f 72 2f f7 <0f> 0b e9 12 fc ff ff e8 f3 ef 67 f7 0f 0b e9 44 fe ff ff e8 e7 ef
[   63.744972][ T5006] RSP: 0018:ffffc90003abf1d8 EFLAGS: 00010246
[   63.751108][ T5006] RAX: 1b0cbd7c5479af00 RBX: 0000000000400000 RCX: ffff888013f95940
[   63.759190][ T5006] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   63.767251][ T5006] RBP: 0000000000000000 R08: ffffffff815301a2 R09: ffffed1017325163
[   63.775334][ T5006] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802121a918
[   63.783387][ T5006] R13: ffff8880217b8de0 R14: ffff888021218000 R15: dffffc0000000000
[   63.791400][ T5006] FS:  0000555555f0d300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   63.805220][ T5006] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   63.811937][ T5006] CR2: 0000000020000200 CR3: 000000007750a000 CR4: 00000000003506e0
[   63.820014][ T5006] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   63.828069][ T5006] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   63.836158][ T5006] Call Trace:
[   63.839470][ T5006]  <TASK>
[   63.842448][ T5006]  ieee80211_ocb_leave+0x26e/0x320
[   63.847673][ T5006]  __cfg80211_leave_ocb+0x220/0x410
[   63.853555][ T5006]  cfg80211_leave_ocb+0x58/0x70
[   63.858460][ T5006]  cfg80211_change_iface+0x53e/0xf80
[   63.863884][ T5006]  nl80211_set_interface+0x5fe/0x880
[   63.869239][ T5006]  ? nl80211_dump_interface+0x6a0/0x6a0
[   63.874902][ T5006]  ? mutex_lock_nested+0x1b/0x20
[   63.879881][ T5006]  genl_rcv_msg+0xc33/0xf90
[   63.884487][ T5006]  ? genl_bind+0x360/0x360
[   63.888950][ T5006]  ? __stack_depot_save+0x20/0x650
[   63.894173][ T5006]  ? mark_lock+0x9a/0x340
[   63.898550][ T5006]  ? __alloc_skb+0x1b1/0x420
[   63.903234][ T5006]  ? mark_lock+0x9a/0x340
[   63.907615][ T5006]  ? rdev_mod_link_station+0x2e0/0x2e0
[   63.913168][ T5006]  ? nl80211_dump_interface+0x6a0/0x6a0
[   63.918750][ T5006]  ? nl80211_pre_doit+0x8a0/0x8a0
[   63.923904][ T5006]  netlink_rcv_skb+0x1df/0x430
[   63.928715][ T5006]  ? genl_bind+0x360/0x360
[   63.933225][ T5006]  ? netlink_ack+0x12a0/0x12a0
[   63.938043][ T5006]  ? __lock_acquire+0x2000/0x2000
[   63.943207][ T5006]  ? down_read+0x1b5/0x2f0
[   63.947668][ T5006]  ? genl_rcv+0xd/0x40
[   63.951777][ T5006]  genl_rcv+0x28/0x40
[   63.955851][ T5006]  netlink_unicast+0x7c3/0x990
[   63.960666][ T5006]  ? netlink_detachskb+0x90/0x90
[   63.965684][ T5006]  ? __virt_addr_valid+0x22f/0x2e0
[   63.970843][ T5006]  ? __phys_addr_symbol+0x2f/0x70
[   63.975948][ T5006]  ? __check_object_size+0x4e1/0xa40
[   63.981252][ T5006]  ? bpf_lsm_netlink_send+0x9/0x10
[   63.986420][ T5006]  netlink_sendmsg+0xa2a/0xd60
[   63.991229][ T5006]  ? netlink_getsockopt+0x5e0/0x5e0
[   63.996512][ T5006]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   64.001828][ T5006]  ? security_socket_sendmsg+0x81/0xa0
[   64.007357][ T5006]  ? netlink_getsockopt+0x5e0/0x5e0
[   64.012650][ T5006]  ____sys_sendmsg+0x58f/0x890
[   64.017444][ T5006]  ? __sys_sendmsg_sock+0x30/0x30
[   64.022477][ T5006]  __sys_sendmsg+0x2ad/0x390
[   64.027126][ T5006]  ? ____sys_sendmsg+0x890/0x890
[   64.032091][ T5006]  ? print_irqtrace_events+0x220/0x220
[   64.037604][ T5006]  ? ptrace_stop+0x75a/0x970
[   64.042224][ T5006]  ? _raw_spin_unlock_irq+0x2e/0x50
[   64.047488][ T5006]  ? ptrace_notify+0x278/0x380
[   64.052298][ T5006]  ? syscall_enter_from_user_mode+0x32/0x230
[   64.058346][ T5006]  ? syscall_enter_from_user_mode+0x8c/0x230
[   64.064376][ T5006]  do_syscall_64+0x41/0xc0
[   64.068806][ T5006]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   64.074793][ T5006] RIP: 0033:0x7fa3b5a44a99
[   64.079247][ T5006] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   64.099322][ T5006] RSP: 002b:00007ffecc6f74a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.107790][ T5006] RAX: ffffffffffffffda RBX: 000000000000f760 RCX: 00007fa3b5a44a99
[   64.115844][ T5006] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004
[   64.123889][ T5006] RBP: 0000000000000000 R08: 00007ffecc6f7648 R09: 00007ffecc6f7648
[   64.131909][ T5006] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffecc6f74bc
[   64.139973][ T5006] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   64.148025][ T5006]  </TASK>
[   64.151069][ T5006] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   64.158360][ T5006] CPU: 1 PID: 5006 Comm: syz-executor122 Not tainted 6.4.0-rc3-syzkaller-00004-g421ca22e3138 #0
[   64.168779][ T5006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   64.178837][ T5006] Call Trace:
[   64.182118][ T5006]  <TASK>
[   64.185053][ T5006]  dump_stack_lvl+0x1e7/0x2d0
[   64.189768][ T5006]  ? nf_tcp_handle_invalid+0x650/0x650
[   64.195320][ T5006]  ? panic+0x770/0x770
[   64.199405][ T5006]  ? vscnprintf+0x5d/0x80
[   64.203749][ T5006]  panic+0x30f/0x770
[   64.207669][ T5006]  ? __warn+0x171/0x4a0
[   64.211836][ T5006]  ? __memcpy_flushcache+0x2b0/0x2b0
[   64.217141][ T5006]  __warn+0x314/0x4a0
[   64.221131][ T5006]  ? ieee80211_bss_info_change_notify+0x491/0x650
[   64.227565][ T5006]  report_bug+0x2b3/0x500
[   64.231900][ T5006]  ? ieee80211_bss_info_change_notify+0x491/0x650
[   64.238333][ T5006]  handle_bug+0x3d/0x70
[   64.242505][ T5006]  exc_invalid_op+0x1a/0x50
[   64.247020][ T5006]  asm_exc_invalid_op+0x1a/0x20
[   64.251869][ T5006] RIP: 0010:ieee80211_bss_info_change_notify+0x491/0x650
[   64.258907][ T5006] Code: 45 c4 bf f7 49 8b 86 f8 08 00 00 49 81 c6 18 09 00 00 48 85 c0 4c 0f 45 f0 48 c7 c7 60 8c ee 8b 4c 89 f6 89 ea e8 6f 72 2f f7 <0f> 0b e9 12 fc ff ff e8 f3 ef 67 f7 0f 0b e9 44 fe ff ff e8 e7 ef
[   64.278604][ T5006] RSP: 0018:ffffc90003abf1d8 EFLAGS: 00010246
[   64.284682][ T5006] RAX: 1b0cbd7c5479af00 RBX: 0000000000400000 RCX: ffff888013f95940
[   64.292653][ T5006] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   64.300621][ T5006] RBP: 0000000000000000 R08: ffffffff815301a2 R09: ffffed1017325163
[   64.308596][ T5006] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802121a918
[   64.316568][ T5006] R13: ffff8880217b8de0 R14: ffff888021218000 R15: dffffc0000000000
[   64.324543][ T5006]  ? __warn_printk+0x292/0x360
[   64.329316][ T5006]  ? ieee80211_bss_info_change_notify+0x491/0x650
[   64.335754][ T5006]  ieee80211_ocb_leave+0x26e/0x320
[   64.340872][ T5006]  __cfg80211_leave_ocb+0x220/0x410
[   64.346081][ T5006]  cfg80211_leave_ocb+0x58/0x70
[   64.350934][ T5006]  cfg80211_change_iface+0x53e/0xf80
[   64.356254][ T5006]  nl80211_set_interface+0x5fe/0x880
[   64.361551][ T5006]  ? nl80211_dump_interface+0x6a0/0x6a0
[   64.367109][ T5006]  ? mutex_lock_nested+0x1b/0x20
[   64.372062][ T5006]  genl_rcv_msg+0xc33/0xf90
[   64.376579][ T5006]  ? genl_bind+0x360/0x360
[   64.380998][ T5006]  ? __stack_depot_save+0x20/0x650
[   64.386138][ T5006]  ? mark_lock+0x9a/0x340
[   64.390480][ T5006]  ? __alloc_skb+0x1b1/0x420
[   64.395079][ T5006]  ? mark_lock+0x9a/0x340
[   64.399427][ T5006]  ? rdev_mod_link_station+0x2e0/0x2e0
[   64.404906][ T5006]  ? nl80211_dump_interface+0x6a0/0x6a0
[   64.410544][ T5006]  ? nl80211_pre_doit+0x8a0/0x8a0
[   64.415585][ T5006]  netlink_rcv_skb+0x1df/0x430
[   64.420350][ T5006]  ? genl_bind+0x360/0x360
[   64.424782][ T5006]  ? netlink_ack+0x12a0/0x12a0
[   64.429567][ T5006]  ? __lock_acquire+0x2000/0x2000
[   64.434618][ T5006]  ? down_read+0x1b5/0x2f0
[   64.439130][ T5006]  ? genl_rcv+0xd/0x40
[   64.443209][ T5006]  genl_rcv+0x28/0x40
[   64.447219][ T5006]  netlink_unicast+0x7c3/0x990
[   64.452057][ T5006]  ? netlink_detachskb+0x90/0x90
[   64.457023][ T5006]  ? __virt_addr_valid+0x22f/0x2e0
[   64.462154][ T5006]  ? __phys_addr_symbol+0x2f/0x70
[   64.467188][ T5006]  ? __check_object_size+0x4e1/0xa40
[   64.472473][ T5006]  ? bpf_lsm_netlink_send+0x9/0x10
[   64.477589][ T5006]  netlink_sendmsg+0xa2a/0xd60
[   64.482367][ T5006]  ? netlink_getsockopt+0x5e0/0x5e0
[   64.487578][ T5006]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   64.492872][ T5006]  ? security_socket_sendmsg+0x81/0xa0
[   64.498333][ T5006]  ? netlink_getsockopt+0x5e0/0x5e0
[   64.503541][ T5006]  ____sys_sendmsg+0x58f/0x890
[   64.508327][ T5006]  ? __sys_sendmsg_sock+0x30/0x30
[   64.513395][ T5006]  __sys_sendmsg+0x2ad/0x390
[   64.518019][ T5006]  ? ____sys_sendmsg+0x890/0x890
[   64.522992][ T5006]  ? print_irqtrace_events+0x220/0x220
[   64.528475][ T5006]  ? ptrace_stop+0x75a/0x970
[   64.533089][ T5006]  ? _raw_spin_unlock_irq+0x2e/0x50
[   64.538318][ T5006]  ? ptrace_notify+0x278/0x380
[   64.543104][ T5006]  ? syscall_enter_from_user_mode+0x32/0x230
[   64.549092][ T5006]  ? syscall_enter_from_user_mode+0x8c/0x230
[   64.555082][ T5006]  do_syscall_64+0x41/0xc0
[   64.559511][ T5006]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   64.565402][ T5006] RIP: 0033:0x7fa3b5a44a99
[   64.569819][ T5006] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   64.589468][ T5006] RSP: 002b:00007ffecc6f74a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.597897][ T5006] RAX: ffffffffffffffda RBX: 000000000000f760 RCX: 00007fa3b5a44a99
[   64.605875][ T5006] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004
[   64.613855][ T5006] RBP: 0000000000000000 R08: 00007ffecc6f7648 R09: 00007ffecc6f7648
[   64.621832][ T5006] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffecc6f74bc
[   64.629896][ T5006] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   64.637917][ T5006]  </TASK>
[   64.641144][ T5006] Kernel Offset: disabled
[   64.645557][ T5006] Rebooting in 86400 seconds..