program: memfd_create(&(0x7f0000000080)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\xb6[@8\xd7\xcc\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5\x00\x00\x00\x00\x00\x00\x00\x05L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xa6\x81\x00t\xd0u\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xaaw\xbe\xd0\xd0\xc8d\x96G\xcf\x066\x84\x82-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10\x04\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xabV\x1f\xbb\xa2hJE\xb5\xc0\xe5\x95\xad\xa8\xcdo\x9b\x7f|G\xc4\xd2o\x94a:\x95\x9csLp\xde\xc3\x1dqd=\x95c\xb3\x1f\xc4\xe1\n\x83\xf7\vS\xb4\x06', 0x7) r0 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e00ffff0000000000000000000040000000000000000000000000000000000000000000380002"], 0x78) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, &(0x7f0000000380)={0x6, 0x2}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) r4 = socket$kcm(0x10, 0x2, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r5, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0xf84}, 0x1c) sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000800)="39000000140081ae00003c000500218311001fa2660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb301000000dbb7d553b4e92155", 0x39}], 0x1}, 0x20000050) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008800}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='00'], 0x30}, 0x1, 0x0, 0x0, 0x18004}, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r11, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000800000001a000000280022800414008004000080040000808341f1680200008014000080040000800400008004000080060021"], 0x44}}, 0x0) r12 = socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r13, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r14}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r13, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r14}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r9, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000440)={&(0x7f0000000740)={0x34c, r2, 0x1, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r15}, @val={0xc, 0x99, {0x5, 0x7a}}}}, [@NL80211_ATTR_TX_RATES={0x198, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x7c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x2, 0xdad0, 0x2, 0xd221, 0x4, 0x6, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x8, 0xb, 0x4, 0x1000, 0xb576, 0xff, 0x9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x5, 0x401, 0x2, 0x2693, 0xa, 0x7fff, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x1a, 0x2, [{0x0, 0x1}, {0x6, 0x1}, {0x5, 0x7}, {0x0, 0x8}, {0x6, 0x9}, {0x6, 0x6}, {0x7, 0x9}, {0x6, 0x5}, {0x1, 0x2}, {0x7, 0xa}, {0x3, 0x7}, {0x5, 0x5}, {0x2, 0x2}, {0x1, 0x1}, {0x0, 0xa}, {0x5, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x3, 0x5}, {0x2, 0x16}, {0x0, 0x4}, {0x7, 0x9}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x6, 0x2, [{0x3, 0x8}, {0x3, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1ff, 0xa7, 0x400, 0xcdb6, 0x9, 0xfffe, 0x5, 0x8001]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x8, 0x1ba, 0x6, 0x0, 0x2, 0x4a8, 0x81]}}]}, @NL80211_BAND_6GHZ={0x84, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xa, 0x8, 0x5, 0x1, 0x10, 0x13e7, 0x7ff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x4f, 0x2, [{0x5, 0x6}, {0x6, 0x9}, {0x4, 0xa}, {0x6, 0x5}, {0x1, 0x7}, {0x6, 0x9}, {0x3, 0x8}, {0x5}, {0x2, 0x5}, {0x3, 0x5}, {0x6, 0x2}, {0x2, 0x3}, {0x0, 0x9}, {0x5, 0x1}, {0x5, 0x7}, {0x6, 0x3}, {0x2, 0xa}, {0x0, 0x8}, {0x6, 0x1}, {0x4, 0x5}, {0x1, 0x9}, {0x3, 0x7}, {0x0, 0xa}, {0x6, 0x7}, {0x2, 0x1}, {0x2, 0x4}, {0x1, 0x9}, {0x7, 0x4}, {0x1, 0x1}, {0x6, 0x4}, {0x1, 0x4}, {0x7, 0x7}, {0x5, 0x3}, {0x4, 0x6}, {0x2, 0x6}, {0x1, 0x9}, {0x5, 0xa}, {0x3, 0x9}, {0x5, 0x8}, {0x5, 0x1}, {0x6, 0x5}, {0x2, 0x1}, {0x6, 0x4}, {0x1, 0x1a}, {0x7, 0x5}, {}, {0x5, 0x2}, {0x6, 0x2}, {0x1, 0x3}, {0x1, 0x1}, {0x2, 0x4}, {0x3}, {0x3, 0x8}, {0x0, 0x4}, {0x6, 0x1}, {0x0, 0x5}, {0x2}, {0x7, 0x6}, {0x5, 0x2}, {0x1, 0x4}, {0x1, 0x1}, {}, {0x6, 0x6}, {0x3, 0x3}, {0x4, 0x4}, {0x1, 0x8}, {0x1, 0x5}, {0x3, 0x3}, {0x2, 0x6}, {0x6, 0x2}, {0x2, 0x7}, {0x0, 0x6}, {0x5, 0x4}, {0x2, 0x3}, {0x4, 0x11}]}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x3, 0x30, 0x18, 0xb, 0x2, 0x0, 0x3, 0xb]}]}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_5GHZ={0x5c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x8f, 0x0, 0x3, 0x0, 0x3, 0x0, 0x6]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0xc4c0, 0x121, 0x8, 0x6a9f, 0x9, 0x5, 0x3ab1]}}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x9, 0x2a, 0x16, 0x12, 0x18, 0x26, 0x18, 0x9, 0x36, 0x12, 0x6c, 0x12, 0x12, 0x12, 0x18, 0x16, 0x2]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x5}]}]}, @NL80211_ATTR_TX_RATES={0x4}, @NL80211_ATTR_TX_RATES={0x188, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x200, 0x4, 0x3, 0x6, 0x7, 0xff01, 0x8, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x51, 0x2, [{0x7, 0x7}, {0x7, 0x5}, {0x0, 0x1}, {0x6, 0x6}, {0x3, 0x6}, {0x0, 0x7}, {0x6}, {0x3, 0x5}, {0x4, 0x7}, {0x2, 0x3}, {0x5, 0x4}, {0x0, 0x5}, {0x3, 0x6}, {0x1}, {0x3, 0x7}, {0x6, 0x7}, {0x6, 0x2}, {0x7, 0x4}, {0x1, 0x7}, {0x7, 0x1}, {0x2}, {0x6, 0x2}, {0x1, 0x6}, {0x2}, {}, {0x4, 0x4}, {0x1, 0x6}, {0x0, 0x2}, {0x0, 0x3}, {}, {0x1, 0x7}, {0x5, 0x9}, {0x2, 0xa}, {0x1, 0x2}, {0x0, 0x2}, {0x4, 0x7}, {0x7, 0x1}, {0x3, 0x6}, {0x5, 0x6}, {0x4, 0x9}, {0x3, 0x4}, {0x4, 0xa}, {0x4, 0x9}, {0x7, 0x2}, {0x3, 0xa}, {0x1, 0x3}, {0x5, 0x9}, {0x4, 0x4}, {0x2, 0xa}, {0x4, 0x1}, {0x5}, {0x1, 0x5}, {0x3, 0x6}, {0x4, 0x5}, {0x0, 0x6}, {0x1, 0xa}, {0x4, 0xa}, {0x1, 0xa}, {0x2}, {0x2, 0x7}, {0x2, 0x8}, {0x7, 0x14}, {0x3, 0x3}, {0x6, 0x8}, {0x1, 0x1}, {0x0, 0x9}, {0x6, 0x7}, {0x1, 0xa}, {0x5, 0x7}, {0x4, 0x5}, {0x4, 0x5}, {0x2, 0x9}, {0x4}, {0x5, 0xa}, {0x1, 0x7}, {0x0, 0x4}, {0x5, 0x9}]}]}, @NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x3}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x4f, 0x2, [{0x2, 0x7}, {0x2, 0x8}, {0x3, 0x9}, {0x5, 0x4}, {0x5, 0x1}, {0x3, 0x1}, {0x3, 0x2}, {0x3, 0x5}, {0x5, 0x1}, {0x0, 0x4}, {0x3, 0x8}, {0x2, 0x9}, {0x1, 0x8}, {0x5, 0x3}, {0x6, 0x4}, {0x2, 0x2}, {0x2, 0x9}, {0x0, 0x5}, {0x4, 0x3}, {0x7}, {0x0, 0x9}, {0x0, 0x3}, {0x5, 0x3}, {0x5, 0xa}, {0x7, 0x2}, {0x7, 0x6}, {0x2, 0x4}, {0x0, 0x8}, {0x5, 0x1}, {0x4, 0x6}, {0x5, 0x4}, {0x3, 0x3}, {0x2, 0x7}, {0x1, 0x6}, {0x6, 0x8}, {0x1, 0x2}, {0x2, 0x9}, {0x4, 0x4}, {0x7, 0x5}, {0x0, 0x4}, {0x3, 0x3}, {0x3, 0x9}, {0x2}, {0x1}, {0x3, 0x5}, {0x0, 0x8}, {0x0, 0x3}, {0x6, 0x3}, {0x2, 0x4}, {0x0, 0x4}, {0x2, 0x9}, {0x4, 0x5}, {0x2, 0x1}, {0x3, 0x5}, {0x1, 0x9}, {0x4, 0x3}, {0x6, 0x4}, {0x1, 0x2}, {0x1}, {0x7, 0x8}, {0x1, 0x3}, {0x2, 0x5}, {0x7, 0x8}, {0x7, 0x4}, {0x3, 0x4}, {0x1, 0x8}, {0x3, 0x7}, {0x7, 0x4}, {0x2, 0xa}, {0x0, 0x4}, {0x0, 0x8}, {0x7, 0x2}, {0x4}, {0x1, 0x8}, {0x7, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_6GHZ={0xa4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x3, 0x0, 0x859, 0x4434, 0x6, 0xfff8, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x6, 0x3}, {0x0, 0x8}, {0x1, 0x5}, {0x0, 0x9}, {0x4, 0x3}, {0x0, 0xa}, {0x5, 0x1}, {}, {0x4}, {0x1, 0x1}, {0x2, 0x2}, {0x0, 0x6}, {0x1, 0x9}, {0x0, 0x13}, {0x1, 0x4}, {0x0, 0x9}, {0x7, 0x4}, {0x5, 0x1}, {0x1, 0x9}, {0x4, 0xa}, {0x4, 0x1}, {0x0, 0x3}, {0x0, 0x3}, {}, {0x4, 0x8}, {0x5}, {0x6, 0x3}, {0x2, 0x1}, {0x2, 0x4}, {0x7, 0x7}, {0x0, 0x6}, {0x6, 0x7}, {0x4, 0x8}, {0x1, 0x2}, {0x4, 0xa}, {0x5, 0x4}, {0x4, 0x9}, {0x6, 0x2}, {0x1, 0x4}, {0x0, 0x6}, {0x1, 0x8}, {}, {0x3, 0x9}, {0x3, 0x2}, {0x1, 0x4}, {0x5, 0x7}, {0x1, 0x5}, {0x1, 0x7}, {0x5, 0x9}, {0x0, 0x6}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x4}, {0x2, 0x1}, {0x1, 0x3}, {0x5, 0x1}, {0x3, 0x8}, {0x0, 0x6}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbfd6, 0x8, 0xfe, 0x4, 0x3, 0x10, 0x40, 0x8]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe, 0x168, 0x1ff, 0x7, 0x5, 0x1bc, 0x1000, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7ff, 0x101, 0xfffb, 0x6, 0xf0, 0x7, 0x2, 0x7]}}]}]}]}, 0x34c}, 0x1, 0x0, 0x0, 0xd0}, 0x4040000) [ 90.228089][ T4701] Bluetooth: hci0: command tx timeout [ 90.428430][ T5355] af_packet: tpacket_rcv: packet too big, clamped from 57 to 4294967272. macoff=96 [ 90.478859][ T5355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 90.518317][ T5348] ------------[ cut here ]------------ [ 90.520655][ T5348] WARNING: CPU: 0 PID: 5348 at net/mac80211/mlme.c:1120 ieee80211_prep_channel+0x479f/0x5ee0 [ 90.525149][ T5348] Modules linked in: [ 90.526914][ T5348] CPU: 0 UID: 0 PID: 5348 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) [ 90.530729][ T5348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.535366][ T5348] Workqueue: events cfg80211_conn_work [ 90.537695][ T5348] RIP: 0010:ieee80211_prep_channel+0x479f/0x5ee0 [ 90.540659][ T5348] Code: 03 42 80 3c 20 00 74 08 48 89 df e8 4b 02 1a f7 48 83 3b 00 0f 84 79 04 00 00 e8 9c 17 b5 f6 e9 7e 01 00 00 e8 92 17 b5 f6 90 <0f> 0b 90 4c 8b 74 24 70 4c 89 f7 e8 d1 00 0f f7 49 c7 c6 ea ff ff [ 90.549289][ T5348] RSP: 0018:ffffc9000d21eb40 EFLAGS: 00010293 [ 90.551848][ T5348] RAX: ffffffff8b0aa39e RBX: 0000000000000000 RCX: ffff888000892440 [ 90.555379][ T5348] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.558668][ T5348] RBP: ffffc9000d21ef00 R08: ffff888000892440 R09: 000000000000000e [ 90.562560][ T5348] R10: 000000000000000d R11: 0000000000000000 R12: dffffc0000000000 [ 90.567234][ T5348] R13: 1ffff1100a5deceb R14: ffffc9000d21edf0 R15: ffff888052ef6758 [ 90.571491][ T5348] FS: 0000000000000000(0000) GS:ffff88808d210000(0000) knlGS:0000000000000000 [ 90.575674][ T5348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.578640][ T5348] CR2: 000055ad310e4660 CR3: 0000000051660000 CR4: 0000000000352ef0 [ 90.582144][ T5348] Call Trace: [ 90.583618][ T5348] [ 90.585072][ T5348] ? ieee80211_prep_channel+0x206/0x5ee0 [ 90.587549][ T5348] ? __pfx_ieee80211_prep_channel+0x10/0x10 [ 90.590168][ T5348] ? __lruvec_stat_mod_folio+0x79/0x2f0 [ 90.592692][ T5348] ? ieee80211_prep_connection+0x545/0x13f0 [ 90.595526][ T5348] ieee80211_prep_connection+0xdd9/0x13f0 [ 90.598232][ T5348] ? ieee80211_prep_connection+0x545/0x13f0 [ 90.600691][ T5348] ieee80211_mgd_auth+0xee3/0x1770 [ 90.602929][ T5348] ? __lock_acquire+0xab9/0xd20 [ 90.604969][ T5348] ? lockdep_hardirqs_on+0x9c/0x150 [ 90.607175][ T5348] ? __pfx_ieee80211_mgd_auth+0x10/0x10 [ 90.609536][ T5348] ? rcu_is_watching+0x15/0xb0 [ 90.611539][ T5348] cfg80211_mlme_auth+0x62f/0x9c0 [ 90.613458][ T5348] cfg80211_conn_do_work+0x501/0xd10 [ 90.615670][ T5348] ? __pfx_cfg80211_conn_do_work+0x10/0x10 [ 90.618140][ T5348] ? __schedule+0x17ae/0x4cc0 [ 90.620113][ T5348] ? cfg80211_conn_work+0x298/0x460 [ 90.622413][ T5348] cfg80211_conn_work+0x2c0/0x460 [ 90.624654][ T5348] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 90.627249][ T5348] ? __pfx_cfg80211_conn_work+0x10/0x10 [ 90.629588][ T5348] ? stack_trace_save+0x9c/0xe0 [ 90.631762][ T5348] ? __pfx_stack_trace_save+0x10/0x10 [ 90.634076][ T5348] ? check_path+0x21/0x40 [ 90.635912][ T5348] ? lockdep_unlock+0x89/0x120 [ 90.637994][ T5348] ? validate_chain+0x897/0x2140 [ 90.640156][ T5348] ? __lock_acquire+0xab9/0xd20 [ 90.642555][ T5348] ? process_scheduled_works+0x9ef/0x17b0 [ 90.644977][ T5348] ? _raw_spin_unlock_irq+0x23/0x50 [ 90.647173][ T5348] ? process_scheduled_works+0x9ef/0x17b0 [ 90.649609][ T5348] ? process_scheduled_works+0x9ef/0x17b0 [ 90.652354][ T5348] process_scheduled_works+0xae1/0x17b0 [ 90.655022][ T5348] ? __pfx_process_scheduled_works+0x10/0x10 [ 90.657702][ T5348] worker_thread+0x8a0/0xda0 [ 90.659750][ T5348] kthread+0x70e/0x8a0 [ 90.661508][ T5348] ? __pfx_worker_thread+0x10/0x10 [ 90.663702][ T5348] ? __pfx_kthread+0x10/0x10 [ 90.665966][ T5348] ? _raw_spin_unlock_irq+0x23/0x50 [ 90.668468][ T5348] ? lockdep_hardirqs_on+0x9c/0x150 [ 90.670937][ T5348] ? __pfx_kthread+0x10/0x10 [ 90.673190][ T5348] ret_from_fork+0x3f9/0x770 [ 90.675229][ T5348] ? __pfx_ret_from_fork+0x10/0x10 [ 90.677468][ T5348] ? __pfx_kthread+0x10/0x10 [ 90.679466][ T5348] ret_from_fork_asm+0x1a/0x30 [ 90.681673][ T5348] [ 90.682976][ T5348] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 90.686123][ T5348] CPU: 0 UID: 0 PID: 5348 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) [ 90.690085][ T5348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.694746][ T5348] Workqueue: events cfg80211_conn_work [ 90.697099][ T5348] Call Trace: [ 90.698603][ T5348] [ 90.699964][ T5348] dump_stack_lvl+0x99/0x250 [ 90.702042][ T5348] ? __asan_memcpy+0x40/0x70 [ 90.704134][ T5348] ? __pfx_dump_stack_lvl+0x10/0x10 [ 90.706420][ T5348] ? __pfx__printk+0x10/0x10 [ 90.708440][ T5348] vpanic+0x281/0x750 [ 90.710191][ T5348] ? __pfx__printk+0x10/0x10 [ 90.712233][ T5348] ? __pfx_vpanic+0x10/0x10 [ 90.714290][ T5348] ? is_bpf_text_address+0x26/0x2b0 [ 90.716553][ T5348] panic+0xb9/0xc0 [ 90.718136][ T5348] ? __pfx_panic+0x10/0x10 [ 90.720123][ T5348] __warn+0x31b/0x4b0 [ 90.721987][ T5348] ? ieee80211_prep_channel+0x479f/0x5ee0 [ 90.724642][ T5348] ? ieee80211_prep_channel+0x479f/0x5ee0 [ 90.727436][ T5348] report_bug+0x2be/0x4f0 [ 90.729235][ T5348] ? ieee80211_prep_channel+0x479f/0x5ee0 [ 90.731831][ T5348] ? ieee80211_prep_channel+0x479f/0x5ee0 [ 90.734277][ T5348] ? ieee80211_prep_channel+0x47a1/0x5ee0 [ 90.736773][ T5348] handle_bug+0x84/0x160 [ 90.738677][ T5348] exc_invalid_op+0x1a/0x50 [ 90.740539][ T5348] asm_exc_invalid_op+0x1a/0x20 [ 90.742676][ T5348] RIP: 0010:ieee80211_prep_channel+0x479f/0x5ee0 [ 90.745744][ T5348] Code: 03 42 80 3c 20 00 74 08 48 89 df e8 4b 02 1a f7 48 83 3b 00 0f 84 79 04 00 00 e8 9c 17 b5 f6 e9 7e 01 00 00 e8 92 17 b5 f6 90 <0f> 0b 90 4c 8b 74 24 70 4c 89 f7 e8 d1 00 0f f7 49 c7 c6 ea ff ff [ 90.756182][ T5348] RSP: 0018:ffffc9000d21eb40 EFLAGS: 00010293 [ 90.758966][ T5348] RAX: ffffffff8b0aa39e RBX: 0000000000000000 RCX: ffff888000892440 [ 90.762235][ T5348] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.765595][ T5348] RBP: ffffc9000d21ef00 R08: ffff888000892440 R09: 000000000000000e [ 90.769070][ T5348] R10: 000000000000000d R11: 0000000000000000 R12: dffffc0000000000 [ 90.772379][ T5348] R13: 1ffff1100a5deceb R14: ffffc9000d21edf0 R15: ffff888052ef6758 [ 90.775700][ T5348] ? ieee80211_prep_channel+0x479e/0x5ee0 [ 90.778171][ T5348] ? ieee80211_prep_channel+0x206/0x5ee0 [ 90.780657][ T5348] ? __pfx_ieee80211_prep_channel+0x10/0x10 [ 90.783099][ T5348] ? __lruvec_stat_mod_folio+0x79/0x2f0 [ 90.785387][ T5348] ? ieee80211_prep_connection+0x545/0x13f0 [ 90.787818][ T5348] ieee80211_prep_connection+0xdd9/0x13f0 [ 90.790173][ T5348] ? ieee80211_prep_connection+0x545/0x13f0 [ 90.792814][ T5348] ieee80211_mgd_auth+0xee3/0x1770 [ 90.795055][ T5348] ? __lock_acquire+0xab9/0xd20 [ 90.797113][ T5348] ? lockdep_hardirqs_on+0x9c/0x150 [ 90.799301][ T5348] ? __pfx_ieee80211_mgd_auth+0x10/0x10 [ 90.801687][ T5348] ? rcu_is_watching+0x15/0xb0 [ 90.803747][ T5348] cfg80211_mlme_auth+0x62f/0x9c0 [ 90.806013][ T5348] cfg80211_conn_do_work+0x501/0xd10 [ 90.808239][ T5348] ? __pfx_cfg80211_conn_do_work+0x10/0x10 [ 90.810841][ T5348] ? __schedule+0x17ae/0x4cc0 [ 90.813018][ T5348] ? cfg80211_conn_work+0x298/0x460 [ 90.815357][ T5348] cfg80211_conn_work+0x2c0/0x460 [ 90.817595][ T5348] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 90.820330][ T5348] ? __pfx_cfg80211_conn_work+0x10/0x10 [ 90.822719][ T5348] ? stack_trace_save+0x9c/0xe0 [ 90.824759][ T5348] ? __pfx_stack_trace_save+0x10/0x10 [ 90.827008][ T5348] ? check_path+0x21/0x40 [ 90.828932][ T5348] ? lockdep_unlock+0x89/0x120 [ 90.831044][ T5348] ? validate_chain+0x897/0x2140 [ 90.833135][ T5348] ? __lock_acquire+0xab9/0xd20 [ 90.835162][ T5348] ? process_scheduled_works+0x9ef/0x17b0 [ 90.837519][ T5348] ? _raw_spin_unlock_irq+0x23/0x50 [ 90.839668][ T5348] ? process_scheduled_works+0x9ef/0x17b0 [ 90.842095][ T5348] ? process_scheduled_works+0x9ef/0x17b0 [ 90.844642][ T5348] process_scheduled_works+0xae1/0x17b0 [ 90.847430][ T5348] ? __pfx_process_scheduled_works+0x10/0x10 [ 90.850401][ T5348] worker_thread+0x8a0/0xda0 [ 90.852479][ T5348] kthread+0x70e/0x8a0 [ 90.854288][ T5348] ? __pfx_worker_thread+0x10/0x10 [ 90.856266][ T5348] ? __pfx_kthread+0x10/0x10 [ 90.858399][ T5348] ? _raw_spin_unlock_irq+0x23/0x50 [ 90.860962][ T5348] ? lockdep_hardirqs_on+0x9c/0x150 [ 90.863223][ T5348] ? __pfx_kthread+0x10/0x10 [ 90.865193][ T5348] ret_from_fork+0x3f9/0x770 [ 90.867177][ T5348] ? __pfx_ret_from_fork+0x10/0x10 [ 90.869343][ T5348] ? __pfx_kthread+0x10/0x10 [ 90.871357][ T5348] ret_from_fork_asm+0x1a/0x30 [ 90.873440][ T5348] [ 90.875070][ T5348] Kernel Offset: disabled [ 90.877008][ T5348] Rebooting in 86400 seconds..