program:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x4c, r2, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}]]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
preadv(r6, &(0x7f0000000a80)=[{&(0x7f00000021c0)=""/4096, 0x1000}], 0x1, 0x4, 0xfff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0xf0, &(0x7f0000000100)={&(0x7f0000000280)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r8, 0x21eae}}, 0x20}}, 0x0)
sendmsg$kcm(r6, &(0x7f00000002c0)={&(0x7f00000001c0)=@xdp={0x2c, 0x3, r8, 0x26}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000240)="49ed5a6c39f6802924026b5c1c4c12e2f9f9f856875f445da721a0962b9965b291e5bde1a872404189194075b4810b6c541f5df815fc9d0cb4f004b225afa8763a5934a0fea403c060d6e75872d35b3807", 0x51}, {&(0x7f0000000440)="abf76d39051ee619a687e226825de5e518b0db9ede501604ea52a1fc48aacd735853211725193ece88b83867e08ddaf3d2dd5efb261d7661013eda964e5f081b0626670a32546b74e1fe84587d3a47b7019b4b10c9007a2501bb5c09f2d8d67e34fffabeb28a78bd6da76f60eb1de3d4e61aeadf1c0a148ecc14380fe2e47253cf3f24074495a35f50dfe4336f3df195488f6f08b1fe95c83768ad201a60fecb1efeff459f939d052b8cb482d151aae082c956d5d5dc6a3dc1647c33d16679e51631193edc28871cbcb87031882a59b2aab170d162e55224563415e7511fae6e7f00e8e554745a04a2418da2086b6d6959363d0c1a4a8fcb6c9a2512be0ead7a06939f73ea58f43bb9080f5f26acf3ae81275b920d46c57b4f31b02bd0f6c998a7a46c6a6cb3a06df7e143339e74e8b1da68d48c2f945284e4ef4f744c0bc91abeaeced298a15aca7c610ed19893c577fb9c726deb5a9c665f6c76f5c0a2d0768ad743cce4e5dba2edda4d9803879de64db2947cba8a3e5e5f8b1ad64680e63af77eb21e999ad4691a189b26995e2a95e641beb82cdcd74f7da9d16c3f6dd9cc7fd4aabfde90f879bc1d04778c9bedf66ac1036d0a5407fe57637f4599377d7344e602138d39813c4a77cdbcdcc4ba302f06ffa0404c88fd57f06795738af5a30e023f13a1b01ecb54473a9c05b1d755d50b307ad5d76621ccacc8482773c25409db0572322f01a7f4f5ec6f00197be77087bcc37656b41088ccea09581f027a0dc58403b4aeddf114b4e442108ed7710ae7e6f583ac2854ee034e9853fc6cfdad7775897c344777338c658acd81abc8bec16e2fa87ffacc9dd7991587032f706f69d6778bd27343ed4192f852a588e9266575211cfaeac6f48fd69543d1faf6396ecab995f859c71698f2fb632174b918567ad93b10fbd5a7f4aeea85a17931bb4e4cf00c9851b94d01024ea68624da67cae573bf59b5fa341827f750621a21f6647fb6f7821174a6c7c36a627d0c638e2ec51f1ea2c84d518287b0a04e188a70530d4335e4abd8dc3b24d6d3641f3d337e0af01136795634016854fc047cf553d451cf0d73dc91ad802e9a9ad254441d60b0db4f9c6dc20c7128bdd679fe91188ac598ecfd7270c8f8fd7333b1d1ad2c7e97e6e807d234252a9b3562befc5772f2cd3b6adeb1cb957ba65604c165c634ea8390d40bffb412599f24997bfbb25b5e3559889cbab4d5ac36c0c17bb1b097cbfce4bd504dc2749e6d63ef1c3e2f8d93cfe2d5bc67e2a738c3750a2c83d45f0efbf94ee87d3db6660c3f062c3b3267e728127b96da7737b6c6467e4a1975ce2dbc374ba9feb025c3f6c2f176fdaeb2aa97c9599bfca3d481b12b7eee4868d48ae1394036e171ffc19d0aeb49b803e2404c5fb9f20ce266eca9200ecbe3ffcc2f0c39200d332882ada86344ac319f12dd3de9800aaf35733979f4f0e9fae6b657425b23157234f42dc5c8d21745982a20743e14d0d9b83ada2d048290aa2d97172a06e474faca612f8e71fd2855e0af6b91389706d3267c5fc6a1e73a13d163a26da313d0ff7d775ec4cecac6166fa1395db5c0d5b3f4a9fec89f3e15636b3a1721abaf3cad4280bfb58fdfc4f6bf751bceb0929b42627758e17df1c68e48177389538efd1155e6f5d11671772a304bd497772e965fb0c91cf1dac0b2f4faf3d617d1927563784fd1cb4e4aadbb88dea4a5480abeececf2b8bc4968795f241428ccb3c44461f132ab17f4fd78e482d79e44773299fef809f1bc002b5f02d0595d198870b4c8b4d714d72fc288fc9f4e182019d171c6812a84fc4fea6987986af751fd433604e44e9a31c9560b0bf14b360d3add358919fcb8982845de7bd3c7f03f92e1dd1e2a3bc18ace539a1b1b81a55b60ea8f4cd706860661d61c66895eba5ca36f105c0728e4b4c3a5632f67a6b4727b16ef62adfea6f85ea01f0b34cf5114ac522e98c065d1bc9e193ca77cf500b00ea922ad763b7d32e940b171233d0c02b7b865cf678c138e433cee1d013be4aef33140c8a7d18d4cd5d8d73d5e1bcf656b832d4a720969408b55bb64505829309f6e4d29382486918dc9fc5d5254db8862995781608b5f1cab65a6a9edb8e30aa2702c26092af5212120804d4390d298935fafd6b45f1530c22d67926ab8826f951e4b2cff6a9e5b567adcfecacc0a4f6bc2d022ec442147eec6e818394301c1aa9940d9d866ffc6b0b79f73e07c2d704e71bfa688da9ac28472fde25e14134ff885edbf8517e4e2999a379ae74a8dde7c6d1eb8cf85aee94a0d07bb78669ba4dcad1f46d040a1d8a5ada04ae6bee80f9690882457dac46eca76e6b735544390297d2be6d29a93d63f2fc36a3f9320069482a3ec0fa5c9ef30119691218ecf459abd8b8c4bc653b4757d4fc081a3a887c1c431bd4005965b179cee46df97788525413722f371d1087ea0b8279f677ad4dfdc1b90a9f8da157152c0bbd36e238b1bfddbb9f8b96cdd0d72f4efc0614137999f82820dfffb0c93994ab09917284ac629be60a0d050eff17522628640cf54020a81c37cd035eca6033565dd6f71525929aebc14a4016ab068260c2c6110b585eefb320c847df3c3289b214a7ec0a4a2e76fb7b07a979beee375ce3cbb2e9bc0ad4da2979aef13a42296d6e8ff6ba7afee339fe35481fdd4b3949f2570b899e812b103946b716a2eb0b991961ccc23edcc19a1210f73ecb3a9f1ba7f2693d671069b562194246229d94adfece4ef80f124cf7bf295ac2ac54d771fefdcea72b4aa1a92b42f7b1759d8adb7663516239eb127debbe6fef4fc36a7231631ac24d753daf787c52d7022bb47341d9f18897d028a92cb272bc45622c4e3f9e071da4480cd42460b47b019fc90f52aa5103569d96829539a4bd0e56ad6a8cb687d94cdf474316a0911db45adda72bbaf716fc24f33bae80262c3b5a26187b9b8f7d4ebb1ab0f4774c0acd0561113c5106cb225b215045c02a59f134376dfb11d16540352be2316c5ab5ac85676df86bf2bc3ba0bd94d0c35f5458d802061a2f24fd6697f101fe4049b70c3bccccee32731623229ec8a6993312222cd24990dc38c1a94ac72a27cbbd2f75fb18b4fce92768c5b5fc6216d0576befd6073312a7ac26ced10dd9e00a17ff638cc09f0868b80c720d3f0ead3550720c4fa2393764f45adb426d67eb97f55c96be2eedd775ac1d6a1033aad911b9b6c9fe52686c83da6ad0b21ef993795165bd5ecb3e572c9260b98cf0d180999c0bc2d69bc1199d22dd2fa9a96a92fe9f5636cd3b0b54044eea2d5051668a23c128f7cfed479da3684504bdee0ddb2c318d315765e35f6dc4413d2c76ba4c8b451ce1ec445d27406470552a8342203570f38395ef40ff6d967dd7ec2b35ff467b59ccfeab8fd2056132dcd3cce561d42219b49c2e6fdd01345a900173c25c4e66e4cd8e9c9f830f3dcb7512d5bf90fe787f44bbdef6f17ce672f020364231c1357c1dbd47fc80afd2e363aa9015ebb5c191be094365c309521725a21b0c0f2829f53aacd6c2f603e2569dad2d7855545c036d17d8bbaaf42723279cdc8f88e2c6c08725c9d6d030b3032dc3d595b41b67ec546e9c4126ab8bd97d2db9ce12ee4c0dca84d0ca3c25c3cdab5b262c14784b01a95db212346aff6cb83217952902ddef19a14f7c7e7ec68c6f6b0fc9e2ecfac344bc332f118f2bf0153d570ac05de876ff5d959581667b688949f09b1b00f646bcbaeb97078843bb0debbd187bc4f28f4a31006c077736e35d1f2f31d680542fa49a95d73ac91c5d57d01f6b6588005d73eab4a9fb5c8e8305aab27849985923fa3eafd8e089ca602696632b7fbb5879b38c19ca08d2e226b81c0277ae8c86d201751b4068735c0e84113f60d94b0a1a79c01f5d84e7f6b8af16a4094c48ef26210769b4f5691a05792c75c41198667e204f616997d3c5c06dfec7044b46124cbbafeac6b0079988c91a35ec761b7747c25ba1aee8d2d24aba8af7a9d83addbf9a8b13d922f43245caea69c35164fa57514b96e97738b5daaf25a9f33d1e5f749d488f16e21a8c30ac9305d8eb9c93c4b1a714afb2ebe9fca23426ea8411c395d5ba9bfcb213c734e57a1b8134a70cc92d587bf5242a656354b75640171b2b394c854c646046616443ae75b95597a95bff81e2237a930e211b35ddea97a71531a4d9ce0407cf9dbbaf8c54fef38eb54b103e9bd729550a1f8aa9d88360e0bedc0f92cd0937af40ca02d341f1be19e653c0bd04ed45d9a638e251069144fb54ceb6982fec6ec93286ba22e90057a33dbcb4cda6fcb433249f285edc06c29a07bb2a0f3662e68e56b5e0a430f8c570b22ff9f3ac7b6692eb0d235930119237bd355105c164b84ae9f7fcc58706d1f220186c614e09dd155acfe2f862cf27bd68677f2a0731ed9e5bed678ba532e603eee69a671f6f57a51db9f47238c9f44388f8235de84b5b3ec5671a6c0239d8c02f8e2aa684d82285d162901b962ff97fb8a616df6aa06023972da57c5c8f42f50a34da9bf1bad336d2c0df43785896505aee1832b0f3a29683235e62409e48701e048f4a7f4f6a832816f5a0176fffe9d561f5fbd5935f6d10180b47c25458637ff91d0ffed4807e82add93205288212498afe56843fb662370e08f1cc7c294558d8a96b421b48ed5c48317c9b3298a0d727eb64a697768e934b258b8a5bc21b03bb3733d94f35d8a50ed1f31bef855c52b3a5153414eec2917f1e62ca095cac5226f56063565caef3991ea0ded34fb118512fd6264362f72ad3fc58bc74579e3b88a6d093af15a35ec9dc2e8ff078f8409a86852ddf66f12dd6d43a5eaed57b9b4b43d50cd11e2d898fe21205da74a67fba093e7fb7cc54cbac5cf9def794f3d709f1adb8e1d915fe46435f6f89ad9269978d69b2d3c55f677f63d51c53f53a151c852cd263ef9c933567755cc4b00c15e3cf1b47216321b81d9111214c170ca2f2ca71f109cdc4d074cf6187d97f839ccc7e59646f2ae1e2c65c5efb6ab03b7e491cd089fec2c4934243e6ec64133e870db2776f59dae6a8fbc4967b9ec14debe766773bcffc809e2df50e1eeb4c70f7134e044d10ee8692b7e213f4da096ba01360aa0289ee94fb73d025041f04b17b08cf154cc22f8f35bdcbf7a126767d7ddd1ec6c2ea7697864322d86f7f0e5f495597dd438a2d6c694f7e1d2755712b284a9e22f0846251fe4130045bf0e682a0ec510539b52c081576456918d7cc94ceec1b57485ccd2724be94cfc906a50d5b563408dfa670350365c1f882458d8c78f3fe9cc90a88e3096bf19c9f00978e22487a7d783da2b4f3ad9169bf2594df8a308a43e369b74494482927312acbcfb2c9c23522513d54e285e12be0dace79c86758701447a5fda2b219c4a781cb1b19967bcdd42c9555f7f1b4847524e43133064821c6d9dd030daeabebf67b7896bfe1e33c1a9b2d0c98a965b762774ebc6a04234ce8cd8f71247bf9f74c76fc42f69e79e4e9c8fc259304759c912d645d9a2474013095bf7bd7773a573a39d75da55931c56e496919e2bbcead24219a121a8099611c7952d27b3b3289fcaca1c3eecd5fd247ef56f3d10ca40a0db8ad48b9964cb46b86641f912427243c5898e4e5eeb2319abb53f7fb110751341094e095f236c7a7f559df0edf9441e8fb4dde170f892c6c300ba6c9dda6504b748c32d9762d775e965b3c44d5bfa74423dc1489937f09fbbfbe72f0f142082ed61ea2c9b4778b16fb773b9b35d550a58e7d281145d10b43d9971", 0x1000}, {&(0x7f0000000340)="72618accbe037aec35e31c3b9289b5f6711593530fa14f2219f5339fb95209ebfcd381d782b898a53e435d8500d71681afd80e1fadb78e85d97bc03af724770cae551fca27a8c037ef3e3bc8d8f67e6eb61f0b46beb5b5c9bd36b1b7c5877ac0da5f5fb87c3450bd", 0x68}], 0x3, &(0x7f0000001440)=[{0x38, 0x110, 0x5, "1355894e6720afff59a5d5f3763f60851e74f77625c26745277a121a829026a184178bb99868b15a"}, {0x30, 0x111, 0x9, "4b5752c1152da3b1de976d0427fee362ddf7a41d551b31e7cecbba76a266618b"}, {0x88, 0x84, 0xfffffe57, "d1f2a8b572c7a9e60b28a4ed87f00c89af0a4fac766c8e6d33185b10b1ed3d379f8fdbd572187307a916d2e6796330ae62c1fe29a15dccca0896ea32636b02aee38a22c3b8be488bcd63cc92646ee14bb3aaf4614f90a7e9fdd59c5f0f803ed2af55bbf7645633d42835283fbc85f6bb342c"}, {0x90, 0x117, 0xcf44, "c0107d14320790275812c6b6096d4e5aef1a38e62bd482e8a07138804116e9247a52837fb18b25752a0ad8f3c54d72d0c8558a58da4017c146184449bbe50490ef06134512b585c1766fd4dc2d59d60043cc589ec3f35f6fd1107c4560222008b6ff3ca13be852b359609cb0d986a648a7edf8eebe3a4a7dcee5106e"}], 0x180}, 0x20000800)

[   90.497123][ T4679] Bluetooth: hci0: command tx timeout
[   90.786574][ T5342] ==================================================================
[   90.789916][ T5342] BUG: KASAN: slab-out-of-bounds in ieee80211_add_virtual_monitor+0xa42/0xce0
[   90.793648][ T5342] Read of size 1 at addr ffff88803fa17d50 by task syz.0.0/5342
[   90.796817][ T5342] 
[   90.798028][ T5342] CPU: 0 UID: 0 PID: 5342 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   90.798045][ T5342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.798052][ T5342] Call Trace:
[   90.798061][ T5342]  <TASK>
[   90.798068][ T5342]  dump_stack_lvl+0xe8/0x150
[   90.798086][ T5342]  print_report+0xca/0x240
[   90.798099][ T5342]  ? ieee80211_add_virtual_monitor+0xa42/0xce0
[   90.798115][ T5342]  kasan_report+0x118/0x150
[   90.798173][ T5342]  ? ieee80211_add_virtual_monitor+0xa42/0xce0
[   90.798191][ T5342]  ieee80211_add_virtual_monitor+0xa42/0xce0
[   90.798209][ T5342]  ieee80211_do_stop+0x1786/0x1f70
[   90.798227][ T5342]  ? __pfx_ieee80211_do_stop+0x10/0x10
[   90.798244][ T5342]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   90.798295][ T5342]  ieee80211_stop+0x1b1/0x240
[   90.798312][ T5342]  ? __pfx_ieee80211_stop+0x10/0x10
[   90.798328][ T5342]  __dev_close_many+0x344/0x6b0
[   90.798343][ T5342]  ? __pfx___dev_close_many+0x10/0x10
[   90.798357][ T5342]  ? __dev_change_flags+0x1b0/0x680
[   90.798369][ T5342]  __dev_change_flags+0x2be/0x680
[   90.798381][ T5342]  ? __pfx___dev_change_flags+0x10/0x10
[   90.798394][ T5342]  netif_change_flags+0x88/0x1a0
[   90.798406][ T5342]  do_setlink+0xc55/0x41c0
[   90.798419][ T5342]  ? __lock_acquire+0x6b6/0x2cf0
[   90.798427][ T5342]  ? __pfx_do_setlink+0x10/0x10
[   90.798434][ T5342]  ? __pfx_stack_trace_save+0x10/0x10
[   90.798446][ T5342]  ? do_raw_spin_lock+0x121/0x290
[   90.798455][ T5342]  ? do_raw_spin_lock+0x121/0x290
[   90.798465][ T5342]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   90.798476][ T5342]  ? lockdep_hardirqs_on+0x7b/0x110
[   90.798484][ T5342]  ? __mutex_lock+0xd3b/0x1350
[   90.798495][ T5342]  ? __mutex_lock+0x5bb/0x1350
[   90.798504][ T5342]  ? rtnl_newlink+0x8ec/0x1c90
[   90.798530][ T5342]  ? __pfx___mutex_lock+0x10/0x10
[   90.798543][ T5342]  ? ns_capable+0x8a/0xf0
[   90.798555][ T5342]  rtnl_newlink+0x161c/0x1c90
[   90.798572][ T5342]  ? __pfx_rtnl_newlink+0x10/0x10
[   90.798586][ T5342]  ? do_syscall_64+0xec/0xf80
[   90.798596][ T5342]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.798615][ T5342]  ? kasan_quarantine_put+0xbb/0x1f0
[   90.798629][ T5342]  ? lockdep_hardirqs_on+0x7b/0x110
[   90.798637][ T5342]  ? kmem_cache_free+0x197/0x620
[   90.798647][ T5342]  ? nlmon_xmit+0xb0/0x100
[   90.798657][ T5342]  ? __lock_acquire+0x6b6/0x2cf0
[   90.798665][ T5342]  ? __local_bh_enable_ip+0xd0/0x130
[   90.798673][ T5342]  ? lockdep_hardirqs_on+0x7b/0x110
[   90.798679][ T5342]  ? __dev_queue_xmit+0x289/0x3140
[   90.798687][ T5342]  ? __local_bh_enable_ip+0xd0/0x130
[   90.798693][ T5342]  ? __dev_queue_xmit+0x289/0x3140
[   90.798701][ T5342]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   90.798712][ T5342]  ? __pfx_rtnl_newlink+0x10/0x10
[   90.798721][ T5342]  rtnetlink_rcv_msg+0x7cf/0xb70
[   90.798731][ T5342]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   90.798741][ T5342]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   90.798749][ T5342]  ? ref_tracker_free+0x63a/0x7d0
[   90.798760][ T5342]  ? __asan_memcpy+0x40/0x70
[   90.798771][ T5342]  ? __pfx_ref_tracker_free+0x10/0x10
[   90.798783][ T5342]  ? __skb_clone+0x63/0x7a0
[   90.798795][ T5342]  netlink_rcv_skb+0x208/0x470
[   90.798806][ T5342]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   90.798821][ T5342]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   90.798835][ T5342]  ? netlink_deliver_tap+0x2e/0x1b0
[   90.798846][ T5342]  netlink_unicast+0x82f/0x9e0
[   90.798856][ T5342]  ? __pfx_netlink_unicast+0x10/0x10
[   90.798865][ T5342]  ? __alloc_skb+0x198/0x3a0
[   90.798876][ T5342]  ? netlink_sendmsg+0x642/0xb30
[   90.798886][ T5342]  ? skb_put+0x11b/0x210
[   90.798896][ T5342]  netlink_sendmsg+0x805/0xb30
[   90.798908][ T5342]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.798918][ T5342]  ? aa_sock_msg_perm+0xf1/0x1b0
[   90.798929][ T5342]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   90.798944][ T5342]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.798958][ T5342]  __sock_sendmsg+0x21c/0x270
[   90.798974][ T5342]  ____sys_sendmsg+0x505/0x820
[   90.798984][ T5342]  ? __pfx_____sys_sendmsg+0x10/0x10
[   90.798992][ T5342]  ? import_iovec+0x74/0xa0
[   90.799001][ T5342]  ___sys_sendmsg+0x21f/0x2a0
[   90.799008][ T5342]  ? __pfx____sys_sendmsg+0x10/0x10
[   90.799019][ T5342]  ? futex_wait+0x285/0x360
[   90.799036][ T5342]  ? __fget_files+0x2a/0x420
[   90.799045][ T5342]  ? __fget_files+0x3a0/0x420
[   90.799056][ T5342]  __x64_sys_sendmsg+0x19b/0x260
[   90.799065][ T5342]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   90.799078][ T5342]  ? rcu_is_watching+0x15/0xb0
[   90.799093][ T5342]  do_syscall_64+0xec/0xf80
[   90.799104][ T5342]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.799114][ T5342]  ? trace_irq_disable+0x37/0x100
[   90.799128][ T5342]  ? clear_bhb_loop+0x60/0xb0
[   90.799141][ T5342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.799152][ T5342] RIP: 0033:0x7f953158f7c9
[   90.799163][ T5342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.799172][ T5342] RSP: 002b:00007f95324a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.799185][ T5342] RAX: ffffffffffffffda RBX: 00007f95317e6090 RCX: 00007f953158f7c9
[   90.799194][ T5342] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[   90.799201][ T5342] RBP: 00007f9531613f91 R08: 0000000000000000 R09: 0000000000000000
[   90.799208][ T5342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   90.799215][ T5342] R13: 00007f95317e6128 R14: 00007f95317e6090 R15: 00007fff9e85e3d8
[   90.799228][ T5342]  </TASK>
[   90.799232][ T5342] 
[   91.026869][ T5342] The buggy address belongs to the physical page:
[   91.029514][ T5342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3fa14
[   91.032437][ T5342] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   91.035172][ T5342] memcg:ffff888040375402
[   91.036672][ T5342] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[   91.039706][ T5342] page_type: f8(unknown)
[   91.041565][ T5342] raw: 04fff00000000040 0000000000000000 dead000000000122 0000000000000000
[   91.044877][ T5342] raw: 0000000000000000 0000000000000000 00000000f8000000 ffff888040375402
[   91.047648][ T5342] head: 04fff00000000040 0000000000000000 dead000000000122 0000000000000000
[   91.050577][ T5342] head: 0000000000000000 0000000000000000 00000000f8000000 ffff888040375402
[   91.053415][ T5342] head: 04fff00000000002 ffffea0000fe8501 00000000ffffffff 00000000ffffffff
[   91.056615][ T5342] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   91.060129][ T5342] page dumped because: kasan: bad access detected
[   91.063004][ T5342] page_owner tracks the page as allocated
[   91.065498][ T5342] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x446dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP), pid 5341, tgid 5340 (syz.0.0), ts 90631186023, free_ts 25023190416
[   91.074544][ T5342]  post_alloc_hook+0x234/0x290
[   91.076686][ T5342]  get_page_from_freelist+0x24e0/0x2580
[   91.079049][ T5342]  __alloc_frozen_pages_noprof+0x181/0x370
[   91.081258][ T5342]  alloc_pages_mpol+0x232/0x4a0
[   91.083338][ T5342]  ___kmalloc_large_node+0x4e/0x150
[   91.085772][ T5342]  __kmalloc_large_node_noprof+0x18/0x90
[   91.088335][ T5342]  __kvmalloc_node_noprof+0x6e/0x920
[   91.090593][ T5342]  alloc_netdev_mqs+0xa6/0x11b0
[   91.092615][ T5342]  ieee80211_if_add+0x45c/0x1370
[   91.094792][ T5342]  ieee80211_add_iface+0xb5/0x5a0
[   91.096980][ T5342]  nl80211_new_interface+0x883/0x1130
[   91.099462][ T5342]  genl_family_rcv_msg_doit+0x215/0x300
[   91.101922][ T5342]  genl_rcv_msg+0x60e/0x790
[   91.104008][ T5342]  netlink_rcv_skb+0x208/0x470
[   91.106257][ T5342]  genl_rcv+0x28/0x40
[   91.108024][ T5342]  netlink_unicast+0x82f/0x9e0
[   91.109826][ T5342] page last free pid 785 tgid 785 stack trace:
[   91.112442][ T5342]  __free_frozen_pages+0xbc8/0xd30
[   91.114599][ T5342]  vfree+0x25a/0x400
[   91.116100][ T5342]  delayed_vfree_work+0x55/0x80
[   91.118223][ T5342]  process_scheduled_works+0xad1/0x1770
[   91.120308][ T5342]  worker_thread+0x8a0/0xda0
[   91.121974][ T5342]  kthread+0x711/0x8a0
[   91.123665][ T5342]  ret_from_fork+0x510/0xa50
[   91.125525][ T5342]  ret_from_fork_asm+0x1a/0x30
[   91.127566][ T5342] 
[   91.128593][ T5342] Memory state around the buggy address:
[   91.131133][ T5342]  ffff88803fa17c00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   91.135168][ T5342]  ffff88803fa17c80: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   91.138916][ T5342] >ffff88803fa17d00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   91.142402][ T5342]                                                  ^
[   91.145367][ T5342]  ffff88803fa17d80: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   91.149010][ T5342]  ffff88803fa17e00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   91.152361][ T5342] ==================================================================
[   91.273584][ T5342] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   91.276572][ T5342] CPU: 0 UID: 0 PID: 5342 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   91.280313][ T5342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.285190][ T5342] Call Trace:
[   91.286792][ T5342]  <TASK>
[   91.288224][ T5342]  vpanic+0x1e0/0x670
[   91.290061][ T5342]  panic+0xb9/0xc0
[   91.291845][ T5342]  ? __pfx_panic+0x10/0x10
[   91.293794][ T5342]  ? preempt_schedule_thunk+0x16/0x30
[   91.296160][ T5342]  ? ieee80211_add_virtual_monitor+0xa42/0xce0
[   91.299026][ T5342]  ? preempt_schedule_thunk+0x16/0x30
[   91.301621][ T5342]  ? ieee80211_add_virtual_monitor+0xa42/0xce0
[   91.304394][ T5342]  check_panic_on_warn+0x89/0xb0
[   91.306674][ T5342]  ? ieee80211_add_virtual_monitor+0xa42/0xce0
[   91.309457][ T5342]  end_report+0x6f/0x140
[   91.311275][ T5342]  kasan_report+0x129/0x150
[   91.312909][ T5342]  ? ieee80211_add_virtual_monitor+0xa42/0xce0
[   91.315153][ T5342]  ieee80211_add_virtual_monitor+0xa42/0xce0
[   91.317478][ T5342]  ieee80211_do_stop+0x1786/0x1f70
[   91.319679][ T5342]  ? __pfx_ieee80211_do_stop+0x10/0x10
[   91.321970][ T5342]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   91.324465][ T5342]  ieee80211_stop+0x1b1/0x240
[   91.326496][ T5342]  ? __pfx_ieee80211_stop+0x10/0x10
[   91.328763][ T5342]  __dev_close_many+0x344/0x6b0
[   91.330775][ T5342]  ? __pfx___dev_close_many+0x10/0x10
[   91.332985][ T5342]  ? __dev_change_flags+0x1b0/0x680
[   91.335091][ T5342]  __dev_change_flags+0x2be/0x680
[   91.336835][ T5342]  ? __pfx___dev_change_flags+0x10/0x10
[   91.338860][ T5342]  netif_change_flags+0x88/0x1a0
[   91.340604][ T5342]  do_setlink+0xc55/0x41c0
[   91.342152][ T5342]  ? __lock_acquire+0x6b6/0x2cf0
[   91.343840][ T5342]  ? __pfx_do_setlink+0x10/0x10
[   91.345721][ T5342]  ? __pfx_stack_trace_save+0x10/0x10
[   91.348045][ T5342]  ? do_raw_spin_lock+0x121/0x290
[   91.349990][ T5342]  ? do_raw_spin_lock+0x121/0x290
[   91.352097][ T5342]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   91.354763][ T5342]  ? lockdep_hardirqs_on+0x7b/0x110
[   91.357312][ T5342]  ? __mutex_lock+0xd3b/0x1350
[   91.359718][ T5342]  ? __mutex_lock+0x5bb/0x1350
[   91.361938][ T5342]  ? rtnl_newlink+0x8ec/0x1c90
[   91.364175][ T5342]  ? __pfx___mutex_lock+0x10/0x10
[   91.366168][ T5342]  ? ns_capable+0x8a/0xf0
[   91.367568][ T5342]  rtnl_newlink+0x161c/0x1c90
[   91.369152][ T5342]  ? __pfx_rtnl_newlink+0x10/0x10
[   91.370992][ T5342]  ? do_syscall_64+0xec/0xf80
[   91.372745][ T5342]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.375360][ T5342]  ? kasan_quarantine_put+0xbb/0x1f0
[   91.377910][ T5342]  ? lockdep_hardirqs_on+0x7b/0x110
[   91.380157][ T5342]  ? kmem_cache_free+0x197/0x620
[   91.382278][ T5342]  ? nlmon_xmit+0xb0/0x100
[   91.384268][ T5342]  ? __lock_acquire+0x6b6/0x2cf0
[   91.386447][ T5342]  ? __local_bh_enable_ip+0xd0/0x130
[   91.388728][ T5342]  ? lockdep_hardirqs_on+0x7b/0x110
[   91.390907][ T5342]  ? __dev_queue_xmit+0x289/0x3140
[   91.393082][ T5342]  ? __local_bh_enable_ip+0xd0/0x130
[   91.395307][ T5342]  ? __dev_queue_xmit+0x289/0x3140
[   91.397602][ T5342]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   91.399951][ T5342]  ? __pfx_rtnl_newlink+0x10/0x10
[   91.402434][ T5342]  rtnetlink_rcv_msg+0x7cf/0xb70
[   91.404712][ T5342]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   91.406996][ T5342]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.409236][ T5342]  ? ref_tracker_free+0x63a/0x7d0
[   91.411434][ T5342]  ? __asan_memcpy+0x40/0x70
[   91.413223][ T5342]  ? __pfx_ref_tracker_free+0x10/0x10
[   91.415198][ T5342]  ? __skb_clone+0x63/0x7a0
[   91.417125][ T5342]  netlink_rcv_skb+0x208/0x470
[   91.419216][ T5342]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.421240][ T5342]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   91.423630][ T5342]  ? netlink_deliver_tap+0x2e/0x1b0
[   91.425907][ T5342]  netlink_unicast+0x82f/0x9e0
[   91.428114][ T5342]  ? __pfx_netlink_unicast+0x10/0x10
[   91.430251][ T5342]  ? __alloc_skb+0x198/0x3a0
[   91.431905][ T5342]  ? netlink_sendmsg+0x642/0xb30
[   91.433705][ T5342]  ? skb_put+0x11b/0x210
[   91.435532][ T5342]  netlink_sendmsg+0x805/0xb30
[   91.437606][ T5342]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.439704][ T5342]  ? aa_sock_msg_perm+0xf1/0x1b0
[   91.441684][ T5342]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   91.443901][ T5342]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.446202][ T5342]  __sock_sendmsg+0x21c/0x270
[   91.448255][ T5342]  ____sys_sendmsg+0x505/0x820
[   91.450412][ T5342]  ? __pfx_____sys_sendmsg+0x10/0x10
[   91.452662][ T5342]  ? import_iovec+0x74/0xa0
[   91.454345][ T5342]  ___sys_sendmsg+0x21f/0x2a0
[   91.456104][ T5342]  ? __pfx____sys_sendmsg+0x10/0x10
[   91.458066][ T5342]  ? futex_wait+0x285/0x360
[   91.459706][ T5342]  ? __fget_files+0x2a/0x420
[   91.461402][ T5342]  ? __fget_files+0x3a0/0x420
[   91.463154][ T5342]  __x64_sys_sendmsg+0x19b/0x260
[   91.465077][ T5342]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   91.467157][ T5342]  ? rcu_is_watching+0x15/0xb0
[   91.468931][ T5342]  do_syscall_64+0xec/0xf80
[   91.470736][ T5342]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.473101][ T5342]  ? trace_irq_disable+0x37/0x100
[   91.475102][ T5342]  ? clear_bhb_loop+0x60/0xb0
[   91.476880][ T5342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.479338][ T5342] RIP: 0033:0x7f953158f7c9
[   91.481386][ T5342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.489683][ T5342] RSP: 002b:00007f95324a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.493277][ T5342] RAX: ffffffffffffffda RBX: 00007f95317e6090 RCX: 00007f953158f7c9
[   91.496634][ T5342] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[   91.499986][ T5342] RBP: 00007f9531613f91 R08: 0000000000000000 R09: 0000000000000000
[   91.503250][ T5342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.506641][ T5342] R13: 00007f95317e6128 R14: 00007f95317e6090 R15: 00007fff9e85e3d8
[   91.510033][ T5342]  </TASK>
[   91.511716][ T5342] Kernel Offset: disabled
[   91.513600][ T5342] Rebooting in 86400 seconds..