program: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x4000004) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x4, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=ANY=[@ANYBLOB="10000000080211000001080211000000080211000000204078aa0000010001"], 0x28) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000480)={'syztnl1\x00', &(0x7f0000000680)={'syztnl1\x00', 0x0, 0x29, 0x5, 0xe, 0xf09, 0x4, @remote, @remote, 0x8, 0x10, 0x4a, 0x5}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@int={0xc, 0x0, 0x0, 0x1, 0x0, 0x6a, 0x0, 0xa, 0x3}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x4, 0xc0628af2}}]}, {0x0, [0x30, 0x61]}}, &(0x7f0000000780)=""/208, 0x44, 0xd0, 0x0, 0xfffff801, 0x0, @void, @value}, 0x28) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c00)={0xffffffffffffffff, 0xe0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f0000000940)=[0x0, 0x0], &(0x7f0000000980)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x50, &(0x7f00000009c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000a40), &(0x7f0000000a80), 0x8, 0x9e, 0x8, 0x8, &(0x7f0000000ac0)}}, 0x10) r8 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r8, 0x6, 0x25, &(0x7f00000000c0)=0x101, 0x4) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r9, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r9, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r9, &(0x7f0000000080)="44f9", 0x2, 0x1, 0x0, 0x0) [ 69.087398][ T5308] Bluetooth: hci0: command tx timeout [ 69.186479][ T5323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 69.193568][ T5323] netlink: 'syz.0.0': attribute type 10 has an invalid length. [ 69.221444][ T5323] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 69.231016][ T5323] wlan1: authenticate with 08:02:11:00:00:00 (local address=aa:aa:aa:aa:aa:17) [ 69.235573][ T5323] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 69.254280][ T5323] bond0: entered promiscuous mode [ 69.258555][ T5323] bond_slave_0: entered promiscuous mode [ 69.260994][ T5323] bond_slave_1: entered promiscuous mode [ 69.263234][ T5323] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode [ 69.323753][ T5323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 69.329466][ T5323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 69.335115][ T5323] TCP: TCP_TX_DELAY enabled [ 69.348108][ T1032] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 69.458039][ T1032] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 69.567265][ T1032] wlan1: authentication with 08:02:11:00:00:00 timed out [ 69.571363][ T1032] ================================================================== [ 69.574759][ T1032] BUG: KASAN: slab-use-after-free in __lock_acquire+0x78/0x2100 [ 69.577755][ T1032] Read of size 8 at addr ffff8880455469a0 by task kworker/u4:5/1032 [ 69.580558][ T1032] [ 69.581494][ T1032] CPU: 0 UID: 0 PID: 1032 Comm: kworker/u4:5 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0 [ 69.581508][ T1032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.581516][ T1032] Workqueue: events_unbound cfg80211_wiphy_work [ 69.581577][ T1032] Call Trace: [ 69.581584][ T1032] [ 69.581590][ T1032] dump_stack_lvl+0x241/0x360 [ 69.581606][ T1032] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.581612][ T1032] ? __pfx__printk+0x10/0x10 [ 69.581623][ T1032] ? _printk+0xd5/0x120 [ 69.581629][ T1032] ? __virt_addr_valid+0x183/0x530 [ 69.581637][ T1032] ? __virt_addr_valid+0x183/0x530 [ 69.581646][ T1032] print_report+0x169/0x550 [ 69.581659][ T1032] ? __virt_addr_valid+0x183/0x530 [ 69.581667][ T1032] ? __virt_addr_valid+0x183/0x530 [ 69.581674][ T1032] ? __virt_addr_valid+0x45f/0x530 [ 69.581682][ T1032] ? __phys_addr+0xba/0x170 [ 69.581698][ T1032] ? __lock_acquire+0x78/0x2100 [ 69.581714][ T1032] kasan_report+0x143/0x180 [ 69.581726][ T1032] ? __lock_acquire+0x78/0x2100 [ 69.581739][ T1032] __lock_acquire+0x78/0x2100 [ 69.581755][ T1032] lock_acquire+0x1ed/0x550 [ 69.581768][ T1032] ? lockref_get+0x15/0x60 [ 69.581816][ T1032] ? __pfx_lock_acquire+0x10/0x10 [ 69.581832][ T1032] ? simple_pin_fs+0x91/0x160 [ 69.581843][ T1032] ? do_raw_spin_lock+0x14f/0x370 [ 69.581854][ T1032] ? __pfx_lock_release+0x10/0x10 [ 69.581868][ T1032] _raw_spin_lock+0x2e/0x40 [ 69.581879][ T1032] ? lockref_get+0x15/0x60 [ 69.581889][ T1032] lockref_get+0x15/0x60 [ 69.581900][ T1032] simple_recursive_removal+0x35/0x8f0 [ 69.581910][ T1032] ? mntput+0x65/0xc0 [ 69.581920][ T1032] ? __pfx_remove_one+0x10/0x10 [ 69.581933][ T1032] debugfs_remove+0x49/0x70 [ 69.581944][ T1032] ieee80211_sta_debugfs_remove+0x40/0x60 [ 69.581955][ T1032] __sta_info_destroy_part2+0x35e/0x450 [ 69.581970][ T1032] sta_info_destroy_addr+0xf4/0x140 [ 69.582001][ T1032] ieee80211_destroy_auth_data+0x123/0x250 [ 69.582016][ T1032] ieee80211_sta_work+0x12c6/0x3610 [ 69.582031][ T1032] ? mark_lock+0x9a/0x360 [ 69.582040][ T1032] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 69.582053][ T1032] ? __pfx_ieee80211_sta_work+0x10/0x10 [ 69.582066][ T1032] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 69.582076][ T1032] ? lockdep_hardirqs_on+0x99/0x150 [ 69.582093][ T1032] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 69.582104][ T1032] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 69.582117][ T1032] ? skb_dequeue+0x113/0x150 [ 69.582128][ T1032] ? ieee80211_iface_work+0xc81/0xf90 [ 69.582138][ T1032] ? ieee80211_iface_work+0xe9d/0xf90 [ 69.582147][ T1032] ? rcu_is_watching+0x15/0xb0 [ 69.582154][ T1032] cfg80211_wiphy_work+0x2f0/0x490 [ 69.582163][ T1032] ? process_scheduled_works+0x9c6/0x18e0 [ 69.582175][ T1032] process_scheduled_works+0xabe/0x18e0 [ 69.582192][ T1032] ? __pfx_process_scheduled_works+0x10/0x10 [ 69.582205][ T1032] ? assign_work+0x364/0x3d0 [ 69.582218][ T1032] worker_thread+0x870/0xd30 [ 69.582234][ T1032] ? __kthread_parkme+0x169/0x1d0 [ 69.582248][ T1032] ? __pfx_worker_thread+0x10/0x10 [ 69.582260][ T1032] kthread+0x7a9/0x920 [ 69.582272][ T1032] ? __pfx_kthread+0x10/0x10 [ 69.582285][ T1032] ? __pfx_worker_thread+0x10/0x10 [ 69.582297][ T1032] ? __pfx_kthread+0x10/0x10 [ 69.582309][ T1032] ? __pfx_kthread+0x10/0x10 [ 69.582324][ T1032] ? __pfx_kthread+0x10/0x10 [ 69.582337][ T1032] ? _raw_spin_unlock_irq+0x23/0x50 [ 69.582347][ T1032] ? lockdep_hardirqs_on+0x99/0x150 [ 69.582357][ T1032] ? __pfx_kthread+0x10/0x10 [ 69.582370][ T1032] ret_from_fork+0x4b/0x80 [ 69.582384][ T1032] ? __pfx_kthread+0x10/0x10 [ 69.582403][ T1032] ret_from_fork_asm+0x1a/0x30 [ 69.582420][ T1032] [ 69.582424][ T1032] [ 69.724800][ T1032] Allocated by task 5323: [ 69.726340][ T1032] kasan_save_track+0x3f/0x80 [ 69.727973][ T1032] __kasan_slab_alloc+0x66/0x80 [ 69.729821][ T1032] kmem_cache_alloc_lru_noprof+0x1dd/0x390 [ 69.731817][ T1032] __d_alloc+0x31/0x740 [ 69.733449][ T1032] d_alloc_parallel+0xdf/0x1630 [ 69.735428][ T1032] __lookup_slow+0x117/0x400 [ 69.737544][ T1032] lookup_one_len+0x1ef/0x300 [ 69.739458][ T1032] start_creating+0x187/0x310 [ 69.741322][ T1032] debugfs_create_dir+0x25/0x430 [ 69.743071][ T1032] ieee80211_sta_debugfs_add+0x132/0x840 [ 69.745189][ T1032] sta_info_insert_rcu+0xecf/0x1900 [ 69.747153][ T1032] sta_info_insert+0x16/0xc0 [ 69.749091][ T1032] ieee80211_prep_connection+0xeff/0x1310 [ 69.751662][ T1032] ieee80211_mgd_auth+0xedb/0x1750 [ 69.753808][ T1032] cfg80211_mlme_auth+0x59f/0x970 [ 69.755948][ T1032] cfg80211_conn_do_work+0x601/0xeb0 [ 69.757941][ T1032] cfg80211_connect+0x190a/0x22f0 [ 69.759829][ T1032] nl80211_connect+0x19ec/0x2140 [ 69.761663][ T1032] genl_rcv_msg+0xb1f/0xec0 [ 69.763343][ T1032] netlink_rcv_skb+0x206/0x480 [ 69.765092][ T1032] genl_rcv+0x28/0x40 [ 69.766712][ T1032] netlink_unicast+0x7f6/0x990 [ 69.768909][ T1032] netlink_sendmsg+0x8de/0xcb0 [ 69.771165][ T1032] __sock_sendmsg+0x221/0x270 [ 69.773153][ T1032] ____sys_sendmsg+0x53a/0x860 [ 69.774879][ T1032] __sys_sendmsg+0x269/0x350 [ 69.776593][ T1032] do_syscall_64+0xf3/0x230 [ 69.778230][ T1032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.780348][ T1032] [ 69.781266][ T1032] Freed by task 16: [ 69.782776][ T1032] kasan_save_track+0x3f/0x80 [ 69.784651][ T1032] kasan_save_free_info+0x40/0x50 [ 69.786738][ T1032] __kasan_slab_free+0x59/0x70 [ 69.788740][ T1032] kmem_cache_free+0x195/0x410 [ 69.790814][ T1032] rcu_core+0xaaa/0x17a0 [ 69.792752][ T1032] handle_softirqs+0x2d4/0x9b0 [ 69.794805][ T1032] run_ksoftirqd+0xca/0x130 [ 69.796495][ T1032] smpboot_thread_fn+0x544/0xa30 [ 69.798266][ T1032] kthread+0x7a9/0x920 [ 69.799776][ T1032] ret_from_fork+0x4b/0x80 [ 69.801386][ T1032] ret_from_fork_asm+0x1a/0x30 [ 69.803080][ T1032] [ 69.803988][ T1032] Last potentially related work creation: [ 69.806022][ T1032] kasan_save_stack+0x3f/0x60 [ 69.807927][ T1032] kasan_record_aux_stack+0xaa/0xc0 [ 69.810352][ T1032] call_rcu+0x168/0xac0 [ 69.812142][ T1032] __dentry_kill+0x497/0x630 [ 69.814010][ T1032] dput+0x19f/0x2b0 [ 69.815368][ T1032] simple_recursive_removal+0x2bd/0x8f0 [ 69.817614][ T1032] debugfs_remove+0x49/0x70 [ 69.819739][ T1032] ieee80211_debugfs_recreate_netdev+0xc4/0x14d0 [ 69.822303][ T1032] drv_remove_interface+0x1e1/0x590 [ 69.824023][ T1032] ieee80211_change_mac+0xab2/0x1160 [ 69.826010][ T1032] dev_set_mac_address+0x327/0x510 [ 69.828012][ T1032] bond_set_mac_address+0x28e/0x830 [ 69.829884][ T1032] dev_set_mac_address+0x327/0x510 [ 69.832329][ T1032] dev_set_mac_address_user+0x31/0x50 [ 69.835531][ T1032] do_setlink+0x784/0x4300 [ 69.837500][ T1032] rtnl_newlink+0x1704/0x1d30 [ 69.839492][ T1032] rtnetlink_rcv_msg+0x791/0xcf0 [ 69.841429][ T1032] netlink_rcv_skb+0x206/0x480 [ 69.843154][ T1032] netlink_unicast+0x7f6/0x990 [ 69.845002][ T1032] netlink_sendmsg+0x8de/0xcb0 [ 69.846703][ T1032] __sock_sendmsg+0x221/0x270 [ 69.848657][ T1032] ____sys_sendmsg+0x53a/0x860 [ 69.850869][ T1032] __sys_sendmsg+0x269/0x350 [ 69.853099][ T1032] do_syscall_64+0xf3/0x230 [ 69.855060][ T1032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.857443][ T1032] [ 69.858340][ T1032] The buggy address belongs to the object at ffff8880455468d0 [ 69.858340][ T1032] which belongs to the cache dentry of size 312 [ 69.863056][ T1032] The buggy address is located 208 bytes inside of [ 69.863056][ T1032] freed 312-byte region [ffff8880455468d0, ffff888045546a08) [ 69.867773][ T1032] [ 69.868768][ T1032] The buggy address belongs to the physical page: [ 69.871357][ T1032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45546 [ 69.874889][ T1032] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 69.878567][ T1032] memcg:ffff8880364e9301 [ 69.880100][ T1032] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 69.883045][ T1032] page_type: f5(slab) [ 69.884967][ T1032] raw: 04fff00000000040 ffff88803040b8c0 dead000000000122 0000000000000000 [ 69.889108][ T1032] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff8880364e9301 [ 69.892661][ T1032] head: 04fff00000000040 ffff88803040b8c0 dead000000000122 0000000000000000 [ 69.895759][ T1032] head: 0000000000000000 0000000000150015 00000000f5000000 ffff8880364e9301 [ 69.898990][ T1032] head: 04fff00000000001 ffffea0001155181 ffffffffffffffff 0000000000000000 [ 69.902160][ T1032] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 69.905213][ T1032] page dumped because: kasan: bad access detected [ 69.907294][ T1032] page_owner tracks the page as allocated [ 69.909544][ T1032] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 5323, tgid 5322 (syz.0.0), ts 69211436262, free_ts 0 [ 69.918685][ T1032] post_alloc_hook+0x1f4/0x240 [ 69.920399][ T1032] get_page_from_freelist+0x365c/0x37a0 [ 69.922456][ T1032] __alloc_frozen_pages_noprof+0x292/0x710 [ 69.924614][ T1032] alloc_pages_mpol+0x311/0x660 [ 69.926396][ T1032] allocate_slab+0x8f/0x3a0 [ 69.927816][ T1032] ___slab_alloc+0xc27/0x14a0 [ 69.929539][ T1032] __slab_alloc+0x58/0xa0 [ 69.931029][ T1032] kmem_cache_alloc_lru_noprof+0x26c/0x390 [ 69.933581][ T1032] __d_alloc+0x31/0x740 [ 69.935474][ T1032] d_alloc_parallel+0xdf/0x1630 [ 69.937840][ T1032] __lookup_slow+0x117/0x400 [ 69.939733][ T1032] lookup_one_len+0x1ef/0x300 [ 69.941291][ T1032] start_creating+0x187/0x310 [ 69.942906][ T1032] __debugfs_create_file+0x7d/0x500 [ 69.944690][ T1032] debugfs_create_file_short+0x40/0x60 [ 69.946666][ T1032] ieee80211_debugfs_recreate_netdev+0xf61/0x14d0 [ 69.949118][ T1032] page_owner free stack trace missing [ 69.951453][ T1032] [ 69.952558][ T1032] Memory state around the buggy address: [ 69.955129][ T1032] ffff888045546880: fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb [ 69.958618][ T1032] ffff888045546900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.961581][ T1032] >ffff888045546980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.964501][ T1032] ^ [ 69.966431][ T1032] ffff888045546a00: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 69.969227][ T1032] ffff888045546a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.972249][ T1032] ================================================================== [ 69.975276][ T1032] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 69.978174][ T1032] CPU: 0 UID: 0 PID: 1032 Comm: kworker/u4:5 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0 [ 69.982089][ T1032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.986020][ T1032] Workqueue: events_unbound cfg80211_wiphy_work [ 69.988634][ T1032] Call Trace: [ 69.990008][ T1032] [ 69.991430][ T1032] dump_stack_lvl+0x241/0x360 [ 69.993330][ T1032] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.995410][ T1032] ? __pfx__printk+0x10/0x10 [ 69.997106][ T1032] ? rcu_is_watching+0x15/0xb0 [ 69.998820][ T1032] ? lock_release+0xbf/0xa30 [ 70.000530][ T1032] ? vscnprintf+0x5d/0x90 [ 70.002106][ T1032] panic+0x349/0x880 [ 70.003597][ T1032] ? check_panic_on_warn+0x21/0xb0 [ 70.005852][ T1032] ? __pfx_panic+0x10/0x10 [ 70.007917][ T1032] ? do_raw_spin_unlock+0x58/0x8b0 [ 70.010331][ T1032] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 70.012814][ T1032] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 70.015189][ T1032] ? print_report+0x502/0x550 [ 70.016905][ T1032] check_panic_on_warn+0x86/0xb0 [ 70.018793][ T1032] ? __lock_acquire+0x78/0x2100 [ 70.020662][ T1032] end_report+0x77/0x160 [ 70.022278][ T1032] kasan_report+0x154/0x180 [ 70.024007][ T1032] ? __lock_acquire+0x78/0x2100 [ 70.025822][ T1032] __lock_acquire+0x78/0x2100 [ 70.027711][ T1032] lock_acquire+0x1ed/0x550 [ 70.029404][ T1032] ? lockref_get+0x15/0x60 [ 70.031088][ T1032] ? __pfx_lock_acquire+0x10/0x10 [ 70.033070][ T1032] ? simple_pin_fs+0x91/0x160 [ 70.035010][ T1032] ? do_raw_spin_lock+0x14f/0x370 [ 70.037350][ T1032] ? __pfx_lock_release+0x10/0x10 [ 70.039656][ T1032] _raw_spin_lock+0x2e/0x40 [ 70.041566][ T1032] ? lockref_get+0x15/0x60 [ 70.043231][ T1032] lockref_get+0x15/0x60 [ 70.044780][ T1032] simple_recursive_removal+0x35/0x8f0 [ 70.046744][ T1032] ? mntput+0x65/0xc0 [ 70.048274][ T1032] ? __pfx_remove_one+0x10/0x10 [ 70.050011][ T1032] debugfs_remove+0x49/0x70 [ 70.051720][ T1032] ieee80211_sta_debugfs_remove+0x40/0x60 [ 70.053965][ T1032] __sta_info_destroy_part2+0x35e/0x450 [ 70.056232][ T1032] sta_info_destroy_addr+0xf4/0x140 [ 70.059573][ T1032] ieee80211_destroy_auth_data+0x123/0x250 [ 70.062696][ T1032] ieee80211_sta_work+0x12c6/0x3610 [ 70.064884][ T1032] ? mark_lock+0x9a/0x360 [ 70.066509][ T1032] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 70.068701][ T1032] ? __pfx_ieee80211_sta_work+0x10/0x10 [ 70.070621][ T1032] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 70.072769][ T1032] ? lockdep_hardirqs_on+0x99/0x150 [ 70.074615][ T1032] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 70.076698][ T1032] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 70.079015][ T1032] ? skb_dequeue+0x113/0x150 [ 70.080822][ T1032] ? ieee80211_iface_work+0xc81/0xf90 [ 70.083167][ T1032] ? ieee80211_iface_work+0xe9d/0xf90 [ 70.085401][ T1032] ? rcu_is_watching+0x15/0xb0 [ 70.087385][ T1032] cfg80211_wiphy_work+0x2f0/0x490 [ 70.089255][ T1032] ? process_scheduled_works+0x9c6/0x18e0 [ 70.091283][ T1032] process_scheduled_works+0xabe/0x18e0 [ 70.093253][ T1032] ? __pfx_process_scheduled_works+0x10/0x10 [ 70.095406][ T1032] ? assign_work+0x364/0x3d0 [ 70.097085][ T1032] worker_thread+0x870/0xd30 [ 70.098684][ T1032] ? __kthread_parkme+0x169/0x1d0 [ 70.100560][ T1032] ? __pfx_worker_thread+0x10/0x10 [ 70.102601][ T1032] kthread+0x7a9/0x920 [ 70.104981][ T1032] ? __pfx_kthread+0x10/0x10 [ 70.107695][ T1032] ? __pfx_worker_thread+0x10/0x10 [ 70.109982][ T1032] ? __pfx_kthread+0x10/0x10 [ 70.111772][ T1032] ? __pfx_kthread+0x10/0x10 [ 70.113545][ T1032] ? __pfx_kthread+0x10/0x10 [ 70.115368][ T1032] ? _raw_spin_unlock_irq+0x23/0x50 [ 70.117426][ T1032] ? lockdep_hardirqs_on+0x99/0x150 [ 70.119613][ T1032] ? __pfx_kthread+0x10/0x10 [ 70.121490][ T1032] ret_from_fork+0x4b/0x80 [ 70.123231][ T1032] ? __pfx_kthread+0x10/0x10 [ 70.125248][ T1032] ret_from_fork_asm+0x1a/0x30 [ 70.127751][ T1032] [ 70.129817][ T1032] Kernel Offset: disabled [ 70.131966][ T1032] Rebooting in 86400 seconds..