./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2305635004

<...>
Warning: Permanently added '10.128.1.160' (ED25519) to the list of known hosts.
execve("./syz-executor2305635004", ["./syz-executor2305635004"], 0x7ffcdda98de0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555881c9000
brk(0x5555881c9d00)                     = 0x5555881c9d00
arch_prctl(ARCH_SET_FS, 0x5555881c9380) = 0
set_tid_address(0x5555881c9650)         = 5829
set_robust_list(0x5555881c9660, 24)     = 0
rseq(0x5555881c9ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2305635004", 4096) = 28
getrandom("\x8c\x66\xe6\xb9\xe0\x51\xf2\xc5", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555881c9d00
brk(0x5555881ead00)                     = 0x5555881ead00
brk(0x5555881eb000)                     = 0x5555881eb000
mprotect(0x7ff6b0989000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached
, child_tidptr=0x5555881c9650) = 5830
[pid  5830] set_robust_list(0x5555881c9660, 24) = 0
[pid  5830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5830] getppid()                   = 0
[pid  5830] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5830] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5830] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5830] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5830] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5830] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5830] unshare(CLONE_NEWNS)        = 0
[pid  5830] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5830] unshare(CLONE_NEWIPC)       = 0
[pid  5830] unshare(CLONE_NEWCGROUP)    = 0
[pid  5830] unshare(CLONE_NEWUTS)       = 0
[pid  5830] unshare(CLONE_SYSVSEM)      = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "16777216", 8)     = 8
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "536870912", 9)    = 9
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "1024", 4)         = 4
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "8192", 4)         = 4
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "1024", 4)         = 4
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "1024", 4)         = 4
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5830] close(3)                    = 0
[pid  5830] getpid()                    = 1
[pid  5830] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5830] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5830] unshare(CLONE_NEWNET)       = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "0 65535", 7)      = 7
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid  5830] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid  5830] close(3)                    = 0
[pid  5830] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5830] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5830] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x2c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1d\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5830] recvfrom(3, [{nlmsg_len=2516, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x24\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x4d\x01\x00\x00\x00\x09\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2516
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=36, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5830] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5830] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5830] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  5830] close(4)                    = 0
[pid  5830] sendto(3, [{nlmsg_len=36, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5830] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5830] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5830] close(4)                    = 0
[pid  5830] sendto(3, [{nlmsg_len=64, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=36, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5830] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid  5830] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5830] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5830] close(4)                    = 0
[pid  5830] sendto(3, [{nlmsg_len=36, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[   62.653836][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.662249][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid  5830] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid  5830] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5830] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid  5830] close(4)                    = 0
[pid  5830] sendto(3, [{nlmsg_len=64, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x24 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5830] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid  5830] close(4)                    = 0
[pid  5830] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5830] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[   62.759694][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.767595][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid  5830] recvfrom(4, [{nlmsg_len=1468, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0b\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1468
[pid  5830] close(4)                    = 0
[pid  5830] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5830] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid  5830] close(4)                    = 0
[pid  5830] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid  5830] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5830] recvfrom(4, [{nlmsg_len=1468, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1468
[pid  5830] close(4)                    = 0
[pid  5830] close(3)                    = 0
[pid  5830] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "100000", 6)       = 6
[pid  5830] close(3)                    = 0
[pid  5830] mkdir("./syz-tmp", 0777)    = 0
[pid  5830] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid  5830] mkdir("./syz-tmp/newroot", 0777) = 0
[pid  5830] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid  5830] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5830] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid  5830] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid  5830] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid  5830] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5830] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5830] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid  5830] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5830] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5830] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5830] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5830] mkdir("./syz-tmp/pivot", 0777) = 0
[pid  5830] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid  5830] chdir("/")                  = 0
[pid  5830] umount2("./pivot", MNT_DETACH) = 0
[pid  5830] chroot("./newroot")         = 0
[pid  5830] chdir("/")                  = 0
[pid  5830] mkdir("/dev/gadgetfs", 0777) = 0
[pid  5830] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL) = 0
[pid  5830] mkdir("/dev/binderfs", 0777) = 0
[pid  5830] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5830] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5830] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
executing program
[pid  5830] write(1, "executing program\n", 18) = 18
[pid  5830] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5830] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5830] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x2c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1d\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=20, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x01\x00\x00\x00"], 20, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 20
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=20, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=1308, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00\x08\x00\x06\x00\x00\x00\x00\x00\x0a\x00\x01\x00\x08\x02\x11\x00\x00\x01\x00\x00\xeb\x04\x03\x00\x50\x00\x00\x00\x08\x02\x11\x00\x00\x01\x08\x02\x11\x00\x00\x00\x50\x50\x50\x50\x50\x50\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x64\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"...], 1308, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 1308
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=1308, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] close(3)                    = 0
[pid  5830] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5830] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5830] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x2c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1d\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=20, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x01\x00\x00\x00"], 20, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 20
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=20, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=1308, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00\x08\x00\x06\x00\x00\x00\x00\x00\x0a\x00\x01\x00\x08\x02\x11\x00\x00\x01\x00\x00\xeb\x04\x03\x00\x50\x00\x00\x00\x08\x02\x11\x00\x00\x01\x08\x02\x11\x00\x00\x00\x50\x50\x50\x50\x50\x50\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x64\x00\x00\x00\x00\x06\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"...], 1308, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 1308
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=1308, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] close(3)                    = 0
[pid  5830] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5830] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5830] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x2c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1d\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5830] sendto(3, [{nlmsg_len=20, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x01\x00\x00\x00"], 20, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 20
[pid  5830] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=20, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[   63.087790][ T5830] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   63.109600][ T5830] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   63.129131][    C0] ------------[ cut here ]------------
[pid  5830] sendto(3, [{nlmsg_len=116, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00\x08\x00\x06\x00\x00\x00\x00\x00\x0a\x00\x01\x00\x08\x02\x11\x00\x00\x01\x00\x00\x44\x00\x03\x00\x80\x00\x00\x00\xff\xff\xff\xff\xff\xff\x08\x02\x11\x00\x00\x00\x50\x50\x50\x50\x50\x50\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x64\x00\x45\x02\x00\x00\x04\x06\x00\x00\x00\x00\x00\x00\x06\x02\x00\x00\x3c\x04\x00\x00\x00\x00\x72\x06\x03\x03\x03\x03\x03\x03"], 116, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 116
[pid  5830] recvfrom(3, [{nlmsg_len=168, nlmsg_type=0x2c /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x01\x00\x00\x0a\x00\x02\x00\x08\x02\x11\x00\x00\x01\x00\x00\x50\x00\x03\x00\x80\x00\x00\x00\xff\xff\xff\xff\xff\xff\x08\x02\x11\x00\x00\x01\x50\x50\x50\x50\x50\x50\x00\x00\x1c\x81\xa9\x94\x0c\x2a\x06\x00\x64\x00\x02\x00\x00\x06\x10\x10\x10\x10\x10\x10\x01\x08\x82\x84\x8b\x96\x0c\x12\x18\x24\x03\x01\x01\x06\x02\x00\x00\x32\x04\x30\x48\x60\x6c\xdd\x07\x00\x50\xf2\x02\x00\x01\x00\x08\x00\x04\x00"...], 4096, 0, NULL, NULL) = 168
[pid  5830] close(3)                    = 0
[pid  5830] exit_group(1)               = ?
[   63.134800][    C0] WARNING: CPU: 0 PID: 16 at net/wireless/scan.c:1744 __cfg80211_bss_update+0x1a1f/0x2030
[   63.144818][    C0] Modules linked in:
[   63.148190][ T5830] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   63.148803][    C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   63.169250][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   63.179390][    C0] RIP: 0010:__cfg80211_bss_update+0x1a1f/0x2030
[   63.185734][    C0] Code: fc fa ff ff e8 d2 6f 88 f6 90 0f 0b 90 49 bd 00 00 00 00 00 fc ff df e9 7b fb ff ff 4c 89 b4 24 98 00 00 00 48 89 6c 24 60 90 <0f> 0b 90 48 8b 7c 24 10 e8 94 87 b1 f9 84 c0 0f 84 9e 00 00 00 e8
[   63.205502][    C0] RSP: 0018:ffffc90000156d58 EFLAGS: 00010206
[   63.211663][    C0] RAX: ffff888021e97c10 RBX: ffff888028a63c10 RCX: ffff888021e97810
[   63.219736][    C0] RDX: ffff88801cacda00 RSI: 0000000000000000 RDI: 0000000000000006
[   63.227856][    C0] RBP: ffff888021e97890 R08: ffffffff8b170183 R09: 0003000000000000
[   63.235861][    C0] R10: 0245006400000000 R11: 0000505050505050 R12: ffff888021e97800
[   63.243925][    C0] R13: 1ffff110043d2f02 R14: 0000000000000000 R15: ffff888028a63c00
[   63.251963][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[   63.260985][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   63.267649][    C0] CR2: 0000000020001207 CR3: 000000000e736000 CR4: 00000000003526f0
[   63.275742][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   63.283800][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   63.291994][    C0] Call Trace:
[   63.295303][    C0]  <TASK>
[   63.298323][    C0]  ? __warn+0x165/0x4d0
[   63.302579][    C0]  ? __cfg80211_bss_update+0x1a1f/0x2030
[   63.308314][    C0]  ? report_bug+0x2b3/0x500
[   63.312845][    C0]  ? __cfg80211_bss_update+0x1a1f/0x2030
[   63.318586][    C0]  ? handle_bug+0x60/0x90
[   63.322941][    C0]  ? exc_invalid_op+0x1a/0x50
[   63.327748][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[   63.332913][    C0]  ? __cfg80211_bss_update+0x1723/0x2030
[   63.338647][    C0]  ? __cfg80211_bss_update+0x1a1f/0x2030
[   63.344312][    C0]  ? __cfg80211_bss_update+0x1723/0x2030
[   63.350065][    C0]  cfg80211_inform_single_bss_data+0xd82/0x2070
[   63.356393][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[   63.363153][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.368441][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.373686][    C0]  ? cfg80211_inform_bss_data+0x3b6/0x5e80
[   63.379663][    C0]  cfg80211_inform_bss_data+0x3ce/0x5e80
[   63.385369][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.390667][    C0]  ? __dev_queue_xmit+0x2f4/0x3f50
[   63.395822][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.401124][    C0]  ? validate_chain+0x11e/0x5920
[   63.406118][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[   63.412275][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.417546][    C0]  ? mark_lock+0x9a/0x360
[   63.421905][    C0]  ? __pfx_lock_release+0x10/0x10
[   63.427047][    C0]  ? __lock_acquire+0x1397/0x2100
[   63.432154][    C0]  ? __pfx_lock_acquire+0x10/0x10
[   63.437290][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[   63.443129][    C0]  cfg80211_inform_bss_frame_data+0x3bb/0x720
[   63.449321][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[   63.455177][    C0]  ieee80211_bss_info_update+0x8a7/0xbc0
[   63.460931][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[   63.467279][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   63.473643][    C0]  ? kcov_remote_start+0x97/0x7d0
[   63.478981][    C0]  ? ieee80211_get_channel_khz+0x173/0x920
[   63.484843][    C0]  ieee80211_scan_rx+0x526/0x9c0
[   63.489903][    C0]  ieee80211_rx_list+0x2c44/0x3810
[   63.495073][    C0]  ? __pfx_ieee80211_rx_list+0x10/0x10
[   63.500726][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   63.506784][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   63.513157][    C0]  ? ieee80211_rx_napi+0xd6/0x3c0
[   63.518262][    C0]  ieee80211_rx_napi+0x18a/0x3c0
[   63.523222][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   63.529637][    C0]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[   63.535138][    C0]  ? skb_dequeue+0x113/0x150
[   63.539816][    C0]  ieee80211_handle_queued_frames+0xe7/0x1e0
[   63.545838][    C0]  tasklet_action_common+0x426/0x620
[   63.551233][    C0]  ? __pfx_tasklet_action_common+0x10/0x10
[   63.557105][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   63.563463][    C0]  ? __schedule+0x1858/0x4c30
[   63.568218][    C0]  ? workqueue_softirq_action+0xce/0x140
[   63.573879][    C0]  handle_softirqs+0x2d4/0x9b0
[   63.578756][    C0]  ? run_ksoftirqd+0xca/0x130
[   63.583460][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[   63.588838][    C0]  run_ksoftirqd+0xca/0x130
[   63.593363][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   63.598555][    C0]  ? __pfx_ksoftirqd_should_run+0x10/0x10
[   63.604323][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   63.609537][    C0]  smpboot_thread_fn+0x544/0xa30
[   63.614501][    C0]  ? smpboot_thread_fn+0x4e/0xa30
[   63.619622][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   63.625116][    C0]  kthread+0x2f0/0x390
[   63.629270][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   63.634754][    C0]  ? __pfx_kthread+0x10/0x10
[   63.639441][    C0]  ret_from_fork+0x4b/0x80
[   63.643888][    C0]  ? __pfx_kthread+0x10/0x10
[   63.648551][    C0]  ret_from_fork_asm+0x1a/0x30
[   63.653358][    C0]  </TASK>
[   63.656470][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   63.663860][    C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   63.674479][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   63.684554][    C0] Call Trace:
[   63.687846][    C0]  <TASK>
[   63.690788][    C0]  dump_stack_lvl+0x241/0x360
[   63.695490][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[   63.700713][    C0]  ? __pfx__printk+0x10/0x10
[   63.705397][    C0]  ? vscnprintf+0x5d/0x90
[   63.709752][    C0]  panic+0x349/0x880
[   63.713692][    C0]  ? __warn+0x174/0x4d0
[   63.717927][    C0]  ? __pfx_panic+0x10/0x10
[   63.722405][    C0]  ? ret_from_fork_asm+0x1a/0x30
[   63.727417][    C0]  __warn+0x344/0x4d0
[   63.731442][    C0]  ? __cfg80211_bss_update+0x1a1f/0x2030
[   63.737122][    C0]  report_bug+0x2b3/0x500
[   63.741473][    C0]  ? __cfg80211_bss_update+0x1a1f/0x2030
[   63.747134][    C0]  handle_bug+0x60/0x90
[   63.751306][    C0]  exc_invalid_op+0x1a/0x50
[   63.755824][    C0]  asm_exc_invalid_op+0x1a/0x20
[   63.760706][    C0] RIP: 0010:__cfg80211_bss_update+0x1a1f/0x2030
[   63.766972][    C0] Code: fc fa ff ff e8 d2 6f 88 f6 90 0f 0b 90 49 bd 00 00 00 00 00 fc ff df e9 7b fb ff ff 4c 89 b4 24 98 00 00 00 48 89 6c 24 60 90 <0f> 0b 90 48 8b 7c 24 10 e8 94 87 b1 f9 84 c0 0f 84 9e 00 00 00 e8
[   63.786603][    C0] RSP: 0018:ffffc90000156d58 EFLAGS: 00010206
[   63.792683][    C0] RAX: ffff888021e97c10 RBX: ffff888028a63c10 RCX: ffff888021e97810
[   63.800679][    C0] RDX: ffff88801cacda00 RSI: 0000000000000000 RDI: 0000000000000006
[   63.808732][    C0] RBP: ffff888021e97890 R08: ffffffff8b170183 R09: 0003000000000000
[   63.816830][    C0] R10: 0245006400000000 R11: 0000505050505050 R12: ffff888021e97800
[   63.824808][    C0] R13: 1ffff110043d2f02 R14: 0000000000000000 R15: ffff888028a63c00
[   63.832784][    C0]  ? __cfg80211_bss_update+0x1723/0x2030
[   63.838429][    C0]  ? __cfg80211_bss_update+0x1723/0x2030
[   63.844075][    C0]  cfg80211_inform_single_bss_data+0xd82/0x2070
[   63.850328][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[   63.857013][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.862222][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.867432][    C0]  ? cfg80211_inform_bss_data+0x3b6/0x5e80
[   63.873244][    C0]  cfg80211_inform_bss_data+0x3ce/0x5e80
[   63.878884][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.884084][    C0]  ? __dev_queue_xmit+0x2f4/0x3f50
[   63.889211][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.894422][    C0]  ? validate_chain+0x11e/0x5920
[   63.899370][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[   63.905463][    C0]  ? __pfx_validate_chain+0x10/0x10
[   63.910686][    C0]  ? mark_lock+0x9a/0x360
[   63.915034][    C0]  ? __pfx_lock_release+0x10/0x10
[   63.920073][    C0]  ? __lock_acquire+0x1397/0x2100
[   63.925124][    C0]  ? __pfx_lock_acquire+0x10/0x10
[   63.930152][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[   63.935960][    C0]  cfg80211_inform_bss_frame_data+0x3bb/0x720
[   63.942040][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[   63.947860][    C0]  ieee80211_bss_info_update+0x8a7/0xbc0
[   63.953497][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[   63.959686][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   63.966034][    C0]  ? kcov_remote_start+0x97/0x7d0
[   63.971067][    C0]  ? ieee80211_get_channel_khz+0x173/0x920
[   63.976896][    C0]  ieee80211_scan_rx+0x526/0x9c0
[   63.981871][    C0]  ieee80211_rx_list+0x2c44/0x3810
[   63.987002][    C0]  ? __pfx_ieee80211_rx_list+0x10/0x10
[   63.992467][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   63.998447][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   64.004782][    C0]  ? ieee80211_rx_napi+0xd6/0x3c0
[   64.009807][    C0]  ieee80211_rx_napi+0x18a/0x3c0
[   64.014745][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   64.021179][    C0]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[   64.026671][    C0]  ? skb_dequeue+0x113/0x150
[   64.031284][    C0]  ieee80211_handle_queued_frames+0xe7/0x1e0
[   64.037272][    C0]  tasklet_action_common+0x426/0x620
[   64.042571][    C0]  ? __pfx_tasklet_action_common+0x10/0x10
[   64.048373][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   64.054696][    C0]  ? __schedule+0x1858/0x4c30
[   64.059382][    C0]  ? workqueue_softirq_action+0xce/0x140
[   64.065022][    C0]  handle_softirqs+0x2d4/0x9b0
[   64.069808][    C0]  ? run_ksoftirqd+0xca/0x130
[   64.074484][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[   64.079775][    C0]  run_ksoftirqd+0xca/0x130
[   64.084278][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   64.089387][    C0]  ? __pfx_ksoftirqd_should_run+0x10/0x10
[   64.095110][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   64.100218][    C0]  smpboot_thread_fn+0x544/0xa30
[   64.105159][    C0]  ? smpboot_thread_fn+0x4e/0xa30
[   64.110184][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   64.115647][    C0]  kthread+0x2f0/0x390
[   64.119718][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   64.125171][    C0]  ? __pfx_kthread+0x10/0x10
[   64.129759][    C0]  ret_from_fork+0x4b/0x80
[   64.134173][    C0]  ? __pfx_kthread+0x10/0x10
[   64.138761][    C0]  ret_from_fork_asm+0x1a/0x30
[   64.143527][    C0]  </TASK>
[   64.147404][    C0] Kernel Offset: disabled
[   64.151772][    C0] Rebooting in 86400 seconds..