[  454.073009][ T2474] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  454.182967][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  454.292976][ T2474] wlan1: authentication with 08:02:11:00:00:00 timed out
[  454.446132][ T7262] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  454.483796][    T8] wlan1: No basic rates, using min rate instead
[  454.490855][    T8] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  454.500442][    T8] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  454.612916][ T2454] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  454.723016][ T2454] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  454.833005][   T63] wlan1: authentication with 08:02:11:00:00:00 timed out
[  454.980367][ T7264] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  455.013711][   T58] wlan1: No basic rates, using min rate instead
[  455.020859][   T58] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  455.030188][   T58] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  455.143041][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  455.252908][ T2454] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  455.363046][ T2454] wlan1: authentication with 08:02:11:00:00:00 timed out
[  455.512118][ T7266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  455.545477][   T58] wlan1: No basic rates, using min rate instead
[  455.552669][   T58] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  455.562032][   T58] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  455.673111][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  455.783006][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  455.893045][   T63] wlan1: authentication with 08:02:11:00:00:00 timed out
[  456.047243][ T7268] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  456.083890][   T58] wlan1: No basic rates, using min rate instead
[  456.090912][   T58] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  456.101185][   T58] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  456.213025][ T2474] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  456.322984][ T2474] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  456.433014][ T2474] wlan1: authentication with 08:02:11:00:00:00 timed out
[  456.578281][ T7270] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  456.614547][   T58] wlan1: No basic rates, using min rate instead
[  456.621811][   T58] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  456.630960][   T58] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  456.742945][ T2454] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  456.852942][ T2454] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  456.972962][ T2474] wlan1: authentication with 08:02:11:00:00:00 timed out
[  457.111752][ T7272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  457.144663][    T8] wlan1: No basic rates, using min rate instead
[  457.151677][    T8] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  457.161065][    T8] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  457.273001][ T2474] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  457.382935][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  457.502897][ T2474] wlan1: authentication with 08:02:11:00:00:00 timed out
[  457.646134][ T7274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  457.683839][   T58] wlan1: No basic rates, using min rate instead
[  457.690919][   T58] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  457.700087][   T58] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  457.812981][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  457.922956][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  458.033052][   T63] wlan1: authentication with 08:02:11:00:00:00 timed out
[  458.180457][ T7276] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  458.224687][    T8] wlan1: No basic rates, using min rate instead
[  458.232403][    T8] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  458.242083][    T8] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  458.352959][   T63] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  458.463006][ T2474] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  458.583113][ T2454] wlan1: authentication with 08:02:11:00:00:00 timed out
[  458.641607][ T2454] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.717251][ T2454] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.812254][ T2454] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.894627][ T2454] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.988175][ T2454] bridge_slave_1: left allmulticast mode
[  458.994014][ T2454] bridge_slave_1: left promiscuous mode
[  458.999684][ T2454] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.008773][ T2454] bridge_slave_0: left allmulticast mode
[  459.014669][ T2454] bridge_slave_0: left promiscuous mode
[  459.020334][ T2454] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.261169][ T2454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  459.272494][ T2454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  459.282617][ T2454] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.1.219' (ED25519) to the list of known hosts.
[  459.619702][ T2454] hsr_slave_0: left promiscuous mode
[  459.632872][ T2454] hsr_slave_1: left promiscuous mode
[  459.639065][ T2454] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  459.662885][ T2454] batman_adv: batadv0: Removing interface: batadv_slave_0
[  459.681234][ T2454] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  459.689359][ T2454] batman_adv: batadv0: Removing interface: batadv_slave_1
[  459.711217][ T2454] veth1_macvtap: left promiscuous mode
[  459.717114][ T2454] veth0_macvtap: left promiscuous mode
[  459.722685][ T2454] veth1_vlan: left promiscuous mode
[  459.728056][ T2454] veth0_vlan: left promiscuous mode
[  459.962721][ T2454] team0 (unregistering): Port device team_slave_1 removed
[  459.987007][ T2454] team0 (unregistering): Port device team_slave_0 removed
[  460.270187][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  460.285089][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  460.324047][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  460.333787][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  460.379474][ T7298] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  460.415135][    T8] wlan1: No basic rates, using min rate instead
executing program
[  460.422765][    T8] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  460.444949][    T8] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  460.454396][ T7302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  460.490161][ T7306] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  460.524438][ T7309] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  460.548876][ T7311] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  460.567620][ T2474] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  460.586613][ T7313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  460.625430][ T7314] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  460.653347][ T7316] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
[  460.684724][ T2474] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  460.693765][ T7318] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  460.733538][ T7319] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  460.760389][ T7321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  460.790326][ T7323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  460.801610][ T2474] wlan1: authentication with 08:02:11:00:00:00 timed out
[  460.811137][ T2474] ==================================================================
[  460.819231][ T2474] BUG: KASAN: slab-use-after-free in __lock_acquire+0x77/0x2040
[  460.826904][ T2474] Read of size 8 at addr ffff888074b66248 by task kworker/u8:9/2474
[  460.834898][ T2474] 
[  460.837254][ T2474] CPU: 0 UID: 0 PID: 2474 Comm: kworker/u8:9 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  460.847774][ T2474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  460.857844][ T2474] Workqueue: events_unbound cfg80211_wiphy_work
[  460.864120][ T2474] Call Trace:
[  460.867392][ T2474]  <TASK>
[  460.870330][ T2474]  dump_stack_lvl+0x241/0x360
[  460.875004][ T2474]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.880219][ T2474]  ? __pfx__printk+0x10/0x10
[  460.884799][ T2474]  ? _printk+0xd5/0x120
[  460.888943][ T2474]  ? __virt_addr_valid+0x183/0x530
[  460.894041][ T2474]  ? __virt_addr_valid+0x183/0x530
[  460.899140][ T2474]  print_report+0x169/0x550
[  460.903643][ T2474]  ? __virt_addr_valid+0x183/0x530
[  460.908741][ T2474]  ? __virt_addr_valid+0x183/0x530
[  460.913926][ T2474]  ? __virt_addr_valid+0x45f/0x530
[  460.919024][ T2474]  ? __phys_addr+0xba/0x170
[  460.923511][ T2474]  ? __lock_acquire+0x77/0x2040
[  460.928352][ T2474]  kasan_report+0x143/0x180
[  460.932851][ T2474]  ? __lock_acquire+0x77/0x2040
[  460.937697][ T2474]  __lock_acquire+0x77/0x2040
[  460.942360][ T2474]  ? mark_lock+0x9a/0x350
[  460.946681][ T2474]  ? __lock_acquire+0x137a/0x2040
[  460.951694][ T2474]  lock_acquire+0x1ed/0x550
[  460.956185][ T2474]  ? lockref_get+0x15/0x60
[  460.960587][ T2474]  ? __pfx_lock_acquire+0x10/0x10
[  460.965601][ T2474]  ? simple_pin_fs+0x91/0x160
[  460.970262][ T2474]  ? do_raw_spin_lock+0x14f/0x370
[  460.975272][ T2474]  ? __pfx_lock_release+0x10/0x10
[  460.980374][ T2474]  _raw_spin_lock+0x2e/0x40
[  460.984868][ T2474]  ? lockref_get+0x15/0x60
[  460.989269][ T2474]  lockref_get+0x15/0x60
[  460.993508][ T2474]  simple_recursive_removal+0x35/0x8f0
[  460.998952][ T2474]  ? mntput+0x65/0xc0
[  461.002929][ T2474]  ? __pfx_remove_one+0x10/0x10
[  461.007765][ T2474]  debugfs_remove+0x49/0x70
[  461.012282][ T2474]  ieee80211_sta_debugfs_remove+0x40/0x60
[  461.018019][ T2474]  __sta_info_destroy_part2+0x35e/0x450
[  461.023569][ T2474]  sta_info_destroy_addr+0xf4/0x140
[  461.028765][ T2474]  ieee80211_destroy_auth_data+0x139/0x270
[  461.034568][ T2474]  ieee80211_sta_work+0x1256/0x3850
[  461.039759][ T2474]  ? mark_lock+0x9a/0x350
[  461.044120][ T2474]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  461.049660][ T2474]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  461.055977][ T2474]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  461.061861][ T2474]  ? lockdep_hardirqs_on+0x99/0x150
[  461.067045][ T2474]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  461.072928][ T2474]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  461.079246][ T2474]  ? skb_dequeue+0x113/0x150
[  461.083821][ T2474]  ? ieee80211_iface_work+0xc0d/0xf20
[  461.089180][ T2474]  ? ieee80211_iface_work+0xe29/0xf20
[  461.094540][ T2474]  ? rcu_is_watching+0x15/0xb0
[  461.099298][ T2474]  cfg80211_wiphy_work+0x2db/0x490
[  461.104424][ T2474]  ? process_scheduled_works+0x945/0x1830
[  461.110152][ T2474]  process_scheduled_works+0xa2c/0x1830
[  461.115695][ T2474]  ? __pfx_process_scheduled_works+0x10/0x10
[  461.121671][ T2474]  ? assign_work+0x364/0x3d0
[  461.126257][ T2474]  worker_thread+0x86d/0xd40
[  461.130861][ T2474]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  461.136740][ T2474]  ? __kthread_parkme+0x169/0x1d0
[  461.141755][ T2474]  ? __pfx_worker_thread+0x10/0x10
[  461.146852][ T2474]  kthread+0x2f0/0x390
[  461.150908][ T2474]  ? __pfx_worker_thread+0x10/0x10
[  461.156016][ T2474]  ? __pfx_kthread+0x10/0x10
[  461.160589][ T2474]  ret_from_fork+0x4b/0x80
[  461.164995][ T2474]  ? __pfx_kthread+0x10/0x10
[  461.169573][ T2474]  ret_from_fork_asm+0x1a/0x30
[  461.174333][ T2474]  </TASK>
[  461.177336][ T2474] 
[  461.179643][ T2474] Allocated by task 8:
[  461.183686][ T2474]  kasan_save_track+0x3f/0x80
[  461.188348][ T2474]  __kasan_slab_alloc+0x66/0x80
[  461.193183][ T2474]  kmem_cache_alloc_lru_noprof+0x139/0x2b0
[  461.198973][ T2474]  __d_alloc+0x31/0x700
[  461.203115][ T2474]  d_alloc_parallel+0xdf/0x1600
[  461.207972][ T2474]  __lookup_slow+0x117/0x3f0
[  461.212561][ T2474]  lookup_one_len+0x18b/0x2d0
[  461.217227][ T2474]  start_creating+0x187/0x310
[  461.221893][ T2474]  debugfs_create_dir+0x25/0x430
[  461.226822][ T2474]  ieee80211_sta_debugfs_add+0x132/0x820
[  461.232453][ T2474]  sta_info_insert_rcu+0xecf/0x1900
[  461.237648][ T2474]  sta_info_insert+0x16/0xc0
[  461.242226][ T2474]  ieee80211_prep_connection+0xecd/0x12d0
[  461.247942][ T2474]  ieee80211_mgd_auth+0xd42/0x14c0
[  461.253040][ T2474]  cfg80211_mlme_auth+0x59f/0x980
[  461.258058][ T2474]  cfg80211_conn_do_work+0x5ed/0xe60
[  461.263346][ T2474]  cfg80211_conn_work+0x27c/0x4d0
[  461.268369][ T2474]  process_scheduled_works+0xa2c/0x1830
[  461.273907][ T2474]  worker_thread+0x86d/0xd40
[  461.278486][ T2474]  kthread+0x2f0/0x390
[  461.282547][ T2474]  ret_from_fork+0x4b/0x80
[  461.286956][ T2474]  ret_from_fork_asm+0x1a/0x30
[  461.291797][ T2474] 
[  461.294109][ T2474] Freed by task 16:
[  461.297928][ T2474]  kasan_save_track+0x3f/0x80
[  461.303029][ T2474]  kasan_save_free_info+0x40/0x50
[  461.308043][ T2474]  poison_slab_object+0xe0/0x150
[  461.313146][ T2474]  __kasan_slab_free+0x37/0x60
[  461.317903][ T2474]  kmem_cache_free+0x145/0x350
[  461.322656][ T2474]  rcu_core+0xafd/0x1830
[  461.326897][ T2474]  handle_softirqs+0x2c4/0x970
[  461.331649][ T2474]  run_ksoftirqd+0xca/0x130
[  461.336143][ T2474]  smpboot_thread_fn+0x544/0xa30
[  461.341074][ T2474]  kthread+0x2f0/0x390
[  461.345143][ T2474]  ret_from_fork+0x4b/0x80
[  461.349576][ T2474]  ret_from_fork_asm+0x1a/0x30
[  461.354333][ T2474] 
[  461.356657][ T2474] Last potentially related work creation:
[  461.362368][ T2474]  kasan_save_stack+0x3f/0x60
[  461.367034][ T2474]  __kasan_record_aux_stack+0xac/0xc0
[  461.372396][ T2474]  call_rcu+0x167/0xa70
[  461.376540][ T2474]  __dentry_kill+0x497/0x630
[  461.381127][ T2474]  dput+0x19f/0x2b0
[  461.385006][ T2474]  simple_recursive_removal+0x2bd/0x8f0
[  461.390567][ T2474]  debugfs_remove+0x49/0x70
[  461.395142][ T2474]  ieee80211_debugfs_recreate_netdev+0xc4/0x1400
[  461.401459][ T2474]  drv_remove_interface+0x1e1/0x590
[  461.406646][ T2474]  ieee80211_change_mac+0xaf5/0x11e0
[  461.412003][ T2474]  dev_set_mac_address+0x327/0x510
[  461.417211][ T2474]  dev_set_mac_address_user+0x31/0x50
[  461.422675][ T2474]  dev_ifsioc+0xbd9/0xe70
[  461.426992][ T2474]  dev_ioctl+0x719/0x1340
[  461.431332][ T2474]  sock_do_ioctl+0x240/0x460
[  461.436003][ T2474]  sock_ioctl+0x629/0x8e0
[  461.440317][ T2474]  __se_sys_ioctl+0xfc/0x170
[  461.444897][ T2474]  do_syscall_64+0xf3/0x230
[  461.449390][ T2474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.455274][ T2474] 
[  461.457584][ T2474] The buggy address belongs to the object at ffff888074b66178
[  461.457584][ T2474]  which belongs to the cache dentry of size 312
[  461.471272][ T2474] The buggy address is located 208 bytes inside of
[  461.471272][ T2474]  freed 312-byte region [ffff888074b66178, ffff888074b662b0)
[  461.485052][ T2474] 
[  461.487363][ T2474] The buggy address belongs to the physical page:
[  461.493945][ T2474] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x74b66
[  461.502701][ T2474] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  461.511185][ T2474] memcg:ffff888019f11e01
[  461.515407][ T2474] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  461.522952][ T2474] page_type: 0xfdffffff(slab)
[  461.527621][ T2474] raw: 00fff00000000040 ffff888015ef48c0 dead000000000122 0000000000000000
[  461.536192][ T2474] raw: 0000000000000000 0000000000150015 00000001fdffffff ffff888019f11e01
[  461.544760][ T2474] head: 00fff00000000040 ffff888015ef48c0 dead000000000122 0000000000000000
[  461.553501][ T2474] head: 0000000000000000 0000000000150015 00000001fdffffff ffff888019f11e01
[  461.562159][ T2474] head: 00fff00000000001 ffffea0001d2d981 ffffffffffffffff 0000000000000000
[  461.570813][ T2474] head: 0000000700000002 0000000000000000 00000000ffffffff 0000000000000000
[  461.579466][ T2474] page dumped because: kasan: bad access detected
[  461.585873][ T2474] page_owner tracks the page as allocated
[  461.591567][ T2474] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 7298, tgid 7298 (syz-executor337), ts 460401584782, free_ts 186480841059
[  461.616472][ T2474]  post_alloc_hook+0x1f3/0x230
[  461.621230][ T2474]  get_page_from_freelist+0x2e4c/0x2f10
[  461.626765][ T2474]  __alloc_pages_noprof+0x256/0x6c0
[  461.631953][ T2474]  alloc_slab_page+0x5f/0x120
[  461.636620][ T2474]  allocate_slab+0x5a/0x2f0
[  461.641109][ T2474]  ___slab_alloc+0xcd1/0x14b0
[  461.645769][ T2474]  __slab_alloc+0x58/0xa0
[  461.650081][ T2474]  kmem_cache_alloc_lru_noprof+0x1c5/0x2b0
[  461.655958][ T2474]  __d_alloc+0x31/0x700
[  461.660114][ T2474]  d_alloc_pseudo+0x1f/0xb0
[  461.664689][ T2474]  alloc_file_pseudo+0x123/0x290
[  461.669610][ T2474]  sock_alloc_file+0xb8/0x290
[  461.674276][ T2474]  __sys_socket+0x1dd/0x3c0
[  461.678791][ T2474]  __x64_sys_socket+0x7a/0x90
[  461.683460][ T2474]  do_syscall_64+0xf3/0x230
[  461.688037][ T2474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.693919][ T2474] page last free pid 4555 tgid 4555 stack trace:
[  461.700224][ T2474]  free_unref_page+0xd22/0xea0
[  461.705007][ T2474]  __slab_free+0x31b/0x3d0
[  461.709413][ T2474]  qlist_free_all+0x9e/0x140
[  461.714017][ T2474]  kasan_quarantine_reduce+0x14f/0x170
[  461.719550][ T2474]  __kasan_slab_alloc+0x23/0x80
[  461.724390][ T2474]  kmem_cache_alloc_noprof+0x135/0x2a0
[  461.729830][ T2474]  getname_flags+0xb7/0x540
[  461.734319][ T2474]  vfs_fstatat+0x12c/0x190
[  461.738721][ T2474]  __x64_sys_newfstatat+0x11d/0x1a0
[  461.743902][ T2474]  do_syscall_64+0xf3/0x230
[  461.748392][ T2474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.754275][ T2474] 
[  461.756584][ T2474] Memory state around the buggy address:
[  461.762191][ T2474]  ffff888074b66100: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa
[  461.770234][ T2474]  ffff888074b66180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  461.778284][ T2474] >ffff888074b66200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  461.786328][ T2474]                                               ^
[  461.792729][ T2474]  ffff888074b66280: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb
[  461.800779][ T2474]  ffff888074b66300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  461.808818][ T2474] ==================================================================
[  461.816878][ T2474] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  461.824055][ T2474] CPU: 0 UID: 0 PID: 2474 Comm: kworker/u8:9 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  461.834629][ T2474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  461.844667][ T2474] Workqueue: events_unbound cfg80211_wiphy_work
[  461.850902][ T2474] Call Trace:
[  461.854167][ T2474]  <TASK>
[  461.857085][ T2474]  dump_stack_lvl+0x241/0x360
[  461.861754][ T2474]  ? __pfx_dump_stack_lvl+0x10/0x10
[  461.866941][ T2474]  ? __pfx__printk+0x10/0x10
[  461.871518][ T2474]  ? rcu_is_watching+0x15/0xb0
[  461.876272][ T2474]  ? lock_release+0xbf/0xa30
[  461.880860][ T2474]  ? vscnprintf+0x5d/0x90
[  461.885190][ T2474]  panic+0x349/0x860
[  461.889083][ T2474]  ? check_panic_on_warn+0x21/0xb0
[  461.894181][ T2474]  ? __pfx_panic+0x10/0x10
[  461.898580][ T2474]  ? do_raw_spin_unlock+0x13c/0x8b0
[  461.903768][ T2474]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  461.909650][ T2474]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  461.915965][ T2474]  ? print_report+0x502/0x550
[  461.920737][ T2474]  check_panic_on_warn+0x86/0xb0
[  461.925661][ T2474]  ? __lock_acquire+0x77/0x2040
[  461.930504][ T2474]  end_report+0x77/0x160
[  461.934757][ T2474]  kasan_report+0x154/0x180
[  461.939251][ T2474]  ? __lock_acquire+0x77/0x2040
[  461.944098][ T2474]  __lock_acquire+0x77/0x2040
[  461.948774][ T2474]  ? mark_lock+0x9a/0x350
[  461.953100][ T2474]  ? __lock_acquire+0x137a/0x2040
[  461.958114][ T2474]  lock_acquire+0x1ed/0x550
[  461.962608][ T2474]  ? lockref_get+0x15/0x60
[  461.967016][ T2474]  ? __pfx_lock_acquire+0x10/0x10
[  461.972124][ T2474]  ? simple_pin_fs+0x91/0x160
[  461.976816][ T2474]  ? do_raw_spin_lock+0x14f/0x370
[  461.981846][ T2474]  ? __pfx_lock_release+0x10/0x10
[  461.986865][ T2474]  _raw_spin_lock+0x2e/0x40
[  461.991363][ T2474]  ? lockref_get+0x15/0x60
[  461.995766][ T2474]  lockref_get+0x15/0x60
[  462.000007][ T2474]  simple_recursive_removal+0x35/0x8f0
[  462.005455][ T2474]  ? mntput+0x65/0xc0
[  462.009427][ T2474]  ? __pfx_remove_one+0x10/0x10
[  462.014268][ T2474]  debugfs_remove+0x49/0x70
[  462.018766][ T2474]  ieee80211_sta_debugfs_remove+0x40/0x60
[  462.024570][ T2474]  __sta_info_destroy_part2+0x35e/0x450
[  462.030109][ T2474]  sta_info_destroy_addr+0xf4/0x140
[  462.035300][ T2474]  ieee80211_destroy_auth_data+0x139/0x270
[  462.041120][ T2474]  ieee80211_sta_work+0x1256/0x3850
[  462.046422][ T2474]  ? mark_lock+0x9a/0x350
[  462.050752][ T2474]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  462.056303][ T2474]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  462.062634][ T2474]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  462.068533][ T2474]  ? lockdep_hardirqs_on+0x99/0x150
[  462.073733][ T2474]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  462.079615][ T2474]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  462.085937][ T2474]  ? skb_dequeue+0x113/0x150
[  462.090521][ T2474]  ? ieee80211_iface_work+0xc0d/0xf20
[  462.095885][ T2474]  ? ieee80211_iface_work+0xe29/0xf20
[  462.101247][ T2474]  ? rcu_is_watching+0x15/0xb0
[  462.106008][ T2474]  cfg80211_wiphy_work+0x2db/0x490
[  462.111126][ T2474]  ? process_scheduled_works+0x945/0x1830
[  462.116853][ T2474]  process_scheduled_works+0xa2c/0x1830
[  462.122406][ T2474]  ? __pfx_process_scheduled_works+0x10/0x10
[  462.128387][ T2474]  ? assign_work+0x364/0x3d0
[  462.132978][ T2474]  worker_thread+0x86d/0xd40
[  462.137651][ T2474]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  462.143532][ T2474]  ? __kthread_parkme+0x169/0x1d0
[  462.148548][ T2474]  ? __pfx_worker_thread+0x10/0x10
[  462.153651][ T2474]  kthread+0x2f0/0x390
[  462.157704][ T2474]  ? __pfx_worker_thread+0x10/0x10
[  462.162807][ T2474]  ? __pfx_kthread+0x10/0x10
[  462.167403][ T2474]  ret_from_fork+0x4b/0x80
[  462.171820][ T2474]  ? __pfx_kthread+0x10/0x10
[  462.176397][ T2474]  ret_from_fork_asm+0x1a/0x30
[  462.181163][ T2474]  </TASK>
[  462.184485][ T2474] Kernel Offset: disabled
[  462.188802][ T2474] Rebooting in 86400 seconds..