[ 463.549891][ T50] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[ 463.668674][ T50] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[ 463.789958][ T50] wlan1: authentication with 08:02:11:00:00:00 timed out
[ 463.850311][ T50] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 463.901793][ T50] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 463.951560][ T50] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 464.093236][ T50] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 464.217618][ T50] bridge_slave_1: left allmulticast mode
[ 464.224096][ T50] bridge_slave_1: left promiscuous mode
[ 464.230634][ T50] bridge0: port 2(bridge_slave_1) entered disabled state
[ 464.241724][ T50] bridge_slave_0: left allmulticast mode
[ 464.247424][ T50] bridge_slave_0: left promiscuous mode
[ 464.253795][ T50] bridge0: port 1(bridge_slave_0) entered disabled state
[ 464.546060][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 464.557810][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 464.569073][ T50] bond0 (unregistering): Released all slaves
[ 464.846732][ T50] hsr_slave_0: left promiscuous mode
[ 464.854455][ T50] hsr_slave_1: left promiscuous mode
[ 464.860828][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 464.868336][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 464.878736][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 464.886673][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 464.905559][ T50] veth1_macvtap: left promiscuous mode
[ 464.911268][ T50] veth0_macvtap: left promiscuous mode
[ 464.916951][ T50] veth1_vlan: left promiscuous mode
[ 464.922858][ T50] veth0_vlan: left promiscuous mode
[ 465.318140][ T50] team0 (unregistering): Port device team_slave_1 removed
[ 465.349556][ T50] team0 (unregistering): Port device team_slave_0 removed
Warning: Permanently added '10.128.1.48' (ED25519) to the list of known hosts.
executing program
[ 468.981831][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 468.989962][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 469.012759][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 469.020840][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
executing program
[ 469.049242][ T7825] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.074577][ T7826] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.090734][ T983] wlan1: No basic rates, using min rate instead
executing program
[ 469.098374][ T983] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[ 469.107812][ T983] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[ 469.116999][ T7827] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 469.140969][ T7828] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.163683][ T7829] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.185652][ T7830] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.209736][ T7831] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.220274][ T3509] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[ 469.244171][ T7832] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.268457][ T7833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.289516][ T7834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.314875][ T7835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.336846][ T7836] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 469.362066][ T7837] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.383660][ T7838] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.408394][ T7839] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.429198][ T7840] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.452141][ T7841] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.476281][ T7842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.498268][ T7843] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 469.523347][ T7844] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.544057][ T7845] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.565698][ T7846] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.590527][ T7847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.612429][ T7848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.633326][ T7849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.657534][ T7850] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 469.682394][ T7851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.704322][ T7852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.726131][ T7853] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.758461][ T7854] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.781299][ T7855] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 469.802652][ T7856] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.826777][ T7857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.848310][ T7858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.873356][ T7859] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.894800][ T7860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.917181][ T7861] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.941845][ T12] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[ 469.941916][ T7862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 469.973179][ T7863] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 469.997223][ T7864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 470.019039][ T7865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.041207][ T7866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.063048][ T7867] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.087127][ T7868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.108306][ T7869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 470.129966][ T7870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.151909][ T7871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.173284][ T7872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.197176][ T7873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.218602][ T7874] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.243272][ T7875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.267221][ T7876] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.288831][ T7877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.312830][ T7878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.338466][ T7879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.359698][ T7880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[ 470.383757][ T7881] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.405598][ T7882] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.427045][ T7883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.452402][ T7884] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.483642][ T7885] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.505485][ T7886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.527278][ T7887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.553239][ T7888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.583746][ T7889] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.607950][ T7890] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.629697][ T7891] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.654393][ T7892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.676213][ T7893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.707948][ T7894] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.729494][ T7895] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.754087][ T7896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.775662][ T7897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.799735][ T7898] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.821738][ T7899] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.849664][ T7900] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.871658][ T7901] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[ 470.895973][ T7902] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.920969][ T7903] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.942342][ T12] wlan1: authentication with 08:02:11:00:00:00 timed out
[ 470.942424][ T7904] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 470.960839][ T12] ==================================================================
[ 470.968932][ T12] BUG: KASAN: slab-use-after-free in _raw_spin_lock+0x2e/0x40
[ 470.976410][ T12] Read of size 1 at addr ffff88807a2ade30 by task kworker/u8:0/12
[ 470.984238][ T12]
[ 470.986559][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full)
[ 470.986573][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 470.986580][ T12] Workqueue: events_unbound cfg80211_wiphy_work
[ 470.986611][ T12] Call Trace:
[ 470.986616][ T12]
[ 470.986621][ T12] dump_stack_lvl+0x189/0x250
[ 470.986636][ T12] ? __virt_addr_valid+0x1c8/0x5c0
[ 470.986649][ T12] ? rcu_is_watching+0x15/0xb0
[ 470.986660][ T12] ? __pfx_dump_stack_lvl+0x10/0x10
[ 470.986672][ T12] ? rcu_is_watching+0x15/0xb0
[ 470.986682][ T12] ? lock_release+0x4b/0x3e0
[ 470.986691][ T12] ? _raw_spin_lock_irqsave+0xb3/0xf0
[ 470.986702][ T12] ? __virt_addr_valid+0x1c8/0x5c0
[ 470.986714][ T12] ? __virt_addr_valid+0x4a5/0x5c0
[ 470.986726][ T12] print_report+0xca/0x240
[ 470.986737][ T12] ? _raw_spin_lock+0x2e/0x40
[ 470.986746][ T12] kasan_report+0x118/0x150
[ 470.986756][ T12] ? _raw_spin_lock+0x2e/0x40
[ 470.986767][ T12] ? lockref_get+0x15/0x60
[ 470.986777][ T12] __kasan_check_byte+0x2a/0x40
[ 470.986786][ T12] lock_acquire+0x8d/0x360
[ 470.986795][ T12] ? do_raw_spin_lock+0x121/0x290
[ 470.986809][ T12] _raw_spin_lock+0x2e/0x40
[ 470.986817][ T12] ? lockref_get+0x15/0x60
[ 470.986827][ T12] lockref_get+0x15/0x60
[ 470.986837][ T12] __simple_recursive_removal+0x33/0x510
[ 470.986850][ T12] ? mntput+0x65/0xc0
[ 470.986862][ T12] ? __pfx_remove_one+0x10/0x10
[ 470.986877][ T12] debugfs_remove+0x5b/0x70
[ 470.986889][ T12] ieee80211_sta_debugfs_remove+0x40/0x70
[ 470.986902][ T12] __sta_info_destroy_part2+0x352/0x450
[ 470.986915][ T12] sta_info_destroy_addr+0xf5/0x140
[ 470.986927][ T12] ieee80211_destroy_auth_data+0x12d/0x260
[ 470.986943][ T12] ieee80211_sta_work+0x11cf/0x3600
[ 470.986956][ T12] ? kasan_save_track+0x4f/0x80
[ 470.986969][ T12] ? kasan_save_track+0x3e/0x80
[ 470.986989][ T12] ? __kasan_save_free_info+0x46/0x50
[ 470.987000][ T12] ? ieee80211_iface_work+0xb30/0x12d0
[ 470.987011][ T12] ? process_scheduled_works+0xae1/0x17b0
[ 470.987021][ T12] ? worker_thread+0x8a0/0xda0
[ 470.987031][ T12] ? kthread+0x711/0x8a0
[ 470.987042][ T12] ? ret_from_fork+0x4bc/0x870
[ 470.987051][ T12] ? ret_from_fork_asm+0x1a/0x30
[ 470.987061][ T12] ? __lock_acquire+0xab9/0xd20
[ 470.987070][ T12] ? __pfx_ieee80211_sta_work+0x10/0x10
[ 470.987083][ T12] ? do_raw_spin_lock+0x121/0x290
[ 470.987097][ T12] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 470.987107][ T12] ? lockdep_hardirqs_on+0x9c/0x150
[ 470.987118][ T12] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 470.987128][ T12] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 470.987138][ T12] ? kcov_remote_stop+0x17e/0x6d0
[ 470.987147][ T12] ? lockdep_hardirqs_on+0x9c/0x150
[ 470.987158][ T12] ? skb_dequeue+0x10e/0x150
[ 470.987170][ T12] ? ieee80211_iface_work+0xfbd/0x12d0
[ 470.987181][ T12] ? ieee80211_iface_work+0x11d6/0x12d0
[ 470.987193][ T12] cfg80211_wiphy_work+0x2bb/0x470
[ 470.987205][ T12] ? process_scheduled_works+0x9ef/0x17b0
[ 470.987215][ T12] process_scheduled_works+0xae1/0x17b0
[ 470.987230][ T12] ? __pfx_process_scheduled_works+0x10/0x10
[ 470.987243][ T12] worker_thread+0x8a0/0xda0
[ 470.987258][ T12] kthread+0x711/0x8a0
[ 470.987270][ T12] ? __pfx_worker_thread+0x10/0x10
[ 470.987280][ T12] ? __pfx_kthread+0x10/0x10
[ 470.987291][ T12] ? _raw_spin_unlock_irq+0x23/0x50
[ 470.987301][ T12] ? lockdep_hardirqs_on+0x9c/0x150
[ 470.987310][ T12] ? __pfx_kthread+0x10/0x10
[ 470.987322][ T12] ret_from_fork+0x4bc/0x870
[ 470.987332][ T12] ? __pfx_ret_from_fork+0x10/0x10
[ 470.987342][ T12] ? __switch_to_asm+0x39/0x70
[ 470.987350][ T12] ? __switch_to_asm+0x33/0x70
[ 470.987357][ T12] ? __pfx_kthread+0x10/0x10
[ 470.987368][ T12] ret_from_fork_asm+0x1a/0x30
[ 470.987380][ T12]
[ 470.987383][ T12]
[ 471.361263][ T12] Allocated by task 983:
[ 471.365482][ T12] kasan_save_track+0x3e/0x80
[ 471.370150][ T12] __kasan_slab_alloc+0x6c/0x80
[ 471.374987][ T12] kmem_cache_alloc_lru_noprof+0x35d/0x6d0
[ 471.380876][ T12] __d_alloc+0x36/0x7a0
[ 471.385019][ T12] d_alloc_parallel+0xe1/0x1610
[ 471.389880][ T12] __lookup_slow+0x116/0x3d0
[ 471.394450][ T12] simple_start_creating+0xfd/0x1e0
[ 471.399642][ T12] debugfs_start_creating+0x10f/0x180
[ 471.405016][ T12] debugfs_create_dir+0x28/0x420
[ 471.409956][ T12] ieee80211_sta_debugfs_add+0x12c/0x850
[ 471.415570][ T12] sta_info_insert_rcu+0x1c54/0x2840
[ 471.420835][ T12] sta_info_insert+0x16/0xc0
[ 471.425406][ T12] ieee80211_prep_connection+0xfce/0x13f0
[ 471.431106][ T12] ieee80211_mgd_auth+0xee6/0x1770
[ 471.436208][ T12] cfg80211_mlme_auth+0x632/0x9c0
[ 471.441220][ T12] cfg80211_conn_do_work+0x501/0xd10
[ 471.446605][ T12] cfg80211_conn_work+0x2c0/0x460
[ 471.451642][ T12] process_scheduled_works+0xae1/0x17b0
[ 471.457245][ T12] worker_thread+0x8a0/0xda0
[ 471.461851][ T12] kthread+0x711/0x8a0
[ 471.465920][ T12] ret_from_fork+0x4bc/0x870
[ 471.470595][ T12] ret_from_fork_asm+0x1a/0x30
[ 471.475343][ T12]
[ 471.477649][ T12] Freed by task 7829:
[ 471.481609][ T12] kasan_save_track+0x3e/0x80
[ 471.486272][ T12] __kasan_save_free_info+0x46/0x50
[ 471.491447][ T12] __kasan_slab_free+0x5c/0x80
[ 471.496192][ T12] kmem_cache_free+0x19b/0x690
[ 471.500936][ T12] rcu_core+0xcab/0x1770
[ 471.505167][ T12] handle_softirqs+0x286/0x870
[ 471.509909][ T12] __irq_exit_rcu+0xca/0x1f0
[ 471.514477][ T12] irq_exit_rcu+0x9/0x30
[ 471.518690][ T12] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 471.524328][ T12] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 471.530308][ T12]
[ 471.532712][ T12] Last potentially related work creation:
[ 471.538412][ T12] kasan_save_stack+0x3e/0x60
[ 471.543082][ T12] kasan_record_aux_stack+0xbd/0xd0
[ 471.548526][ T12] call_rcu+0x157/0x9c0
[ 471.552664][ T12] __dentry_kill+0x4d2/0x660
[ 471.557240][ T12] dput+0x19f/0x2b0
[ 471.561110][ T12] find_next_child+0x1e5/0x250
[ 471.565851][ T12] __simple_recursive_removal+0x10b/0x510
[ 471.571703][ T12] debugfs_remove+0x5b/0x70
[ 471.576201][ T12] ieee80211_debugfs_recreate_netdev+0xbf/0x1460
[ 471.582526][ T12] drv_remove_interface+0x1fa/0x590
[ 471.587705][ T12] ieee80211_change_mac+0x912/0x12d0
[ 471.592975][ T12] netif_set_mac_address+0x2fc/0x4c0
[ 471.598256][ T12] dev_set_mac_address_user+0x137/0x270
[ 471.603892][ T12] dev_ioctl+0x7b4/0x1150
[ 471.608337][ T12] sock_do_ioctl+0x22c/0x300
[ 471.612928][ T12] sock_ioctl+0x576/0x790
[ 471.617244][ T12] __se_sys_ioctl+0xfc/0x170
[ 471.621850][ T12] do_syscall_64+0xfa/0xfa0
[ 471.626344][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 471.632213][ T12]
[ 471.634519][ T12] The buggy address belongs to the object at ffff88807a2add60
[ 471.634519][ T12] which belongs to the cache dentry of size 312
[ 471.648201][ T12] The buggy address is located 208 bytes inside of
[ 471.648201][ T12] freed 312-byte region [ffff88807a2add60, ffff88807a2ade98)
[ 471.662061][ T12]
[ 471.664496][ T12] The buggy address belongs to the physical page:
[ 471.671014][ T12] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a2ac
[ 471.680109][ T12] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 471.688689][ T12] memcg:ffff88803148d901
[ 471.692912][ T12] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 471.700805][ T12] page_type: f5(slab)
[ 471.704770][ T12] raw: 00fff00000000040 ffff88801b2fd780 ffffea0001f63280 dead000000000002
[ 471.713330][ T12] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff88803148d901
[ 471.721917][ T12] head: 00fff00000000040 ffff88801b2fd780 ffffea0001f63280 dead000000000002
[ 471.730593][ T12] head: 0000000000000000 0000000000150015 00000000f5000000 ffff88803148d901
[ 471.739257][ T12] head: 00fff00000000001 ffffea0001e8ab01 00000000ffffffff 00000000ffffffff
[ 471.747917][ T12] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 471.756646][ T12] page dumped because: kasan: bad access detected
[ 471.763141][ T12] page_owner tracks the page as allocated
[ 471.768839][ T12] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5211, tgid 5211 (udevadm), ts 29141721506, free_ts 23454806694
[ 471.791601][ T12] post_alloc_hook+0x240/0x2a0
[ 471.796364][ T12] get_page_from_freelist+0x2365/0x2440
[ 471.801891][ T12] __alloc_frozen_pages_noprof+0x181/0x370
[ 471.807677][ T12] alloc_pages_mpol+0x232/0x4a0
[ 471.812509][ T12] allocate_slab+0x96/0x3a0
[ 471.817089][ T12] ___slab_alloc+0xe94/0x18a0
[ 471.821762][ T12] __slab_alloc+0x65/0x100
[ 471.826163][ T12] kmem_cache_alloc_lru_noprof+0x3ef/0x6d0
[ 471.832068][ T12] __d_alloc+0x36/0x7a0
[ 471.836222][ T12] d_alloc_parallel+0xe1/0x1610
[ 471.841059][ T12] __lookup_slow+0x116/0x3d0
[ 471.845627][ T12] lookup_slow+0x53/0x70
[ 471.849872][ T12] link_path_walk+0x935/0xea0
[ 471.854533][ T12] path_lookupat+0x97/0x430
[ 471.859014][ T12] filename_lookup+0x212/0x570
[ 471.863942][ T12] vfs_statx+0xf8/0x550
[ 471.868189][ T12] page last free pid 1 tgid 1 stack trace:
[ 471.874142][ T12] __free_frozen_pages+0xbc4/0xd30
[ 471.879239][ T12] free_contig_range+0x1bd/0x4a0
[ 471.884160][ T12] destroy_args+0x69/0x660
[ 471.888557][ T12] debug_vm_pgtable+0x39f/0x3b0
[ 471.893493][ T12] do_one_initcall+0x236/0x820
[ 471.898431][ T12] do_initcall_level+0x104/0x190
[ 471.903793][ T12] do_initcalls+0x59/0xa0
[ 471.908103][ T12] kernel_init_freeable+0x334/0x4b0
[ 471.913382][ T12] kernel_init+0x1d/0x1d0
[ 471.917772][ T12] ret_from_fork+0x4bc/0x870
[ 471.922365][ T12] ret_from_fork_asm+0x1a/0x30
[ 471.927314][ T12]
[ 471.929707][ T12] Memory state around the buggy address:
[ 471.935316][ T12] ffff88807a2add00: 00 00 00 00 fc fc fc fc fc fc fc fc fa fb fb fb
[ 471.943353][ T12] ffff88807a2add80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 471.951408][ T12] >ffff88807a2ade00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 471.959454][ T12] ^
[ 471.965069][ T12] ffff88807a2ade80: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 471.973202][ T12] ffff88807a2adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 471.981246][ T12] ==================================================================
[ 471.989807][ T12] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 471.997023][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full)
[ 472.006289][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 472.016422][ T12] Workqueue: events_unbound cfg80211_wiphy_work
[ 472.022700][ T12] Call Trace:
[ 472.025988][ T12]
[ 472.028924][ T12] dump_stack_lvl+0x99/0x250
[ 472.033958][ T12] ? __asan_memcpy+0x40/0x70
[ 472.038547][ T12] ? __pfx_dump_stack_lvl+0x10/0x10
[ 472.043735][ T12] ? __pfx__printk+0x10/0x10
[ 472.048427][ T12] vpanic+0x237/0x6d0
[ 472.052410][ T12] ? __pfx_vpanic+0x10/0x10
[ 472.056908][ T12] panic+0xb9/0xc0
[ 472.060615][ T12] ? __pfx_panic+0x10/0x10
[ 472.065051][ T12] ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 472.070928][ T12] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 472.076805][ T12] ? is_module_address+0x17/0xf0
[ 472.081816][ T12] ? _raw_spin_lock+0x2e/0x40
[ 472.086474][ T12] check_panic_on_warn+0x89/0xb0
[ 472.091398][ T12] ? _raw_spin_lock+0x2e/0x40
[ 472.096075][ T12] end_report+0x78/0x160
[ 472.100378][ T12] kasan_report+0x129/0x150
[ 472.104988][ T12] ? _raw_spin_lock+0x2e/0x40
[ 472.109665][ T12] ? lockref_get+0x15/0x60
[ 472.114070][ T12] __kasan_check_byte+0x2a/0x40
[ 472.118911][ T12] lock_acquire+0x8d/0x360
[ 472.123875][ T12] ? do_raw_spin_lock+0x121/0x290
[ 472.128910][ T12] _raw_spin_lock+0x2e/0x40
[ 472.133613][ T12] ? lockref_get+0x15/0x60
[ 472.138036][ T12] lockref_get+0x15/0x60
[ 472.142265][ T12] __simple_recursive_removal+0x33/0x510
[ 472.147896][ T12] ? mntput+0x65/0xc0
[ 472.151879][ T12] ? __pfx_remove_one+0x10/0x10
[ 472.156728][ T12] debugfs_remove+0x5b/0x70
[ 472.161248][ T12] ieee80211_sta_debugfs_remove+0x40/0x70
[ 472.166963][ T12] __sta_info_destroy_part2+0x352/0x450
[ 472.172549][ T12] sta_info_destroy_addr+0xf5/0x140
[ 472.177939][ T12] ieee80211_destroy_auth_data+0x12d/0x260
[ 472.183944][ T12] ieee80211_sta_work+0x11cf/0x3600
[ 472.189159][ T12] ? kasan_save_track+0x4f/0x80
[ 472.194089][ T12] ? kasan_save_track+0x3e/0x80
[ 472.198955][ T12] ? __kasan_save_free_info+0x46/0x50
[ 472.204312][ T12] ? ieee80211_iface_work+0xb30/0x12d0
[ 472.209760][ T12] ? process_scheduled_works+0xae1/0x17b0
[ 472.215464][ T12] ? worker_thread+0x8a0/0xda0
[ 472.220215][ T12] ? kthread+0x711/0x8a0
[ 472.224528][ T12] ? ret_from_fork+0x4bc/0x870
[ 472.229283][ T12] ? ret_from_fork_asm+0x1a/0x30
[ 472.234214][ T12] ? __lock_acquire+0xab9/0xd20
[ 472.239049][ T12] ? __pfx_ieee80211_sta_work+0x10/0x10
[ 472.244640][ T12] ? do_raw_spin_lock+0x121/0x290
[ 472.249678][ T12] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 472.255684][ T12] ? lockdep_hardirqs_on+0x9c/0x150
[ 472.260895][ T12] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 472.266772][ T12] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 472.273084][ T12] ? kcov_remote_stop+0x17e/0x6d0
[ 472.278093][ T12] ? lockdep_hardirqs_on+0x9c/0x150
[ 472.283304][ T12] ? skb_dequeue+0x10e/0x150
[ 472.287968][ T12] ? ieee80211_iface_work+0xfbd/0x12d0
[ 472.293426][ T12] ? ieee80211_iface_work+0x11d6/0x12d0
[ 472.298974][ T12] cfg80211_wiphy_work+0x2bb/0x470
[ 472.304073][ T12] ? process_scheduled_works+0x9ef/0x17b0
[ 472.309780][ T12] process_scheduled_works+0xae1/0x17b0
[ 472.315347][ T12] ? __pfx_process_scheduled_works+0x10/0x10
[ 472.321335][ T12] worker_thread+0x8a0/0xda0
[ 472.325937][ T12] kthread+0x711/0x8a0
[ 472.330006][ T12] ? __pfx_worker_thread+0x10/0x10
[ 472.335193][ T12] ? __pfx_kthread+0x10/0x10
[ 472.339773][ T12] ? _raw_spin_unlock_irq+0x23/0x50
[ 472.344957][ T12] ? lockdep_hardirqs_on+0x9c/0x150
[ 472.350142][ T12] ? __pfx_kthread+0x10/0x10
[ 472.354802][ T12] ret_from_fork+0x4bc/0x870
[ 472.359379][ T12] ? __pfx_ret_from_fork+0x10/0x10
[ 472.364946][ T12] ? __switch_to_asm+0x39/0x70
[ 472.369730][ T12] ? __switch_to_asm+0x33/0x70
[ 472.374500][ T12] ? __pfx_kthread+0x10/0x10
[ 472.379100][ T12] ret_from_fork_asm+0x1a/0x30
[ 472.384031][ T12]
[ 472.387300][ T12] Kernel Offset: disabled
[ 472.391652][ T12] Rebooting in 86400 seconds..