[  481.629063][   T48] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  481.739023][   T68] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  481.851179][   T68] wlan1: authentication with 08:02:11:00:00:00 timed out
[  482.054463][   T68] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.123307][   T68] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.191861][   T68] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.236026][   T68] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.408395][   T68] bridge_slave_1: left allmulticast mode
[  482.414282][   T68] bridge_slave_1: left promiscuous mode
[  482.421671][   T68] bridge0: port 2(bridge_slave_1) entered disabled state
[  482.431733][   T68] bridge_slave_0: left allmulticast mode
[  482.437540][   T68] bridge_slave_0: left promiscuous mode
[  482.443573][   T68] bridge0: port 1(bridge_slave_0) entered disabled state
[  482.659181][   T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  482.670742][   T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  482.681168][   T68] bond0 (unregistering): Released all slaves
[  482.795044][ T5286] 8021q: adding VLAN 0 to HW filter on device eth1
[  482.949764][   T68] hsr_slave_0: left promiscuous mode
[  482.956283][   T68] hsr_slave_1: left promiscuous mode
[  482.962927][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  482.970948][   T68] batman_adv: batadv0: Removing interface: batadv_slave_0
[  482.982617][   T68] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  482.990344][   T68] batman_adv: batadv0: Removing interface: batadv_slave_1
[  483.004927][   T68] veth1_macvtap: left promiscuous mode
[  483.013432][   T68] veth0_macvtap: left promiscuous mode
[  483.019655][   T68] veth1_vlan: left promiscuous mode
[  483.025088][   T68] veth0_vlan: left promiscuous mode
[  483.300823][   T68] team0 (unregistering): Port device team_slave_1 removed
[  483.320815][   T68] team0 (unregistering): Port device team_slave_0 removed
[  483.423576][ T5286] 8021q: adding VLAN 0 to HW filter on device eth2
[  483.788785][ T5286] 8021q: adding VLAN 0 to HW filter on device eth3
[  484.107033][ T5286] 8021q: adding VLAN 0 to HW filter on device eth4
Warning: Permanently added '10.128.0.214' (ED25519) to the list of known hosts.
[  486.912791][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.921818][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.948327][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[  486.958310][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.989709][ T7841] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.001391][ T7841] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.013501][ T7841] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.024727][ T5746] wlan1: No basic rates, using min rate instead
executing program
[  487.032101][ T5746] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  487.041667][ T5746] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  487.056144][ T7842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.067394][   T68] wlan1: authenticated
[  487.067591][ T7842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.072240][ T5746] wlan1: associating to AP 08:02:11:00:00:00 with corrupt probe response
[  487.083846][ T7842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.091620][   T68] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0xa004 status=0 aid=12)
[  487.113002][   T68] wlan1: No basic rates, using min rate instead
[  487.119796][   T68] wlan1: associated
[  487.124901][ T7842] ------------[ cut here ]------------
[  487.130988][ T7842] !sta || !ap_sta
[  487.131012][ T7842] WARNING: net/mac80211/tdls.c:615 at ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040, CPU#1: syz-executor684/7842
[  487.149244][ T7842] Modules linked in:
[  487.153604][ T7842] CPU: 1 UID: 0 PID: 7842 Comm: syz-executor684 Not tainted syzkaller #0 PREEMPT(full) 
[  487.164327][ T7842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  487.174973][ T7842] RIP: 0010:ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040
[  487.183173][ T7842] Code: fc ff df e9 a1 fe ff ff e8 64 e0 8b f6 90 0f 0b 90 e9 78 fe ff ff e8 56 e0 8b f6 90 0f 0b 90 e9 85 fe ff ff e8 48 e0 8b f6 90 <0f> 0b 90 e9 77 fe ff ff e8 3a e0 8b f6 48 c7 c7 00 eb 0a 90 4c 89
[  487.203631][ T7842] RSP: 0018:ffffc90003f4f100 EFLAGS: 00010293
[  487.210325][ T7842] RAX: ffffffff8b39df28 RBX: ffff888032634e40 RCX: ffff888033c4bd80
[  487.219160][ T7842] RDX: 0000000000000000 RSI: ffffffff8e21f187 RDI: ffff888033c4bd80
[  487.227224][ T7842] RBP: ffffc90003f4f280 R08: 0000000000000000 R09: 000000000000000c
[  487.235732][ T7842] R10: 000000000000000c R11: 0000000000000000 R12: ffff888032636728
[  487.244115][ T7842] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888079fd0f40
[  487.252498][ T7842] FS:  000055557eacf400(0000) GS:ffff888125387000(0000) knlGS:0000000000000000
[  487.261958][ T7842] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  487.269569][ T7842] CR2: 00002000000021c0 CR3: 0000000079fb6000 CR4: 00000000003526f0
[  487.277991][ T7842] Call Trace:
[  487.281363][ T7842]  <TASK>
[  487.284314][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0xe5/0x4040
[  487.291248][ T7842]  ? __pfx_ieee80211_tdls_build_mgmt_packet_data+0x10/0x10
[  487.299232][ T7842]  ? sta_info_get+0x4f/0x300
[  487.304237][ T7842]  ieee80211_tdls_prep_mgmt_packet+0x3a4/0x820
[  487.310637][ T7842]  ? ieee80211_tdls_prep_mgmt_packet+0x40/0x820
[  487.318411][ T7842]  ieee80211_tdls_mgmt+0x32e/0x840
[  487.323866][ T7842]  ? __pfx___cfg80211_wdev_from_attrs+0x10/0x10
[  487.330430][ T7842]  nl80211_tdls_mgmt+0x4da/0x770
[  487.335476][ T7842]  genl_family_rcv_msg_doit+0x22a/0x330
[  487.341431][ T7842]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  487.347732][ T7842]  ? bpf_lsm_capable+0x9/0x20
[  487.352539][ T7842]  ? security_capable+0x7e/0x2c0
[  487.358096][ T7842]  genl_rcv_msg+0x61c/0x7a0
[  487.362685][ T7842]  ? __pfx_genl_rcv_msg+0x10/0x10
[  487.367821][ T7842]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  487.373559][ T7842]  ? __pfx_nl80211_tdls_mgmt+0x10/0x10
[  487.379974][ T7842]  ? __pfx_nl80211_post_doit+0x10/0x10
[  487.385908][ T7842]  netlink_rcv_skb+0x232/0x4b0
[  487.390906][ T7842]  ? __pfx_genl_rcv_msg+0x10/0x10
[  487.396200][ T7842]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  487.402152][ T7842]  ? down_read+0x270/0x2e0
[  487.407285][ T7842]  ? genl_rcv+0xd/0x40
[  487.411488][ T7842]  genl_rcv+0x28/0x40
[  487.415910][ T7842]  netlink_unicast+0x75c/0x8e0
[  487.420997][ T7842]  netlink_sendmsg+0x813/0xb40
[  487.426422][ T7842]  ? __pfx_netlink_sendmsg+0x10/0x10
[  487.432239][ T7842]  ? __se_sys_ioctl+0x47/0x170
[  487.437295][ T7842]  ? do_syscall_64+0x15f/0xf80
[  487.442184][ T7842]  ? aa_sock_msg_perm+0xf1/0x1b0
[  487.447144][ T7842]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  487.452617][ T7842]  ____sys_sendmsg+0x972/0x9f0
[  487.457508][ T7842]  ? __might_fault+0xaf/0x130
[  487.462244][ T7842]  ? __pfx_____sys_sendmsg+0x10/0x10
[  487.467827][ T7842]  ? import_iovec+0x73/0xa0
[  487.472422][ T7842]  ___sys_sendmsg+0x2a5/0x360
[  487.477487][ T7842]  ? __pfx____sys_sendmsg+0x10/0x10
[  487.483209][ T7842]  ? _copy_to_user+0x8a/0xb0
[  487.488317][ T7842]  __x64_sys_sendmsg+0x1bd/0x2a0
[  487.493544][ T7842]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  487.499331][ T7842]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.505686][ T7842]  do_syscall_64+0x15f/0xf80
[  487.510607][ T7842]  ? trace_irq_disable+0x3b/0x140
[  487.515642][ T7842]  ? clear_bhb_loop+0x40/0x90
[  487.520634][ T7842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.526541][ T7842] RIP: 0033:0x7f381eb47509
[  487.531210][ T7842] Code: c0 79 93 eb d5 48 8d 7c 1d 00 eb 99 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 d8 ff ff ff f7 d8 64 89 01 48
[  487.552245][ T7842] RSP: 002b:00007ffd0a649558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  487.560698][ T7842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f381eb47509
[  487.569149][ T7842] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  487.578622][ T7842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  487.587453][ T7842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  487.596093][ T7842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  487.604741][ T7842]  </TASK>
[  487.607963][ T7842] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  487.615497][ T7842] CPU: 1 UID: 0 PID: 7842 Comm: syz-executor684 Not tainted syzkaller #0 PREEMPT(full) 
[  487.625389][ T7842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  487.635797][ T7842] Call Trace:
[  487.639070][ T7842]  <TASK>
[  487.641992][ T7842]  vpanic+0x56c/0xa60
[  487.646159][ T7842]  ? __pfx__printk+0x10/0x10
[  487.651167][ T7842]  ? __pfx_vpanic+0x10/0x10
[  487.655751][ T7842]  ? is_bpf_text_address+0x292/0x2b0
[  487.661200][ T7842]  ? is_bpf_text_address+0x26/0x2b0
[  487.666409][ T7842]  panic+0xc5/0xd0
[  487.670320][ T7842]  ? __pfx_panic+0x10/0x10
[  487.674929][ T7842]  __warn+0x315/0x4c0
[  487.678923][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040
[  487.686912][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040
[  487.693942][ T7842]  __report_bug+0x29a/0x540
[  487.699086][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040
[  487.707062][ T7842]  ? __pfx___report_bug+0x10/0x10
[  487.712308][ T7842]  ? trace_kmem_cache_alloc+0x29/0xe0
[  487.717873][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040
[  487.725437][ T7842]  report_bug+0x16a/0x220
[  487.729870][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040
[  487.737075][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0x2e9b/0x4040
[  487.744299][ T7842]  handle_bug+0x9c/0x200
[  487.749188][ T7842]  exc_invalid_op+0x1a/0x50
[  487.753944][ T7842]  asm_exc_invalid_op+0x1a/0x20
[  487.759048][ T7842] RIP: 0010:ieee80211_tdls_build_mgmt_packet_data+0x2e99/0x4040
[  487.767478][ T7842] Code: fc ff df e9 a1 fe ff ff e8 64 e0 8b f6 90 0f 0b 90 e9 78 fe ff ff e8 56 e0 8b f6 90 0f 0b 90 e9 85 fe ff ff e8 48 e0 8b f6 90 <0f> 0b 90 e9 77 fe ff ff e8 3a e0 8b f6 48 c7 c7 00 eb 0a 90 4c 89
[  487.788427][ T7842] RSP: 0018:ffffc90003f4f100 EFLAGS: 00010293
[  487.794935][ T7842] RAX: ffffffff8b39df28 RBX: ffff888032634e40 RCX: ffff888033c4bd80
[  487.803526][ T7842] RDX: 0000000000000000 RSI: ffffffff8e21f187 RDI: ffff888033c4bd80
[  487.811664][ T7842] RBP: ffffc90003f4f280 R08: 0000000000000000 R09: 000000000000000c
[  487.819800][ T7842] R10: 000000000000000c R11: 0000000000000000 R12: ffff888032636728
[  487.827963][ T7842] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888079fd0f40
[  487.836203][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0x2e98/0x4040
[  487.843414][ T7842]  ? ieee80211_tdls_build_mgmt_packet_data+0xe5/0x4040
[  487.850256][ T7842]  ? __pfx_ieee80211_tdls_build_mgmt_packet_data+0x10/0x10
[  487.857888][ T7842]  ? sta_info_get+0x4f/0x300
[  487.862578][ T7842]  ieee80211_tdls_prep_mgmt_packet+0x3a4/0x820
[  487.869115][ T7842]  ? ieee80211_tdls_prep_mgmt_packet+0x40/0x820
[  487.875579][ T7842]  ieee80211_tdls_mgmt+0x32e/0x840
[  487.881144][ T7842]  ? __pfx___cfg80211_wdev_from_attrs+0x10/0x10
[  487.888005][ T7842]  nl80211_tdls_mgmt+0x4da/0x770
[  487.893129][ T7842]  genl_family_rcv_msg_doit+0x22a/0x330
[  487.898680][ T7842]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  487.905378][ T7842]  ? bpf_lsm_capable+0x9/0x20
[  487.910153][ T7842]  ? security_capable+0x7e/0x2c0
[  487.915202][ T7842]  genl_rcv_msg+0x61c/0x7a0
[  487.919735][ T7842]  ? __pfx_genl_rcv_msg+0x10/0x10
[  487.925038][ T7842]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  487.930428][ T7842]  ? __pfx_nl80211_tdls_mgmt+0x10/0x10
[  487.936229][ T7842]  ? __pfx_nl80211_post_doit+0x10/0x10
[  487.941976][ T7842]  netlink_rcv_skb+0x232/0x4b0
[  487.947019][ T7842]  ? __pfx_genl_rcv_msg+0x10/0x10
[  487.952499][ T7842]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  487.957905][ T7842]  ? down_read+0x270/0x2e0
[  487.962602][ T7842]  ? genl_rcv+0xd/0x40
[  487.967631][ T7842]  genl_rcv+0x28/0x40
[  487.971702][ T7842]  netlink_unicast+0x75c/0x8e0
[  487.976664][ T7842]  netlink_sendmsg+0x813/0xb40
[  487.981433][ T7842]  ? __pfx_netlink_sendmsg+0x10/0x10
[  487.986999][ T7842]  ? __se_sys_ioctl+0x47/0x170
[  487.992208][ T7842]  ? do_syscall_64+0x15f/0xf80
[  487.997083][ T7842]  ? aa_sock_msg_perm+0xf1/0x1b0
[  488.002289][ T7842]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  488.008020][ T7842]  ____sys_sendmsg+0x972/0x9f0
[  488.012999][ T7842]  ? __might_fault+0xaf/0x130
[  488.017764][ T7842]  ? __pfx_____sys_sendmsg+0x10/0x10
[  488.023149][ T7842]  ? import_iovec+0x73/0xa0
[  488.027668][ T7842]  ___sys_sendmsg+0x2a5/0x360
[  488.032623][ T7842]  ? __pfx____sys_sendmsg+0x10/0x10
[  488.037833][ T7842]  ? _copy_to_user+0x8a/0xb0
[  488.042811][ T7842]  __x64_sys_sendmsg+0x1bd/0x2a0
[  488.048164][ T7842]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  488.053789][ T7842]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.060310][ T7842]  do_syscall_64+0x15f/0xf80
[  488.065137][ T7842]  ? trace_irq_disable+0x3b/0x140
[  488.070854][ T7842]  ? clear_bhb_loop+0x40/0x90
[  488.075714][ T7842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.081977][ T7842] RIP: 0033:0x7f381eb47509
[  488.087275][ T7842] Code: c0 79 93 eb d5 48 8d 7c 1d 00 eb 99 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 d8 ff ff ff f7 d8 64 89 01 48
[  488.108460][ T7842] RSP: 002b:00007ffd0a649558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  488.117240][ T7842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f381eb47509
[  488.125407][ T7842] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  488.133593][ T7842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  488.142177][ T7842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  488.150153][ T7842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  488.158492][ T7842]  </TASK>
[  488.162615][ T7842] Kernel Offset: disabled
[  488.166980][ T7842] Rebooting in 86400 seconds..