[  473.597373][   T13] wlan1: authentication with 08:02:11:00:00:00 timed out
[  473.744816][ T8152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  473.778160][   T24] wlan1: No basic rates, using min rate instead
[  473.785369][   T24] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  473.795018][   T24] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  473.908006][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  474.017407][   T13] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  474.127298][ T2982] wlan1: authentication with 08:02:11:00:00:00 timed out
[  474.270349][ T8154] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  474.308857][   T24] wlan1: No basic rates, using min rate instead
[  474.316574][   T24] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  474.325966][   T24] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  474.437278][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  474.547312][   T13] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  474.657298][   T13] wlan1: authentication with 08:02:11:00:00:00 timed out
[  474.796861][ T8156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  474.827849][   T24] wlan1: No basic rates, using min rate instead
[  474.834951][   T24] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  474.845572][   T24] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  474.957279][   T13] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  475.067318][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  475.177325][ T8078] wlan1: authentication with 08:02:11:00:00:00 timed out
[  475.323276][ T8158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  475.357821][  T981] wlan1: No basic rates, using min rate instead
[  475.365984][  T981] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  475.375703][  T981] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  475.487195][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  475.597272][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  475.707283][   T13] wlan1: authentication with 08:02:11:00:00:00 timed out
[  475.849974][ T8160] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  475.888903][  T981] wlan1: No basic rates, using min rate instead
[  475.896035][  T981] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  475.905159][  T981] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  476.017251][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  476.127384][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  476.237241][   T13] wlan1: authentication with 08:02:11:00:00:00 timed out
[  476.376835][ T8162] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  476.408336][  T981] wlan1: No basic rates, using min rate instead
[  476.415505][  T981] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  476.424712][  T981] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  476.537285][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  476.647401][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  476.757335][   T13] wlan1: authentication with 08:02:11:00:00:00 timed out
[  476.904092][ T8164] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  476.937891][   T24] wlan1: No basic rates, using min rate instead
[  476.945077][   T24] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  476.956167][   T24] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  477.067934][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  477.177490][ T8078] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  477.287889][ T8078] wlan1: authentication with 08:02:11:00:00:00 timed out
[  477.434923][ T8078] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.518465][ T8078] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.567342][ T8078] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.630189][ T8078] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.758798][ T8078] bridge_slave_1: left allmulticast mode
[  477.764497][ T8078] bridge_slave_1: left promiscuous mode
[  477.776331][ T8078] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.785840][ T8078] bridge_slave_0: left allmulticast mode
[  477.792192][ T8078] bridge_slave_0: left promiscuous mode
[  477.798438][ T8078] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.017251][ T8078] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  478.028267][ T8078] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  478.038125][ T8078] bond0 (unregistering): Released all slaves
[  478.292658][ T8078] hsr_slave_0: left promiscuous mode
[  478.301287][ T8078] hsr_slave_1: left promiscuous mode
[  478.308440][ T8078] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.315941][ T8078] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.325375][ T8078] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.334549][ T8078] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.356021][ T8078] veth1_macvtap: left promiscuous mode
[  478.361804][ T8078] veth0_macvtap: left promiscuous mode
[  478.369395][ T8078] veth1_vlan: left promiscuous mode
[  478.374865][ T8078] veth0_vlan: left promiscuous mode
[  478.778445][ T8078] team0 (unregistering): Port device team_slave_1 removed
[  478.806645][ T8078] team0 (unregistering): Port device team_slave_0 removed
Warning: Permanently added '10.128.1.233' (ED25519) to the list of known hosts.
[  479.625073][ T8078] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.647246][ T8078] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  479.680816][ T2982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.689163][ T2982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  479.727086][ T8205] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  479.754684][ T8208] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  479.768169][  T981] wlan1: No basic rates, using min rate instead
executing program
executing program
[  479.775812][  T981] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  479.786289][  T981] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  479.811634][ T8211] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
[  479.843671][ T8212] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
[  479.886271][ T8216] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  479.917814][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
executing program
[  479.929909][ T8217] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  479.966429][ T8220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  479.993784][ T8221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.020363][ T8222] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.030504][   T66] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  480.056163][ T8224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.081806][ T8225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.106084][ T8227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.150091][ T8228] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.182402][ T8230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.213837][ T8231] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.250335][ T8233] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.276359][ T8235] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.301989][ T8238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.331447][ T8239] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.358109][ T8241] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.385016][ T8243] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.414106][ T8244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.441961][ T8247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.478586][ T8249] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.505217][ T8251] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.539367][ T8253] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.571224][ T8255] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.605260][ T8256] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.635801][ T8258] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.668570][ T8259] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.712634][ T8261] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.745017][ T8262] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  480.769967][ T8263] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.797753][ T8265] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
[  480.824293][ T8266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.862237][   T66] wlan1: authentication with 08:02:11:00:00:00 timed out
[  480.871648][ T8269] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.882114][   T66] ==================================================================
[  480.890199][   T66] BUG: KASAN: slab-use-after-free in _raw_spin_lock+0x2e/0x40
[  480.897796][   T66] Read of size 1 at addr ffff888058aaec90 by task kworker/u8:4/66
[  480.905710][   T66] 
[  480.908075][   T66] CPU: 0 UID: 0 PID: 66 Comm: kworker/u8:4 Not tainted 6.16.0-rc6-syzkaller-g6832a9317eee #0 PREEMPT(full) 
[  480.908099][   T66] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  480.908110][   T66] Workqueue: events_unbound cfg80211_wiphy_work
[  480.908150][   T66] Call Trace:
[  480.908157][   T66]  <TASK>
[  480.908165][   T66]  dump_stack_lvl+0x189/0x250
[  480.908187][   T66]  ? __virt_addr_valid+0x1c8/0x5c0
[  480.908208][   T66]  ? rcu_is_watching+0x15/0xb0
[  480.908228][   T66]  ? __pfx_dump_stack_lvl+0x10/0x10
[  480.908247][   T66]  ? rcu_is_watching+0x15/0xb0
[  480.908265][   T66]  ? lock_release+0x4b/0x3e0
[  480.908282][   T66]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  480.908307][   T66]  ? __virt_addr_valid+0x1c8/0x5c0
[  480.908327][   T66]  ? __virt_addr_valid+0x4a5/0x5c0
[  480.908348][   T66]  print_report+0xca/0x230
[  480.908364][   T66]  ? _raw_spin_lock+0x2e/0x40
[  480.908385][   T66]  kasan_report+0x118/0x150
[  480.908409][   T66]  ? _raw_spin_lock+0x2e/0x40
[  480.908434][   T66]  ? lockref_get+0x15/0x60
[  480.908453][   T66]  __kasan_check_byte+0x2a/0x40
[  480.908475][   T66]  lock_acquire+0x8d/0x360
[  480.908492][   T66]  ? do_raw_spin_lock+0x121/0x290
[  480.908516][   T66]  _raw_spin_lock+0x2e/0x40
[  480.908538][   T66]  ? lockref_get+0x15/0x60
[  480.908557][   T66]  lockref_get+0x15/0x60
[  480.908575][   T66]  simple_recursive_removal+0x35/0x690
[  480.908597][   T66]  ? mntput+0x65/0xc0
[  480.908615][   T66]  ? __pfx_remove_one+0x10/0x10
[  480.908639][   T66]  debugfs_remove+0x5b/0x70
[  480.908659][   T66]  ieee80211_sta_debugfs_remove+0x40/0x70
[  480.908676][   T66]  __sta_info_destroy_part2+0x352/0x450
[  480.908700][   T66]  sta_info_destroy_addr+0xf5/0x140
[  480.908721][   T66]  ieee80211_destroy_auth_data+0x12d/0x260
[  480.908744][   T66]  ieee80211_sta_work+0x11cf/0x3600
[  480.908768][   T66]  ? kasan_save_track+0x3e/0x80
[  480.908787][   T66]  ? __kasan_slab_free+0x62/0x70
[  480.908807][   T66]  ? kmem_cache_free+0x18f/0x400
[  480.908829][   T66]  ? ieee80211_iface_work+0x997/0xfe0
[  480.908847][   T66]  ? cfg80211_wiphy_work+0x2df/0x460
[  480.908866][   T66]  ? process_scheduled_works+0xae1/0x17b0
[  480.908885][   T66]  ? worker_thread+0x8a0/0xda0
[  480.908902][   T66]  ? kthread+0x70e/0x8a0
[  480.908922][   T66]  ? ret_from_fork+0x3fc/0x770
[  480.908939][   T66]  ? ret_from_fork_asm+0x1a/0x30
[  480.908963][   T66]  ? __lock_acquire+0xab9/0xd20
[  480.908980][   T66]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  480.909009][   T66]  ? do_raw_spin_lock+0x121/0x290
[  480.909035][   T66]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  480.909060][   T66]  ? lockdep_hardirqs_on+0x9c/0x150
[  480.909078][   T66]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  480.909102][   T66]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  480.909126][   T66]  ? kcov_remote_stop+0x17e/0x6d0
[  480.909150][   T66]  ? lockdep_hardirqs_on+0x9c/0x150
[  480.909169][   T66]  ? skb_dequeue+0x10e/0x150
[  480.909187][   T66]  ? ieee80211_iface_work+0xcd4/0xfe0
[  480.909206][   T66]  ? ieee80211_iface_work+0xeef/0xfe0
[  480.909228][   T66]  cfg80211_wiphy_work+0x2df/0x460
[  480.909250][   T66]  ? process_scheduled_works+0x9ef/0x17b0
[  480.909269][   T66]  process_scheduled_works+0xae1/0x17b0
[  480.909300][   T66]  ? __pfx_process_scheduled_works+0x10/0x10
[  480.909326][   T66]  worker_thread+0x8a0/0xda0
[  480.909356][   T66]  kthread+0x70e/0x8a0
[  480.909379][   T66]  ? __pfx_worker_thread+0x10/0x10
[  480.909398][   T66]  ? __pfx_kthread+0x10/0x10
[  480.909420][   T66]  ? _raw_spin_unlock_irq+0x23/0x50
[  480.909444][   T66]  ? lockdep_hardirqs_on+0x9c/0x150
[  480.909459][   T66]  ? __pfx_kthread+0x10/0x10
[  480.909481][   T66]  ret_from_fork+0x3fc/0x770
[  480.909500][   T66]  ? __pfx_ret_from_fork+0x10/0x10
[  480.909519][   T66]  ? __switch_to_asm+0x39/0x70
[  480.909539][   T66]  ? __switch_to_asm+0x33/0x70
[  480.909559][   T66]  ? __pfx_kthread+0x10/0x10
[  480.909581][   T66]  ret_from_fork_asm+0x1a/0x30
[  480.909608][   T66]  </TASK>
[  480.909615][   T66] 
[  481.287892][   T66] Allocated by task 981:
[  481.292146][   T66]  kasan_save_track+0x3e/0x80
[  481.296853][   T66]  __kasan_slab_alloc+0x6c/0x80
[  481.301723][   T66]  kmem_cache_alloc_lru_noprof+0x1c6/0x3d0
[  481.307637][   T66]  __d_alloc+0x31/0x6f0
[  481.311818][   T66]  d_alloc_parallel+0xe0/0x14e0
[  481.316687][   T66]  __lookup_slow+0x116/0x3d0
[  481.321382][   T66]  start_creating+0x22e/0x3c0
[  481.326087][   T66]  debugfs_create_dir+0x28/0x420
[  481.331060][   T66]  ieee80211_sta_debugfs_add+0x12c/0x850
[  481.336723][   T66]  sta_info_insert_rcu+0xfac/0x1940
[  481.341962][   T66]  sta_info_insert+0x16/0xc0
[  481.346574][   T66]  ieee80211_prep_connection+0x10cd/0x1600
[  481.352411][   T66]  ieee80211_mgd_auth+0xee3/0x1770
[  481.357635][   T66]  cfg80211_mlme_auth+0x632/0x9c0
[  481.362674][   T66]  cfg80211_conn_do_work+0x501/0xd10
[  481.367984][   T66]  cfg80211_conn_work+0x2c0/0x440
[  481.373028][   T66]  process_scheduled_works+0xae1/0x17b0
[  481.378676][   T66]  worker_thread+0x8a0/0xda0
[  481.383286][   T66]  kthread+0x70e/0x8a0
[  481.387375][   T66]  ret_from_fork+0x3fc/0x770
[  481.392072][   T66]  ret_from_fork_asm+0x1a/0x30
[  481.396871][   T66] 
[  481.399203][   T66] Freed by task 23:
[  481.403015][   T66]  kasan_save_track+0x3e/0x80
[  481.407709][   T66]  kasan_save_free_info+0x46/0x50
[  481.412746][   T66]  __kasan_slab_free+0x62/0x70
[  481.417528][   T66]  kmem_cache_free+0x18f/0x400
[  481.422338][   T66]  rcu_core+0xca8/0x1710
[  481.426595][   T66]  handle_softirqs+0x286/0x870
[  481.431384][   T66]  run_ksoftirqd+0x9b/0x100
[  481.435906][   T66]  smpboot_thread_fn+0x53f/0xa60
[  481.440860][   T66]  kthread+0x70e/0x8a0
[  481.444950][   T66]  ret_from_fork+0x3fc/0x770
[  481.449557][   T66]  ret_from_fork_asm+0x1a/0x30
[  481.454340][   T66] 
[  481.456676][   T66] Last potentially related work creation:
[  481.462396][   T66]  kasan_save_stack+0x3e/0x60
[  481.467093][   T66]  kasan_record_aux_stack+0xbd/0xd0
[  481.472484][   T66]  call_rcu+0x157/0x9c0
[  481.476745][   T66]  __dentry_kill+0x4d2/0x660
[  481.481359][   T66]  dput+0x19f/0x2b0
[  481.485187][   T66]  find_next_child+0x1e5/0x250
[  481.490004][   T66]  simple_recursive_removal+0xf4/0x690
[  481.495486][   T66]  debugfs_remove+0x5b/0x70
[  481.500045][   T66]  ieee80211_debugfs_recreate_netdev+0xbf/0x1460
[  481.506399][   T66]  drv_remove_interface+0x1fa/0x590
[  481.511698][   T66]  ieee80211_change_mac+0x912/0x12c0
[  481.516994][   T66]  netif_set_mac_address+0x2f9/0x4c0
[  481.522291][   T66]  dev_set_mac_address_user+0x137/0x270
[  481.527853][   T66]  dev_ioctl+0x7b4/0x1150
[  481.532233][   T66]  sock_do_ioctl+0x22c/0x300
[  481.536938][   T66]  sock_ioctl+0x576/0x790
[  481.541279][   T66]  __se_sys_ioctl+0xf9/0x170
[  481.545993][   T66]  do_syscall_64+0xfa/0x3b0
[  481.550506][   T66]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.556421][   T66] 
[  481.558755][   T66] The buggy address belongs to the object at ffff888058aaebc0
[  481.558755][   T66]  which belongs to the cache dentry of size 312
[  481.572475][   T66] The buggy address is located 208 bytes inside of
[  481.572475][   T66]  freed 312-byte region [ffff888058aaebc0, ffff888058aaecf8)
[  481.586291][   T66] 
[  481.588710][   T66] The buggy address belongs to the physical page:
[  481.595158][   T66] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x58aae
[  481.603965][   T66] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  481.612480][   T66] memcg:ffff888075300d01
[  481.616739][   T66] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  481.624756][   T66] page_type: f5(slab)
[  481.628763][   T66] raw: 00fff00000000040 ffff88801ba95780 0000000000000000 dead000000000001
[  481.637364][   T66] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888075300d01
[  481.646012][   T66] head: 00fff00000000040 ffff88801ba95780 0000000000000000 dead000000000001
[  481.654699][   T66] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888075300d01
[  481.663392][   T66] head: 00fff00000000001 ffffea000162ab81 00000000ffffffff 00000000ffffffff
[  481.672180][   T66] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  481.680868][   T66] page dumped because: kasan: bad access detected
[  481.687316][   T66] page_owner tracks the page as allocated
[  481.693041][   T66] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 24, tgid 24 (kworker/1:0), ts 174376116550, free_ts 22020069131
[  481.715823][   T66]  post_alloc_hook+0x240/0x2a0
[  481.720612][   T66]  get_page_from_freelist+0x21e4/0x22c0
[  481.726177][   T66]  __alloc_frozen_pages_noprof+0x181/0x370
[  481.732004][   T66]  alloc_pages_mpol+0x232/0x4a0
[  481.736883][   T66]  allocate_slab+0x8a/0x3b0
[  481.741414][   T66]  ___slab_alloc+0xbfc/0x1480
[  481.746103][   T66]  kmem_cache_alloc_lru_noprof+0x288/0x3d0
[  481.751928][   T66]  __d_alloc+0x31/0x6f0
[  481.756098][   T66]  d_alloc_parallel+0xe0/0x14e0
[  481.760969][   T66]  __lookup_slow+0x116/0x3d0
[  481.765573][   T66]  start_creating+0x22e/0x3c0
[  481.770264][   T66]  __debugfs_create_file+0x79/0x4f0
[  481.775564][   T66]  debugfs_create_file_full+0x3f/0x60
[  481.780958][   T66]  sta_info_insert_rcu+0x10b3/0x1940
[  481.786385][   T66]  sta_info_insert+0x16/0xc0
[  481.790999][   T66]  ieee80211_prep_connection+0x10cd/0x1600
[  481.796829][   T66] page last free pid 1 tgid 1 stack trace:
[  481.802729][   T66]  __free_frozen_pages+0xc71/0xe70
[  481.807985][   T66]  free_contig_range+0x1bd/0x4a0
[  481.812938][   T66]  destroy_args+0x7e/0x5d0
[  481.817376][   T66]  debug_vm_pgtable+0x412/0x450
[  481.822243][   T66]  do_one_initcall+0x233/0x820
[  481.827032][   T66]  do_initcall_level+0x137/0x1f0
[  481.832025][   T66]  do_initcalls+0x69/0xd0
[  481.836379][   T66]  kernel_init_freeable+0x3d9/0x570
[  481.841598][   T66]  kernel_init+0x1d/0x1d0
[  481.845953][   T66]  ret_from_fork+0x3fc/0x770
[  481.850564][   T66]  ret_from_fork_asm+0x1a/0x30
[  481.855354][   T66] 
[  481.857693][   T66] Memory state around the buggy address:
[  481.863427][   T66]  ffff888058aaeb80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  481.871511][   T66]  ffff888058aaec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  481.879587][   T66] >ffff888058aaec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[  481.887669][   T66]                          ^
[  481.892268][   T66]  ffff888058aaed00: fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb
[  481.900429][   T66]  ffff888058aaed80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  481.908501][   T66] ==================================================================
[  481.917188][   T66] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  481.924401][   T66] CPU: 0 UID: 0 PID: 66 Comm: kworker/u8:4 Not tainted 6.16.0-rc6-syzkaller-g6832a9317eee #0 PREEMPT(full) 
[  481.935857][   T66] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  481.945929][   T66] Workqueue: events_unbound cfg80211_wiphy_work
[  481.952178][   T66] Call Trace:
[  481.955451][   T66]  <TASK>
[  481.958386][   T66]  dump_stack_lvl+0x99/0x250
[  481.962971][   T66]  ? __asan_memcpy+0x40/0x70
[  481.967552][   T66]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.972742][   T66]  ? __pfx__printk+0x10/0x10
[  481.977332][   T66]  panic+0x2db/0x790
[  481.981216][   T66]  ? lockdep_hardirqs_on+0x9c/0x150
[  481.986406][   T66]  ? __pfx_panic+0x10/0x10
[  481.990813][   T66]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  481.996702][   T66]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  482.002611][   T66]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  482.008938][   T66]  ? _raw_spin_lock+0x2e/0x40
[  482.013610][   T66]  check_panic_on_warn+0x89/0xb0
[  482.018544][   T66]  ? _raw_spin_lock+0x2e/0x40
[  482.023219][   T66]  end_report+0x78/0x160
[  482.027460][   T66]  kasan_report+0x129/0x150
[  482.031960][   T66]  ? _raw_spin_lock+0x2e/0x40
[  482.036671][   T66]  ? lockref_get+0x15/0x60
[  482.041088][   T66]  __kasan_check_byte+0x2a/0x40
[  482.046025][   T66]  lock_acquire+0x8d/0x360
[  482.050435][   T66]  ? do_raw_spin_lock+0x121/0x290
[  482.055485][   T66]  _raw_spin_lock+0x2e/0x40
[  482.059985][   T66]  ? lockref_get+0x15/0x60
[  482.064395][   T66]  lockref_get+0x15/0x60
[  482.068632][   T66]  simple_recursive_removal+0x35/0x690
[  482.074084][   T66]  ? mntput+0x65/0xc0
[  482.078062][   T66]  ? __pfx_remove_one+0x10/0x10
[  482.082909][   T66]  debugfs_remove+0x5b/0x70
[  482.087407][   T66]  ieee80211_sta_debugfs_remove+0x40/0x70
[  482.093117][   T66]  __sta_info_destroy_part2+0x352/0x450
[  482.098662][   T66]  sta_info_destroy_addr+0xf5/0x140
[  482.103852][   T66]  ieee80211_destroy_auth_data+0x12d/0x260
[  482.109739][   T66]  ieee80211_sta_work+0x11cf/0x3600
[  482.115103][   T66]  ? kasan_save_track+0x3e/0x80
[  482.119975][   T66]  ? __kasan_slab_free+0x62/0x70
[  482.124907][   T66]  ? kmem_cache_free+0x18f/0x400
[  482.129840][   T66]  ? ieee80211_iface_work+0x997/0xfe0
[  482.135207][   T66]  ? cfg80211_wiphy_work+0x2df/0x460
[  482.140481][   T66]  ? process_scheduled_works+0xae1/0x17b0
[  482.146195][   T66]  ? worker_thread+0x8a0/0xda0
[  482.150960][   T66]  ? kthread+0x70e/0x8a0
[  482.155194][   T66]  ? ret_from_fork+0x3fc/0x770
[  482.159951][   T66]  ? ret_from_fork_asm+0x1a/0x30
[  482.164889][   T66]  ? __lock_acquire+0xab9/0xd20
[  482.169731][   T66]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  482.175444][   T66]  ? do_raw_spin_lock+0x121/0x290
[  482.180641][   T66]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  482.186529][   T66]  ? lockdep_hardirqs_on+0x9c/0x150
[  482.191715][   T66]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  482.197602][   T66]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  482.203921][   T66]  ? kcov_remote_stop+0x17e/0x6d0
[  482.208940][   T66]  ? lockdep_hardirqs_on+0x9c/0x150
[  482.214132][   T66]  ? skb_dequeue+0x10e/0x150
[  482.218714][   T66]  ? ieee80211_iface_work+0xcd4/0xfe0
[  482.224079][   T66]  ? ieee80211_iface_work+0xeef/0xfe0
[  482.229445][   T66]  cfg80211_wiphy_work+0x2df/0x460
[  482.234565][   T66]  ? process_scheduled_works+0x9ef/0x17b0
[  482.240466][   T66]  process_scheduled_works+0xae1/0x17b0
[  482.246027][   T66]  ? __pfx_process_scheduled_works+0x10/0x10
[  482.252009][   T66]  worker_thread+0x8a0/0xda0
[  482.256602][   T66]  kthread+0x70e/0x8a0
[  482.260670][   T66]  ? __pfx_worker_thread+0x10/0x10
[  482.265784][   T66]  ? __pfx_kthread+0x10/0x10
[  482.270387][   T66]  ? _raw_spin_unlock_irq+0x23/0x50
[  482.275579][   T66]  ? lockdep_hardirqs_on+0x9c/0x150
[  482.280767][   T66]  ? __pfx_kthread+0x10/0x10
[  482.285352][   T66]  ret_from_fork+0x3fc/0x770
[  482.289937][   T66]  ? __pfx_ret_from_fork+0x10/0x10
[  482.295242][   T66]  ? __switch_to_asm+0x39/0x70
[  482.300032][   T66]  ? __switch_to_asm+0x33/0x70
[  482.304813][   T66]  ? __pfx_kthread+0x10/0x10
[  482.309413][   T66]  ret_from_fork_asm+0x1a/0x30
[  482.314186][   T66]  </TASK>
[  482.317568][   T66] Kernel Offset: disabled
[  482.321939][   T66] Rebooting in 86400 seconds..