[  463.406548][ T7771] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  463.437802][ T6002] wlan1: No basic rates, using min rate instead
[  463.444891][ T6002] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  463.454711][ T6002] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  463.567379][ T1166] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  463.677397][   T65] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  463.787314][ T1166] wlan1: authentication with 08:02:11:00:00:00 timed out
[  463.939234][ T7773] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  463.978092][    T9] wlan1: No basic rates, using min rate instead
[  463.985184][    T9] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  463.994335][    T9] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  464.107397][   T65] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  464.217365][ T1166] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  464.327401][   T65] wlan1: authentication with 08:02:11:00:00:00 timed out
[  464.471598][ T7775] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  464.519133][    T9] wlan1: No basic rates, using min rate instead
[  464.526252][    T9] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  464.535352][    T9] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  464.647323][ T7776] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  464.767386][   T12] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  464.877409][   T12] wlan1: authentication with 08:02:11:00:00:00 timed out
[  465.003322][ T7778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  465.038785][    T9] wlan1: No basic rates, using min rate instead
[  465.046437][    T9] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  465.055487][    T9] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  465.167343][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  465.277355][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  465.387413][ T2982] wlan1: authentication with 08:02:11:00:00:00 timed out
[  465.543316][ T7780] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  465.577984][    T9] wlan1: No basic rates, using min rate instead
[  465.585626][    T9] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  465.595059][    T9] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  465.707339][ T7776] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  465.817445][ T7776] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  465.927355][ T7776] wlan1: authentication with 08:02:11:00:00:00 timed out
[  466.074926][ T7782] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  466.108229][ T6002] wlan1: No basic rates, using min rate instead
[  466.115971][ T6002] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  466.125348][ T6002] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  466.237285][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  466.347631][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  466.457367][ T7776] wlan1: authentication with 08:02:11:00:00:00 timed out
[  466.488572][ T7776] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.538158][ T7776] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.597326][ T7776] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.660541][ T7776] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.755485][ T7776] bridge_slave_1: left allmulticast mode
[  466.763939][ T7776] bridge_slave_1: left promiscuous mode
[  466.771010][ T7776] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.779901][ T7776] bridge_slave_0: left allmulticast mode
[  466.785532][ T7776] bridge_slave_0: left promiscuous mode
[  466.791387][ T7776] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.997953][ T7776] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  467.009366][ T7776] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  467.019205][ T7776] bond0 (unregistering): Released all slaves
[  467.283537][ T7776] hsr_slave_0: left promiscuous mode
[  467.291041][ T7776] hsr_slave_1: left promiscuous mode
[  467.297115][ T7776] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  467.306104][ T7776] batman_adv: batadv0: Removing interface: batadv_slave_0
[  467.314142][ T7776] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  467.321934][ T7776] batman_adv: batadv0: Removing interface: batadv_slave_1
[  467.342086][ T7776] veth1_macvtap: left promiscuous mode
[  467.348179][ T7776] veth0_macvtap: left promiscuous mode
[  467.353885][ T7776] veth1_vlan: left promiscuous mode
[  467.360074][ T7776] veth0_vlan: left promiscuous mode
[  467.675045][ T7776] team0 (unregistering): Port device team_slave_1 removed
[  467.701821][ T7776] team0 (unregistering): Port device team_slave_0 removed
Warning: Permanently added '10.128.0.240' (ED25519) to the list of known hosts.
[  468.994421][ T7776] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  469.014979][ T7776] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  469.048301][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  469.056153][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[  469.100689][ T7847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.124952][ T7849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.138773][ T6002] wlan1: No basic rates, using min rate instead
executing program
executing program
[  469.150178][ T6002] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  469.160423][ T6002] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  469.170813][ T7850] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.206131][ T7852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.236702][ T7854] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.265194][ T7855] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.275068][ T7776] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  469.302613][ T7857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.328167][ T7858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.349410][ T7859] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[  469.370598][ T7860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.394350][ T7861] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.418284][ T7862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.439909][ T7863] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.463839][ T7864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.484963][ T7865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.509778][ T7866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[  469.531196][ T7867] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.553882][ T7868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.575602][ T7869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.596882][ T7870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.620943][ T7871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.644756][ T7872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.670065][ T7873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.691853][ T7874] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.715835][ T7875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
executing program
[  469.740208][ T7876] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.763190][ T7877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.784604][ T7878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.805984][ T7879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.817347][ T2982] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  469.839766][ T7880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
executing program
[  469.863772][ T7881] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.885148][ T7882] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
executing program
[  469.912074][ T7884] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  469.927456][ T7776] wlan1: authentication with 08:02:11:00:00:00 timed out
[  469.935464][ T7776] ==================================================================
[  469.943542][ T7776] BUG: KASAN: slab-use-after-free in _raw_spin_lock+0x2e/0x40
[  469.951014][ T7776] Read of size 1 at addr ffff888064a69b40 by task kworker/u8:1/7776
[  469.958977][ T7776] 
[  469.961308][ T7776] CPU: 0 UID: 0 PID: 7776 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) 
[  469.961323][ T7776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  469.961331][ T7776] Workqueue: events_unbound cfg80211_wiphy_work
[  469.961368][ T7776] Call Trace:
[  469.961374][ T7776]  <TASK>
[  469.961380][ T7776]  dump_stack_lvl+0x189/0x250
[  469.961395][ T7776]  ? __virt_addr_valid+0x1c8/0x5c0
[  469.961408][ T7776]  ? rcu_is_watching+0x15/0xb0
[  469.961420][ T7776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.961432][ T7776]  ? rcu_is_watching+0x15/0xb0
[  469.961446][ T7776]  ? lock_release+0x4b/0x3e0
[  469.961455][ T7776]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  469.961466][ T7776]  ? __virt_addr_valid+0x1c8/0x5c0
[  469.961478][ T7776]  ? __virt_addr_valid+0x4a5/0x5c0
[  469.961490][ T7776]  print_report+0xca/0x240
[  469.961501][ T7776]  ? _raw_spin_lock+0x2e/0x40
[  469.961510][ T7776]  kasan_report+0x118/0x150
[  469.961520][ T7776]  ? _raw_spin_lock+0x2e/0x40
[  469.961530][ T7776]  ? lockref_get+0x15/0x60
[  469.961541][ T7776]  __kasan_check_byte+0x2a/0x40
[  469.961550][ T7776]  lock_acquire+0x8d/0x360
[  469.961559][ T7776]  ? do_raw_spin_lock+0x121/0x290
[  469.961579][ T7776]  _raw_spin_lock+0x2e/0x40
[  469.961588][ T7776]  ? lockref_get+0x15/0x60
[  469.961599][ T7776]  lockref_get+0x15/0x60
[  469.961609][ T7776]  __simple_recursive_removal+0x33/0x510
[  469.961623][ T7776]  ? mntput+0x65/0xc0
[  469.961634][ T7776]  ? __pfx_remove_one+0x10/0x10
[  469.961649][ T7776]  debugfs_remove+0x5b/0x70
[  469.961661][ T7776]  ieee80211_sta_debugfs_remove+0x40/0x70
[  469.961673][ T7776]  __sta_info_destroy_part2+0x352/0x450
[  469.961687][ T7776]  sta_info_destroy_addr+0xf5/0x140
[  469.961699][ T7776]  ieee80211_destroy_auth_data+0x12d/0x260
[  469.961714][ T7776]  ieee80211_sta_work+0x11cf/0x3600
[  469.961730][ T7776]  ? __lock_acquire+0xab9/0xd20
[  469.961740][ T7776]  ? __lock_acquire+0xab9/0xd20
[  469.961749][ T7776]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  469.961762][ T7776]  ? do_raw_spin_lock+0x121/0x290
[  469.961776][ T7776]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  469.961786][ T7776]  ? lockdep_hardirqs_on+0x9c/0x150
[  469.961797][ T7776]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  469.961807][ T7776]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  469.961817][ T7776]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  469.961830][ T7776]  ? skb_dequeue+0x10e/0x150
[  469.961841][ T7776]  ? ieee80211_iface_work+0xfc4/0x12d0
[  469.961853][ T7776]  ? ieee80211_iface_work+0x11d6/0x12d0
[  469.961864][ T7776]  ? rcu_is_watching+0x15/0xb0
[  469.961875][ T7776]  cfg80211_wiphy_work+0x2bb/0x470
[  469.961886][ T7776]  ? process_scheduled_works+0x9ef/0x17b0
[  469.961896][ T7776]  process_scheduled_works+0xae1/0x17b0
[  469.961911][ T7776]  ? __pfx_process_scheduled_works+0x10/0x10
[  469.961925][ T7776]  worker_thread+0x8a0/0xda0
[  469.961935][ T7776]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  469.961947][ T7776]  ? __kthread_parkme+0x7b/0x200
[  469.961960][ T7776]  kthread+0x711/0x8a0
[  469.961977][ T7776]  ? __pfx_worker_thread+0x10/0x10
[  469.961987][ T7776]  ? __pfx_kthread+0x10/0x10
[  469.961998][ T7776]  ? _raw_spin_unlock_irq+0x23/0x50
[  469.962008][ T7776]  ? lockdep_hardirqs_on+0x9c/0x150
[  469.962018][ T7776]  ? __pfx_kthread+0x10/0x10
[  469.962029][ T7776]  ret_from_fork+0x4bc/0x870
[  469.962040][ T7776]  ? __pfx_ret_from_fork+0x10/0x10
[  469.962051][ T7776]  ? __switch_to_asm+0x39/0x70
[  469.962058][ T7776]  ? __switch_to_asm+0x33/0x70
[  469.962066][ T7776]  ? __pfx_kthread+0x10/0x10
[  469.962077][ T7776]  ret_from_fork_asm+0x1a/0x30
[  469.962089][ T7776]  </TASK>
[  469.962093][ T7776] 
[  470.304047][ T7776] Allocated by task 6002:
[  470.308349][ T7776]  kasan_save_track+0x3e/0x80
[  470.313005][ T7776]  __kasan_slab_alloc+0x6c/0x80
[  470.317832][ T7776]  kmem_cache_alloc_lru_noprof+0x35d/0x6d0
[  470.323636][ T7776]  __d_alloc+0x36/0x7a0
[  470.327776][ T7776]  d_alloc_parallel+0xe1/0x1610
[  470.332622][ T7776]  __lookup_slow+0x116/0x3d0
[  470.337214][ T7776]  simple_start_creating+0xfd/0x1e0
[  470.342413][ T7776]  debugfs_start_creating+0x10f/0x180
[  470.347784][ T7776]  debugfs_create_dir+0x28/0x420
[  470.352718][ T7776]  ieee80211_sta_debugfs_add+0x12c/0x850
[  470.358341][ T7776]  sta_info_insert_rcu+0x1c54/0x2840
[  470.363613][ T7776]  sta_info_insert+0x16/0xc0
[  470.368194][ T7776]  ieee80211_prep_connection+0xfce/0x13f0
[  470.373893][ T7776]  ieee80211_mgd_auth+0xee6/0x1770
[  470.378987][ T7776]  cfg80211_mlme_auth+0x632/0x9c0
[  470.383989][ T7776]  cfg80211_conn_do_work+0x501/0xd10
[  470.389251][ T7776]  cfg80211_conn_work+0x2c0/0x460
[  470.394389][ T7776]  process_scheduled_works+0xae1/0x17b0
[  470.399925][ T7776]  worker_thread+0x8a0/0xda0
[  470.404539][ T7776]  kthread+0x711/0x8a0
[  470.408589][ T7776]  ret_from_fork+0x4bc/0x870
[  470.413153][ T7776]  ret_from_fork_asm+0x1a/0x30
[  470.417976][ T7776] 
[  470.420274][ T7776] Freed by task 15:
[  470.424058][ T7776]  kasan_save_track+0x3e/0x80
[  470.428712][ T7776]  __kasan_save_free_info+0x46/0x50
[  470.433909][ T7776]  __kasan_slab_free+0x5c/0x80
[  470.438657][ T7776]  kmem_cache_free+0x19b/0x690
[  470.443402][ T7776]  rcu_core+0xcab/0x1770
[  470.447616][ T7776]  handle_softirqs+0x286/0x870
[  470.452359][ T7776]  run_ksoftirqd+0x9b/0x100
[  470.456835][ T7776]  smpboot_thread_fn+0x542/0xa60
[  470.461745][ T7776]  kthread+0x711/0x8a0
[  470.465814][ T7776]  ret_from_fork+0x4bc/0x870
[  470.470377][ T7776]  ret_from_fork_asm+0x1a/0x30
[  470.475120][ T7776] 
[  470.477445][ T7776] Last potentially related work creation:
[  470.483152][ T7776]  kasan_save_stack+0x3e/0x60
[  470.487808][ T7776]  kasan_record_aux_stack+0xbd/0xd0
[  470.492985][ T7776]  call_rcu+0x157/0x9c0
[  470.497121][ T7776]  __dentry_kill+0x4d2/0x660
[  470.501700][ T7776]  dput+0x19f/0x2b0
[  470.505477][ T7776]  find_next_child+0x1e5/0x250
[  470.510310][ T7776]  __simple_recursive_removal+0x10b/0x510
[  470.516010][ T7776]  debugfs_remove+0x5b/0x70
[  470.520490][ T7776]  ieee80211_debugfs_recreate_netdev+0xbf/0x1460
[  470.526798][ T7776]  drv_remove_interface+0x1fa/0x590
[  470.531967][ T7776]  ieee80211_change_mac+0x912/0x12d0
[  470.537337][ T7776]  netif_set_mac_address+0x2fc/0x4c0
[  470.542615][ T7776]  dev_set_mac_address_user+0x137/0x270
[  470.548138][ T7776]  dev_ioctl+0x7b4/0x1150
[  470.552441][ T7776]  sock_do_ioctl+0x22c/0x300
[  470.557001][ T7776]  sock_ioctl+0x576/0x790
[  470.561304][ T7776]  __se_sys_ioctl+0xfc/0x170
[  470.565865][ T7776]  do_syscall_64+0xfa/0xfa0
[  470.570354][ T7776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.576218][ T7776] 
[  470.578515][ T7776] The buggy address belongs to the object at ffff888064a69a70
[  470.578515][ T7776]  which belongs to the cache dentry of size 312
[  470.592114][ T7776] The buggy address is located 208 bytes inside of
[  470.592114][ T7776]  freed 312-byte region [ffff888064a69a70, ffff888064a69ba8)
[  470.605973][ T7776] 
[  470.608288][ T7776] The buggy address belongs to the physical page:
[  470.614727][ T7776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64a68
[  470.623481][ T7776] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  470.631959][ T7776] memcg:ffff888067744001
[  470.636177][ T7776] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  470.644140][ T7776] page_type: f5(slab)
[  470.648101][ T7776] raw: 00fff00000000040 ffff88801b2fd780 0000000000000000 dead000000000001
[  470.657441][ T7776] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888067744001
[  470.666093][ T7776] head: 00fff00000000040 ffff88801b2fd780 0000000000000000 dead000000000001
[  470.674737][ T7776] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888067744001
[  470.683392][ T7776] head: 00fff00000000001 ffffea0001929a01 00000000ffffffff 00000000ffffffff
[  470.692043][ T7776] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  470.700697][ T7776] page dumped because: kasan: bad access detected
[  470.707319][ T7776] page_owner tracks the page as allocated
[  470.713166][ T7776] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6349, tgid 6349 (syz-executor), ts 122751198767, free_ts 20948215235
[  470.736508][ T7776]  post_alloc_hook+0x240/0x2a0
[  470.741289][ T7776]  get_page_from_freelist+0x2365/0x2440
[  470.746825][ T7776]  __alloc_frozen_pages_noprof+0x181/0x370
[  470.752616][ T7776]  alloc_pages_mpol+0x232/0x4a0
[  470.757451][ T7776]  allocate_slab+0x96/0x3a0
[  470.761933][ T7776]  ___slab_alloc+0xe94/0x18a0
[  470.766841][ T7776]  __slab_alloc+0x65/0x100
[  470.771232][ T7776]  kmem_cache_alloc_lru_noprof+0x3ef/0x6d0
[  470.777014][ T7776]  __d_alloc+0x36/0x7a0
[  470.781141][ T7776]  d_alloc_pseudo+0x21/0xc0
[  470.785617][ T7776]  alloc_file_pseudo+0xcc/0x210
[  470.790443][ T7776]  sock_alloc_file+0xb8/0x2e0
[  470.795097][ T7776]  __sys_socket+0x13d/0x1b0
[  470.799576][ T7776]  __x64_sys_socket+0x7a/0x90
[  470.804296][ T7776]  do_syscall_64+0xfa/0xfa0
[  470.808795][ T7776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.814682][ T7776] page last free pid 1 tgid 1 stack trace:
[  470.820479][ T7776]  __free_frozen_pages+0xbc4/0xd30
[  470.825585][ T7776]  free_contig_range+0x1bd/0x4a0
[  470.830502][ T7776]  destroy_args+0x69/0x660
[  470.834911][ T7776]  debug_vm_pgtable+0x39f/0x3b0
[  470.839765][ T7776]  do_one_initcall+0x236/0x820
[  470.844518][ T7776]  do_initcall_level+0x104/0x190
[  470.849444][ T7776]  do_initcalls+0x59/0xa0
[  470.853760][ T7776]  kernel_init_freeable+0x334/0x4b0
[  470.858941][ T7776]  kernel_init+0x1d/0x1d0
[  470.863304][ T7776]  ret_from_fork+0x4bc/0x870
[  470.867902][ T7776]  ret_from_fork_asm+0x1a/0x30
[  470.872658][ T7776] 
[  470.875052][ T7776] Memory state around the buggy address:
[  470.880717][ T7776]  ffff888064a69a00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb
[  470.888757][ T7776]  ffff888064a69a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  470.896837][ T7776] >ffff888064a69b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  470.905283][ T7776]                                            ^
[  470.911426][ T7776]  ffff888064a69b80: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb
[  470.919635][ T7776]  ffff888064a69c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  470.927764][ T7776] ==================================================================
[  470.936633][ T7776] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  470.944270][ T7776] CPU: 0 UID: 0 PID: 7776 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) 
[  470.953739][ T7776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  470.963886][ T7776] Workqueue: events_unbound cfg80211_wiphy_work
[  470.970148][ T7776] Call Trace:
[  470.973433][ T7776]  <TASK>
[  470.976372][ T7776]  dump_stack_lvl+0x99/0x250
[  470.980975][ T7776]  ? __asan_memcpy+0x40/0x70
[  470.985580][ T7776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  470.990788][ T7776]  ? __pfx__printk+0x10/0x10
[  470.995384][ T7776]  vpanic+0x237/0x6d0
[  470.999356][ T7776]  ? __pfx_vpanic+0x10/0x10
[  471.003842][ T7776]  panic+0xb9/0xc0
[  471.007548][ T7776]  ? __pfx_panic+0x10/0x10
[  471.011946][ T7776]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  471.017820][ T7776]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  471.023782][ T7776]  ? is_module_address+0x17/0xf0
[  471.028756][ T7776]  ? _raw_spin_lock+0x2e/0x40
[  471.033448][ T7776]  check_panic_on_warn+0x89/0xb0
[  471.038387][ T7776]  ? _raw_spin_lock+0x2e/0x40
[  471.043055][ T7776]  end_report+0x78/0x160
[  471.047279][ T7776]  kasan_report+0x129/0x150
[  471.051774][ T7776]  ? _raw_spin_lock+0x2e/0x40
[  471.056443][ T7776]  ? lockref_get+0x15/0x60
[  471.060842][ T7776]  __kasan_check_byte+0x2a/0x40
[  471.065673][ T7776]  lock_acquire+0x8d/0x360
[  471.070260][ T7776]  ? do_raw_spin_lock+0x121/0x290
[  471.075276][ T7776]  _raw_spin_lock+0x2e/0x40
[  471.079773][ T7776]  ? lockref_get+0x15/0x60
[  471.084171][ T7776]  lockref_get+0x15/0x60
[  471.088396][ T7776]  __simple_recursive_removal+0x33/0x510
[  471.094016][ T7776]  ? mntput+0x65/0xc0
[  471.097984][ T7776]  ? __pfx_remove_one+0x10/0x10
[  471.102826][ T7776]  debugfs_remove+0x5b/0x70
[  471.107325][ T7776]  ieee80211_sta_debugfs_remove+0x40/0x70
[  471.113052][ T7776]  __sta_info_destroy_part2+0x352/0x450
[  471.118608][ T7776]  sta_info_destroy_addr+0xf5/0x140
[  471.123796][ T7776]  ieee80211_destroy_auth_data+0x12d/0x260
[  471.129680][ T7776]  ieee80211_sta_work+0x11cf/0x3600
[  471.134875][ T7776]  ? __lock_acquire+0xab9/0xd20
[  471.139731][ T7776]  ? __lock_acquire+0xab9/0xd20
[  471.144575][ T7776]  ? __pfx_ieee80211_sta_work+0x10/0x10
[  471.150133][ T7776]  ? do_raw_spin_lock+0x121/0x290
[  471.155159][ T7776]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  471.161040][ T7776]  ? lockdep_hardirqs_on+0x9c/0x150
[  471.166269][ T7776]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  471.172143][ T7776]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  471.178463][ T7776]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  471.183825][ T7776]  ? skb_dequeue+0x10e/0x150
[  471.188411][ T7776]  ? ieee80211_iface_work+0xfc4/0x12d0
[  471.193860][ T7776]  ? ieee80211_iface_work+0x11d6/0x12d0
[  471.199389][ T7776]  ? rcu_is_watching+0x15/0xb0
[  471.204137][ T7776]  cfg80211_wiphy_work+0x2bb/0x470
[  471.209267][ T7776]  ? process_scheduled_works+0x9ef/0x17b0
[  471.214973][ T7776]  process_scheduled_works+0xae1/0x17b0
[  471.220594][ T7776]  ? __pfx_process_scheduled_works+0x10/0x10
[  471.226821][ T7776]  worker_thread+0x8a0/0xda0
[  471.231395][ T7776]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  471.237709][ T7776]  ? __kthread_parkme+0x7b/0x200
[  471.242634][ T7776]  kthread+0x711/0x8a0
[  471.246688][ T7776]  ? __pfx_worker_thread+0x10/0x10
[  471.251779][ T7776]  ? __pfx_kthread+0x10/0x10
[  471.256354][ T7776]  ? _raw_spin_unlock_irq+0x23/0x50
[  471.261541][ T7776]  ? lockdep_hardirqs_on+0x9c/0x150
[  471.266810][ T7776]  ? __pfx_kthread+0x10/0x10
[  471.271386][ T7776]  ret_from_fork+0x4bc/0x870
[  471.275958][ T7776]  ? __pfx_ret_from_fork+0x10/0x10
[  471.281057][ T7776]  ? __switch_to_asm+0x39/0x70
[  471.285815][ T7776]  ? __switch_to_asm+0x33/0x70
[  471.290558][ T7776]  ? __pfx_kthread+0x10/0x10
[  471.295137][ T7776]  ret_from_fork_asm+0x1a/0x30
[  471.299887][ T7776]  </TASK>
[  471.303183][ T7776] Kernel Offset: disabled
[  471.307537][ T7776] Rebooting in 86400 seconds..