./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1422629444
<...>
Warning: Permanently added '10.128.10.29' (ED25519) to the list of known hosts.
execve("./syz-executor1422629444", ["./syz-executor1422629444"], 0x7ffd7533fa60 /* 10 vars */) = 0
brk(NULL) = 0x5555570ca000
brk(0x5555570cad00) = 0x5555570cad00
arch_prctl(ARCH_SET_FS, 0x5555570ca380) = 0
set_tid_address(0x5555570ca650) = 5066
set_robust_list(0x5555570ca660, 24) = 0
rseq(0x5555570caca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1422629444", 4096) = 28
getrandom("\xe1\x87\x9d\xef\x78\xaa\xf9\x77", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555570cad00
brk(0x5555570ebd00) = 0x5555570ebd00
brk(0x5555570ec000) = 0x5555570ec000
mprotect(0x7f2b9b38d000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached
, child_tidptr=0x5555570ca650) = 5067
[pid 5067] set_robust_list(0x5555570ca660, 24) = 0
[pid 5067] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5067] setsid() = 1
[pid 5067] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid 5067] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid 5067] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid 5067] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid 5067] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid 5067] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid 5067] unshare(CLONE_NEWNS) = 0
[pid 5067] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid 5067] unshare(CLONE_NEWIPC) = 0
[pid 5067] unshare(CLONE_NEWCGROUP) = 0
[pid 5067] unshare(CLONE_NEWUTS) = 0
[pid 5067] unshare(CLONE_SYSVSEM) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "16777216", 8) = 8
[pid 5067] close(3) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "536870912", 9) = 9
[pid 5067] close(3) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "1024", 4) = 4
[pid 5067] close(3) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "8192", 4) = 4
[pid 5067] close(3) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "1024", 4) = 4
[pid 5067] close(3) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "1024", 4) = 4
[pid 5067] close(3) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "1024 1048576 500 1024", 21) = 21
[pid 5067] close(3) = 0
[pid 5067] getpid() = 1
[pid 5067] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 5067] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 5067] unshare(CLONE_NEWNET) = 0
[pid 5067] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "0 65535", 7) = 7
[pid 5067] close(3) = 0
[pid 5067] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid 5067] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid 5067] close(3) = 0
[pid 5067] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid 5067] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid 5067] recvfrom(3, [{nlmsg_len=244, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x2a\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1c\x00\x00\x00\x90\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 244
[pid 5067] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5067] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5067] recvfrom(3, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid 5067] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5067] sendto(3, [{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5067] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid 5067] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5067] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid 5067] close(4) = 0
[pid 5067] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5067] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5067] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid 5067] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid 5067] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid 5067] close(4) = 0
[pid 5067] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid 5067] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5067] sendto(3, [{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5067] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x2a /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid 5067] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5067] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid 5067] close(4) = 0
[pid 5067] sendto(3, [{nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5067] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5067] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid 5067] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[ 58.705676][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.714181][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid 5067] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid 5067] close(4) = 0
[pid 5067] sendto(3, [{nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid 5067] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x23 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5067] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5067] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid 5067] close(4) = 0
[pid 5067] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid 5067] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5067] recvfrom(4, [{nlmsg_len=1460, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0b\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1460
[pid 5067] close(4) = 0
[pid 5067] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5067] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid 5067] close(4) = 0
[pid 5067] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid 5067] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5067] recvfrom(4, [{nlmsg_len=1460, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1460
[pid 5067] close(4) = 0
[pid 5067] close(3) = 0
[pid 5067] mkdir("/dev/binderfs", 0777) = 0
[pid 5067] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid 5067] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570ca650) = 2
./strace-static-x86_64: Process 5071 attached
[ 58.775837][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 58.783835][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid 5071] set_robust_list(0x5555570ca660, 24) = 0
[pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5071] setpgid(0, 0) = 0
[pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5071] write(3, "1000", 4) = 4
[pid 5071] close(3) = 0
[pid 5071] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid 5071] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid 5071] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5071] recvfrom(4, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=2}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid 5071] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=2}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5071] close(4) = 0
[pid 5071] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid 5071] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid 5071] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x24\x00\x00\x00\x23\x00\x4b\xf2\x00\x00\x00\x00\x00\x00\x00\x00\x5c\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x6b\x00\x1c\x02\x00\x00", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 36
[pid 5071] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5
[pid 5071] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x38\x00\x00\x00\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x14\x00\x1b\x00\x00\x00\x00\x00\x00\x00\x00\x21\x00\x00\x00\x00\x00\x00\x00\x01\x04\x00\x00\x00", iov_len=56}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 56
[pid 5071] close(3) = 0
[pid 5071] close(4) = 0
[pid 5071] close(5) = 0
[pid 5071] close(6) = -1 EBADF (Bad file descriptor)
[pid 5071] close(7) = -1 EBADF (Bad file descriptor)
[ 58.936707][ T5071] netlink: 'syz-executor142': attribute type 27 has an invalid length.
[pid 5071] close(8) = -1 EBADF (Bad file descriptor)
[pid 5071] close(9) = -1 EBADF (Bad file descriptor)
[pid 5071] close(10) = -1 EBADF (Bad file descriptor)
[pid 5071] close(11) = -1 EBADF (Bad file descriptor)
[pid 5071] close(12) = -1 EBADF (Bad file descriptor)
[pid 5071] close(13) = -1 EBADF (Bad file descriptor)
[pid 5071] close(14) = -1 EBADF (Bad file descriptor)
[pid 5071] close(15) = -1 EBADF (Bad file descriptor)
[pid 5071] close(16) = -1 EBADF (Bad file descriptor)
[pid 5071] close(17) = -1 EBADF (Bad file descriptor)
[pid 5071] close(18) = -1 EBADF (Bad file descriptor)
[pid 5071] close(19) = -1 EBADF (Bad file descriptor)
[pid 5071] close(20) = -1 EBADF (Bad file descriptor)
[pid 5071] close(21) = -1 EBADF (Bad file descriptor)
[pid 5071] close(22) = -1 EBADF (Bad file descriptor)
[pid 5071] close(23) = -1 EBADF (Bad file descriptor)
[pid 5071] close(24) = -1 EBADF (Bad file descriptor)
[pid 5071] close(25) = -1 EBADF (Bad file descriptor)
[pid 5071] close(26) = -1 EBADF (Bad file descriptor)
[pid 5071] close(27) = -1 EBADF (Bad file descriptor)
[pid 5071] close(28) = -1 EBADF (Bad file descriptor)
[pid 5071] close(29) = -1 EBADF (Bad file descriptor)
[pid 5071] exit_group(0) = ?
[pid 5071] +++ exited with 0 +++
[pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
[pid 5067] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached
, child_tidptr=0x5555570ca650) = 3
[pid 5072] set_robust_list(0x5555570ca660, 24) = 0
[pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5072] setpgid(0, 0) = 0
[pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5072] write(3, "1000", 4) = 4
[pid 5072] close(3) = 0
[pid 5072] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid 5072] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid 5072] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5072] recvfrom(4, [{nlmsg_len=2496, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x23\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x46\x01\x00\x00\xec\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2496
[pid 5072] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5072] close(4) = 0
[pid 5072] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid 5072] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[ 59.127802][ T5072] ------------[ cut here ]------------
[ 59.133614][ T5072] wlan1: Failed check-sdata-in-driver check, flags: 0x0
[ 59.141209][ T5072] WARNING: CPU: 0 PID: 5072 at net/mac80211/main.c:290 ieee80211_link_info_change_notify+0x215/0x340
[ 59.152127][ T5072] Modules linked in:
[ 59.156008][ T5072] CPU: 0 PID: 5072 Comm: syz-executor142 Not tainted 6.7.0-rc6-syzkaller-00303-g3f82f1c3a036 #0
[ 59.166460][ T5072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[ 59.176565][ T5072] RIP: 0010:ieee80211_link_info_change_notify+0x215/0x340
[ 59.183771][ T5072] Code: e8 c0 fe 97 f7 48 8b 74 24 08 48 89 74 24 08 e8 b1 fe 97 f7 8b 54 24 04 48 c7 c7 00 d0 0b 8c 48 8b 74 24 08 e8 4c 40 5e f7 90 <0f> 0b 90 90 e8 92 fe 97 f7 4c 89 e2 48 b8 00 00 00 00 00 fc ff df
[ 59.203450][ T5072] RSP: 0018:ffffc900042a7450 EFLAGS: 00010286
[ 59.209505][ T5072] RAX: 0000000000000000 RBX: ffff888069a44c80 RCX: ffffffff814db519
[ 59.217542][ T5072] RDX: ffff888016e93b80 RSI: ffffffff814db526 RDI: 0000000000000001
[ 59.225580][ T5072] RBP: 0000000002000000 R08: 0000000000000001 R09: 0000000000000000
[ 59.233617][ T5072] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888069a454d0
[ 59.241671][ T5072] R13: ffff888069a462a8 R14: ffff888077a60e20 R15: 0000000000000000
[ 59.249670][ T5072] FS: 00005555570ca380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 59.258660][ T5072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 59.265304][ T5072] CR2: 0000000020000040 CR3: 0000000027470000 CR4: 0000000000350ef0
[ 59.273320][ T5072] Call Trace:
[ 59.276604][ T5072] <TASK>
[ 59.279525][ T5072] ? show_regs+0x8f/0xa0
[ 59.283836][ T5072] ? __warn+0xe6/0x390
[ 59.287949][ T5072] ? __wake_up_klogd.part.0+0x99/0xf0
[ 59.293424][ T5072] ? ieee80211_link_info_change_notify+0x215/0x340
[ 59.299991][ T5072] ? report_bug+0x3bc/0x580
[ 59.304502][ T5072] ? handle_bug+0x3d/0x70
[ 59.308824][ T5072] ? exc_invalid_op+0x17/0x40
[ 59.313549][ T5072] ? asm_exc_invalid_op+0x1a/0x20
[ 59.318590][ T5072] ? __warn_printk+0x199/0x350
[ 59.323422][ T5072] ? __warn_printk+0x1a6/0x350
[ 59.328219][ T5072] ? ieee80211_link_info_change_notify+0x215/0x340
[ 59.334776][ T5072] ieee80211_set_mcast_rate+0x42/0x50
[ 59.340210][ T5072] ? ieee80211_copy_rnr_beacon+0x280/0x280
[ 59.346009][ T5072] nl80211_set_mcast_rate+0x339/0x580
[ 59.351427][ T5072] ? nl80211_nan_del_func+0x510/0x510
[ 59.356829][ T5072] ? nl80211_pre_doit+0x1b0/0xb10
[ 59.361923][ T5072] genl_family_rcv_msg_doit+0x1fc/0x2e0
[ 59.367500][ T5072] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 59.374949][ T5072] ? ns_capable+0xd5/0x110
[ 59.379417][ T5072] genl_rcv_msg+0x561/0x800
[ 59.384039][ T5072] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0
[ 59.389996][ T5072] ? lockdep_hardirqs_on_prepare+0x420/0x420
[ 59.395973][ T5072] ? cfg80211_crit_proto_stopped+0x490/0x490
[ 59.402006][ T5072] ? nl80211_nan_del_func+0x510/0x510
[ 59.407404][ T5072] ? nl80211_get_power_save+0x480/0x480
[ 59.412997][ T5072] ? lockdep_hardirqs_on_prepare+0x420/0x420
[ 59.419016][ T5072] netlink_rcv_skb+0x16b/0x440
[ 59.423840][ T5072] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0
[ 59.429760][ T5072] ? netlink_ack+0x1380/0x1380
[ 59.434579][ T5072] ? down_read+0xc9/0x330
[ 59.439028][ T5072] ? rwsem_down_read_slowpath+0xb20/0xb20
[ 59.444823][ T5072] ? netlink_deliver_tap+0x1a0/0xd00
[ 59.450171][ T5072] ? _copy_from_iter+0x2c1/0x10f0
[ 59.455190][ T5072] genl_rcv+0x28/0x40
[ 59.459161][ T5072] netlink_unicast+0x53b/0x810
[ 59.463993][ T5072] ? netlink_attachskb+0x880/0x880
[ 59.469117][ T5072] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 59.475044][ T5072] ? __phys_addr_symbol+0x30/0x70
[ 59.480183][ T5072] ? __check_object_size+0x323/0x730
[ 59.485512][ T5072] netlink_sendmsg+0x93c/0xe40
[ 59.490340][ T5072] ? netlink_unicast+0x810/0x810
[ 59.495317][ T5072] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 59.500676][ T5072] ? netlink_unicast+0x810/0x810
[ 59.505627][ T5072] __sock_sendmsg+0xd5/0x180
[ 59.510265][ T5072] ____sys_sendmsg+0x6ac/0x940
[ 59.515060][ T5072] ? copy_msghdr_from_user+0x10b/0x160
[ 59.520565][ T5072] ? kernel_sendmsg+0x50/0x50
[ 59.525260][ T5072] ? hlock_class+0x4e/0x130
[ 59.529763][ T5072] ___sys_sendmsg+0x135/0x1d0
[ 59.534490][ T5072] ? do_recvmmsg+0x740/0x740
[ 59.539121][ T5072] ? recalc_sigpending_tsk+0x187/0x1d0
[ 59.544648][ T5072] ? __fget_light+0x1fc/0x260
[ 59.549347][ T5072] __sys_sendmsg+0x117/0x1e0
[ 59.553986][ T5072] ? __sys_sendmsg_sock+0x30/0x30
[ 59.559171][ T5072] ? ptrace_notify+0xf4/0x130
[ 59.563953][ T5072] ? syscall_trace_enter.constprop.0+0xaf/0x1e0
[ 59.570270][ T5072] do_syscall_64+0x40/0x110
[ 59.574799][ T5072] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 59.580741][ T5072] RIP: 0033:0x7f2b9b315429
[ 59.585170][ T5072] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 59.604825][ T5072] RSP: 002b:00007ffd193afb78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 59.613272][ T5072] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2b9b315429
[ 59.621344][ T5072] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[ 59.629343][ T5072] RBP: 0000000000000000 R08: 0000000c00000000 R09: 0000000c00000000
[ 59.637384][ T5072] R10: 0000000c00000000 R11: 0000000000000246 R12: 0000000000000000
[ 59.645765][ T5072] R13: 0000000000000000 R14: 00007ffd193afbe0 R15: 00007ffd193afbd0
[ 59.653773][ T5072] </TASK>
[ 59.656782][ T5072] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 59.664042][ T5072] CPU: 0 PID: 5072 Comm: syz-executor142 Not tainted 6.7.0-rc6-syzkaller-00303-g3f82f1c3a036 #0
[ 59.674436][ T5072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[ 59.684652][ T5072] Call Trace:
[ 59.687920][ T5072] <TASK>
[ 59.690841][ T5072] dump_stack_lvl+0xd9/0x1b0
[ 59.695426][ T5072] panic+0x6dc/0x790
[ 59.699309][ T5072] ? panic_smp_self_stop+0xa0/0xa0
[ 59.704408][ T5072] ? show_trace_log_lvl+0x363/0x4f0
[ 59.709601][ T5072] ? check_panic_on_warn+0x1f/0xb0
[ 59.714726][ T5072] ? ieee80211_link_info_change_notify+0x215/0x340
[ 59.721242][ T5072] check_panic_on_warn+0xab/0xb0
[ 59.726191][ T5072] __warn+0xf2/0x390
[ 59.730113][ T5072] ? __wake_up_klogd.part.0+0x99/0xf0
[ 59.735476][ T5072] ? ieee80211_link_info_change_notify+0x215/0x340
[ 59.741966][ T5072] report_bug+0x3bc/0x580
[ 59.746288][ T5072] handle_bug+0x3d/0x70
[ 59.750435][ T5072] exc_invalid_op+0x17/0x40
[ 59.754929][ T5072] asm_exc_invalid_op+0x1a/0x20
[ 59.759765][ T5072] RIP: 0010:ieee80211_link_info_change_notify+0x215/0x340
[ 59.766869][ T5072] Code: e8 c0 fe 97 f7 48 8b 74 24 08 48 89 74 24 08 e8 b1 fe 97 f7 8b 54 24 04 48 c7 c7 00 d0 0b 8c 48 8b 74 24 08 e8 4c 40 5e f7 90 <0f> 0b 90 90 e8 92 fe 97 f7 4c 89 e2 48 b8 00 00 00 00 00 fc ff df
[ 59.786473][ T5072] RSP: 0018:ffffc900042a7450 EFLAGS: 00010286
[ 59.792531][ T5072] RAX: 0000000000000000 RBX: ffff888069a44c80 RCX: ffffffff814db519
[ 59.800491][ T5072] RDX: ffff888016e93b80 RSI: ffffffff814db526 RDI: 0000000000000001
[ 59.808453][ T5072] RBP: 0000000002000000 R08: 0000000000000001 R09: 0000000000000000
[ 59.816415][ T5072] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888069a454d0
[ 59.824375][ T5072] R13: ffff888069a462a8 R14: ffff888077a60e20 R15: 0000000000000000
[ 59.832341][ T5072] ? __warn_printk+0x199/0x350
[ 59.837106][ T5072] ? __warn_printk+0x1a6/0x350
[ 59.841875][ T5072] ieee80211_set_mcast_rate+0x42/0x50
[ 59.847246][ T5072] ? ieee80211_copy_rnr_beacon+0x280/0x280
[ 59.853051][ T5072] nl80211_set_mcast_rate+0x339/0x580
[ 59.858421][ T5072] ? nl80211_nan_del_func+0x510/0x510
[ 59.863793][ T5072] ? nl80211_pre_doit+0x1b0/0xb10
[ 59.868814][ T5072] genl_family_rcv_msg_doit+0x1fc/0x2e0
[ 59.874358][ T5072] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 59.881732][ T5072] ? ns_capable+0xd5/0x110
[ 59.886149][ T5072] genl_rcv_msg+0x561/0x800
[ 59.890649][ T5072] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0
[ 59.896535][ T5072] ? lockdep_hardirqs_on_prepare+0x420/0x420
[ 59.902514][ T5072] ? cfg80211_crit_proto_stopped+0x490/0x490
[ 59.908487][ T5072] ? nl80211_nan_del_func+0x510/0x510
[ 59.913858][ T5072] ? nl80211_get_power_save+0x480/0x480
[ 59.919406][ T5072] ? lockdep_hardirqs_on_prepare+0x420/0x420
[ 59.925390][ T5072] netlink_rcv_skb+0x16b/0x440
[ 59.930146][ T5072] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0
[ 59.936034][ T5072] ? netlink_ack+0x1380/0x1380
[ 59.940797][ T5072] ? down_read+0xc9/0x330
[ 59.945119][ T5072] ? rwsem_down_read_slowpath+0xb20/0xb20
[ 59.950852][ T5072] ? netlink_deliver_tap+0x1a0/0xd00
[ 59.956139][ T5072] ? _copy_from_iter+0x2c1/0x10f0
[ 59.961166][ T5072] genl_rcv+0x28/0x40
[ 59.965142][ T5072] netlink_unicast+0x53b/0x810
[ 59.969899][ T5072] ? netlink_attachskb+0x880/0x880
[ 59.975003][ T5072] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 59.980894][ T5072] ? __phys_addr_symbol+0x30/0x70
[ 59.985916][ T5072] ? __check_object_size+0x323/0x730
[ 59.991197][ T5072] netlink_sendmsg+0x93c/0xe40
[ 59.995960][ T5072] ? netlink_unicast+0x810/0x810
[ 60.000898][ T5072] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 60.006181][ T5072] ? netlink_unicast+0x810/0x810
[ 60.011108][ T5072] __sock_sendmsg+0xd5/0x180
[ 60.015699][ T5072] ____sys_sendmsg+0x6ac/0x940
[ 60.020456][ T5072] ? copy_msghdr_from_user+0x10b/0x160
[ 60.025913][ T5072] ? kernel_sendmsg+0x50/0x50
[ 60.030586][ T5072] ? hlock_class+0x4e/0x130
[ 60.035097][ T5072] ___sys_sendmsg+0x135/0x1d0
[ 60.039779][ T5072] ? do_recvmmsg+0x740/0x740
[ 60.044385][ T5072] ? recalc_sigpending_tsk+0x187/0x1d0
[ 60.049836][ T5072] ? __fget_light+0x1fc/0x260
[ 60.054601][ T5072] __sys_sendmsg+0x117/0x1e0
[ 60.059190][ T5072] ? __sys_sendmsg_sock+0x30/0x30
[ 60.064226][ T5072] ? ptrace_notify+0xf4/0x130
[ 60.068898][ T5072] ? syscall_trace_enter.constprop.0+0xaf/0x1e0
[ 60.075138][ T5072] do_syscall_64+0x40/0x110
[ 60.079640][ T5072] entry_SYSCALL_64_after_hwframe+0x63/0x6b
[ 60.085525][ T5072] RIP: 0033:0x7f2b9b315429
[ 60.089930][ T5072] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 60.109533][ T5072] RSP: 002b:00007ffd193afb78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 60.117941][ T5072] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2b9b315429
[ 60.125908][ T5072] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[ 60.133871][ T5072] RBP: 0000000000000000 R08: 0000000c00000000 R09: 0000000c00000000
[ 60.141859][ T5072] R10: 0000000c00000000 R11: 0000000000000246 R12: 0000000000000000
[ 60.149832][ T5072] R13: 0000000000000000 R14: 00007ffd193afbe0 R15: 00007ffd193afbd0
[ 60.157817][ T5072] </TASK>
[ 60.161074][ T5072] Kernel Offset: disabled
[ 60.165467][ T5072] Rebooting in 86400 seconds..