wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
------------[ cut here ]------------
no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
WARNING: CPU: 0 PID: 298622 at net/mac80211/rate.c:375 __rate_control_send_low+0x4be/0x680 net/mac80211/rate.c:375
Modules linked in:
CPU: 0 PID: 298622 Comm: syz-executor.0 Not tainted 5.10.78 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:__rate_control_send_low+0x4be/0x680 net/mac80211/rate.c:375
Code: 14 48 89 44 24 18 e8 f1 61 90 fd 44 8b 44 24 2c 45 89 e9 44 89 e1 48 8b 74 24 18 44 89 f2 48 c7 c7 00 1b 75 84 e8 eb d5 1c 00 <0f> 0b e9 29 fe ff ff e8 c6 61 90 fd 48 8b 44 24 10 48 8d 78 7f 48
RSP: 0018:ffff88806ce08db8 EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff88800dded7a8 RCX: 0000000000000000
RDX: ffff888030bb9940 RSI: ffffffff81290d43 RDI: ffffed100d9c11a9
RBP: ffff888031bdb1e8 R08: 0000000000000001 R09: ffff88806ce2fb4f
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000
FS: 00007fe19b695700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe19e22f000 CR3: 000000003bdfe000 CR4: 0000000000350ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
rate_control_send_low+0x1f5/0x600 net/mac80211/rate.c:400
rate_control_get_rate+0x18b/0x510 net/mac80211/rate.c:913
ieee80211_tx_h_rate_ctrl+0x956/0x1650 net/mac80211/tx.c:753
invoke_tx_handlers_early+0xb23/0x2520 net/mac80211/tx.c:1788
ieee80211_tx+0x244/0x410 net/mac80211/tx.c:1930
ieee80211_xmit+0x222/0x2b0 net/mac80211/tx.c:2030
__ieee80211_subif_start_xmit+0x748/0xc30 net/mac80211/tx.c:4060
ieee80211_subif_start_xmit+0x126/0xf40 net/mac80211/tx.c:4196
__netdev_start_xmit include/linux/netdevice.h:4776 [inline]
netdev_start_xmit include/linux/netdevice.h:4790 [inline]
xmit_one net/core/dev.c:3582 [inline]
dev_hard_start_xmit+0x1ba/0x800 net/core/dev.c:3598
sch_direct_xmit+0x262/0x780 net/sched/sch_generic.c:336
qdisc_restart net/sched/sch_generic.c:401 [inline]
__qdisc_run+0x4b3/0x1640 net/sched/sch_generic.c:409
qdisc_run include/net/pkt_sched.h:127 [inline]
qdisc_run include/net/pkt_sched.h:124 [inline]
__dev_xmit_skb net/core/dev.c:3774 [inline]
__dev_queue_xmit+0xd9a/0x27f0 net/core/dev.c:4128
neigh_resolve_output net/core/neighbour.c:1497 [inline]
neigh_resolve_output+0x511/0x820 net/core/neighbour.c:1477
neigh_output include/net/neighbour.h:510 [inline]
ip6_finish_output2+0xc3f/0x22c0 net/ipv6/ip6_output.c:145
__ip6_finish_output.part.0+0x4fc/0xb60 net/ipv6/ip6_output.c:210
__ip6_finish_output include/linux/skbuff.h:964 [inline]
ip6_finish_output net/ipv6/ip6_output.c:220 [inline]
NF_HOOK_COND include/linux/netfilter.h:290 [inline]
ip6_output+0x47b/0xb80 net/ipv6/ip6_output.c:243
dst_output include/net/dst.h:443 [inline]
NF_HOOK include/linux/netfilter.h:301 [inline]
NF_HOOK.constprop.0+0x10a/0x4e0 include/linux/netfilter.h:295
mld_sendpack+0x609/0xc20 net/ipv6/mcast.c:1676
mld_send_cr net/ipv6/mcast.c:1972 [inline]
mld_ifc_timer_expire+0x609/0xf10 net/ipv6/mcast.c:2471
call_timer_fn+0x182/0x580 kernel/time/timer.c:1414
expire_timers kernel/time/timer.c:1459 [inline]
__run_timers.part.0+0x666/0x9d0 kernel/time/timer.c:1750
__run_timers kernel/time/timer.c:1731 [inline]
run_timer_softirq+0x80/0x120 kernel/time/timer.c:1763
__do_softirq+0x1b6/0x86a kernel/softirq.c:298
asm_call_irq_on_stack+0x12/0x20
__run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline]
run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline]
do_softirq_own_stack+0x80/0xa0 arch/x86/kernel/irq_64.c:77
invoke_softirq kernel/softirq.c:393 [inline]
__irq_exit_rcu kernel/softirq.c:423 [inline]
irq_exit_rcu+0x110/0x1a0 kernel/softirq.c:435
sysvec_apic_timer_interrupt+0x43/0xa0 arch/x86/kernel/apic/apic.c:1095
asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:635
RIP: 0010:get_current arch/x86/include/asm/current.h:15 [inline]
RIP: 0010:debug_check_no_locks_freed+0x2e/0x190 kernel/locking/lockdep.c:6326
Code: c0 bc 42 47 85 48 ba 00 00 00 00 00 fc ff df 41 56 48 89 c1 83 e0 07 49 89 f6 41 55 48 c1 e9 03 83 c0 03 41 54 49 89 fc 55 53 <65> 4c 8b 2c 25 80 ef 01 00 48 83 ec 08 0f b6 14 11 38 d0 7c 08 84
RSP: 0018:ffff888043f0fcd8 EFLAGS: 00000202
RAX: 0000000000000007 RBX: ffff888035080168 RCX: 1ffffffff0a8e857
RDX: dffffc0000000000 RSI: 0000000000000040 RDI: ffff888035080168
RBP: ffffffff84695e00 R08: 0000000000000002 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888035080168
R13: 0000000000000002 R14: 0000000000000040 R15: 0000000000000000
__raw_spin_lock_init+0x1c/0x110 kernel/locking/spinlock_debug.c:23
skb_queue_head_init include/linux/skbuff.h:1883 [inline]
sk_init_common+0x17c/0x620 net/core/sock.c:1859
sock_init_data+0x1b/0xcd0 net/core/sock.c:2974
__netlink_create+0x7f/0x2c0 net/netlink/af_netlink.c:639
netlink_create+0x3ac/0x5e0 net/netlink/af_netlink.c:698
__sock_create+0x355/0x760 net/socket.c:1416
sock_create net/socket.c:1467 [inline]
__sys_socket+0xef/0x200 net/socket.c:1509
__do_sys_socket net/socket.c:1518 [inline]
__se_sys_socket net/socket.c:1516 [inline]
__x64_sys_socket+0x6e/0xb0 net/socket.c:1516
do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7fe19e121197
Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fe19b6940c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029
RAX: ffffffffffffffda RBX: 00007fe19e232f60 RCX: 00007fe19e121197
RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
RBP: 00007fe19e179f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000000
R13: 0000000000000036 R14: 00000000200000c0 R15: 0000000000022000
irq event stamp: 5296
hardirqs last enabled at (5306): [] console_unlock+0x926/0xb30 kernel/printk/printk.c:2552
hardirqs last disabled at (5315): [] console_unlock+0x832/0xb30 kernel/printk/printk.c:2467
softirqs last enabled at (3808): [] read_pnet include/net/net_namespace.h:337 [inline]
softirqs last enabled at (3808): [] sock_net include/net/sock.h:2552 [inline]
softirqs last enabled at (3808): [] netlink_release+0xd2e/0x1c70 net/netlink/af_netlink.c:805
softirqs last disabled at (3973): [] asm_call_irq_on_stack+0x12/0x20
---[ end trace 4a46a5c6056d3902 ]---
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=299048 comm=syz-executor.0
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
----------------
Code disassembly (best guess), 5 bytes skipped:
0: 48 ba 00 00 00 00 00 movabs $0xdffffc0000000000,%rdx
7: fc ff df
a: 41 56 push %r14
c: 48 89 c1 mov %rax,%rcx
f: 83 e0 07 and $0x7,%eax
12: 49 89 f6 mov %rsi,%r14
15: 41 55 push %r13
17: 48 c1 e9 03 shr $0x3,%rcx
1b: 83 c0 03 add $0x3,%eax
1e: 41 54 push %r12
20: 49 89 fc mov %rdi,%r12
23: 55 push %rbp
24: 53 push %rbx
* 25: 65 4c 8b 2c 25 80 ef mov %gs:0x1ef80,%r13 <-- trapping instruction
2c: 01 00
2e: 48 83 ec 08 sub $0x8,%rsp
32: 0f b6 14 11 movzbl (%rcx,%rdx,1),%edx
36: 38 d0 cmp %dl,%al
38: 7c 08 jl 0x42
3a: 84 .byte 0x84