WARNING in __rate_control_send

WARNING in __rate_control_send_low
Status: upstream: reported C repro on 2020/10/14 12:01
Reported-by: syzbot+fdc5123366fb9c3fdc6d@syzkaller.appspotmail.com
First crash: 470d, last: 5d09h

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: WARNING in __rate_control_send_low (log)
Repro: C syz .config

similar bugs (2):
Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
linux-4.14	WARNING in __rate_control_send_low	C			4	9d08h	475d	0/1	upstream: reported C repro on 2020/10/08 02:03
linux-4.19	WARNING in __rate_control_send_low	C			118	2d21h	464d	0/1	upstream: reported C repro on 2020/10/19 12:45

Sample crash report:

------------[ cut here ]------------
no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
WARNING: CPU: 0 PID: 0 at net/mac80211/rate.c:371 __rate_control_send_low+0x6aa/0x7e0 net/mac80211/rate.c:371
Modules linked in:
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.16.0-rc8-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__rate_control_send_low+0x6aa/0x7e0 net/mac80211/rate.c:371
Code: 18 48 89 44 24 18 e8 f5 fa e1 f8 44 8b 44 24 2c 45 89 e9 44 89 e1 48 8b 74 24 18 44 89 f2 48 c7 c7 40 76 cd 8a e8 22 d9 6a 00 <0f> 0b e9 36 fd ff ff e8 0a ba 28 f9 e9 03 fe ff ff 48 89 df e8 cd
RSP: 0018:ffffc900000079f8 EFLAGS: 00010286
RAX: 0000000000000000 RBX: ffff888019d998e8 RCX: 0000000000000000
RDX: ffffffff8b8bc6c0 RSI: ffffffff815f0948 RDI: fffff52000000f31
RBP: ffff888147883308 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff815ea6ee R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 00000000ffffffff R15: ffff888147880da0
FS:  0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fea9b5f4b98 CR3: 000000007574d000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 rate_control_send_low+0x29e/0x830 net/mac80211/rate.c:396
 rate_control_get_rate+0x1b9/0x5a0 net/mac80211/rate.c:908
 ieee80211_beacon_get_finish+0x427/0x5c0 net/mac80211/tx.c:5037
 __ieee80211_beacon_get+0x74b/0x15d0 net/mac80211/tx.c:5158
 ieee80211_beacon_get_tim+0x88/0x930 net/mac80211/tx.c:5226
 ieee80211_beacon_get include/net/mac80211.h:4992 [inline]
 mac80211_hwsim_beacon_tx+0x111/0x920 drivers/net/wireless/mac80211_hwsim.c:1808
 __iterate_interfaces+0x1e5/0x560 net/mac80211/util.c:793
 ieee80211_iterate_active_interfaces_atomic+0x70/0x180 net/mac80211/util.c:829
 mac80211_hwsim_beacon+0xcd/0x1c0 drivers/net/wireless/mac80211_hwsim.c:1861
 __run_hrtimer kernel/time/hrtimer.c:1685 [inline]
 __hrtimer_run_queues+0x609/0xe50 kernel/time/hrtimer.c:1749
 hrtimer_run_softirq+0x17b/0x360 kernel/time/hrtimer.c:1766
 __do_softirq+0x29b/0x9c2 kernel/softirq.c:558
 invoke_softirq kernel/softirq.c:432 [inline]
 __irq_exit_rcu+0x123/0x180 kernel/softirq.c:637
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:649
 sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1097
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:29 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:70 [inline]
RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:132 [inline]
RIP: 0010:acpi_safe_halt drivers/acpi/processor_idle.c:110 [inline]
RIP: 0010:acpi_idle_do_entry+0x1c6/0x250 drivers/acpi/processor_idle.c:553
Code: 89 de e8 0d be 30 f8 84 db 75 ac e8 24 ba 30 f8 e8 0f fa 36 f8 eb 0c e8 18 ba 30 f8 0f 00 2d 01 44 ca 00 e8 0c ba 30 f8 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 87 bc 30 f8 48 85 db
RSP: 0018:ffffffff8b807d60 EFLAGS: 00000293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffffffff8b8bc6c0 RSI: ffffffff8946d824 RDI: 0000000000000000
RBP: ffff88801599b064 R08: 0000000000000001 R09: 0000000000000001
R10: ffffffff817dd258 R11: 0000000000000000 R12: 0000000000000001
R13: ffff88801599b000 R14: ffff88801599b064 R15: ffff88801823c804
 acpi_idle_enter+0x361/0x500 drivers/acpi/processor_idle.c:688
 cpuidle_enter_state+0x1b1/0xc80 drivers/cpuidle/cpuidle.c:237
 cpuidle_enter+0x4a/0xa0 drivers/cpuidle/cpuidle.c:351
 call_cpuidle kernel/sched/idle.c:158 [inline]
 cpuidle_idle_call kernel/sched/idle.c:239 [inline]
 do_idle+0x3e8/0x590 kernel/sched/idle.c:306
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:403
 start_kernel+0x47a/0x49b init/main.c:1135
 secondary_startup_64_no_verify+0xb0/0xbb
 </TASK>
----------------
Code disassembly (best guess):
   0:	89 de                	mov    %ebx,%esi
   2:	e8 0d be 30 f8       	callq  0xf830be14
   7:	84 db                	test   %bl,%bl
   9:	75 ac                	jne    0xffffffb7
   b:	e8 24 ba 30 f8       	callq  0xf830ba34
  10:	e8 0f fa 36 f8       	callq  0xf836fa24
  15:	eb 0c                	jmp    0x23
  17:	e8 18 ba 30 f8       	callq  0xf830ba34
  1c:	0f 00 2d 01 44 ca 00 	verw   0xca4401(%rip)        # 0xca4424
  23:	e8 0c ba 30 f8       	callq  0xf830ba34
  28:	fb                   	sti
  29:	f4                   	hlt
* 2a:	9c                   	pushfq <-- trapping instruction
  2b:	5b                   	pop    %rbx
  2c:	81 e3 00 02 00 00    	and    $0x200,%ebx
  32:	fa                   	cli
  33:	31 ff                	xor    %edi,%edi
  35:	48 89 de             	mov    %rbx,%rsi
  38:	e8 87 bc 30 f8       	callq  0xf830bcc4
  3d:	48 85 db             	test   %rbx,%rbx

Crashes (331):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce	2022/01/04 15:05	upstream	c9e6606c7fe9	7f723fbe	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/07/24 22:46	upstream	f0fddcec6b62	4d1b57d4	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/04/01 18:36	upstream	d19cc4bfbff1	6a81331a	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce-smack-root	2021/02/19 08:14	upstream	f40ddce88593	14052202	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce-root	2021/02/15 08:22	upstream	f40ddce88593	98682e5e	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce-smack-root	2021/02/09 11:23	upstream	e0756cfc7d7c	2bd9619f	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce-root	2021/01/31 18:25	upstream	6642d600b541	fc9fd31e	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce	2021/01/26 22:42	upstream	13391c60da33	55a7d4df	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2021/07/02 04:17	linux-next	a1f92694393a	658ebc66	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2021/04/17 14:50	linux-next	1216f02e46a4	7e2b734b	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2021/04/07 05:43	linux-next	9c54130cd255	6a81331a	.config	log	report	syz	C		WARNING in __rate_control_send_low
ci-upstream-kasan-gce	2020/12/03 22:04	upstream	34816d20f173	e6b0d314	.config	log	report	syz	C
ci-upstream-kasan-gce	2020/11/28 07:59	upstream	99c710c46dfc	486f93ef	.config	log	report	syz	C
ci-upstream-kasan-gce-386	2020/11/25 02:15	upstream	80145ac2f739	e34b696c	.config	log	report	syz	C
ci-upstream-kasan-gce-selinux-root	2021/04/02 10:26	upstream	ffd9fb546d49	6a81331a	.config	log	report	syz			WARNING in __rate_control_send_low
ci-upstream-kasan-gce-smack-root	2021/02/19 14:16	upstream	f40ddce88593	14052202	.config	log	report	syz			WARNING in __rate_control_send_low
ci-upstream-kasan-gce-root	2021/02/15 17:52	upstream	f40ddce88593	98682e5e	.config	log	report	syz			WARNING in __rate_control_send_low
ci-upstream-kasan-gce-smack-root	2021/02/01 04:28	upstream	6642d600b541	fc9fd31e	.config	log	report	syz			WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2021/04/07 11:21	linux-next	9c54130cd255	6a81331a	.config	log	report	syz			WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2021/03/23 05:01	linux-next	e3128d2f068e	8092f30d	.config	log	report	syz			WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2022/01/13 22:06	upstream	455e73a07f6e	b8d780ab	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-smack-root	2022/01/12 11:01	upstream	daadb3bd0e8d	44d1319a	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2022/01/10 22:16	upstream	133d9c53c9dc	ddb0ab8c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2022/01/10 19:54	upstream	133d9c53c9dc	ddb0ab8c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-smack-root	2022/01/09 14:04	upstream	4634129ad9fd	2ca0d385	.config	log	report			info	WARNING in __rate_control_send_low
ci-qemu-upstream	2022/01/03 15:05	upstream	c9e6606c7fe9	4a3f34f2	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce	2022/01/01 20:31	upstream	800829388818	e1768e9c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2022/01/01 10:23	upstream	800829388818	e1768e9c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-root	2021/12/16 15:45	upstream	2b14864acbaa	8dd6a5e3	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/12/08 12:39	upstream	2a987e65025e	a4a2a501	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/12/06 11:00	upstream	0fcfb00b28c0	579a8754	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/12/02 22:53	upstream	a51e3ac43ddb	61f86278	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/12/01 09:47	upstream	58e1100fdc59	5fa3eacc	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-smack-root	2021/11/30 21:14	upstream	f080815fdb3e	80270552	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/11/30 11:24	upstream	d58071a8a76d	80270552	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-root	2021/11/29 16:31	upstream	d58071a8a76d	d0830353	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-selinux-root	2021/11/29 15:17	upstream	d58071a8a76d	d0830353	.config	log	report			info	WARNING in __rate_control_send_low
ci-qemu-upstream-386	2022/01/21 05:42	upstream	2c271fe77d52	ab3d9f17	.config	log	report			info	WARNING in __rate_control_send_low
ci-qemu-upstream-386	2022/01/10 04:23	upstream	df0cc57e057f	2ca0d385	.config	log	report			info	WARNING in __rate_control_send_low
ci-qemu-upstream-386	2021/12/04 16:36	upstream	12119cfa1052	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-qemu-upstream-386	2021/12/01 02:03	upstream	f080815fdb3e	80270552	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce-386	2021/11/04 19:05	upstream	7ddb58cb0eca	4c1be0be	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2022/01/15 02:12	net	fb80445c438c	53e00b45	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2022/01/14 15:40	net	fb80445c438c	53e00b45	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2022/01/14 07:34	net	20c9398d3309	b8d780ab	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2022/01/13 03:55	net	2716a5271d54	44d1319a	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2022/01/12 05:43	net	29b3881b7977	44d1319a	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2022/01/10 17:52	net	dd3ca4c5184e	ddb0ab8c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2021/12/31 13:08	net	74c78b4291b4	36bd2e48	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2021/12/22 03:20	net	1c15b05baea7	6caa12e4	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-this-kasan-gce	2021/11/29 07:51	net	c5c17547b778	63eeac02	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2022/01/13 18:03	net-next	fe8152b38d3a	44d1319a	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2022/01/11 08:14	net-next	fe8152b38d3a	1884f55a	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2022/01/05 15:27	net-next	c5bcdd8228d8	6acc789a	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/10 01:37	net-next	3150a73366b6	4d4ce9bc	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/06 15:18	net-next	ce83278f313c	579a8754	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/06 07:27	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/06 06:06	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/05 21:01	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/05 17:28	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/05 13:58	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/05 05:58	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/05 03:39	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/04 20:10	net-next	ce83278f313c	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/12/04 01:42	net-next	bb14bfc7eb92	a617004c	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/11/30 04:06	net-next	09ae03e2fc9d	d0830353	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-net-kasan-gce	2021/11/29 05:55	net-next	d40ce48cb3a6	63eeac02	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2022/01/12 13:47	linux-next	32ce2abb03cf	44d1319a	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2021/12/23 12:19	linux-next	79f063d60c8c	6caa12e4	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-linux-next-kasan-gce-root	2021/12/01 03:17	linux-next	f81e94e91878	80270552	.config	log	report			info	WARNING in __rate_control_send_low
ci-upstream-kasan-gce	2020/10/12 16:40	upstream	bbf5c979011a	d32b0bbf	.config	log	report			info
ci-upstream-net-kasan-gce	2021/01/11 05:02	net-next	73b7a6047971	2c1f2513	.config	log	report			info