program: socket$kcm(0xa, 0x3, 0x3a) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) eventfd(0x0) pipe2$9p(&(0x7f0000000240), 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r0 = io_uring_setup(0x18ef, &(0x7f0000000000)={0x0, 0x0, 0x40}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff], 0x37) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$FUSE_GETXATTR(r1, &(0x7f0000000100)={0x18, 0xffffffffffffffda, 0x0, {0x9}}, 0x18) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000080)=[0xffffffffffffffff]}, 0x3) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) socket$igmp(0x2, 0x3, 0x2) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000010c0)={0x3d8, r4, 0x5, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {0x3}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_TX_RATES={0x384, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x4, 0x6, 0x18, 0x3, 0x18, 0x55, 0x60, 0x5, 0x36, 0x60, 0x1b, 0x12, 0x16, 0x18, 0x16, 0x48, 0x1, 0x1, 0x6c, 0x4, 0x60, 0x9, 0x4, 0x12, 0x30, 0xc, 0x24]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xd580, 0x9, 0x4, 0x401, 0xaa8f, 0x5, 0x10, 0xb]}}]}, @NL80211_BAND_2GHZ={0xc0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x1b, 0x24, 0x6, 0x33, 0x1, 0x6c, 0x3b, 0xb, 0x60]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x0, 0x66c, 0x2, 0xff01, 0x471f, 0xc, 0xfffb]}}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x48, 0x1, 0x24, 0x6c, 0x60, 0xc, 0x3, 0xb, 0x12, 0x6, 0x16, 0x1, 0x30, 0x18, 0x6c, 0x16, 0x16, 0x2, 0xb]}, @NL80211_TXRATE_HT={0x49, 0x2, [{0x4, 0x3}, {0x5, 0x8}, {0x7, 0xa}, {}, {0x7}, {0x6, 0x7}, {0x0, 0x6}, {0x0, 0x5}, {0x7, 0x8}, {0x3, 0x4}, {0x0, 0x16}, {0x2, 0x4}, {0x3, 0xa}, {0x0, 0x8}, {0x7, 0x1}, {0x5, 0xa}, {0x5, 0x3}, {0x4}, {0x1, 0x2}, {0x4, 0x3}, {0x3, 0x1}, {0x7, 0x7}, {0x1, 0x1}, {0x4, 0x9}, {0x0, 0x2}, {0x2, 0x1}, {0x1, 0x7}, {0x4, 0x4}, {0x1, 0x2}, {0x7, 0x1}, {0x7, 0x8}, {0x0, 0x3}, {0x6, 0x1}, {0x0, 0x2}, {0x7, 0x7}, {0x0, 0x8}, {0x2, 0x4}, {0x0, 0x1}, {0x1, 0x6}, {0x3, 0x7}, {0x1, 0x4}, {0x0, 0x9}, {0x1, 0x3}, {0x7, 0x5}, {0x6, 0x6}, {0x4, 0x1}, {0x0, 0x2}, {0x0, 0x3}, {0x4, 0x9}, {0x4, 0x3}, {0x0, 0x9}, {0x6, 0x9}, {0x3}, {0x0, 0x9}, {0x1, 0x9}, {0x6, 0x9}, {0x4, 0x1}, {0x7, 0x5}, {0x0, 0x9}, {0x7, 0x9}, {0x3, 0x8}, {0x5, 0x2}, {0x0, 0x5}, {0x2, 0x8}, {0x6, 0xa}, {0x7, 0x7}, {0x2, 0x5}, {0x7, 0x1}, {0x7, 0x5}]}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x30, 0xb, 0x4, 0x24, 0xb, 0x6, 0x6c, 0x16, 0x30, 0x12, 0x5, 0x1, 0x1b, 0xc, 0xd, 0x1b, 0x48]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7ff, 0x2, 0x101, 0x1, 0x5, 0x4, 0xba, 0xb]}}]}, @NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_5GHZ={0x80, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4a, 0x2, [{0x6, 0x1}, {0x5, 0x6}, {0x2, 0x7}, {0x6, 0x5}, {0x6}, {0x0, 0x5}, {0x2, 0x4}, {0x1}, {0x1, 0x8}, {0x7, 0xa}, {0x6, 0x1}, {0x3, 0x4}, {0x1}, {0x2, 0xa}, {0x0, 0x7}, {0x1, 0xa}, {0x7, 0x8}, {0x7, 0x6}, {0x7, 0x8}, {0x1, 0x5}, {0x6, 0x4}, {0x6, 0xa}, {0x5, 0x8}, {0x1, 0xa}, {}, {0x3, 0x4}, {0x0, 0x7}, {0x7, 0x8}, {0x3, 0x9}, {0x1, 0x5}, {0x1, 0x9}, {0x0, 0x7}, {0x5, 0x5}, {0x7, 0x9}, {0x3, 0x9}, {0x1, 0x6}, {0x6, 0x7}, {0x5, 0x3}, {0x0, 0x9}, {0x6, 0x7}, {0x0, 0xa}, {0x6, 0x2}, {0x3, 0x6}, {0x3, 0x7}, {0x4, 0x6}, {0x0, 0x9}, {0x2, 0x9}, {0x4, 0x2}, {0x7, 0x4}, {0x6, 0x5}, {0x4, 0x4}, {0x1, 0xa}, {0x2, 0x7}, {0x1, 0x6}, {0x0, 0x6}, {0x6, 0x6}, {0x5, 0xa}, {0x2, 0x9}, {0x0, 0x9}, {}, {0x7, 0x4}, {0x6, 0x3}, {0x2, 0x9}, {0x4, 0x1}, {0x7, 0x1}, {0x5, 0x1}, {0x0, 0x8}, {0x4, 0x3}, {0x1, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x100, 0x81, 0xd, 0x1000, 0xefbc, 0x9, 0xf931, 0x1]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x4}]}, @NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xfff8, 0x3ff, 0x0, 0x5, 0x81, 0x1, 0xfffa]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x8001, 0x8, 0x401, 0x9, 0xfffb, 0x0, 0xca]}}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x1, 0x12, 0x18, 0x36, 0x1b, 0x0, 0x60, 0x18, 0x4, 0x60]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x2, 0x4, 0x9, 0x3, 0x9, 0x0, 0x7]}}, @NL80211_TXRATE_HT={0x15, 0x2, [{0x5, 0x4}, {0x7, 0x5}, {0x1, 0x8}, {0x0, 0x9}, {0x1, 0x5}, {0x1, 0x2}, {0x1, 0x4}, {0x5, 0x3}, {0x7, 0x4}, {0x0, 0x9}, {0x5, 0x2}, {0x7, 0x9}, {0x4, 0x1}, {0x4, 0xa}, {0x4, 0x6}, {0x4, 0xa}, {0x6, 0x5}]}]}, @NL80211_BAND_2GHZ={0x1c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x6, 0x2, 0x8, 0x4, 0x6a13, 0x3, 0xb]}}, @NL80211_TXRATE_HT={0x4}]}, @NL80211_BAND_60GHZ={0x40, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x20, 0x1, [0x6c, 0x12, 0x6, 0x30, 0x30, 0x6, 0x5, 0x24, 0x2, 0x9, 0x6, 0x60, 0x4, 0xc, 0x24, 0x48, 0x6, 0x0, 0x16, 0x2, 0xb, 0x16, 0x60, 0x2, 0x12, 0x48, 0x24, 0x2]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x6c, 0x36, 0x1, 0x36, 0x6c, 0x24, 0x4, 0x16, 0xca, 0x1b, 0x48, 0x1, 0x57, 0x1, 0x4, 0x12, 0x18, 0x6c, 0x2, 0x944c1a600ad3639e, 0x24]}]}, @NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x21, 0x1, [0x5, 0x5, 0x4, 0x30, 0xb, 0x9, 0xb, 0x2, 0x24, 0x57, 0x3, 0x2, 0x3, 0xb, 0x9, 0x4, 0x30, 0xc, 0x1b, 0x48, 0x18, 0x24, 0x60, 0x16, 0x30, 0x6, 0x36, 0x6, 0x1]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x0, 0x81, 0x0, 0x7c, 0x3, 0x4, 0xfff7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x0, 0x8e64, 0x1, 0x9, 0xfffa, 0x77, 0xb8]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x533, 0x7, 0xb, 0x7, 0x9, 0x9, 0x2]}}]}, @NL80211_BAND_6GHZ={0xc4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xa, 0x1ff, 0x5f42, 0x7, 0x800, 0xd7, 0x0, 0x8]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x4, 0x2, 0x5, 0x6c, 0xc, 0xc]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x122, 0x49c0, 0x2308, 0x1, 0x8001, 0x100, 0x8]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x2e, 0x2, [{0x7, 0x2}, {0x1, 0x4}, {0x7, 0x2}, {0x3, 0x7}, {0x0, 0xa}, {0x4, 0x2}, {0x4, 0x3}, {0x3, 0x2}, {0x0, 0x3}, {0x6, 0xa}, {0x5, 0xa}, {0x5, 0xa}, {0x3, 0x6}, {0x5, 0x1}, {0x3}, {0x3, 0x5}, {0x5, 0x8}, {0x6, 0xa}, {0x7, 0x7}, {0x3, 0x9}, {0x0, 0x6}, {0x7, 0x4}, {0x1, 0x6}, {0x0, 0x1}, {0x5, 0x8}, {0x0, 0x5}, {0x2, 0x9}, {0x0, 0x6}, {0x4, 0xa}, {0x1, 0x7}, {0x6, 0x5}, {0x4, 0x7}, {0x0, 0x8}, {0x6, 0x9}, {0x7, 0xa}, {0x2, 0x2}, {0x7, 0x2}, {0x6, 0x9}, {0x0, 0x7}, {0x5, 0x1}, {0x3, 0x3}, {0x0, 0x5}]}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x2, 0xa}, {0x6}, {0x7, 0x1}, {0x3, 0x4}, {0x6, 0x6}, {0x6, 0xa}, {0x4, 0x6}, {0x7, 0x7}, {0x1, 0xa}, {0x1, 0x6}, {0x3, 0x7}, {0x0, 0xa}, {0x3, 0x8}, {0x5, 0x2}, {0x3, 0x8}, {0x6, 0x3}, {0x5, 0x4}, {0x0, 0xa}, {0x1, 0x8}, {0x5, 0x9}, {0x1, 0x3}, {0x3, 0xa}, {0x2, 0x9}, {0x0, 0x4}, {0x0, 0x2}, {0x4, 0x4}, {0x7, 0x5}, {0x1, 0x8}, {0x7, 0x8}, {0x6, 0x7}, {0x0, 0x2}, {0x1, 0x1}, {0x5}, {0x0, 0x9}, {0x4, 0xa}, {0x0, 0x9}, {0x7, 0x8}, {0x2, 0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x4, 0x6}, {0x3, 0x3}, {0x6, 0x8}, {0x3, 0x9}, {0x0, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x6}, {0x0, 0x7}, {0x6, 0x1}, {0x2}, {0x6, 0x5}, {0x1, 0x9}, {0x4, 0x5}, {0x6, 0x6}, {0x4, 0x5}, {0x6, 0x4}, {0x6, 0xa}, {0x3, 0x2}, {0x2, 0x4}, {0x5}, {0x7, 0x6}, {0x3, 0x5}, {0x1, 0x4}, {0x4, 0x6}, {0x4, 0x2}, {0x0, 0x2}, {0x7, 0x7}, {0x2, 0x1}, {0x2, 0x6}]}]}]}]}, 0x3d8}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)={0x3c, r8, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r11 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r11, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000740)=ANY=[@ANYBLOB="76563cc72e0d15714b15f5d6fb24c1d0d8b9a06c1d848eedadecc8f5a42417c68c46edc8a4816de1003cc09c57569521e9f5c9712182f28afec7ad3ba79d031fafc7b628b0dcc35cddce0416b0d84b5b6b47437dfc2949e2c6333e5d4c2ecd3e125d0b6a3cb3ab6dbb147aa61b3e762066204af612f1159a19c3a3f3c643d4dc6e41f6af296eee64c0d7828b301c6b92b9e902bc32e39e4d133431dbf85fe06341b39a0c0cd1b69fd12a83783bfcf39b3d23ebb21dc0fa097b2dda5f218171673f078ce9cf75b27cf77c01fba60a2960be40454da1ca886078461008e03d513b4e958018ef93c237632577ddb10d22e0f8ec81dfe9d8bb4c8ef4fee4dffa916e68e60a47ad8f6ad0f482e8efba4b84d36dc9b01a62c4eba7f9d8964f909aa0568e2503944decbc00f83a441df3693f899a0f99b3932d9890ba41010e4b474bca59", @ANYRES16=r10, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r12, @ANYBLOB="0a000600080211000001000028005080110001004abee33908f8eef16f162471f400000005000200000000000800030005ac0f00"], 0x50}}, 0x0) r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x6, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1802000020a000000000000000000000850000001700000095"], &(0x7f0000000140)='syzkaller\x00', 0x1}, 0x94) sendmsg$netlink(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000400)=ANY=[@ANYRESOCT=r4, @ANYRES32=r13, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="0500000000000000845d9c2ec8aa8c97f4f36293afcb1b9185bf7900c6f366f485f3746beb7b70754220772fcee717e8182a3d6a85e08a2b4688d1eccf643729b1b9627fefc80828369764ac24e6a3685a679505796cf64b8c55115e6d3195417642808396ca803ef4902358f32055229c0700000095d472f02639ecb39c91d8cc1d6bf4329bd8416f3ecda624d8b40aa01d0a03cfcb4a22d199383cb1193eec4622602ba82f009d1eaacb65af993c1adbf73a", @ANYRES32=r13, @ANYBLOB="08000100", @ANYRES32=r13, @ANYBLOB], 0x34}], 0x1}, 0x0) [ 74.422634][ T5296] Bluetooth: hci0: command tx timeout [ 74.486595][ T5317] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 74.513889][ T5317] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 74.540237][ T5317] ------------[ cut here ]------------ [ 74.542600][ T5317] WARNING: CPU: 0 PID: 5317 at net/mac80211/rate.c:53 rate_control_rate_init+0x64a/0x6e0 [ 74.547066][ T5317] Modules linked in: [ 74.549296][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 74.554412][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.558861][ T5317] RIP: 0010:rate_control_rate_init+0x64a/0x6e0 [ 74.561722][ T5317] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 72 cf 00 f7 90 0f 0b 90 eb e1 e8 67 cf 00 f7 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00 [ 74.569950][ T5317] RSP: 0018:ffffc9000d4c6f60 EFLAGS: 00010287 [ 74.572602][ T5317] RAX: ffffffff8abf43f9 RBX: ffff88803386c000 RCX: 0000000000100000 [ 74.575829][ T5317] RDX: ffffc9000e04a000 RSI: 000000000000034f RDI: 0000000000000350 [ 74.579331][ T5317] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8abf3f13 [ 74.582558][ T5317] R10: dffffc0000000000 R11: ffffed100670d831 R12: 1ffff1100670d80a [ 74.586284][ T5317] R13: ffff888041098e80 R14: 0000000000000001 R15: ffffffff8abf3f13 [ 74.590410][ T5317] FS: 00007fc16b9656c0(0000) GS:ffff88808d730000(0000) knlGS:0000000000000000 [ 74.594575][ T5317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.597427][ T5317] CR2: 00007fc16adb8558 CR3: 000000003ebd8000 CR4: 0000000000352ef0 [ 74.600834][ T5317] Call Trace: [ 74.602343][ T5317] [ 74.603677][ T5317] rate_control_rate_init_all_links+0x109/0x1a0 [ 74.606491][ T5317] sta_apply_auth_flags+0x1c2/0x400 [ 74.608821][ T5317] sta_apply_parameters+0xe27/0x1570 [ 74.611260][ T5317] ieee80211_add_station+0x424/0x6a0 [ 74.613669][ T5317] rdev_add_station+0x108/0x290 [ 74.615652][ T5317] nl80211_new_station+0x1755/0x1b70 [ 74.617967][ T5317] ? __pfx_nl80211_new_station+0x10/0x10 [ 74.620373][ T5317] ? netdev_run_todo+0xe1d/0xea0 [ 74.622653][ T5317] ? nl80211_pre_doit+0x4f1/0x930 [ 74.625315][ T5317] genl_family_rcv_msg_doit+0x215/0x300 [ 74.628111][ T5317] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 74.630845][ T5317] ? bpf_lsm_capable+0x9/0x20 [ 74.633508][ T5317] ? security_capable+0x7e/0x2e0 [ 74.636678][ T5317] genl_rcv_msg+0x60e/0x790 [ 74.639507][ T5317] ? __pfx_genl_rcv_msg+0x10/0x10 [ 74.642087][ T5317] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 74.644533][ T5317] ? __pfx_nl80211_new_station+0x10/0x10 [ 74.651483][ T5317] ? __pfx_nl80211_post_doit+0x10/0x10 [ 74.654213][ T5317] ? __asan_memcpy+0x40/0x70 [ 74.656346][ T5317] ? __pfx_ref_tracker_free+0x10/0x10 [ 74.658605][ T5317] netlink_rcv_skb+0x208/0x470 [ 74.660644][ T5317] ? __lock_acquire+0xab9/0xd20 [ 74.662757][ T5317] ? __pfx_genl_rcv_msg+0x10/0x10 [ 74.665257][ T5317] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 74.668007][ T5317] ? down_read+0x1ad/0x2e0 [ 74.670022][ T5317] genl_rcv+0x28/0x40 [ 74.671624][ T5317] netlink_unicast+0x82f/0x9e0 [ 74.673782][ T5317] ? __pfx_netlink_unicast+0x10/0x10 [ 74.676175][ T5317] ? netlink_sendmsg+0x642/0xb30 [ 74.678276][ T5317] ? skb_put+0x11b/0x210 [ 74.680353][ T5317] netlink_sendmsg+0x805/0xb30 [ 74.682638][ T5317] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.685574][ T5317] ? aa_sock_msg_perm+0xf1/0x1d0 [ 74.687960][ T5317] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 74.690410][ T5317] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.692781][ T5317] __sock_sendmsg+0x21c/0x270 [ 74.695136][ T5317] ____sys_sendmsg+0x505/0x830 [ 74.697863][ T5317] ? __pfx_____sys_sendmsg+0x10/0x10 [ 74.700771][ T5317] ? import_iovec+0x74/0xa0 [ 74.702967][ T5317] ___sys_sendmsg+0x21f/0x2a0 [ 74.705537][ T5317] ? __pfx____sys_sendmsg+0x10/0x10 [ 74.708087][ T5317] ? __fget_files+0x2a/0x420 [ 74.710280][ T5317] ? __fget_files+0x3a0/0x420 [ 74.712268][ T5317] __x64_sys_sendmsg+0x19b/0x260 [ 74.714347][ T5317] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 74.716840][ T5317] ? do_syscall_64+0xbe/0xfa0 [ 74.718865][ T5317] do_syscall_64+0xfa/0xfa0 [ 74.720861][ T5317] ? lockdep_hardirqs_on+0x9c/0x150 [ 74.723321][ T5317] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.726145][ T5317] ? clear_bhb_loop+0x60/0xb0 [ 74.728576][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.731391][ T5317] RIP: 0033:0x7fc16ab8f6c9 [ 74.733526][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.741063][ T5317] RSP: 002b:00007fc16b965038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.744166][ T5317] RAX: ffffffffffffffda RBX: 00007fc16ade5fa0 RCX: 00007fc16ab8f6c9 [ 74.747093][ T5317] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000011 [ 74.750324][ T5317] RBP: 00007fc16ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 74.753664][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.756899][ T5317] R13: 00007fc16ade6038 R14: 00007fc16ade5fa0 R15: 00007ffdaa8623f8 [ 74.760538][ T5317] [ 74.761963][ T5317] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 74.765138][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 74.769358][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.775141][ T5317] Call Trace: [ 74.776852][ T5317] [ 74.778283][ T5317] dump_stack_lvl+0x99/0x250 [ 74.780520][ T5317] ? __asan_memcpy+0x40/0x70 [ 74.782643][ T5317] ? __pfx_dump_stack_lvl+0x10/0x10 [ 74.784852][ T5317] ? __pfx__printk+0x10/0x10 [ 74.786840][ T5317] vpanic+0x237/0x6d0 [ 74.788588][ T5317] ? __pfx_vpanic+0x10/0x10 [ 74.790662][ T5317] panic+0xb9/0xc0 [ 74.792292][ T5317] ? __pfx_panic+0x10/0x10 [ 74.794266][ T5317] __warn+0x31b/0x4b0 [ 74.795885][ T5317] ? rate_control_rate_init+0x64a/0x6e0 [ 74.798254][ T5317] ? rate_control_rate_init+0x64a/0x6e0 [ 74.800707][ T5317] report_bug+0x2be/0x4f0 [ 74.802873][ T5317] ? rate_control_rate_init+0x64a/0x6e0 [ 74.805322][ T5317] ? rate_control_rate_init+0x64a/0x6e0 [ 74.807955][ T5317] ? rate_control_rate_init+0x64c/0x6e0 [ 74.810655][ T5317] handle_bug+0x84/0x160 [ 74.812861][ T5317] exc_invalid_op+0x1a/0x50 [ 74.815094][ T5317] asm_exc_invalid_op+0x1a/0x20 [ 74.817244][ T5317] RIP: 0010:rate_control_rate_init+0x64a/0x6e0 [ 74.819916][ T5317] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 72 cf 00 f7 90 0f 0b 90 eb e1 e8 67 cf 00 f7 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00 [ 74.828235][ T5317] RSP: 0018:ffffc9000d4c6f60 EFLAGS: 00010287 [ 74.830929][ T5317] RAX: ffffffff8abf43f9 RBX: ffff88803386c000 RCX: 0000000000100000 [ 74.834820][ T5317] RDX: ffffc9000e04a000 RSI: 000000000000034f RDI: 0000000000000350 [ 74.838413][ T5317] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8abf3f13 [ 74.841838][ T5317] R10: dffffc0000000000 R11: ffffed100670d831 R12: 1ffff1100670d80a [ 74.845075][ T5317] R13: ffff888041098e80 R14: 0000000000000001 R15: ffffffff8abf3f13 [ 74.848479][ T5317] ? rate_control_rate_init+0x163/0x6e0 [ 74.850885][ T5317] ? rate_control_rate_init+0x163/0x6e0 [ 74.853452][ T5317] ? rate_control_rate_init+0x649/0x6e0 [ 74.855974][ T5317] rate_control_rate_init_all_links+0x109/0x1a0 [ 74.858996][ T5317] sta_apply_auth_flags+0x1c2/0x400 [ 74.861198][ T5317] sta_apply_parameters+0xe27/0x1570 [ 74.863547][ T5317] ieee80211_add_station+0x424/0x6a0 [ 74.865907][ T5317] rdev_add_station+0x108/0x290 [ 74.868200][ T5317] nl80211_new_station+0x1755/0x1b70 [ 74.870662][ T5317] ? __pfx_nl80211_new_station+0x10/0x10 [ 74.873400][ T5317] ? netdev_run_todo+0xe1d/0xea0 [ 74.875658][ T5317] ? nl80211_pre_doit+0x4f1/0x930 [ 74.877919][ T5317] genl_family_rcv_msg_doit+0x215/0x300 [ 74.880402][ T5317] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 74.883230][ T5317] ? bpf_lsm_capable+0x9/0x20 [ 74.885600][ T5317] ? security_capable+0x7e/0x2e0 [ 74.887831][ T5317] genl_rcv_msg+0x60e/0x790 [ 74.889997][ T5317] ? __pfx_genl_rcv_msg+0x10/0x10 [ 74.892439][ T5317] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 74.895384][ T5317] ? __pfx_nl80211_new_station+0x10/0x10 [ 74.898034][ T5317] ? __pfx_nl80211_post_doit+0x10/0x10 [ 74.900235][ T5317] ? __asan_memcpy+0x40/0x70 [ 74.902236][ T5317] ? __pfx_ref_tracker_free+0x10/0x10 [ 74.904566][ T5317] netlink_rcv_skb+0x208/0x470 [ 74.906730][ T5317] ? __lock_acquire+0xab9/0xd20 [ 74.908750][ T5317] ? __pfx_genl_rcv_msg+0x10/0x10 [ 74.910742][ T5317] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 74.912793][ T5317] ? down_read+0x1ad/0x2e0 [ 74.914790][ T5317] genl_rcv+0x28/0x40 [ 74.916467][ T5317] netlink_unicast+0x82f/0x9e0 [ 74.918670][ T5317] ? __pfx_netlink_unicast+0x10/0x10 [ 74.920687][ T5317] ? netlink_sendmsg+0x642/0xb30 [ 74.922672][ T5317] ? skb_put+0x11b/0x210 [ 74.924522][ T5317] netlink_sendmsg+0x805/0xb30 [ 74.926927][ T5317] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.929534][ T5317] ? aa_sock_msg_perm+0xf1/0x1d0 [ 74.931873][ T5317] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 74.934227][ T5317] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.936403][ T5317] __sock_sendmsg+0x21c/0x270 [ 74.938416][ T5317] ____sys_sendmsg+0x505/0x830 [ 74.940540][ T5317] ? __pfx_____sys_sendmsg+0x10/0x10 [ 74.943167][ T5317] ? import_iovec+0x74/0xa0 [ 74.945537][ T5317] ___sys_sendmsg+0x21f/0x2a0 [ 74.947868][ T5317] ? __pfx____sys_sendmsg+0x10/0x10 [ 74.950289][ T5317] ? __fget_files+0x2a/0x420 [ 74.952499][ T5317] ? __fget_files+0x3a0/0x420 [ 74.954613][ T5317] __x64_sys_sendmsg+0x19b/0x260 [ 74.956737][ T5317] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 74.959179][ T5317] ? do_syscall_64+0xbe/0xfa0 [ 74.961374][ T5317] do_syscall_64+0xfa/0xfa0 [ 74.963486][ T5317] ? lockdep_hardirqs_on+0x9c/0x150 [ 74.966161][ T5317] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.968796][ T5317] ? clear_bhb_loop+0x60/0xb0 [ 74.970946][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.973555][ T5317] RIP: 0033:0x7fc16ab8f6c9 [ 74.975447][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.984103][ T5317] RSP: 002b:00007fc16b965038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.987815][ T5317] RAX: ffffffffffffffda RBX: 00007fc16ade5fa0 RCX: 00007fc16ab8f6c9 [ 74.991191][ T5317] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000011 [ 74.994679][ T5317] RBP: 00007fc16ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 74.998208][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.001567][ T5317] R13: 00007fc16ade6038 R14: 00007fc16ade5fa0 R15: 00007ffdaa8623f8 [ 75.005118][ T5317] [ 75.006848][ T5317] Kernel Offset: disabled [ 75.008679][ T5317] Rebooting in 86400 seconds..