ieee80211_register_hw+0x13cd/0x35d0 net/mac80211/main.c:1050 mac80211_hwsim_new_radio+0x1da2/0x33b0 drivers/net/wireless/mac80211_hwsim.c:2772 BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 1ab89a067 P4D 1ab89a067 PUD 1b4053067 PMD 0 Oops: 0010 [#1] SMP KASAN hwsim_new_radio_nl+0x7b8/0xa60 drivers/net/wireless/mac80211_hwsim.c:3247 CPU: 0 PID: 14820 Comm: syz-executor5 Not tainted 4.17.0+ #84 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010: (null) Code: genl_family_rcv_msg+0x889/0x1120 net/netlink/genetlink.c:599 Bad RIP value. RSP: 0018:ffff8801c90bf3a0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff8801aeeba000 RCX: 1ffffffff10ea9fd RDX: ffff8801c90bfc00 RSI: ffff8801b3a59180 RDI: ffff8801c32dd780 RBP: ffff8801c90bf510 R08: ffff8801934f8c78 R09: 0000000000000006 R10: ffff8801934f8440 R11: 0000000000000000 R12: 1ffff10039217e79 R13: ffff8801c90bfc00 R14: ffff8801aeeba012 R15: ffff8801aeeba458 FS: 00007fbcf3a37700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 genl_rcv_msg+0xc6/0x170 net/netlink/genetlink.c:624 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2448 CR2: ffffffffffffffd6 CR3: 00000001d437b000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: genl_rcv+0x28/0x40 net/netlink/genetlink.c:635 netlink_unicast_kernel net/netlink/af_netlink.c:1310 [inline] netlink_unicast+0x58b/0x740 net/netlink/af_netlink.c:1336 netlink_sendmsg+0x9f0/0xfa0 net/netlink/af_netlink.c:1901 sock_poll+0x1d1/0x710 net/socket.c:1168 sock_sendmsg_nosec net/socket.c:645 [inline] sock_sendmsg+0xd5/0x120 net/socket.c:655 ___sys_sendmsg+0x805/0x940 net/socket.c:2161 vfs_poll+0x77/0x2a0 fs/select.c:40 ep_item_poll.isra.15+0x2c1/0x390 fs/eventpoll.c:887 ep_insert+0x6b8/0x1c00 fs/eventpoll.c:1459 __sys_sendmsg+0x115/0x270 net/socket.c:2199 __do_sys_sendmsg net/socket.c:2208 [inline] __se_sys_sendmsg net/socket.c:2206 [inline] __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2206 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x455b29 Code: 1d ba fb ff c3 66 2e 0f __do_sys_epoll_ctl fs/eventpoll.c:2113 [inline] __se_sys_epoll_ctl fs/eventpoll.c:1999 [inline] __x64_sys_epoll_ctl+0xef1/0x10f0 fs/eventpoll.c:1999 1f 84 00 00 00 00 00 66 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:290 90 48 89 f8 48 89 entry_SYSCALL_64_after_hwframe+0x49/0xbe f7 48 RIP: 0033:0x455b29 89 Code: d6 1d 48 89 ba ca 4d fb 89 ff c2 c3 4d 66 89 2e c8 0f 4c 1f 8b 84 4c 00 24 00 08 00 0f 00 05 00 <48> 66 3d 90 01 48 f0 89 ff f8 ff 48 0f 83 89 eb f7 b9 48 fb 89 ff c3 d6 66 48 89 2e ca 4d 0f 89 1f c2 4d 84 89 00 c8 4c 00 8b 00 4c 00 24 08 RSP: 002b:00007fe02fd99c68 EFLAGS: 00000246 0f 05 ORIG_RAX: 000000000000002e <48> RAX: ffffffffffffffda RBX: 00007fe02fd9a6d4 RCX: 0000000000455b29 3d RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000014 01 RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 f0 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000004c0e0f R14: 00000000004d0820 R15: 0000000000000000 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'. RSP: 002b:00007fbcf3a36c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 RAX: ffffffffffffffda RBX: 00007fbcf3a376d4 RCX: 0000000000455b29 RDX: 0000000000000017 RSI: 0000000000000001 RDI: 0000000000000019 RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020c7f000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000004bba61 R14: 00000000004c8570 R15: 0000000000000000 Modules linked in: Dumping ftrace buffer: sysfs: cannot create duplicate filename '/class/ieee80211/!' (ftrace buffer empty) CR2: 0000000000000000 ---[ end trace ec4f6f30d5c0a5fb ]--- CPU: 1 PID: 14810 Comm: syz-executor2 Tainted: G D 4.17.0+ #84 RIP: 0010: (null) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1b9/0x294 lib/dump_stack.c:113 Code: sysfs_warn_dup.cold.3+0x1c/0x2b fs/sysfs/dir.c:30 Bad RIP value. sysfs_do_create_link_sd.isra.2+0x116/0x130 fs/sysfs/symlink.c:50 sysfs_do_create_link fs/sysfs/symlink.c:79 [inline] sysfs_create_link+0x65/0xc0 fs/sysfs/symlink.c:91 RSP: 0018:ffff8801c90bf3a0 EFLAGS: 00010246 device_add_class_symlinks drivers/base/core.c:1632 [inline] device_add+0x5c9/0x16f0 drivers/base/core.c:1834 wiphy_register+0x182e/0x24e0 net/wireless/core.c:813 RAX: 0000000000000000 RBX: ffff8801aeeba000 RCX: 1ffffffff10ea9fd RDX: ffff8801c90bfc00 RSI: ffff8801b3a59180 RDI: ffff8801c32dd780 RBP: ffff8801c90bf510 R08: ffff8801934f8c78 R09: 0000000000000006 R10: ffff8801934f8440 R11: 0000000000000000 R12: 1ffff10039217e79 ieee80211_register_hw+0x13cd/0x35d0 net/mac80211/main.c:1050 R13: ffff8801c90bfc00 R14: ffff8801aeeba012 R15: ffff8801aeeba458 mac80211_hwsim_new_radio+0x1da2/0x33b0 drivers/net/wireless/mac80211_hwsim.c:2772 FS: 00007fbcf3a37700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 00000001d437b000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400