------------[ cut here ]------------
no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
WARNING: CPU: 0 PID: 7879 at net/mac80211/rate.c:376 __rate_control_send_low+0x574/0x770 net/mac80211/rate.c:371
Modules linked in:
CPU: 0 PID: 7879 Comm: syz.3.673 Not tainted 5.15.182-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __rate_control_send_low+0x574/0x770 net/mac80211/rate.c:371
lr : __rate_control_send_low+0x574/0x770 net/mac80211/rate.c:371
sp : ffff800008007670
x29: ffff8000080076c0 x28: ffff0000cda33370 x27: 000000000000000c
x26: dfff800000000000 x25: 0000000000000000 x24: dfff800000000000
x23: ffff0000f44c6168 x22: 0000000000000000 x21: 000000000000000c
x20: ffff0000cda33378 x19: 0000000000000000 x18: 0000000000000102
x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff
x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100
x11: 0000000000000101 x10: 0000000000000000 x9 : fdabf2d3a0b8ba00
x8 : fdabf2d3a0b8ba00 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800008006f58 x4 : ffff80001422f280 x3 : ffff800008503828
x2 : 0000000000000001 x1 : 0000000100000101 x0 : 0000000000000056
Call trace:
 __rate_control_send_low+0x574/0x770 net/mac80211/rate.c:371
 rate_control_send_low+0x164/0x684 net/mac80211/rate.c:396
 rate_control_get_rate+0x1a0/0x4b8 net/mac80211/rate.c:908
 __ieee80211_beacon_get+0x1170/0x19dc net/mac80211/tx.c:5167
 ieee80211_beacon_get_tim+0x5c/0x790 net/mac80211/tx.c:5194
 ieee80211_beacon_get include/net/mac80211.h:4981 [inline]
 mac80211_hwsim_beacon_tx+0x10c/0x7ac drivers/net/wireless/mac80211_hwsim.c:1812
 __iterate_interfaces+0x204/0x484 net/mac80211/util.c:793
 ieee80211_iterate_active_interfaces_atomic+0xd4/0x180 net/mac80211/util.c:829
 mac80211_hwsim_beacon+0x90/0x174 drivers/net/wireless/mac80211_hwsim.c:1865
 __run_hrtimer kernel/time/hrtimer.c:1690 [inline]
 __hrtimer_run_queues+0x428/0xb6c kernel/time/hrtimer.c:1754
 hrtimer_run_softirq+0x160/0x400 kernel/time/hrtimer.c:1771
 handle_softirqs+0x344/0xbf0 kernel/softirq.c:558
 __do_softirq kernel/softirq.c:592 [inline]
 do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
 invoke_softirq kernel/softirq.c:439 [inline]
 __irq_exit_rcu+0x240/0x440 kernel/softirq.c:641
 irq_exit+0x14/0x88 kernel/softirq.c:665
 handle_domain_irq+0x14c/0x1fc kernel/irq/irqdesc.c:711
 gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:765
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:899
 do_interrupt_handler+0x6c/0x88 arch/arm64/kernel/entry-common.c:267
 el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:454
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:470
 el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:522
 kasan_mem_to_shadow include/linux/kasan.h:-1 [inline]
 memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
 memory_is_poisoned mm/kasan/generic.c:159 [inline]
 check_region_inline mm/kasan/generic.c:180 [inline]
 kasan_check_range+0x54/0x2b0 mm/kasan/generic.c:189
 __kasan_check_write+0x44/0x54 mm/kasan/shadow.c:37
 instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
 atomic_add_negative include/linux/atomic/atomic-instrumented.h:556 [inline]
 page_remove_file_rmap mm/rmap.c:1283 [inline]
 page_remove_rmap+0x1f8/0xfd0 mm/rmap.c:1354
 zap_pte_range mm/memory.c:1384 [inline]
 zap_pmd_range mm/memory.c:1505 [inline]
 zap_pud_range mm/memory.c:1534 [inline]
 zap_p4d_range mm/memory.c:1555 [inline]
 unmap_page_range+0xbb4/0x1958 mm/memory.c:1576
 unmap_single_vma+0x13c/0x1e4 mm/memory.c:1621
 unmap_vmas+0x104/0x200 mm/memory.c:1653
 exit_mmap+0x2a8/0x4e0 mm/mmap.c:3204
 __mmput+0xec/0x3b8 kernel/fork.c:1127
 mmput+0x80/0xc8 kernel/fork.c:1148
 exit_mm+0x4a0/0x684 kernel/exit.c:550
 do_exit+0x4e4/0x1f58 kernel/exit.c:861
 do_group_exit+0x100/0x268 kernel/exit.c:996
 get_signal+0x73c/0x1340 kernel/signal.c:2900
 do_signal arch/arm64/kernel/signal.c:893 [inline]
 do_notify_resume+0x35c/0x3128 arch/arm64/kernel/signal.c:946
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_svc+0xf0/0x1e0 arch/arm64/kernel/entry-common.c:609
 el0t_64_sync_handler+0xcc/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 1599
hardirqs last  enabled at (1598): [<ffff8000082f7640>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:257
hardirqs last disabled at (1599): [<ffff8000111a0cd0>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:396
softirqs last  enabled at (1532): [<ffff80000819d0d8>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last  enabled at (1532): [<ffff80000819d0d8>] handle_softirqs+0xa4c/0xbf0 kernel/softirq.c:586
softirqs last disabled at (1575): [<ffff80000819d6dc>] __do_softirq kernel/softirq.c:592 [inline]
softirqs last disabled at (1575): [<ffff80000819d6dc>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (1575): [<ffff80000819d6dc>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (1575): [<ffff80000819d6dc>] __irq_exit_rcu+0x240/0x440 kernel/softirq.c:641
---[ end trace 3f683df42ad949c7 ]---