Warning: Permanently added '10.128.0.121' (ED25519) to the list of known hosts.
syzkaller login: [   51.046538][ T3541] chnl_net:caif_netlink_parms(): no params data found
[   51.085801][ T3541] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.093322][ T3541] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.101138][ T3541] device bridge_slave_0 entered promiscuous mode
[   51.109978][ T3541] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.117257][ T3541] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.125115][ T3541] device bridge_slave_1 entered promiscuous mode
[   51.145536][ T3541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   51.156258][ T3541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   51.177635][ T3541] team0: Port device team_slave_0 added
[   51.184825][ T3541] team0: Port device team_slave_1 added
[   51.203376][ T3541] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.210414][ T3541] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.236382][ T3541] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   51.249004][ T3541] batman_adv: batadv0: Adding interface: batadv_slave_1
[   51.255998][ T3541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.281913][ T3541] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.308727][ T3541] device hsr_slave_0 entered promiscuous mode
[   51.315788][ T3541] device hsr_slave_1 entered promiscuous mode
[   51.399830][ T3541] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   51.409615][ T3541] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   51.418907][ T3541] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   51.428566][ T3541] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   51.448121][ T3541] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.455306][ T3541] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.463120][ T3541] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.470190][ T3541] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.510288][ T3541] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.522967][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.534231][ T3547] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.542723][ T3547] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.550436][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   51.564094][ T3541] 8021q: adding VLAN 0 to HW filter on device team0
[   51.574585][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.583259][ T3548] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.590303][ T3548] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.600809][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.609147][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.616232][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.634075][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   51.650308][ T3541] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   51.660934][ T3541] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   51.673222][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   51.680978][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   51.689650][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.698903][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.716441][ T3541] 8021q: adding VLAN 0 to HW filter on device batadv0
[   51.724142][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   51.732993][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   51.740381][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   51.764715][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.773884][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.782281][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.789842][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.799904][ T3541] device veth0_vlan entered promiscuous mode
[   51.810966][ T3541] device veth1_vlan entered promiscuous mode
[   51.829894][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   51.838231][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   51.846758][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.856577][ T3541] device veth0_macvtap entered promiscuous mode
[   51.867637][ T3541] device veth1_macvtap entered promiscuous mode
[   51.883165][ T3541] batman_adv: batadv0: Interface activated: batadv_slave_0
[   51.890543][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.901049][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   51.912363][ T3541] batman_adv: batadv0: Interface activated: batadv_slave_1
[   51.919782][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.930581][ T3541] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.940411][ T3541] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.949387][ T3541] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.958399][ T3541] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.011846][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   52.019754][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.040843][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   52.053766][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
executing program
[   52.064111][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.073439][ T3551] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   53.359693][   T62] ------------[ cut here ]------------
[   53.365325][   T62] no supported rates for sta (null) (0xffffffff, band 1) in rate_mask 0x0 with flags 0x0
[   53.375667][   T62] WARNING: CPU: 0 PID: 62 at net/mac80211/rate.c:385 __rate_control_send_low+0x653/0x890
[   53.385575][   T62] Modules linked in:
[   53.389535][   T62] CPU: 0 PID: 62 Comm: kworker/u4:4 Not tainted 6.1.90-syzkaller #0
[   53.397572][   T62] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   53.407676][   T62] Workqueue: events_unbound cfg80211_wiphy_work
[   53.413969][   T62] RIP: 0010:__rate_control_send_low+0x653/0x890
[   53.420309][   T62] Code: 48 8b 14 24 0f 85 db 01 00 00 8b 0a 48 c7 c7 20 fa fc 8b 48 8b 74 24 10 44 89 f2 44 8b 44 24 1c 44 8b 4c 24 0c e8 8d 2f 48 f7 <0f> 0b e9 79 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c e3 f9 ff
[   53.440049][   T62] RSP: 0018:ffffc900015773a0 EFLAGS: 00010246
[   53.446174][   T62] RAX: 114ea823ab7b2f00 RBX: 0000000000000008 RCX: ffff888013ba9dc0
[   53.454203][   T62] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   53.462315][   T62] RBP: ffff888019e6b168 R08: ffffffff81528ede R09: fffff520002aedd5
[   53.470297][   T62] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000080
[   53.478311][   T62] R13: 0000000000000008 R14: 00000000ffffffff R15: dffffc0000000000
[   53.486327][   T62] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   53.495294][   T62] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   53.501919][   T62] CR2: 00007fff61504f18 CR3: 000000000ce8e000 CR4: 00000000003506f0
[   53.509881][   T62] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   53.517886][   T62] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   53.525909][   T62] Call Trace:
[   53.529172][   T62]  <TASK>
[   53.532144][   T62]  ? __warn+0x15a/0x520
[   53.536302][   T62]  ? __rate_control_send_low+0x653/0x890
[   53.541985][   T62]  ? report_bug+0x2af/0x500
[   53.546497][   T62]  ? __rate_control_send_low+0x653/0x890
[   53.552174][   T62]  ? handle_bug+0x3d/0x70
[   53.556534][   T62]  ? exc_invalid_op+0x16/0x40
[   53.561197][   T62]  ? asm_exc_invalid_op+0x16/0x20
[   53.566259][   T62]  ? __warn_printk+0x28e/0x350
[   53.571032][   T62]  ? __rate_control_send_low+0x653/0x890
[   53.576721][   T62]  rate_control_send_low+0x1a8/0x770
[   53.582066][   T62]  rate_control_get_rate+0x20a/0x5d0
[   53.587372][   T62]  ieee80211_tx_h_rate_ctrl+0xc72/0x1990
[   53.593061][   T62]  ? ieee80211_tx_h_select_key+0x16a0/0x16a0
[   53.599054][   T62]  ? ieee80211_queue_skb+0xd0/0x2300
[   53.604378][   T62]  invoke_tx_handlers_late+0xb2/0x1910
[   53.609842][   T62]  ? ieee80211_tx_h_select_key+0x1177/0x16a0
[   53.615871][   T62]  ? invoke_tx_handlers_early+0xa0d/0x1d30
[   53.621719][   T62]  ieee80211_tx+0x2df/0x460
[   53.626223][   T62]  ? ieee80211_skb_resize+0x640/0x640
[   53.631665][   T62]  ? ieee80211_xmit+0x307/0x3e0
[   53.636519][   T62]  ? __ieee80211_tx_skb_tid_band+0x49a/0x610
[   53.642533][   T62]  __ieee80211_tx_skb_tid_band+0x4de/0x610
[   53.648348][   T62]  ? ieee80211_scan_state_send_probe+0x499/0x8f0
[   53.654714][   T62]  ieee80211_scan_state_send_probe+0x558/0x8f0
[   53.660890][   T62]  ieee80211_scan_work+0x612/0x1d70
[   53.666151][   T62]  ? ieee80211_can_scan+0x200/0x200
[   53.671357][   T62]  ? do_raw_spin_unlock+0x137/0x8a0
[   53.676601][   T62]  ? _raw_spin_unlock_irq+0x1f/0x40
[   53.681856][   T62]  ? lockdep_hardirqs_on+0x94/0x130
[   53.687069][   T62]  cfg80211_wiphy_work+0x21a/0x250
[   53.692233][   T62]  ? process_one_work+0x7a9/0x11d0
[   53.697349][   T62]  process_one_work+0x8a9/0x11d0
[   53.702335][   T62]  ? worker_detach_from_pool+0x260/0x260
[   53.707991][   T62]  ? _raw_spin_lock_irqsave+0x120/0x120
[   53.713577][   T62]  ? kthread_data+0x4e/0xc0
[   53.718176][   T62]  ? wq_worker_running+0x97/0x190
[   53.723240][   T62]  worker_thread+0xa47/0x1200
[   53.727935][   T62]  ? _raw_spin_unlock+0x40/0x40
[   53.732833][   T62]  ? __sched_text_start+0x8/0x8
[   53.737698][   T62]  ? _raw_spin_unlock+0x40/0x40
[   53.742592][   T62]  kthread+0x28d/0x320
[   53.746660][   T62]  ? worker_clr_flags+0x190/0x190
[   53.751741][   T62]  ? kthread_blkcg+0xd0/0xd0
[   53.756340][   T62]  ret_from_fork+0x1f/0x30
[   53.760765][   T62]  </TASK>
[   53.763843][   T62] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   53.771127][   T62] CPU: 0 PID: 62 Comm: kworker/u4:4 Not tainted 6.1.90-syzkaller #0
[   53.779177][   T62] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   53.789226][   T62] Workqueue: events_unbound cfg80211_wiphy_work
[   53.795463][   T62] Call Trace:
[   53.798725][   T62]  <TASK>
[   53.801643][   T62]  dump_stack_lvl+0x1e3/0x2cb
[   53.806317][   T62]  ? nf_tcp_handle_invalid+0x642/0x642
[   53.811805][   T62]  ? panic+0x764/0x764
[   53.815899][   T62]  ? vscnprintf+0x59/0x80
[   53.820226][   T62]  panic+0x318/0x764
[   53.824118][   T62]  ? __warn+0x169/0x520
[   53.828263][   T62]  ? memcpy_page_flushcache+0xfc/0xfc
[   53.833623][   T62]  ? ret_from_fork+0x1f/0x30
[   53.838204][   T62]  __warn+0x348/0x520
[   53.842169][   T62]  ? __rate_control_send_low+0x653/0x890
[   53.847788][   T62]  report_bug+0x2af/0x500
[   53.852118][   T62]  ? __rate_control_send_low+0x653/0x890
[   53.857737][   T62]  handle_bug+0x3d/0x70
[   53.861880][   T62]  exc_invalid_op+0x16/0x40
[   53.866364][   T62]  asm_exc_invalid_op+0x16/0x20
[   53.871195][   T62] RIP: 0010:__rate_control_send_low+0x653/0x890
[   53.877420][   T62] Code: 48 8b 14 24 0f 85 db 01 00 00 8b 0a 48 c7 c7 20 fa fc 8b 48 8b 74 24 10 44 89 f2 44 8b 44 24 1c 44 8b 4c 24 0c e8 8d 2f 48 f7 <0f> 0b e9 79 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c e3 f9 ff
[   53.897008][   T62] RSP: 0018:ffffc900015773a0 EFLAGS: 00010246
[   53.903057][   T62] RAX: 114ea823ab7b2f00 RBX: 0000000000000008 RCX: ffff888013ba9dc0
[   53.911014][   T62] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   53.918964][   T62] RBP: ffff888019e6b168 R08: ffffffff81528ede R09: fffff520002aedd5
[   53.926921][   T62] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000080
[   53.934873][   T62] R13: 0000000000000008 R14: 00000000ffffffff R15: dffffc0000000000
[   53.942837][   T62]  ? __warn_printk+0x28e/0x350
[   53.947599][   T62]  rate_control_send_low+0x1a8/0x770
[   53.952870][   T62]  rate_control_get_rate+0x20a/0x5d0
[   53.958141][   T62]  ieee80211_tx_h_rate_ctrl+0xc72/0x1990
[   53.963767][   T62]  ? ieee80211_tx_h_select_key+0x16a0/0x16a0
[   53.969738][   T62]  ? ieee80211_queue_skb+0xd0/0x2300
[   53.975009][   T62]  invoke_tx_handlers_late+0xb2/0x1910
[   53.980449][   T62]  ? ieee80211_tx_h_select_key+0x1177/0x16a0
[   53.986432][   T62]  ? invoke_tx_handlers_early+0xa0d/0x1d30
[   53.992226][   T62]  ieee80211_tx+0x2df/0x460
[   53.997334][   T62]  ? ieee80211_skb_resize+0x640/0x640
[   54.002708][   T62]  ? ieee80211_xmit+0x307/0x3e0
[   54.007548][   T62]  ? __ieee80211_tx_skb_tid_band+0x49a/0x610
[   54.013515][   T62]  __ieee80211_tx_skb_tid_band+0x4de/0x610
[   54.019327][   T62]  ? ieee80211_scan_state_send_probe+0x499/0x8f0
[   54.025695][   T62]  ieee80211_scan_state_send_probe+0x558/0x8f0
[   54.031858][   T62]  ieee80211_scan_work+0x612/0x1d70
[   54.037061][   T62]  ? ieee80211_can_scan+0x200/0x200
[   54.042254][   T62]  ? do_raw_spin_unlock+0x137/0x8a0
[   54.047439][   T62]  ? _raw_spin_unlock_irq+0x1f/0x40
[   54.052630][   T62]  ? lockdep_hardirqs_on+0x94/0x130
[   54.057813][   T62]  cfg80211_wiphy_work+0x21a/0x250
[   54.062908][   T62]  ? process_one_work+0x7a9/0x11d0
[   54.068020][   T62]  process_one_work+0x8a9/0x11d0
[   54.072979][   T62]  ? worker_detach_from_pool+0x260/0x260
[   54.078615][   T62]  ? _raw_spin_lock_irqsave+0x120/0x120
[   54.084149][   T62]  ? kthread_data+0x4e/0xc0
[   54.088730][   T62]  ? wq_worker_running+0x97/0x190
[   54.093745][   T62]  worker_thread+0xa47/0x1200
[   54.098420][   T62]  ? _raw_spin_unlock+0x40/0x40
[   54.103256][   T62]  ? __sched_text_start+0x8/0x8
[   54.108105][   T62]  ? _raw_spin_unlock+0x40/0x40
[   54.112956][   T62]  kthread+0x28d/0x320
[   54.117002][   T62]  ? worker_clr_flags+0x190/0x190
[   54.122014][   T62]  ? kthread_blkcg+0xd0/0xd0
[   54.126607][   T62]  ret_from_fork+0x1f/0x30
[   54.131030][   T62]  </TASK>
[   54.134288][   T62] Kernel Offset: disabled
[   54.138631][   T62] Rebooting in 86400 seconds..