program:
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="70000067f8ca7f15b1139160a1309ba900e2ba864ec778606e4e0febe5580968091266ee970976624e859a6fe0096da20def5ab405f0174e7c3584543a87d57eeca94d79d2f07738802b861cf99601b35eb146b6f520ddf473fb77545173230f1d78dfa53aef72bf676feecf8e3332f4e21a162485afdb2746ebf99ae9f6b769bab7add4609623c445f2890b2af94b4048f4666162c858f8dcab01fd5f240194040d22b67393ae6d9ba56edf00c3b1c095df47ca6c6ad496593ae7ae5bfa82e388193b1337743cda8a149bae0b55cdd3940e5a9bfd550afb594f3edcdc1fbc2e13981febaebed8f52b500126ad5dda3d1fe5f9896adc03d6bd396fc00c56489ee696266f21cfeaf25a1e97a229490bb37d97857f298dc7024cf9df9a84069702dbc677f0680a987d9f4b480af95be644fc3ce61cc03334b6ab6930e183f1b3f56c7fcf96b0f211d50d4184aacbf1c515ea40d94f72d13d7a85ea462c5a898328a0b4755b5b38afaa976013926e433d0355d8af908fbc9f9c3809cc4348be0aecbe8a47bb6bd8af80cfe05ef5cc6b8ff51b9625645d67ca4b1242ff728229", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r2, @ANYBLOB="31000e0080000000ffffffffffff08021100000008021100000000000000000000000000640001007107ffff0001010720000000080026006c090000080027000300000008000c006400000008000d0000000000"], 0x70}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r3=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)={0x3c, r5, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x1000}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

[   85.675657][ T5333] Bluetooth: hci0: command tx timeout
[   85.764169][ T5360] ------------[ cut here ]------------
[   85.766777][ T5360] WARNING: CPU: 0 PID: 5360 at net/mac80211/rate.c:53 rate_control_rate_init+0x64a/0x6e0
[   85.771147][ T5360] Modules linked in:
[   85.772939][ T5360] CPU: 0 UID: 0 PID: 5360 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[   85.777539][ T5360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.781748][ T5360] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[   85.784090][ T5360] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 4f ce f6 90 0f 0b 90 eb e1 e8 e7 4f ce f6 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[   85.792960][ T5360] RSP: 0018:ffffc9000d2b6f70 EFLAGS: 00010293
[   85.796482][ T5360] RAX: ffffffff8af16b79 RBX: ffff888036958000 RCX: ffff8880335b2440
[   85.799989][ T5360] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   85.803486][ T5360] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8af16693
[   85.807119][ T5360] R10: dffffc0000000000 R11: ffffed1006d2b031 R12: 1ffff11006d2b00a
[   85.810658][ T5360] R13: ffff888030ef0e40 R14: 0000000000000001 R15: ffffffff8af16693
[   85.814323][ T5360] FS:  00007f335cca46c0(0000) GS:ffff88808d211000(0000) knlGS:0000000000000000
[   85.818380][ T5360] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.821417][ T5360] CR2: 0000200000001080 CR3: 0000000042db7000 CR4: 0000000000352ef0
[   85.824704][ T5360] Call Trace:
[   85.826382][ T5360]  <TASK>
[   85.827646][ T5360]  rate_control_rate_init_all_links+0x109/0x1a0
[   85.830683][ T5360]  sta_apply_auth_flags+0x1c2/0x400
[   85.832951][ T5360]  sta_apply_parameters+0xe4b/0x15b0
[   85.835354][ T5360]  ieee80211_add_station+0x424/0x6a0
[   85.837838][ T5360]  rdev_add_station+0x105/0x290
[   85.840081][ T5360]  nl80211_new_station+0x1755/0x1b70
[   85.842472][ T5360]  ? __pfx_nl80211_new_station+0x10/0x10
[   85.844866][ T5360]  ? netdev_run_todo+0xe1d/0xea0
[   85.847829][ T5360]  ? nl80211_pre_doit+0x4f1/0x930
[   85.850251][ T5360]  genl_family_rcv_msg_doit+0x215/0x300
[   85.852604][ T5360]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   85.855146][ T5360]  ? bpf_lsm_capable+0x9/0x20
[   85.857395][ T5360]  ? security_capable+0x7e/0x2e0
[   85.859587][ T5360]  genl_rcv_msg+0x60e/0x790
[   85.861607][ T5360]  ? __pfx_genl_rcv_msg+0x10/0x10
[   85.863868][ T5360]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   85.866343][ T5360]  ? __pfx_nl80211_new_station+0x10/0x10
[   85.868747][ T5360]  ? __pfx_nl80211_post_doit+0x10/0x10
[   85.871099][ T5360]  ? __asan_memcpy+0x40/0x70
[   85.873342][ T5360]  ? __pfx_ref_tracker_free+0x10/0x10
[   85.875758][ T5360]  netlink_rcv_skb+0x205/0x470
[   85.878079][ T5360]  ? __lock_acquire+0xab9/0xd20
[   85.880255][ T5360]  ? __pfx_genl_rcv_msg+0x10/0x10
[   85.882459][ T5360]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   85.884727][ T5360]  ? down_read+0x1ad/0x2e0
[   85.886839][ T5360]  genl_rcv+0x28/0x40
[   85.888671][ T5360]  netlink_unicast+0x82c/0x9e0
[   85.891114][ T5360]  ? __pfx_netlink_unicast+0x10/0x10
[   85.893706][ T5360]  ? netlink_sendmsg+0x642/0xb30
[   85.896088][ T5360]  ? skb_put+0x11b/0x210
[   85.897910][ T5360]  netlink_sendmsg+0x805/0xb30
[   85.900041][ T5360]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.902405][ T5360]  ? aa_sock_msg_perm+0xf1/0x1d0
[   85.904649][ T5360]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   85.907151][ T5360]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.909584][ T5360]  __sock_sendmsg+0x21c/0x270
[   85.911689][ T5360]  ____sys_sendmsg+0x505/0x830
[   85.913874][ T5360]  ? __pfx_____sys_sendmsg+0x10/0x10
[   85.916383][ T5360]  ? import_iovec+0x74/0xa0
[   85.918582][ T5360]  ___sys_sendmsg+0x21f/0x2a0
[   85.920435][ T5360]  ? __pfx____sys_sendmsg+0x10/0x10
[   85.922563][ T5360]  ? __fget_files+0x2a/0x420
[   85.924606][ T5360]  ? __fget_files+0x3a0/0x420
[   85.926732][ T5360]  __x64_sys_sendmsg+0x19b/0x260
[   85.928693][ T5360]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   85.930672][ T5360]  ? rcu_is_watching+0x15/0xb0
[   85.932495][ T5360]  ? do_syscall_64+0xbe/0x3b0
[   85.934432][ T5360]  do_syscall_64+0xfa/0x3b0
[   85.936201][ T5360]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.938434][ T5360]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.941192][ T5360]  ? clear_bhb_loop+0x60/0xb0
[   85.943215][ T5360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.945976][ T5360] RIP: 0033:0x7f335bd8ebe9
[   85.947906][ T5360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.955608][ T5360] RSP: 002b:00007f335cca4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.958585][ T5360] RAX: ffffffffffffffda RBX: 00007f335bfb5fa0 RCX: 00007f335bd8ebe9
[   85.961372][ T5360] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000009
[   85.963995][ T5360] RBP: 00007f335be11e19 R08: 0000000000000000 R09: 0000000000000000
[   85.966722][ T5360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.969790][ T5360] R13: 00007f335bfb6038 R14: 00007f335bfb5fa0 R15: 00007fffe65f05d8
[   85.973081][ T5360]  </TASK>
[   85.974425][ T5360] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   85.977472][ T5360] CPU: 0 UID: 0 PID: 5360 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[   85.981907][ T5360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.987102][ T5360] Call Trace:
[   85.988625][ T5360]  <TASK>
[   85.989937][ T5360]  dump_stack_lvl+0x99/0x250
[   85.992017][ T5360]  ? __asan_memcpy+0x40/0x70
[   85.994172][ T5360]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.996529][ T5360]  ? __pfx__printk+0x10/0x10
[   85.998531][ T5360]  vpanic+0x281/0x750
[   86.000267][ T5360]  ? __pfx__printk+0x10/0x10
[   86.002496][ T5360]  ? __pfx_vpanic+0x10/0x10
[   86.004595][ T5360]  ? is_bpf_text_address+0x292/0x2b0
[   86.007149][ T5360]  panic+0xb9/0xc0
[   86.008836][ T5360]  ? __pfx_panic+0x10/0x10
[   86.010822][ T5360]  __warn+0x31b/0x4b0
[   86.012633][ T5360]  ? rate_control_rate_init+0x64a/0x6e0
[   86.014888][ T5360]  ? rate_control_rate_init+0x64a/0x6e0
[   86.016822][ T5360]  report_bug+0x2be/0x4f0
[   86.018316][ T5360]  ? rate_control_rate_init+0x64a/0x6e0
[   86.020187][ T5360]  ? rate_control_rate_init+0x64a/0x6e0
[   86.022158][ T5360]  ? rate_control_rate_init+0x64c/0x6e0
[   86.024412][ T5360]  handle_bug+0x84/0x160
[   86.026172][ T5360]  exc_invalid_op+0x1a/0x50
[   86.028012][ T5360]  asm_exc_invalid_op+0x1a/0x20
[   86.029941][ T5360] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[   86.032373][ T5360] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 4f ce f6 90 0f 0b 90 eb e1 e8 e7 4f ce f6 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[   86.039899][ T5360] RSP: 0018:ffffc9000d2b6f70 EFLAGS: 00010293
[   86.042329][ T5360] RAX: ffffffff8af16b79 RBX: ffff888036958000 RCX: ffff8880335b2440
[   86.045596][ T5360] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   86.048754][ T5360] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8af16693
[   86.051898][ T5360] R10: dffffc0000000000 R11: ffffed1006d2b031 R12: 1ffff11006d2b00a
[   86.054974][ T5360] R13: ffff888030ef0e40 R14: 0000000000000001 R15: ffffffff8af16693
[   86.057898][ T5360]  ? rate_control_rate_init+0x163/0x6e0
[   86.060219][ T5360]  ? rate_control_rate_init+0x163/0x6e0
[   86.062561][ T5360]  ? rate_control_rate_init+0x649/0x6e0
[   86.064863][ T5360]  rate_control_rate_init_all_links+0x109/0x1a0
[   86.067503][ T5360]  sta_apply_auth_flags+0x1c2/0x400
[   86.069503][ T5360]  sta_apply_parameters+0xe4b/0x15b0
[   86.071572][ T5360]  ieee80211_add_station+0x424/0x6a0
[   86.073754][ T5360]  rdev_add_station+0x105/0x290
[   86.075790][ T5360]  nl80211_new_station+0x1755/0x1b70
[   86.078030][ T5360]  ? __pfx_nl80211_new_station+0x10/0x10
[   86.080326][ T5360]  ? netdev_run_todo+0xe1d/0xea0
[   86.082368][ T5360]  ? nl80211_pre_doit+0x4f1/0x930
[   86.084442][ T5360]  genl_family_rcv_msg_doit+0x215/0x300
[   86.086794][ T5360]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   86.089404][ T5360]  ? bpf_lsm_capable+0x9/0x20
[   86.091409][ T5360]  ? security_capable+0x7e/0x2e0
[   86.093577][ T5360]  genl_rcv_msg+0x60e/0x790
[   86.095904][ T5360]  ? __pfx_genl_rcv_msg+0x10/0x10
[   86.098305][ T5360]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   86.100770][ T5360]  ? __pfx_nl80211_new_station+0x10/0x10
[   86.103224][ T5360]  ? __pfx_nl80211_post_doit+0x10/0x10
[   86.105714][ T5360]  ? __asan_memcpy+0x40/0x70
[   86.107928][ T5360]  ? __pfx_ref_tracker_free+0x10/0x10
[   86.110670][ T5360]  netlink_rcv_skb+0x205/0x470
[   86.113270][ T5360]  ? __lock_acquire+0xab9/0xd20
[   86.116028][ T5360]  ? __pfx_genl_rcv_msg+0x10/0x10
[   86.118837][ T5360]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   86.121702][ T5360]  ? down_read+0x1ad/0x2e0
[   86.123843][ T5360]  genl_rcv+0x28/0x40
[   86.125622][ T5360]  netlink_unicast+0x82c/0x9e0
[   86.127727][ T5360]  ? __pfx_netlink_unicast+0x10/0x10
[   86.129964][ T5360]  ? netlink_sendmsg+0x642/0xb30
[   86.132156][ T5360]  ? skb_put+0x11b/0x210
[   86.134101][ T5360]  netlink_sendmsg+0x805/0xb30
[   86.136307][ T5360]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.138781][ T5360]  ? aa_sock_msg_perm+0xf1/0x1d0
[   86.140908][ T5360]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   86.143185][ T5360]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.145375][ T5360]  __sock_sendmsg+0x21c/0x270
[   86.147209][ T5360]  ____sys_sendmsg+0x505/0x830
[   86.149616][ T5360]  ? __pfx_____sys_sendmsg+0x10/0x10
[   86.152214][ T5360]  ? import_iovec+0x74/0xa0
[   86.154260][ T5360]  ___sys_sendmsg+0x21f/0x2a0
[   86.156386][ T5360]  ? __pfx____sys_sendmsg+0x10/0x10
[   86.158706][ T5360]  ? __fget_files+0x2a/0x420
[   86.160801][ T5360]  ? __fget_files+0x3a0/0x420
[   86.162861][ T5360]  __x64_sys_sendmsg+0x19b/0x260
[   86.165030][ T5360]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   86.167391][ T5360]  ? rcu_is_watching+0x15/0xb0
[   86.169495][ T5360]  ? do_syscall_64+0xbe/0x3b0
[   86.171567][ T5360]  do_syscall_64+0xfa/0x3b0
[   86.173509][ T5360]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.175678][ T5360]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.178497][ T5360]  ? clear_bhb_loop+0x60/0xb0
[   86.180901][ T5360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.183632][ T5360] RIP: 0033:0x7f335bd8ebe9
[   86.185580][ T5360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.193467][ T5360] RSP: 002b:00007f335cca4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.196921][ T5360] RAX: ffffffffffffffda RBX: 00007f335bfb5fa0 RCX: 00007f335bd8ebe9
[   86.200719][ T5360] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000009
[   86.204071][ T5360] RBP: 00007f335be11e19 R08: 0000000000000000 R09: 0000000000000000
[   86.207455][ T5360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.210686][ T5360] R13: 00007f335bfb6038 R14: 00007f335bfb5fa0 R15: 00007fffe65f05d8
[   86.214140][ T5360]  </TASK>
[   86.215753][ T5360] Kernel Offset: disabled
[   86.217670][ T5360] Rebooting in 86400 seconds..