program:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)="5f28468bb5a7da702955486d4d23c83ca856fe", 0x13}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r2, &(0x7f0000000000)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r2, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa3}}, 0x14)
ioctl$sock_proto_private(r1, 0x8b20, &(0x7f0000000080))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="05000000000067fea2f3e1b5a4e50a000300", @ANYRES32=r5, @ANYBLOB="28000e0080000000ffffffffffff0802110000000802110000000000000000000000000064000100080026006c09000008000c006400000008000d0000000000"], 0x5c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000340)={0x3c, r8, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r10 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r10, &(0x7f0000000200)=ANY=[], 0x22)
perf_event_open(&(0x7f00000000c0)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa72, 0x1}, 0x1018a0}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)

[   69.065977][ T4662] Bluetooth: hci0: command tx timeout
[   69.130188][ T5315] warning: `syz.0.0' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   69.164601][ T5315] ------------[ cut here ]------------
[   69.167443][ T5315] WARNING: CPU: 0 PID: 5315 at net/mac80211/rate.c:53 rate_control_rate_init+0x5ec/0x680
[   69.171360][ T5315] Modules linked in:
[   69.173369][ T5315] CPU: 0 UID: 0 PID: 5315 Comm: syz.0.0 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0
[   69.177550][ T5315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.181287][ T5315] RIP: 0010:rate_control_rate_init+0x5ec/0x680
[   69.184046][ T5315] Code: 8b 82 01 00 00 20 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 00 9c 65 f6 90 0f 0b 90 eb e2 e8 f5 9b 65 f6 90 <0f> 0b 90 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 00 00 00
[   69.191737][ T5315] RSP: 0018:ffffc9000d436fd0 EFLAGS: 00010287
[   69.193990][ T5315] RAX: ffffffff8b39d7fb RBX: 0000000000000001 RCX: 0000000000100000
[   69.197126][ T5315] RDX: ffffc9000e99a000 RSI: 0000000000000340 RDI: 0000000000000341
[   69.199903][ T5315] RBP: ffffffff8b39d345 R08: ffffffff8b39d430 R09: 1ffffffff2854910
[   69.202911][ T5315] R10: dffffc0000000000 R11: fffffbfff2854911 R12: ffff888042230e40
[   69.206053][ T5315] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff110085ce00a
[   69.208858][ T5315] FS:  00007f9adde7d6c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   69.212002][ T5315] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.214520][ T5315] CR2: 0000000020001080 CR3: 0000000035bb0000 CR4: 0000000000352ef0
[   69.217633][ T5315] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   69.220520][ T5315] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   69.223521][ T5315] Call Trace:
[   69.224830][ T5315]  <TASK>
[   69.226023][ T5315]  ? __warn+0x165/0x4d0
[   69.227646][ T5315]  ? rate_control_rate_init+0x5ec/0x680
[   69.229866][ T5315]  ? report_bug+0x2b3/0x500
[   69.231559][ T5315]  ? rate_control_rate_init+0x5ec/0x680
[   69.233613][ T5315]  ? handle_bug+0x60/0x90
[   69.235236][ T5315]  ? exc_invalid_op+0x1a/0x50
[   69.237150][ T5315]  ? asm_exc_invalid_op+0x1a/0x20
[   69.239143][ T5315]  ? rate_control_rate_init+0x135/0x680
[   69.241180][ T5315]  ? rate_control_rate_init+0x220/0x680
[   69.243306][ T5315]  ? rate_control_rate_init+0x5eb/0x680
[   69.245458][ T5315]  ? rate_control_rate_init+0x5ec/0x680
[   69.247853][ T5315]  rate_control_rate_init_all_links+0xfc/0x190
[   69.250392][ T5315]  sta_apply_auth_flags+0x1b6/0x410
[   69.252384][ T5315]  sta_apply_parameters+0xe23/0x1550
[   69.254408][ T5315]  ieee80211_add_station+0x3da/0x630
[   69.256582][ T5315]  rdev_add_station+0x11b/0x2b0
[   69.258438][ T5315]  nl80211_new_station+0x1d53/0x2550
[   69.260433][ T5315]  ? __pfx_nl80211_new_station+0x10/0x10
[   69.262508][ T5315]  ? netdev_run_todo+0xf88/0x1000
[   69.264428][ T5315]  genl_rcv_msg+0xb14/0xec0
[   69.266364][ T5315]  ? __pfx_genl_rcv_msg+0x10/0x10
[   69.268237][ T5315]  ? __pfx_lock_acquire+0x10/0x10
[   69.270059][ T5315]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   69.272137][ T5315]  ? __pfx_nl80211_new_station+0x10/0x10
[   69.275051][ T5315]  ? __pfx_nl80211_post_doit+0x10/0x10
[   69.278011][ T5315]  ? __pfx___might_resched+0x10/0x10
[   69.280218][ T5315]  netlink_rcv_skb+0x1e3/0x430
[   69.282211][ T5315]  ? __pfx_genl_rcv_msg+0x10/0x10
[   69.284269][ T5315]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   69.286374][ T5315]  ? __netlink_deliver_tap+0x7aa/0x7f0
[   69.288361][ T5315]  genl_rcv+0x28/0x40
[   69.289843][ T5315]  netlink_unicast+0x7f6/0x990
[   69.291648][ T5315]  ? __pfx_netlink_unicast+0x10/0x10
[   69.293779][ T5315]  ? __virt_addr_valid+0x45f/0x530
[   69.295807][ T5315]  ? __phys_addr_symbol+0x2f/0x70
[   69.297662][ T5315]  ? __check_object_size+0x47a/0x730
[   69.299597][ T5315]  netlink_sendmsg+0x8e4/0xcb0
[   69.301397][ T5315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.303593][ T5315]  ? aa_sock_msg_perm+0x91/0x160
[   69.305461][ T5315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.307508][ T5315]  __sock_sendmsg+0x221/0x270
[   69.309271][ T5315]  ____sys_sendmsg+0x52a/0x7e0
[   69.311025][ T5315]  ? __pfx_____sys_sendmsg+0x10/0x10
[   69.312946][ T5315]  ? __fget_files+0x2a/0x410
[   69.314638][ T5315]  ? __fget_files+0x2a/0x410
[   69.316542][ T5315]  __sys_sendmsg+0x269/0x350
[   69.318301][ T5315]  ? __pfx___sys_sendmsg+0x10/0x10
[   69.320260][ T5315]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   69.322737][ T5315]  ? do_syscall_64+0x100/0x230
[   69.324651][ T5315]  ? do_syscall_64+0xb6/0x230
[   69.326973][ T5315]  do_syscall_64+0xf3/0x230
[   69.328812][ T5315]  ? clear_bhb_loop+0x35/0x90
[   69.330983][ T5315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.333180][ T5315] RIP: 0033:0x7f9adcf85d29
[   69.334837][ T5315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.342376][ T5315] RSP: 002b:00007f9adde7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.346273][ T5315] RAX: ffffffffffffffda RBX: 00007f9add175fa0 RCX: 00007f9adcf85d29
[   69.349281][ T5315] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 000000000000000a
[   69.352186][ T5315] RBP: 00007f9add001aa8 R08: 0000000000000000 R09: 0000000000000000
[   69.355178][ T5315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.358235][ T5315] R13: 0000000000000000 R14: 00007f9add175fa0 R15: 00007ffce4e60a48
[   69.361184][ T5315]  </TASK>
[   69.362373][ T5315] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   69.365163][ T5315] CPU: 0 UID: 0 PID: 5315 Comm: syz.0.0 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0
[   69.369022][ T5315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.372955][ T5315] Call Trace:
[   69.374213][ T5315]  <TASK>
[   69.375329][ T5315]  dump_stack_lvl+0x241/0x360
[   69.377122][ T5315]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.379049][ T5315]  ? __pfx__printk+0x10/0x10
[   69.380856][ T5315]  ? vscnprintf+0x5d/0x90
[   69.382565][ T5315]  panic+0x349/0x880
[   69.384131][ T5315]  ? __warn+0x174/0x4d0
[   69.385763][ T5315]  ? __pfx_panic+0x10/0x10
[   69.387483][ T5315]  __warn+0x344/0x4d0
[   69.389008][ T5315]  ? rate_control_rate_init+0x5ec/0x680
[   69.391192][ T5315]  report_bug+0x2b3/0x500
[   69.392866][ T5315]  ? rate_control_rate_init+0x5ec/0x680
[   69.394958][ T5315]  handle_bug+0x60/0x90
[   69.396571][ T5315]  exc_invalid_op+0x1a/0x50
[   69.398297][ T5315]  asm_exc_invalid_op+0x1a/0x20
[   69.400169][ T5315] RIP: 0010:rate_control_rate_init+0x5ec/0x680
[   69.402564][ T5315] Code: 8b 82 01 00 00 20 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 00 9c 65 f6 90 0f 0b 90 eb e2 e8 f5 9b 65 f6 90 <0f> 0b 90 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 00 00 00
[   69.409887][ T5315] RSP: 0018:ffffc9000d436fd0 EFLAGS: 00010287
[   69.412340][ T5315] RAX: ffffffff8b39d7fb RBX: 0000000000000001 RCX: 0000000000100000
[   69.415316][ T5315] RDX: ffffc9000e99a000 RSI: 0000000000000340 RDI: 0000000000000341
[   69.418252][ T5315] RBP: ffffffff8b39d345 R08: ffffffff8b39d430 R09: 1ffffffff2854910
[   69.421326][ T5315] R10: dffffc0000000000 R11: fffffbfff2854911 R12: ffff888042230e40
[   69.424475][ T5315] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff110085ce00a
[   69.427703][ T5315]  ? rate_control_rate_init+0x135/0x680
[   69.429863][ T5315]  ? rate_control_rate_init+0x220/0x680
[   69.432111][ T5315]  ? rate_control_rate_init+0x5eb/0x680
[   69.434233][ T5315]  rate_control_rate_init_all_links+0xfc/0x190
[   69.436772][ T5315]  sta_apply_auth_flags+0x1b6/0x410
[   69.438894][ T5315]  sta_apply_parameters+0xe23/0x1550
[   69.440841][ T5315]  ieee80211_add_station+0x3da/0x630
[   69.442891][ T5315]  rdev_add_station+0x11b/0x2b0
[   69.444871][ T5315]  nl80211_new_station+0x1d53/0x2550
[   69.447030][ T5315]  ? __pfx_nl80211_new_station+0x10/0x10
[   69.449346][ T5315]  ? netdev_run_todo+0xf88/0x1000
[   69.451277][ T5315]  genl_rcv_msg+0xb14/0xec0
[   69.453016][ T5315]  ? __pfx_genl_rcv_msg+0x10/0x10
[   69.455000][ T5315]  ? __pfx_lock_acquire+0x10/0x10
[   69.457053][ T5315]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   69.459205][ T5315]  ? __pfx_nl80211_new_station+0x10/0x10
[   69.461341][ T5315]  ? __pfx_nl80211_post_doit+0x10/0x10
[   69.463407][ T5315]  ? __pfx___might_resched+0x10/0x10
[   69.465553][ T5315]  netlink_rcv_skb+0x1e3/0x430
[   69.467367][ T5315]  ? __pfx_genl_rcv_msg+0x10/0x10
[   69.469304][ T5315]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   69.471236][ T5315]  ? __netlink_deliver_tap+0x7aa/0x7f0
[   69.473285][ T5315]  genl_rcv+0x28/0x40
[   69.474777][ T5315]  netlink_unicast+0x7f6/0x990
[   69.476605][ T5315]  ? __pfx_netlink_unicast+0x10/0x10
[   69.478599][ T5315]  ? __virt_addr_valid+0x45f/0x530
[   69.480556][ T5315]  ? __phys_addr_symbol+0x2f/0x70
[   69.482570][ T5315]  ? __check_object_size+0x47a/0x730
[   69.484607][ T5315]  netlink_sendmsg+0x8e4/0xcb0
[   69.486513][ T5315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.488580][ T5315]  ? aa_sock_msg_perm+0x91/0x160
[   69.490645][ T5315]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.492714][ T5315]  __sock_sendmsg+0x221/0x270
[   69.494557][ T5315]  ____sys_sendmsg+0x52a/0x7e0
[   69.496366][ T5315]  ? __pfx_____sys_sendmsg+0x10/0x10
[   69.498409][ T5315]  ? __fget_files+0x2a/0x410
[   69.500428][ T5315]  ? __fget_files+0x2a/0x410
[   69.502331][ T5315]  __sys_sendmsg+0x269/0x350
[   69.504076][ T5315]  ? __pfx___sys_sendmsg+0x10/0x10
[   69.506114][ T5315]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   69.508439][ T5315]  ? do_syscall_64+0x100/0x230
[   69.510223][ T5315]  ? do_syscall_64+0xb6/0x230
[   69.511996][ T5315]  do_syscall_64+0xf3/0x230
[   69.513757][ T5315]  ? clear_bhb_loop+0x35/0x90
[   69.515813][ T5315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.518355][ T5315] RIP: 0033:0x7f9adcf85d29
[   69.520089][ T5315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.528036][ T5315] RSP: 002b:00007f9adde7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.531501][ T5315] RAX: ffffffffffffffda RBX: 00007f9add175fa0 RCX: 00007f9adcf85d29
[   69.534505][ T5315] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 000000000000000a
[   69.537433][ T5315] RBP: 00007f9add001aa8 R08: 0000000000000000 R09: 0000000000000000
[   69.540358][ T5315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.543359][ T5315] R13: 0000000000000000 R14: 00007f9add175fa0 R15: 00007ffce4e60a48
[   69.546351][ T5315]  </TASK>
[   69.547813][ T5315] Kernel Offset: disabled
[   69.549573][ T5315] Rebooting in 86400 seconds..