program:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r1, 0x9, &(0x7f000000df80)={0x0, 0x0, 0xffffffc0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x14, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-ssse3\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg$unix(r4, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000700)=@getpolicy={0x50, 0x15, 0x8, 0x70bd29, 0x25dfdbfc, {{@in=@empty, @in6=@loopback, 0x4e21, 0xe3, 0x4e24, 0x2a9, 0x2, 0x80, 0x80}, 0x6e6bb0, 0x2}}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x20000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x24, r6, 0x1, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004015}, 0x448d0)
syz_80211_inject_frame(&(0x7f0000000280)=@device_b, &(0x7f0000000700)=@data_frame={@a_msdu=@type00={{0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {}, @device_b, @broadcast, @from_mac=@broadcast, {0x4, 0x2}, "", @value={0x7, 0x0, 0x0, 0x1, 0x5}, @value=@ver_80211n={0x0, 0xb, 0x0, 0x3, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1}}, @a_msdu}, 0x1e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x20000c, &(0x7f0000000440), 0x3, 0x44b, &(0x7f0000001a40)="$eJzs3MtvG8UfAPDv2kn7Sx+/hKo8mhYaKIiIR9KkpfTABQQSB5CQ4FCOIUmrULdBTZBoFUFAqBxRJe6IIxJ/ASe4IOCExBUkjqhShXJp4WS09m5iO44b5+UUfz7SJjO7Y898vTv2zE6cALrWUPojiTgQEb9FRH81W19gqPrrztLC5N9LC5NJlMtv/pVUyt1eWpjMi+aP259neiIKnyZxtEm9c1evXZwolaavZPnR+Uvvjc5dvfbszKWJC9MXpi+Pnz17+tTY82fGn9uSONO4bg9+OHvsyKtv33h98tyNd376Jsnjb4ijhT/aqHKo1cEnyuU2nmr3O1iTTno62BDaUqx20+it9P/+KMbKyeuPVz7paOOAbVUul8sPrH14sQz8hyXR6RYAnZF/0Kfz33zboaHHrnDrxeoEKI37TrZVj/REISvT2zC/3UpDEXFu8Z8v0y3Wfx8CAGDDvkvHP880G/8Vova+0P+zNZSBiLgvIg5FxJmIOBwR90dUyj4YEQ+1WX/jIsnq8U/hZl32jTYruIt0/PdCtrZVP/7LR38xUMxyByvx9ybnZ0rTJ7PXZDh696b5sRZ1fP/yr5+vdax2/Jduaf35WDBrx82evfWPmZqYn9hMzLVufRwx2NMs/mR5JSCJiCMRMbjeJ204qTNPfX2sVdHW8bewBetM5a8inqye/8VoiD+XtF6fHP1flKZPjuZXxWo//3J9zat2U/FvgfT872t6/S/HP5DUrtfOtV/H9d8/W3NOs9Hrf0/yVt2+Dybm56+MRexJXqs2unb/eEO58ZXyafzDJ5r3/0Ox8kocjYj0In44Ih6JiONZ2x+NiMci4kSL+H986fF3Nx7/9krjn2rr/K8k9kTjnuaJ4sUfvq2rdKCd+NPzf7qSGs72rOf9bz3t2tjVDAAAAPeeQkQciKQwspwuFEZGqn/Dfzj2FUqzc/NPn599//JU9TsCA9FbyO909dfcDx3LpvV5frwhfyq7b/xFsa+SH5mcLU11OnjocvvX6P+pP4udbh2w7XxfC7qX/g/dS/+H7qX/Q/dq0v/7OtEOYOc1+/z/aF2PTBr/XRhwj2no/02W/RZ3rC3AzjL/h+6l/0P30v+hK831xd2/JC8hsSoRhV3RjN2WOL47mrH5RKffmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALbGvwEAAP//dtjoWw==")
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000000)=0x6, 0x12)
ioctl$FIBMAP(r8, 0x1, &(0x7f0000000080))

[   70.339162][   T48] Bluetooth: hci0: command tx timeout
[   70.516826][   T72] ------------[ cut here ]------------
[   70.520027][   T72] WARNING: CPU: 0 PID: 72 at net/mac80211/sta_info.c:756 sta_info_insert_rcu+0x322/0x1900
[   70.524229][   T72] Modules linked in:
[   70.525887][   T72] CPU: 0 UID: 0 PID: 72 Comm: kworker/u4:4 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[   70.529887][   T72] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.534001][   T72] Workqueue: events_unbound cfg80211_wiphy_work
[   70.536399][   T72] RIP: 0010:sta_info_insert_rcu+0x322/0x1900
[   70.539162][   T72] Code: 85 db 4c 8b 6c 24 28 0f 84 90 00 00 00 e8 f6 7b 46 f6 84 c0 0f 84 b4 00 00 00 e8 29 b2 60 f6 e9 0d 01 00 00 e8 1f b2 60 f6 90 <0f> 0b 90 41 be ea ff ff ff 4c 8b 6c 24 28 4c 89 ee e8 88 cf ff ff
[   70.546564][   T72] RSP: 0018:ffffc9000103f920 EFLAGS: 00010293
[   70.549109][   T72] RAX: ffffffff8b5ebaa1 RBX: 0000000000000001 RCX: ffff88801f204880
[   70.552112][   T72] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   70.555082][   T72] RBP: 00000000ffffffff R08: ffffffff8b5eba2e R09: 1ffff11008617ae6
[   70.557975][   T72] R10: dffffc0000000000 R11: ffffed1008617ae7 R12: 00000000ffeeffff
[   70.561075][   T72] R13: 000000000000ffff R14: 000000000000feff R15: ffff8880430bcd80
[   70.563968][   T72] FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   70.567481][   T72] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.570118][   T72] CR2: 00007f713517d538 CR3: 000000004399a000 CR4: 0000000000352ef0
[   70.573072][   T72] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   70.576094][   T72] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   70.579216][   T72] Call Trace:
[   70.580497][   T72]  <TASK>
[   70.581670][   T72]  ? __warn+0x165/0x4d0
[   70.583269][   T72]  ? sta_info_insert_rcu+0x322/0x1900
[   70.585344][   T72]  ? report_bug+0x2b3/0x500
[   70.587105][   T72]  ? sta_info_insert_rcu+0x322/0x1900
[   70.589301][   T72]  ? handle_bug+0x60/0x90
[   70.590833][   T72]  ? exc_invalid_op+0x1a/0x50
[   70.592509][   T72]  ? asm_exc_invalid_op+0x1a/0x20
[   70.594237][   T72]  ? sta_info_insert_rcu+0x2ae/0x1900
[   70.596096][   T72]  ? sta_info_insert_rcu+0x321/0x1900
[   70.597951][   T72]  ? sta_info_insert_rcu+0x322/0x1900
[   70.599889][   T72]  ? __pfx_minstrel_ht_rate_init+0x10/0x10
[   70.601911][   T72]  ? rate_control_rate_init+0x135/0x680
[   70.603798][   T72]  ieee80211_ocb_work+0x301/0x560
[   70.605524][   T72]  ? __pfx_ieee80211_ocb_work+0x10/0x10
[   70.607463][   T72]  ? ieee80211_iface_work+0xec3/0xf90
[   70.609419][   T72]  ? rcu_is_watching+0x15/0xb0
[   70.611092][   T72]  cfg80211_wiphy_work+0x2f0/0x490
[   70.612856][   T72]  ? process_scheduled_works+0x976/0x1840
[   70.614830][   T72]  process_scheduled_works+0xa66/0x1840
[   70.616770][   T72]  ? __pfx_process_scheduled_works+0x10/0x10
[   70.618902][   T72]  ? assign_work+0x364/0x3d0
[   70.620502][   T72]  worker_thread+0x870/0xd30
[   70.622171][   T72]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   70.624359][   T72]  ? __kthread_parkme+0x169/0x1d0
[   70.626431][   T72]  ? __pfx_worker_thread+0x10/0x10
[   70.628480][   T72]  kthread+0x7a9/0x920
[   70.630167][   T72]  ? __pfx_kthread+0x10/0x10
[   70.631883][   T72]  ? __pfx_worker_thread+0x10/0x10
[   70.634046][   T72]  ? __pfx_kthread+0x10/0x10
[   70.635664][   T72]  ? __pfx_kthread+0x10/0x10
[   70.637286][   T72]  ? __pfx_kthread+0x10/0x10
[   70.639047][   T72]  ? _raw_spin_unlock_irq+0x23/0x50
[   70.640944][   T72]  ? lockdep_hardirqs_on+0x99/0x150
[   70.642817][   T72]  ? __pfx_kthread+0x10/0x10
[   70.644535][   T72]  ret_from_fork+0x4b/0x80
[   70.646221][   T72]  ? __pfx_kthread+0x10/0x10
[   70.647929][   T72]  ret_from_fork_asm+0x1a/0x30
[   70.649746][   T72]  </TASK>
[   70.650825][   T72] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   70.653425][   T72] CPU: 0 UID: 0 PID: 72 Comm: kworker/u4:4 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[   70.657072][   T72] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.660949][   T72] Workqueue: events_unbound cfg80211_wiphy_work
[   70.663260][   T72] Call Trace:
[   70.664522][   T72]  <TASK>
[   70.665629][   T72]  dump_stack_lvl+0x241/0x360
[   70.667482][   T72]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.669493][   T72]  ? __pfx__printk+0x10/0x10
[   70.671182][   T72]  ? _printk+0xd5/0x120
[   70.672603][   T72]  ? __init_begin+0x41000/0x41000
[   70.674475][   T72]  ? vscnprintf+0x5d/0x90
[   70.676106][   T72]  panic+0x349/0x880
[   70.677618][   T72]  ? __warn+0x174/0x4d0
[   70.679328][   T72]  ? __pfx_panic+0x10/0x10
[   70.681073][   T72]  ? ret_from_fork_asm+0x1a/0x30
[   70.682999][   T72]  __warn+0x344/0x4d0
[   70.684510][   T72]  ? sta_info_insert_rcu+0x322/0x1900
[   70.686512][   T72]  report_bug+0x2b3/0x500
[   70.688173][   T72]  ? sta_info_insert_rcu+0x322/0x1900
[   70.690127][   T72]  handle_bug+0x60/0x90
[   70.691675][   T72]  exc_invalid_op+0x1a/0x50
[   70.693656][   T72]  asm_exc_invalid_op+0x1a/0x20
[   70.695448][   T72] RIP: 0010:sta_info_insert_rcu+0x322/0x1900
[   70.697910][   T72] Code: 85 db 4c 8b 6c 24 28 0f 84 90 00 00 00 e8 f6 7b 46 f6 84 c0 0f 84 b4 00 00 00 e8 29 b2 60 f6 e9 0d 01 00 00 e8 1f b2 60 f6 90 <0f> 0b 90 41 be ea ff ff ff 4c 8b 6c 24 28 4c 89 ee e8 88 cf ff ff
[   70.705253][   T72] RSP: 0018:ffffc9000103f920 EFLAGS: 00010293
[   70.707650][   T72] RAX: ffffffff8b5ebaa1 RBX: 0000000000000001 RCX: ffff88801f204880
[   70.710652][   T72] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   70.713700][   T72] RBP: 00000000ffffffff R08: ffffffff8b5eba2e R09: 1ffff11008617ae6
[   70.716934][   T72] R10: dffffc0000000000 R11: ffffed1008617ae7 R12: 00000000ffeeffff
[   70.720044][   T72] R13: 000000000000ffff R14: 000000000000feff R15: ffff8880430bcd80
[   70.723155][   T72]  ? sta_info_insert_rcu+0x2ae/0x1900
[   70.725206][   T72]  ? sta_info_insert_rcu+0x321/0x1900
[   70.727161][   T72]  ? __pfx_minstrel_ht_rate_init+0x10/0x10
[   70.729647][   T72]  ? rate_control_rate_init+0x135/0x680
[   70.732141][   T72]  ieee80211_ocb_work+0x301/0x560
[   70.734454][   T72]  ? __pfx_ieee80211_ocb_work+0x10/0x10
[   70.736617][   T72]  ? ieee80211_iface_work+0xec3/0xf90
[   70.738721][   T72]  ? rcu_is_watching+0x15/0xb0
[   70.740555][   T72]  cfg80211_wiphy_work+0x2f0/0x490
[   70.742508][   T72]  ? process_scheduled_works+0x976/0x1840
[   70.744626][   T72]  process_scheduled_works+0xa66/0x1840
[   70.746753][   T72]  ? __pfx_process_scheduled_works+0x10/0x10
[   70.749106][   T72]  ? assign_work+0x364/0x3d0
[   70.750849][   T72]  worker_thread+0x870/0xd30
[   70.752572][   T72]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   70.754744][   T72]  ? __kthread_parkme+0x169/0x1d0
[   70.756715][   T72]  ? __pfx_worker_thread+0x10/0x10
[   70.758669][   T72]  kthread+0x7a9/0x920
[   70.760203][   T72]  ? __pfx_kthread+0x10/0x10
[   70.762025][   T72]  ? __pfx_worker_thread+0x10/0x10
[   70.763829][   T72]  ? __pfx_kthread+0x10/0x10
[   70.765555][   T72]  ? __pfx_kthread+0x10/0x10
[   70.767338][   T72]  ? __pfx_kthread+0x10/0x10
[   70.768833][   T72]  ? _raw_spin_unlock_irq+0x23/0x50
[   70.770699][   T72]  ? lockdep_hardirqs_on+0x99/0x150
[   70.772767][   T72]  ? __pfx_kthread+0x10/0x10
[   70.774804][   T72]  ret_from_fork+0x4b/0x80
[   70.776539][   T72]  ? __pfx_kthread+0x10/0x10
[   70.778224][   T72]  ret_from_fork_asm+0x1a/0x30
[   70.779925][   T72]  </TASK>
[   70.781348][   T72] Kernel Offset: disabled
[   70.783014][   T72] Rebooting in 86400 seconds..