program:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="020000000000000000000f0000000800030043fda82bb5b7d254d5554d53f1145dc1144637abbe47143c8218f835b1ce558976dc0ffa04b1f26c431633f9fc07bf3c6a309ab731e9047e48ca4490c614c8628f0bf3f70c235a017da7c891610cb6662ad9b1fa0557a85c284385b79714a7660597fa78ce06191c5525d118e9e87c6bb47f1f4150fd281c3e4988c3ca838626928ad7c4a32684469d715bedf5132118c54b5331cf13a9e5", @ANYRES32=r2, @ANYBLOB='\b\x005\x00\a\x00\x00\x00\b\x00&\x00l\t\x00\x00\b\x00\f\x00d\x00\x00\x00\b\x00\r\x00\x00\x00\x00\x00'], 0x3c}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)={0x3c, r4, 0xb97534d5fe9704cf, 0x20000, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80c1}, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)

[   75.934439][ T5332] Bluetooth: hci0: command tx timeout
[   76.027520][ T5352] ------------[ cut here ]------------
[   76.030081][ T5352] WARNING: CPU: 0 PID: 5352 at net/mac80211/rate.c:53 rate_control_rate_init+0x64a/0x6e0
[   76.034998][ T5352] Modules linked in:
[   76.037064][ T5352] CPU: 0 UID: 0 PID: 5352 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.041632][ T5352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.046470][ T5352] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[   76.049737][ T5352] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 08 a2 8c 00 cc e8 12 e2 cd f6 90 0f 0b 90 eb e1 e8 07 e2 cd f6 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[   76.059182][ T5352] RSP: 0018:ffffc9000f416f70 EFLAGS: 00010283
[   76.062218][ T5352] RAX: ffffffff8af1d929 RBX: ffff88801a330000 RCX: 0000000000100000
[   76.065667][ T5352] RDX: ffffc9000db1a000 RSI: 0000000000000374 RDI: 0000000000000375
[   76.069142][ T5352] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8af1d443
[   76.073002][ T5352] R10: dffffc0000000000 R11: ffffed1003466031 R12: 1ffff1100346600a
[   76.076460][ T5352] R13: ffff888052fe0e40 R14: 0000000000000001 R15: ffffffff8af1d443
[   76.079897][ T5352] FS:  00007f601e7b96c0(0000) GS:ffff88808d210000(0000) knlGS:0000000000000000
[   76.084219][ T5352] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.087099][ T5352] CR2: 0000200000001080 CR3: 0000000043f92000 CR4: 0000000000352ef0
[   76.090972][ T5352] Call Trace:
[   76.092429][ T5352]  <TASK>
[   76.093736][ T5352]  rate_control_rate_init_all_links+0x109/0x1a0
[   76.096410][ T5352]  sta_apply_auth_flags+0x1c2/0x400
[   76.098719][ T5352]  sta_apply_parameters+0xe4b/0x15b0
[   76.101444][ T5352]  ieee80211_add_station+0x424/0x6a0
[   76.103911][ T5352]  rdev_add_station+0x105/0x290
[   76.106102][ T5352]  nl80211_new_station+0x1755/0x1b70
[   76.108398][ T5352]  ? __pfx_nl80211_new_station+0x10/0x10
[   76.110930][ T5352]  ? netdev_run_todo+0xe1d/0xea0
[   76.112983][ T5352]  ? nl80211_pre_doit+0x4f1/0x930
[   76.115122][ T5352]  genl_family_rcv_msg_doit+0x215/0x300
[   76.117670][ T5352]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   76.120583][ T5352]  ? bpf_lsm_capable+0x9/0x20
[   76.122874][ T5352]  ? security_capable+0x7e/0x2e0
[   76.124960][ T5352]  genl_rcv_msg+0x60e/0x790
[   76.126908][ T5352]  ? __pfx_genl_rcv_msg+0x10/0x10
[   76.129035][ T5352]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   76.131415][ T5352]  ? __pfx_nl80211_new_station+0x10/0x10
[   76.133947][ T5352]  ? __pfx_nl80211_post_doit+0x10/0x10
[   76.136358][ T5352]  ? __asan_memcpy+0x40/0x70
[   76.138398][ T5352]  ? __pfx_ref_tracker_free+0x10/0x10
[   76.140931][ T5352]  netlink_rcv_skb+0x208/0x470
[   76.143116][ T5352]  ? __lock_acquire+0xab9/0xd20
[   76.145365][ T5352]  ? __pfx_genl_rcv_msg+0x10/0x10
[   76.147520][ T5352]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   76.149953][ T5352]  ? down_read+0x1ad/0x2e0
[   76.152232][ T5352]  genl_rcv+0x28/0x40
[   76.153967][ T5352]  netlink_unicast+0x82c/0x9e0
[   76.156124][ T5352]  ? __pfx_netlink_unicast+0x10/0x10
[   76.158485][ T5352]  ? netlink_sendmsg+0x642/0xb30
[   76.160862][ T5352]  ? skb_put+0x11b/0x210
[   76.162779][ T5352]  netlink_sendmsg+0x805/0xb30
[   76.164998][ T5352]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.167414][ T5352]  ? aa_sock_msg_perm+0xf1/0x1d0
[   76.169677][ T5352]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   76.172150][ T5352]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.174497][ T5352]  __sock_sendmsg+0x21c/0x270
[   76.176670][ T5352]  ____sys_sendmsg+0x505/0x830
[   76.178765][ T5352]  ? __pfx_____sys_sendmsg+0x10/0x10
[   76.181208][ T5352]  ? import_iovec+0x74/0xa0
[   76.183321][ T5352]  ___sys_sendmsg+0x21f/0x2a0
[   76.185458][ T5352]  ? __pfx____sys_sendmsg+0x10/0x10
[   76.187760][ T5352]  ? __fget_files+0x2a/0x420
[   76.189876][ T5352]  ? __fget_files+0x3a0/0x420
[   76.192296][ T5352]  __x64_sys_sendmsg+0x19b/0x260
[   76.194555][ T5352]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   76.197138][ T5352]  ? rcu_is_watching+0x15/0xb0
[   76.199342][ T5352]  ? do_syscall_64+0xbe/0x3b0
[   76.201626][ T5352]  do_syscall_64+0xfa/0x3b0
[   76.203655][ T5352]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.206004][ T5352]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.208687][ T5352]  ? clear_bhb_loop+0x60/0xb0
[   76.210916][ T5352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.213506][ T5352] RIP: 0033:0x7f601d98ebe9
[   76.215507][ T5352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.223641][ T5352] RSP: 002b:00007f601e7b9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.227230][ T5352] RAX: ffffffffffffffda RBX: 00007f601dbb5fa0 RCX: 00007f601d98ebe9
[   76.231039][ T5352] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000006
[   76.234570][ T5352] RBP: 00007f601da11e19 R08: 0000000000000000 R09: 0000000000000000
[   76.238112][ T5352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.241746][ T5352] R13: 00007f601dbb6038 R14: 00007f601dbb5fa0 R15: 00007fffd08133e8
[   76.245557][ T5352]  </TASK>
[   76.247122][ T5352] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.250426][ T5352] CPU: 0 UID: 0 PID: 5352 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.254525][ T5352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.259223][ T5352] Call Trace:
[   76.260747][ T5352]  <TASK>
[   76.262100][ T5352]  dump_stack_lvl+0x99/0x250
[   76.264106][ T5352]  ? __asan_memcpy+0x40/0x70
[   76.266221][ T5352]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.268494][ T5352]  ? __pfx__printk+0x10/0x10
[   76.270756][ T5352]  vpanic+0x281/0x750
[   76.272572][ T5352]  ? __pfx__printk+0x10/0x10
[   76.274633][ T5352]  ? __pfx_vpanic+0x10/0x10
[   76.276597][ T5352]  ? is_bpf_text_address+0x292/0x2b0
[   76.278936][ T5352]  panic+0xb9/0xc0
[   76.280586][ T5352]  ? __pfx_panic+0x10/0x10
[   76.282597][ T5352]  __warn+0x31b/0x4b0
[   76.284415][ T5352]  ? rate_control_rate_init+0x64a/0x6e0
[   76.286902][ T5352]  ? rate_control_rate_init+0x64a/0x6e0
[   76.289372][ T5352]  report_bug+0x2be/0x4f0
[   76.291288][ T5352]  ? rate_control_rate_init+0x64a/0x6e0
[   76.293836][ T5352]  ? rate_control_rate_init+0x64a/0x6e0
[   76.296341][ T5352]  ? rate_control_rate_init+0x64c/0x6e0
[   76.298830][ T5352]  handle_bug+0x84/0x160
[   76.300921][ T5352]  exc_invalid_op+0x1a/0x50
[   76.303293][ T5352]  asm_exc_invalid_op+0x1a/0x20
[   76.306038][ T5352] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[   76.308916][ T5352] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 08 a2 8c 00 cc e8 12 e2 cd f6 90 0f 0b 90 eb e1 e8 07 e2 cd f6 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[   76.317390][ T5352] RSP: 0018:ffffc9000f416f70 EFLAGS: 00010283
[   76.320080][ T5352] RAX: ffffffff8af1d929 RBX: ffff88801a330000 RCX: 0000000000100000
[   76.323552][ T5352] RDX: ffffc9000db1a000 RSI: 0000000000000374 RDI: 0000000000000375
[   76.327014][ T5352] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8af1d443
[   76.330509][ T5352] R10: dffffc0000000000 R11: ffffed1003466031 R12: 1ffff1100346600a
[   76.334084][ T5352] R13: ffff888052fe0e40 R14: 0000000000000001 R15: ffffffff8af1d443
[   76.337644][ T5352]  ? rate_control_rate_init+0x163/0x6e0
[   76.340228][ T5352]  ? rate_control_rate_init+0x163/0x6e0
[   76.342922][ T5352]  ? rate_control_rate_init+0x649/0x6e0
[   76.345770][ T5352]  rate_control_rate_init_all_links+0x109/0x1a0
[   76.348601][ T5352]  sta_apply_auth_flags+0x1c2/0x400
[   76.350938][ T5352]  sta_apply_parameters+0xe4b/0x15b0
[   76.353309][ T5352]  ieee80211_add_station+0x424/0x6a0
[   76.355760][ T5352]  rdev_add_station+0x105/0x290
[   76.357935][ T5352]  nl80211_new_station+0x1755/0x1b70
[   76.360297][ T5352]  ? __pfx_nl80211_new_station+0x10/0x10
[   76.362758][ T5352]  ? netdev_run_todo+0xe1d/0xea0
[   76.365072][ T5352]  ? nl80211_pre_doit+0x4f1/0x930
[   76.367403][ T5352]  genl_family_rcv_msg_doit+0x215/0x300
[   76.369836][ T5352]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   76.372578][ T5352]  ? bpf_lsm_capable+0x9/0x20
[   76.374793][ T5352]  ? security_capable+0x7e/0x2e0
[   76.377059][ T5352]  genl_rcv_msg+0x60e/0x790
[   76.379196][ T5352]  ? __pfx_genl_rcv_msg+0x10/0x10
[   76.381505][ T5352]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   76.383922][ T5352]  ? __pfx_nl80211_new_station+0x10/0x10
[   76.386433][ T5352]  ? __pfx_nl80211_post_doit+0x10/0x10
[   76.388703][ T5352]  ? __asan_memcpy+0x40/0x70
[   76.390748][ T5352]  ? __pfx_ref_tracker_free+0x10/0x10
[   76.393152][ T5352]  netlink_rcv_skb+0x208/0x470
[   76.395379][ T5352]  ? __lock_acquire+0xab9/0xd20
[   76.397602][ T5352]  ? __pfx_genl_rcv_msg+0x10/0x10
[   76.399857][ T5352]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   76.402162][ T5352]  ? down_read+0x1ad/0x2e0
[   76.404200][ T5352]  genl_rcv+0x28/0x40
[   76.406135][ T5352]  netlink_unicast+0x82c/0x9e0
[   76.408357][ T5352]  ? __pfx_netlink_unicast+0x10/0x10
[   76.410767][ T5352]  ? netlink_sendmsg+0x642/0xb30
[   76.412943][ T5352]  ? skb_put+0x11b/0x210
[   76.414865][ T5352]  netlink_sendmsg+0x805/0xb30
[   76.416825][ T5352]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.419021][ T5352]  ? aa_sock_msg_perm+0xf1/0x1d0
[   76.421250][ T5352]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   76.423547][ T5352]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.425850][ T5352]  __sock_sendmsg+0x21c/0x270
[   76.427776][ T5352]  ____sys_sendmsg+0x505/0x830
[   76.429877][ T5352]  ? __pfx_____sys_sendmsg+0x10/0x10
[   76.432145][ T5352]  ? import_iovec+0x74/0xa0
[   76.434126][ T5352]  ___sys_sendmsg+0x21f/0x2a0
[   76.436052][ T5352]  ? __pfx____sys_sendmsg+0x10/0x10
[   76.438290][ T5352]  ? __fget_files+0x2a/0x420
[   76.440372][ T5352]  ? __fget_files+0x3a0/0x420
[   76.442544][ T5352]  __x64_sys_sendmsg+0x19b/0x260
[   76.444813][ T5352]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   76.447337][ T5352]  ? rcu_is_watching+0x15/0xb0
[   76.449534][ T5352]  ? do_syscall_64+0xbe/0x3b0
[   76.451773][ T5352]  do_syscall_64+0xfa/0x3b0
[   76.453962][ T5352]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.456456][ T5352]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.459209][ T5352]  ? clear_bhb_loop+0x60/0xb0
[   76.461329][ T5352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.463972][ T5352] RIP: 0033:0x7f601d98ebe9
[   76.466130][ T5352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.474722][ T5352] RSP: 002b:00007f601e7b9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.478559][ T5352] RAX: ffffffffffffffda RBX: 00007f601dbb5fa0 RCX: 00007f601d98ebe9
[   76.482206][ T5352] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000006
[   76.485773][ T5352] RBP: 00007f601da11e19 R08: 0000000000000000 R09: 0000000000000000
[   76.489183][ T5352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.492754][ T5352] R13: 00007f601dbb6038 R14: 00007f601dbb5fa0 R15: 00007fffd08133e8
[   76.496293][ T5352]  </TASK>
[   76.498073][ T5352] Kernel Offset: disabled
[   76.500191][ T5352] Rebooting in 86400 seconds..