z_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  346.386642] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  346.419724] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  346.419745] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  346.421705] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  346.423334] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  346.424503] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  346.426230] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  346.427439] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  346.438209] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  346.439908] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:12:55 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  346.459200] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  346.460427] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  346.461651] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  346.462741] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  346.463815] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:12:55 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  346.512441] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  346.514286] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  346.549964] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:13:03 executing program 0:
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:13:03 executing program 3:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:03 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:03 executing program 5:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:13:03 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2e}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be"}, 0x32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:03 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:03 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:03 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  354.529657] bt_err_ratelimited: 7 callbacks suppressed
[  354.529683] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  354.533681] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  354.536661] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  354.549579] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:03 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  354.563750] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  354.564967] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  354.565105] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  354.567389] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  354.568619] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  354.577353] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  354.578161] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  354.580379] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  354.582877] random: crng reseeded on system resumption
[  354.584589] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  354.596273] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  354.597886] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  354.599824] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  354.604819] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  354.607064] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  354.610857] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:03 executing program 0:
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  354.623894] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  354.624519] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  354.636308] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:03 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:03 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2e}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be"}, 0x32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:03 executing program 5:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  354.646626] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  354.654771] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  354.657520] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  354.700132] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:03 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:03 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  354.704643] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  354.705382] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  354.709386] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  354.709664] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  354.712361] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  354.713968] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  354.716022] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  354.717495] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  354.720108] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  354.751692] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  354.753390] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  354.754495] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  354.757146] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  354.761747] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  354.762368] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  354.763025] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:03 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:03 executing program 0:
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  354.816307] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  354.830674] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  354.831390] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  354.832097] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  354.832787] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  354.833374] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:12 executing program 5:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:13:12 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2e}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be"}, 0x32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:12 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:12 executing program 4:
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:13:12 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:13:12 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:12 executing program 3:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  363.062113] bt_err_ratelimited: 7 callbacks suppressed
[  363.062141] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  363.063401] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  363.064952] random: crng reseeded on system resumption
[  363.067795] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:13:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  363.087317] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.091327] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.093020] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  363.093095] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.095760] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  363.095816] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  363.098196] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.113655] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  363.119171] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  363.123207] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  363.124331] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  363.127206] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  363.128397] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:13:12 executing program 4:
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  363.133462] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  363.139072] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  363.142780] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  363.143991] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  363.145298] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  363.148192] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  363.149499] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  363.183784] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  363.185014] Bluetooth: hci1: ACL packet for unknown connection handle 201
12:13:12 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:12 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x45}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa"}, 0x49)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:12 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  363.197483] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  363.221668] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.228340] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  363.231422] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  363.232237] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.234353] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  363.236296] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  363.237618] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  363.239471] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  363.243936] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:12 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  363.258964] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  363.267787] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  363.270895] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:12 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:12 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x45}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa"}, 0x49)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  363.273110] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  363.274407] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  363.304913] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  363.307904] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:13:12 executing program 4:
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  363.331158] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  363.333940] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  363.337693] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  363.374164] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.375609] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.379378] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  363.382002] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  363.384097] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:22 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x45}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa"}, 0x49)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:22 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:13:22 executing program 3:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:22 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:22 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:22 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:13:22 executing program 4:
syz_emit_vhci(0x0, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:13:22 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  373.287285] bt_err_ratelimited: 12 callbacks suppressed
[  373.287310] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  373.291131] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.296357] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  373.297284] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  373.301046] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  373.302292] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  373.302423] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.304620] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  373.305680] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.306917] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  373.320774] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  373.321916] random: crng reseeded on system resumption
12:13:22 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  373.332338] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  373.337642] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  373.343070] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.344509] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  373.347509] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.349687] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  373.351361] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  373.351578] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.354004] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  373.354184] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  373.356372] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  373.356985] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:22 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:22 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:22 executing program 4:
syz_emit_vhci(0x0, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  373.446440] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.447970] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.449391] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  373.449884] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.452243] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  373.452428] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  373.454982] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.472399] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.475178] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  373.479429] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.480519] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  373.481612] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.483495] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:13:22 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:22 executing program 4:
syz_emit_vhci(0x0, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  373.523297] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.524920] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.526774] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  373.528287] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  373.538013] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  373.539286] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  373.550659] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:22 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  373.564494] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  373.573913] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:13:22 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  373.704784] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  373.737496] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.741321] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  373.742733] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  373.743943] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  373.745163] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:31 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:31 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:31 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:31 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:13:31 executing program 3:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:31 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:13:31 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:31 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  382.321007] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  382.322493] bt_err_ratelimited: 11 callbacks suppressed
[  382.322513] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  382.323859] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  382.326667] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  382.326868] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  382.329861] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  382.333796] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  382.339430] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  382.343048] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:31 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  382.353368] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  382.355745] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  382.362362] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  382.362427] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  382.364894] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:31 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  382.385185] random: crng reseeded on system resumption
[  382.393104] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  382.395121] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  382.398624] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  382.400219] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  382.400373] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  382.402661] Bluetooth: hci0: ACL packet for unknown connection handle 200
12:13:31 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  382.404992] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  382.415798] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  382.417097] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  382.420569] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  382.421980] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  382.424649] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  382.427015] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  382.430954] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  382.434729] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:13:31 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:31 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:31 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2e}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be"}, 0x32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  382.491847] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  382.493438] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  382.495950] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  382.497269] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  382.498647] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:31 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:31 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  382.537135] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  382.538655] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  382.550695] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  382.552481] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  382.558257] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  382.560441] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  382.562263] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  382.563806] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  382.565107] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  382.588757] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:13:40 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:13:40 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(0xffffffffffffffff, &(0x7f00000004c0)='^', 0xfdef)

12:13:40 executing program 3:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:40 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:40 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:40 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2e}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be"}, 0x32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:13:40 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:40 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  391.419403] bt_err_ratelimited: 9 callbacks suppressed
[  391.419429] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  391.421485] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  391.423020] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  391.425737] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  391.425911] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  391.428898] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  391.430695] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  391.432234] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  391.433808] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  391.435278] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  391.435443] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  391.438240] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  391.440633] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  391.443011] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:40 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:40 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:40 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2e}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be"}, 0x32)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  391.475992] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  391.482027] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  391.489838] random: crng reseeded on system resumption
[  391.493794] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  391.495681] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  391.500118] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  391.501565] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  391.503802] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  391.506735] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  391.508995] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:13:40 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  391.531794] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  391.533517] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  391.536279] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  391.537965] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  391.540624] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  391.542149] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  391.562514] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  391.567376] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  391.569828] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  391.571610] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  391.572875] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:40 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(0xffffffffffffffff, &(0x7f00000004c0)='^', 0xfdef)

[  391.587513] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:13:40 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:13:40 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:40 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:40 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  391.632726] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  391.634123] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  391.637440] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  391.638753] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  391.640272] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  391.671016] random: crng reseeded on system resumption
[  391.678612] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  391.682328] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  391.683778] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  391.685374] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:13:49 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x45}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa"}, 0x49)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:13:49 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:13:49 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:49 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:13:49 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:49 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:49 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(0xffffffffffffffff, &(0x7f00000004c0)='^', 0xfdef)

12:13:49 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  400.726390] random: crng reseeded on system resumption
[  400.738153] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.740342] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.741440] bt_err_ratelimited: 9 callbacks suppressed
[  400.741454] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  400.742373] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.744499] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  400.744599] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  400.745711] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  400.747786] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  400.747923] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  400.750097] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  400.751326] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  400.752496] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.753735] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  400.754866] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  400.754999] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  400.757627] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  400.758839] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  400.765680] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  400.799230] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  400.800763] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:13:50 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  400.832899] Bluetooth: hci2: ACL packet for unknown connection handle 201
12:13:50 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:13:50 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x45}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa"}, 0x49)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  400.854597] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:13:50 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:13:50 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:50 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:50 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  400.856217] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  400.956606] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  400.959499] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  400.963347] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  400.965073] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  400.981361] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  400.985080] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.986153] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.987355] Bluetooth: hci0: ACL packet for unknown connection handle 2661
12:13:50 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  400.990261] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  400.991433] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.992635] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  400.993690] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  400.994927] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  400.996231] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  401.019047] random: crng reseeded on system resumption
12:13:50 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x45}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa"}, 0x49)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  401.026922] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  401.073215] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  401.077247] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  401.133277] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  401.137270] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  401.147571] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  401.148651] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  401.156387] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:13:59 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:13:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:59 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:59 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:13:59 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:13:59 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:13:59 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:13:59 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  410.092497] bt_err_ratelimited: 8 callbacks suppressed
[  410.093858] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  410.094046] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  410.096767] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  410.096927] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  410.099831] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:13:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:13:59 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  410.114899] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  410.119294] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  410.128171] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  410.129596] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  410.132912] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  410.136808] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  410.138395] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  410.140780] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  410.142271] random: crng reseeded on system resumption
[  410.142933] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  410.144960] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  410.146684] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  410.148010] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  410.150660] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  410.151995] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  410.152103] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  410.154545] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  410.154604] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  410.156902] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  410.159351] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  410.161669] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  410.164005] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  410.164063] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  410.166551] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:13:59 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  410.241698] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  410.243037] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  410.244264] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  410.245350] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  410.246594] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:08 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:08 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:08 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:08 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:08 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:08 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x51}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c"}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:08 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:08 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  419.542649] bt_err_ratelimited: 2 callbacks suppressed
[  419.542663] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  419.543514] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  419.546730] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:08 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  419.560699] random: crng reseeded on system resumption
[  419.573583] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  419.573874] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:14:08 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  419.598799] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  419.599091] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  419.601339] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  419.602956] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  419.607174] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  419.608365] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  419.611899] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  419.612472] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  419.614015] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  419.615408] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  419.620016] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  419.620737] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  419.621508] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  419.621904] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  419.623431] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  419.624160] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  419.624395] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  419.625169] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  419.626865] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  419.627463] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  419.628573] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  419.629865] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  419.631084] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:14:08 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:08 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:08 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:08 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:08 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  419.743960] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:14:08 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  419.804436] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  419.805460] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:09 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  419.857181] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  419.861935] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  419.863136] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  419.867828] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  419.873924] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  419.874588] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  419.875162] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  419.875815] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  419.876411] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  419.877348] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  419.878065] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  419.879958] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  419.909447] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  419.910374] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:18 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:18 executing program 6:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:18 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:18 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:18 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:18 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:18 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:18 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  429.016417] bt_err_ratelimited: 9 callbacks suppressed
[  429.016442] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  429.019866] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  429.023258] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  429.024737] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  429.025239] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  429.027775] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  429.029115] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:18 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x57}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7"}, 0x5b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  429.062210] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  429.065585] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  429.068447] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  429.069249] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  429.071397] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  429.074804] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  429.076822] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  429.081304] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  429.083732] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  429.084404] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.096163] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.097222] random: crng reseeded on system resumption
[  429.102773] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  429.103120] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.106937] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  429.107733] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  429.110848] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.115039] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  429.118248] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:18 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  429.120972] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  429.122743] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  429.123153] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  429.125364] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  429.126645] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:18 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:14:18 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:18 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:18 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:18 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  429.242762] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.244066] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.247721] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.249789] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  429.251171] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  429.260384] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:14:18 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  429.289198] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  429.292499] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  429.294005] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  429.307058] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  429.328892] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  429.330867] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  429.334017] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  429.335475] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  429.343671] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  429.386830] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:14:26 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:26 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:26 executing program 6:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:26 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:26 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:26 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:26 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:26 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  437.732188] bt_err_ratelimited: 9 callbacks suppressed
[  437.732204] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  437.736002] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:14:26 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  437.761178] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  437.761644] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  437.773050] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  437.773104] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  437.777370] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:26 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  437.781300] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  437.784931] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  437.786505] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  437.786914] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  437.789349] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  437.792006] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  437.795979] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  437.798688] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  437.804651] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  437.814966] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  437.825609] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  437.828171] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  437.829468] random: crng reseeded on system resumption
12:14:27 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5a}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942bec"}, 0x5e)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  437.834661] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  437.844217] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  437.847794] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  437.850064] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  437.852614] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:14:27 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  437.858994] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  437.859514] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  437.863914] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  437.879495] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  437.881636] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  437.883518] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  437.885021] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  437.886393] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:27 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:27 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:27 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:27 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58e"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  437.936403] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  437.941443] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  437.954070] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  437.955937] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  437.957155] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  437.958712] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  437.963140] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  437.965365] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  437.966727] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  437.983223] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  437.984782] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  437.988312] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  437.989689] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  437.991063] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:14:35 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:35 executing program 6:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:35 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:35 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:35 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:35 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:35 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:35 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58e"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  446.089594] bt_err_ratelimited: 9 callbacks suppressed
[  446.089622] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  446.092610] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  446.095312] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  446.096622] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  446.096773] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  446.097802] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.098201] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  446.099031] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.099965] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  446.102657] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  446.105010] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.107608] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  446.107677] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  446.114736] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.116284] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  446.124037] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  446.127259] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  446.144736] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  446.150729] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  446.154241] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  446.159583] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  446.169818] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:14:35 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:35 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58e"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:14:35 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5b}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb8"}, 0x5f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  446.170991] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  446.210782] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.213253] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.214400] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  446.214457] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.216642] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  446.216700] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  446.219164] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.219768] random: crng reseeded on system resumption
12:14:35 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:35 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff000600000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  446.286995] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  446.290071] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:35 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:35 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  446.319389] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  446.322345] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  446.326861] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  446.328848] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  446.332591] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  446.333860] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  446.356208] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.357881] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.360921] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  446.362493] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  446.366016] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:14:35 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  446.406115] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  446.408453] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  446.446195] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  446.449793] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:44 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  455.099147] bt_err_ratelimited: 9 callbacks suppressed
[  455.099163] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  455.100893] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  455.102739] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:14:44 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff000600000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:14:44 executing program 6:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:44 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:44 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:44 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:44 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:44 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  455.103400] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  455.131343] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  455.132136] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  455.133437] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  455.142682] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.143389] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.144484] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  455.144669] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.145998] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  455.146096] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  455.149361] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.160658] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:14:44 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  455.163549] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  455.180295] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  455.186103] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.187574] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.188892] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  455.188924] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.190158] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  455.190252] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  455.191778] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.200022] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:44 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff000600000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:14:44 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  455.234371] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  455.235870] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.236603] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.237423] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.238328] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  455.239159] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:14:44 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:44 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff00060000000000800000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  455.258655] random: crng reseeded on system resumption
[  455.260831] Bluetooth: hci0: ACL packet for unknown connection handle 2661
12:14:44 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:44 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:44 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff00060000000000800000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  455.278421] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  455.279742] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  455.281123] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  455.290378] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  455.293069] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  455.297449] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.298939] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.303342] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.304499] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  455.305612] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.339163] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:44 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff00060000000000800000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:14:44 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  455.387900] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.389217] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.390894] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.392414] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  455.393867] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  455.403282] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  455.406736] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  455.409362] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  455.411778] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  455.413114] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:53 executing program 6:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:53 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:14:53 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:14:53 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:53 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:14:53 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:14:53 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff000600000000008000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:14:53 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  464.046619] bt_err_ratelimited: 14 callbacks suppressed
[  464.046647] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  464.048027] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  464.058576] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  464.059885] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  464.061162] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  464.061222] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  464.063656] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  464.063730] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  464.066217] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:14:53 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff000600000000008000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:14:53 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  464.102842] random: crng reseeded on system resumption
[  464.113635] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  464.116301] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  464.119191] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  464.120495] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  464.121146] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  464.121191] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  464.122019] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  464.123649] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  464.124289] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  464.126746] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:14:53 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x0, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  464.129340] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  464.130471] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  464.136989] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  464.141936] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  464.143626] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  464.144241] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  464.144278] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  464.145669] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  464.146239] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  464.149043] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  464.149726] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:14:53 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:14:53 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:14:53 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  464.231978] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  464.233089] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  464.273073] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  464.274235] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  464.275879] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  464.276931] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  464.278114] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  464.278901] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  464.280151] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:02 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:02 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x0, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:02 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:02 executing program 6:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:02 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:02 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:02 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:02 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff000600000000008000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  473.808754] random: crng reseeded on system resumption
[  473.828748] bt_err_ratelimited: 6 callbacks suppressed
[  473.828771] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  473.829954] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  473.832644] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  473.837386] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  473.844137] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  473.847591] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  473.849126] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  473.851421] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  473.852925] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  473.863855] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  473.868842] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  473.871420] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  473.873898] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  473.878203] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  473.879204] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  473.884447] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  473.888461] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  473.890766] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  473.891942] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  473.892788] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  473.897571] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  473.898662] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:03 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:03 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  473.905938] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:03 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:03 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:03 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff00060000000000800000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  473.959512] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  473.960340] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  473.964452] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  473.965882] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  473.966362] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  473.970389] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  473.972220] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:03 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  474.035216] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  474.037341] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  474.040297] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  474.042899] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  474.044313] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  474.048331] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  474.056802] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  474.058659] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  474.064081] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  474.067714] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  474.073712] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  474.074990] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  474.076176] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  474.077320] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  474.078912] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:03 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x0, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:03 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:03 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  474.199370] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  474.201069] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  474.209104] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  474.211692] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:15:12 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:12 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:12 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:12 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff00060000000000800000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:12 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(0xffffffffffffffff)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:12 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:12 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  482.922128] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  482.923384] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  482.924459] bt_err_ratelimited: 11 callbacks suppressed
[  482.924468] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  482.924915] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  482.926352] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  482.926470] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  482.927773] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:12 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff00060000000000800000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  482.955870] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  482.956480] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  482.957709] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  482.958487] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  482.965385] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  482.966784] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  482.967932] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  482.967992] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  482.970248] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  482.970303] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  482.972671] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  482.975257] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:12 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  482.988920] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  482.989094] random: crng reseeded on system resumption
[  482.993675] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  483.000197] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  483.001637] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  483.002275] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  483.003227] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  483.004445] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  483.004625] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  483.005928] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  483.019641] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  483.021362] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  483.023762] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  483.025064] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  483.025794] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  483.026416] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  483.032782] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  483.066757] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  483.068150] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:12 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:12 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:12 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  483.106570] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  483.112284] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  483.148721] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  483.152740] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  483.153411] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  483.155038] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  483.155973] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  483.157507] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:21 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:21 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:21 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:21 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(0xffffffffffffffff)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:21 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:21 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:21 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:21 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  492.397796] bt_err_ratelimited: 8 callbacks suppressed
[  492.397820] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  492.401220] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  492.409045] random: crng reseeded on system resumption
12:15:21 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  492.444708] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  492.445698] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  492.452076] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  492.456350] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  492.457817] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  492.459031] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  492.460447] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  492.460662] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  492.465062] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  492.466898] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  492.467071] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  492.470299] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  492.472818] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  492.476709] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  492.476866] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  492.478117] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  492.479500] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  492.482907] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  492.483260] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  492.486755] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  492.488833] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  492.491211] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  492.494025] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:21 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:21 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  492.567173] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  492.577127] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:15:21 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:21 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:21 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:21 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  492.653657] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  492.657421] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  492.661852] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  492.663249] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  492.664381] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:21 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(0xffffffffffffffff)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  492.678479] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  492.681792] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  492.710515] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  492.712208] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  492.713207] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  492.714684] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  492.718301] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  492.721046] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  492.726007] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:21 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  492.759059] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:15:21 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  492.800395] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  492.859051] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  492.861902] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  500.562433] bt_err_ratelimited: 11 callbacks suppressed
[  500.562460] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  500.563720] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  500.566609] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:29 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:29 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:29 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:29 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:29 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:29 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(0x0, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:29 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:29 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:29 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  500.592200] random: crng reseeded on system resumption
[  500.604277] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  500.605840] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  500.608470] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  500.619934] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  500.619966] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  500.625068] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  500.627833] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  500.631144] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  500.636934] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  500.638280] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  500.638414] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  500.638667] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  500.639853] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  500.640301] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  500.641652] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  500.642143] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  500.646332] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  500.646438] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  500.646787] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  500.649508] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  500.660486] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  500.665740] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:29 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:29 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:29 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:29 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:29 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  500.735523] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  500.737017] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:15:29 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(0x0, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  500.762096] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  500.777080] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  500.778960] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  500.778967] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  500.780973] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  500.782448] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  500.783881] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  500.785345] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:29 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  500.787283] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  500.789988] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  500.792847] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  500.794230] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  500.795696] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:29 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  500.844281] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  500.871363] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  500.874648] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:15:39 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:39 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:39 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:39 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:39 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(0x0, 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:39 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(0x0, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:39 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:39 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  509.916005] bt_err_ratelimited: 10 callbacks suppressed
[  509.916028] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  509.919081] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  509.923039] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:39 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  509.960715] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  509.964229] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  509.966340] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  509.966361] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  509.969303] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  509.972844] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  509.974567] random: crng reseeded on system resumption
[  509.976461] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  509.976918] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  509.980709] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  509.982087] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  509.987060] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  509.988781] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  509.990157] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  509.992262] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  509.993689] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  509.993854] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  509.998990] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  510.002708] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  510.005668] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  510.008466] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  510.048444] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  510.049317] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  510.053358] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:39 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:39 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:39 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:39 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:39 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(0x0, 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  510.101495] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  510.102375] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  510.105505] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:39 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  510.156954] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  510.159269] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:39 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  510.189985] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  510.196308] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  510.197948] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  510.199144] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  510.201052] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  510.206351] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  510.218409] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  510.219747] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  510.225894] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  510.228683] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  510.232577] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  510.246452] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  510.248407] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  510.250959] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  510.261027] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  519.288066] random: crng reseeded on system resumption
12:15:48 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:48 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:48 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:48 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:48 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:15:48 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0x0, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:48 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(0x0, 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:48 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  519.298367] bt_err_ratelimited: 9 callbacks suppressed
[  519.298390] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  519.299630] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  519.302317] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  519.303662] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  519.303670] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  519.305092] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  519.305721] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  519.306396] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  519.307264] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  519.308382] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:48 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  519.338971] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  519.339140] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  519.339739] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  519.340471] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  519.343243] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  519.345875] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  519.345906] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  519.349163] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  519.349781] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  519.353317] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  519.355652] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  519.355714] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  519.358055] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:48 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  519.378870] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  519.379816] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  519.384024] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  519.385326] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  519.386667] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  519.389197] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  519.390486] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:48 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:48 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:48 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:48 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:48 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  519.438432] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  519.440149] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  519.464372] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  519.466432] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  519.469033] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  519.474500] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  519.476017] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  519.477134] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:48 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  519.478823] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  519.481038] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  519.489502] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  519.490288] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  519.491315] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  519.493811] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  519.503193] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  519.547829] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  519.549437] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:15:58 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:58 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:15:58 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:15:58 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:58 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:15:58 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:58 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  529.254901] bt_err_ratelimited: 9 callbacks suppressed
[  529.254922] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  529.257421] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  529.262100] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  529.264247] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  529.265364] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  529.265801] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  529.276720] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  529.277780] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  529.278720] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  529.286059] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  529.287163] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  529.296199] random: crng reseeded on system resumption
[  529.314122] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  529.315200] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:15:58 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  529.317907] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  529.320334] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  529.322282] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  529.322452] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  529.326906] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  529.327787] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  529.328965] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  529.334950] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  529.341168] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  529.342509] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:15:58 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  529.367868] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  529.368182] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  529.370427] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  529.371636] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  529.374232] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  529.375500] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:15:58 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  529.411195] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  529.413340] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:15:58 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:15:58 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:15:58 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(0x0, 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:15:58 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

[  529.464757] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  529.466794] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  529.495467] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  529.498460] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  529.513190] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  529.518808] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  529.520135] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  529.522616] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  529.531938] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  529.533236] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  529.535393] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  529.537036] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  529.539061] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  529.551174] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:16:07 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)

12:16:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:07 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:07 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:07 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:07 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:07 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(0x0, 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:07 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  538.590060] random: crng reseeded on system resumption
[  538.619394] bt_err_ratelimited: 10 callbacks suppressed
[  538.619412] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  538.619421] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  538.619661] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  538.621261] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  538.625324] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:16:07 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)

[  538.626844] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  538.645214] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  538.648036] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  538.648217] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  538.653281] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:16:07 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  538.660964] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  538.662241] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  538.663450] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  538.665364] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  538.666410] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:16:07 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  538.676434] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  538.678908] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  538.682651] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  538.683926] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  538.685581] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  538.686336] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  538.695961] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:16:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  538.728783] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  538.729324] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  538.731222] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:16:07 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  538.757041] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  538.759174] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  538.760967] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  538.763743] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:16:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:07 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(0x0, 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  538.789719] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  538.790813] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  538.797618] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  538.804073] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:16:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)

12:16:08 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:08 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  538.846460] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  538.847342] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  538.849793] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:16:08 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  538.881962] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  538.882771] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  538.884492] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  538.885367] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  538.886928] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  538.933418] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  538.938660] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  538.949628] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  538.951999] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  538.953754] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  538.954468] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  538.955282] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  548.243611] bt_err_ratelimited: 13 callbacks suppressed
[  548.243637] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  548.245045] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  548.247656] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  548.247672] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  548.247753] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  548.249065] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  548.249728] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  548.251975] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  548.252043] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  548.253185] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  548.253759] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:16:17 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:17 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)

12:16:17 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:17 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:17 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:17 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:17 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:17 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)

12:16:17 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)

12:16:17 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)

12:16:17 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  548.315560] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  548.321818] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  548.321910] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  548.323086] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  548.323889] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  548.330825] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  548.330904] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  548.332851] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  548.333458] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  548.333975] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  548.333986] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  548.334014] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  548.342112] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  548.347453] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  548.354818] random: crng reseeded on system resumption
[  548.363694] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  548.364619] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  548.366025] Bluetooth: hci1: ACL packet for unknown connection handle 201
12:16:17 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)

[  548.381267] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  548.384264] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  548.387071] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  548.455834] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:16:27 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:27 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:27 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:27 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)

12:16:27 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:27 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:27 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:27 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  557.891960] bt_err_ratelimited: 3 callbacks suppressed
[  557.891982] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  557.893154] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  557.914442] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  557.915838] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  557.917261] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  557.917321] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  557.919415] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  557.919468] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  557.922578] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:16:27 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:27 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)

[  557.977506] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  557.979233] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  557.981957] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  557.984419] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  557.988211] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  557.992304] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  557.994384] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  557.994450] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  557.997571] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  557.998238] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  558.000472] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  558.001863] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  558.003623] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  558.003807] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  558.006045] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  558.007442] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  558.008668] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  558.010239] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  558.011334] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  558.013465] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  558.017763] random: crng reseeded on system resumption
[  558.018177] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  558.085419] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:16:27 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:27 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:27 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:27 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)

12:16:27 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  558.130421] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  558.132234] Bluetooth: hci1: ACL packet for unknown connection handle 0
12:16:27 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:27 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  558.175581] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  558.177291] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  558.179154] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  558.180901] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  558.182435] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  558.229267] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  558.234270] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  558.236702] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  558.239902] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  558.241451] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  558.242717] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  558.256833] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  558.260989] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  558.288951] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  558.291314] Bluetooth: hci1: ACL packet for unknown connection handle 0
12:16:36 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:36 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:36 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:36 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:36 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:36 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:36 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, 0x0)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:36 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)

[  567.318565] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.319938] bt_err_ratelimited: 10 callbacks suppressed
[  567.319955] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  567.321027] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.323601] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  567.323664] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  567.323841] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  567.324980] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.327831] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  567.330836] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:16:36 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  567.343875] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  567.346076] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  567.347453] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  567.348244] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  567.348332] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  567.349497] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  567.350239] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  567.357695] random: crng reseeded on system resumption
[  567.375017] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  567.377840] Bluetooth: hci4: ACL packet for unknown connection handle 201
12:16:36 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)

[  567.393063] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  567.403581] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  567.409974] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:16:36 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:36 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, 0x0)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:36 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:36 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  567.411111] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  567.450208] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  567.455046] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  567.465065] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.466633] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  567.468034] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.470972] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  567.472363] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.486912] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  567.488742] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  567.500102] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  567.500946] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  567.501355] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  567.501943] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  567.503035] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  567.504674] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  567.505900] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:16:36 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  567.599902] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.601672] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  567.602918] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  567.604125] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:16:45 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:45 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:45 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:45 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:45 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:45 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, 0x0)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:45 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  576.806396] random: crng reseeded on system resumption
12:16:45 executing program 7:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, 0x0)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  576.819265] bt_err_ratelimited: 8 callbacks suppressed
[  576.819284] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  576.822696] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  576.823947] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  576.829781] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  576.840026] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  576.844767] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  576.845985] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  576.846500] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  576.850786] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  576.852675] Bluetooth: hci6: ACL packet for unknown connection handle 0
[  576.853992] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  576.855799] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  576.855971] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  576.857248] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  576.860918] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  576.863253] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  576.863316] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  576.865719] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  576.870879] Bluetooth: hci2: ACL packet for unknown connection handle 201
12:16:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  576.879581] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:16:46 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:46 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:46 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  576.883917] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  576.960609] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  576.966583] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  576.970709] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:16:46 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(0xffffffffffffffff, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:46 executing program 7:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, 0x0)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  577.075392] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  577.076495] Bluetooth: hci6: ACL packet for unknown connection handle 0
[  577.078848] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  577.079837] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  577.080398] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  577.082357] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  577.083004] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  577.085639] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  577.087479] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  577.088965] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  577.091133] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  577.092693] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  577.094051] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  577.094608] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  577.117942] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  577.119294] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:16:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  577.223668] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  577.225155] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:16:55 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:55 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:55 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:16:55 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:55 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:55 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x0, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:16:55 executing program 7:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, 0x0)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:16:55 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(0xffffffffffffffff, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  586.307120] bt_err_ratelimited: 6 callbacks suppressed
[  586.307136] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  586.309937] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  586.312929] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  586.314720] Bluetooth: hci2: SCO packet for unknown connection handle 200
12:16:55 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x0, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  586.314977] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  586.331801] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  586.335279] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  586.336053] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  586.339637] Bluetooth: hci6: ACL packet for unknown connection handle 0
[  586.341091] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  586.342930] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  586.342977] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  586.345402] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  586.345447] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  586.347137] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  586.357786] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.362210] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  586.364644] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  586.372366] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.375475] random: crng reseeded on system resumption
[  586.376847] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  586.377776] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:16:55 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:16:55 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:16:55 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  586.427259] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  586.427833] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.429089] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  586.431298] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  586.432833] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  586.433135] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.435405] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  586.436248] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.438195] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  586.440840] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:16:55 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  586.467641] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.469804] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  586.471436] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.472272] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  586.474062] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:16:55 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:16:55 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(0xffffffffffffffff, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  586.535107] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  586.540061] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  586.543101] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  586.543953] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  586.545512] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  586.547073] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  586.551986] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  586.564856] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.566608] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  586.567276] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  586.569103] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  586.569745] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:16:55 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, 0x0, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:05 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:05 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:17:05 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:05 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:05 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:05 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, 0x0, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:05 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x0, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

12:17:05 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x0, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)

[  596.333054] random: crng reseeded on system resumption
[  596.400084] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  596.400691] bt_err_ratelimited: 8 callbacks suppressed
[  596.400711] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  596.401410] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  596.404752] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  596.404822] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  596.407227] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  596.407295] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  596.409704] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  596.409739] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  596.417474] Bluetooth: hci4: ACL packet for unknown connection handle 2661
[  596.427814] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  596.432483] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  596.436397] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  596.436612] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  596.437328] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  596.441416] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  596.444164] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  596.446050] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  596.446274] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  596.449841] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  596.456362] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  596.458460] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  596.460567] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  596.474214] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:17:05 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, 0x0, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:05 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:05 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  596.582033] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  596.584052] Bluetooth: hci2: ACL packet for unknown connection handle 201
12:17:05 executing program 7:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, 0x0, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:05 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x0, 0x0, 0x8, 0x3f}}}}, 0x15)

12:17:05 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  596.594568] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  596.596080] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  596.625236] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  596.627863] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  596.629264] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  596.631123] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  596.632349] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:17:05 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  596.650346] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  596.652411] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:17:05 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x0, 0x0, 0x8, 0x3f}}}}, 0x15)

[  596.684444] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  596.689811] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  596.696378] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  596.698461] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  596.704943] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  596.736190] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  596.744077] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  596.783508] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  596.786285] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:17:15 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:17:15 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:15 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x0, 0x0, 0x8, 0x3f}}}}, 0x15)

12:17:15 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:15 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100), 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:15 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:15 executing program 7:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(0xffffffffffffffff, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:15 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  606.447434] bt_err_ratelimited: 8 callbacks suppressed
[  606.447455] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  606.451187] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  606.454478] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:17:15 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  606.456487] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  606.525384] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  606.526183] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  606.530953] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  606.534401] random: crng reseeded on system resumption
[  606.535388] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  606.536863] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  606.539272] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  606.540461] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  606.542809] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  606.543188] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  606.545716] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  606.547421] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  606.548888] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  606.554860] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  606.554926] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  606.557866] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  606.557926] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  606.564767] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  606.565213] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  606.572441] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  606.589351] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:17:15 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100), 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:15 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:15 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:17:15 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x0, 0x3f}}}}, 0x15)

12:17:15 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:15 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100), 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  606.592081] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  606.729046] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  606.732265] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  606.733458] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  606.733554] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  606.735940] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  606.737237] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  606.738747] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  606.739909] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:17:15 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  606.761087] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  606.765277] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  606.768917] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  606.770765] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  606.772427] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  606.818410] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  606.822158] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  606.879670] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  606.880948] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  606.886024] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  606.888833] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  606.892416] Bluetooth: hci4: ACL packet for unknown connection handle 200
12:17:24 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080))
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:24 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:24 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:17:24 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:24 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x0, 0x3f}}}}, 0x15)

12:17:24 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:24 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb6", 0x25)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:24 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  614.845956] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.846682] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.847362] bt_err_ratelimited: 8 callbacks suppressed
[  614.847370] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  614.848063] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.849284] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  614.849390] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  614.850850] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:17:24 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x0, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  614.876365] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.877079] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.877764] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  614.877922] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.879158] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  614.879253] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  614.880820] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:17:24 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x0, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  614.899019] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  614.907786] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.909042] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.910381] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  614.910725] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.911926] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  614.912020] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  614.914833] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  614.915991] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  614.924425] Bluetooth: hci2: SCO packet for unknown connection handle 201
12:17:24 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x0, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  614.930310] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  614.937599] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  614.942246] Bluetooth: hci1: ACL packet for unknown connection handle 2661
[  614.943222] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  614.947724] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  614.951609] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  614.955158] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  614.956391] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  614.957394] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:17:24 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  614.968645] random: crng reseeded on system resumption
12:17:24 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x0, 0x3f}}}}, 0x15)

12:17:24 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  615.022074] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  615.022717] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  615.024078] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  615.025178] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  615.027419] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  615.057214] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  615.074650] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  615.082587] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:17:24 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb6", 0x25)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  615.120030] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  615.122169] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  615.124001] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  615.126045] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  615.127233] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:17:33 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:33 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080))
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:33 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080))
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:33 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0x0, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:17:33 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:33 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:33 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8}}}}, 0x15)

12:17:33 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb6", 0x25)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  624.250445] bt_err_ratelimited: 8 callbacks suppressed
[  624.250460] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  624.252608] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  624.254748] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:17:33 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8}}}}, 0x15)

[  624.279615] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  624.280199] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  624.282671] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:17:33 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8}}}}, 0x15)

[  624.296155] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  624.304285] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  624.308144] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.308784] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.309491] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  624.310396] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.312211] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  624.312310] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  624.315082] random: crng reseeded on system resumption
[  624.315549] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.318314] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  624.319632] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  624.323789] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  624.326813] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  624.328249] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:17:33 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0x0, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  624.346109] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  624.355858] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.357216] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.358846] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  624.358877] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.360164] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  624.360281] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  624.361715] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.365781] Bluetooth: hci2: ACL packet for unknown connection handle 201
12:17:33 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0x0, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  624.371794] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  624.389162] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  624.390455] Bluetooth: hci1: ACL packet for unknown connection handle 2661
12:17:33 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  624.404993] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.405784] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.407352] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.408129] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  624.410313] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  624.484296] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  624.485189] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  624.486801] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  624.487431] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  624.488191] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:17:42 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:42 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080))
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:42 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:42 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651", 0x37)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:42 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:42 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:42 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:42 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0x0, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  633.026761] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.028259] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.029798] bt_err_ratelimited: 5 callbacks suppressed
[  633.029816] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  633.031056] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.033921] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  633.033991] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  633.034196] random: crng reseeded on system resumption
[  633.035388] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:17:42 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0x0, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  633.060998] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  633.061972] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  633.063451] Bluetooth: hci2: ACL packet for unknown connection handle 0
12:17:42 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  633.064058] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  633.084644] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  633.089645] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  633.093647] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  633.094391] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  633.098185] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.099305] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.099894] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  633.099929] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.101016] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  633.101046] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  633.102152] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.103020] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:17:42 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  633.104037] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  633.104737] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  633.126048] random: crng reseeded on system resumption
12:17:42 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0x0, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  633.152923] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.153990] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.154750] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  633.154921] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.156578] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  633.156678] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  633.158267] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:17:42 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  633.185168] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.185932] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.187663] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.188451] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  633.190020] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.196042] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  633.199454] Bluetooth: hci2: ACL packet for unknown connection handle 0
12:17:42 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  633.228030] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  633.229115] Bluetooth: hci2: ACL packet for unknown connection handle 0
12:17:42 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:42 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  633.290705] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  633.292967] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  633.294827] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  633.295741] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  633.296478] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  633.311205] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.313213] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.314826] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  633.328303] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  633.329997] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:17:52 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:52 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:17:52 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651", 0x37)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:52 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:52 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:52 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:52 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:17:52 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  643.053011] bt_err_ratelimited: 10 callbacks suppressed
[  643.053039] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  643.057156] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  643.059855] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  643.061156] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  643.086742] random: crng reseeded on system resumption
[  643.102761] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  643.102911] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.105147] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  643.106230] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  643.106362] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.108418] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  643.109472] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:17:52 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  643.117626] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.119712] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.121657] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  643.129022] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.131177] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  643.131230] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  643.133378] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.136485] random: crng reseeded on system resumption
12:17:52 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:17:52 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:52 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651", 0x37)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:17:52 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  643.283748] random: crng reseeded on system resumption
12:17:52 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x0]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  643.293929] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  643.296831] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  643.299584] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.302077] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  643.303871] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  643.304003] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.306191] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  643.307257] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.310841] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  643.316568] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:17:52 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:17:52 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  643.319043] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  643.391857] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.394387] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.395598] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.396807] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  643.397941] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.449676] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.451197] Bluetooth: hci0: ACL packet for unknown connection handle 2661
12:17:52 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x0]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  643.453813] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.456599] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  643.457831] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  643.468962] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  643.470466] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:17:52 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee74", 0x40)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  643.583385] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.585449] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.588232] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  643.590847] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  643.593725] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.081046] bt_err_ratelimited: 8 callbacks suppressed
[  652.081076] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  652.082504] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.086453] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  652.088335] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  652.088786] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.092592] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  652.094674] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:18:01 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:01 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x10, 0x0]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:01 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:01 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:01 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee74", 0x40)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:18:01 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:01 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:01 executing program 1:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(0x0, 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:18:01 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  652.132299] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  652.133375] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.133813] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  652.137600] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.138756] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  652.138850] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.140047] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.140745] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  652.141328] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.142090] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  652.143418] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.145810] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  652.146501] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  652.147990] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  652.148798] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  652.149355] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  652.152914] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.187079] random: crng reseeded on system resumption
12:18:01 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:01 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  652.213912] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.214765] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.215487] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  652.216001] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.217203] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  652.217320] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  652.218730] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:01 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:01 executing program 1:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  652.242707] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  652.248151] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:18:01 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  652.272302] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.276709] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.278153] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  652.279282] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  652.289489] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  652.292867] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:18:01 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:01 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x0, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  652.319304] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  652.320353] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  652.378315] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.379283] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.383136] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  652.388438] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  652.393078] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:09 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:09 executing program 1:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee74", 0x40)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:18:09 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:09 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x0, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:09 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee74", 0x40)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:18:09 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:09 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:09 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

[  660.312848] bt_err_ratelimited: 10 callbacks suppressed
[  660.312866] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  660.316266] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  660.331454] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  660.332632] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  660.336342] random: crng reseeded on system resumption
[  660.338059] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.339072] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.339916] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  660.340033] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  660.341614] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  660.341657] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.343311] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  660.343413] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  660.344988] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  660.345028] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  660.346595] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  660.347378] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  660.348185] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.406025] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.406756] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.407343] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  660.407371] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.408528] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  660.408559] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  660.409762] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:09 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x0, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:09 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:09 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x0, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:09 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x0, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:09 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d8", 0x45)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  660.497965] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.498948] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.501428] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  660.501683] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.503152] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  660.503350] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  660.505001] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.507171] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  660.507964] Bluetooth: hci0: ACL packet for unknown connection handle 0
12:18:09 executing program 1:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(0x0, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  660.512442] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  660.513102] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  660.513836] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:18:09 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x0, 0x0, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:09 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  660.571492] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  660.572200] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  660.602334] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.603070] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.604456] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.605476] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  660.606637] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  660.630314] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  660.632079] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  660.633026] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  660.634451] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  660.635300] Bluetooth: hci0: ACL packet for unknown connection handle 201
12:18:18 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x0, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:18 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:18 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x0, &(0x7f00000003c0))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:18 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:18 executing program 1:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x0, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60de51", 0x49)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:18:18 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:18 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x10, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:18 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d8", 0x45)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  669.615990] bt_err_ratelimited: 8 callbacks suppressed
[  669.616011] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  669.619575] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  669.623413] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:18:18 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x0, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  669.625726] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  669.664572] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  669.666392] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  669.667322] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  669.667369] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  669.669160] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  669.669209] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  669.672131] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  669.679175] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  669.679948] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  669.684375] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  669.687103] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  669.687504] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  669.690074] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  669.691265] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  669.723312] random: crng reseeded on system resumption
12:18:18 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:18 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x10, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  669.764601] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  669.824227] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  669.828113] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:18:19 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d8", 0x45)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:18:19 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:19 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x0, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  669.829324] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  669.937846] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  669.939638] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  669.942826] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  669.943832] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  669.944091] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  669.945728] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  669.948677] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  669.958760] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  669.959795] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  669.961172] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  669.962406] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  669.964058] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:19 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  670.023257] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  670.025021] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:18:19 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x0, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:19 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0xe8ef, 0x10, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  670.059983] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  670.061196] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  670.106785] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.108184] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  670.111371] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.112396] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  670.113331] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.122808] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.123724] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.126797] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.128013] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  670.131679] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:19 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60", 0x47)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

12:18:19 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x0, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:19 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:19 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x0, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

[  670.522712] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  670.524394] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:18:19 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0x0, 0x10, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:19 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:19 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x0, &(0x7f00000003c0))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:19 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x0, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  670.573252] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.574960] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  670.576359] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.578371] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  670.579171] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.603369] random: crng reseeded on system resumption
[  670.620242] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  670.621420] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  670.641960] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.643728] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:19 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:19 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  670.648290] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.649031] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  670.650322] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.678567] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  670.687713] Bluetooth: hci2: ACL packet for unknown connection handle 2661
12:18:19 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0x0, 0x10, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  670.729124] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.730563] Bluetooth: hci0: ACL packet for unknown connection handle 2661
** 1 printk messages dropped **
[  670.734782] ------------[ cut here ]------------
[  670.734814] WARNING: kernel/printk/printk_ringbuffer.c:1278 at get_data+0x364/0x400, CPU#1: kworker/u11:5/314
[  670.734862] Modules linked in:
[  670.734887] CPU: 1 UID: 0 PID: 314 Comm: kworker/u11:5 Not tainted 6.18.0-rc3-next-20251030 #1 PREEMPT(voluntary) 
[  670.734907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  670.734919] Workqueue: hci0 hci_rx_work
[  670.734943] RIP: 0010:get_data+0x364/0x400
[  670.734962] Code: e8 83 e0 07 83 c0 03 38 d0 0f 8c be fe ff ff 84 d2 0f 84 b6 fe ff ff 48 89 ef e8 17 b8 5b 00 e9 a9 fe ff ff e8 4d bb 1e 00 90 <0f> 0b 90 45 31 e4 e9 3b ff ff ff e8 3c bb 1e 00 90 0f 0b 90 45 31
[  670.734977] RSP: 0018:ffff888016bd73e8 EFLAGS: 00010212
[  670.734989] RAX: 000000000000037a RBX: ffff888016bd7500 RCX: ffffc90011916000
[  670.734999] RDX: 0000000000040000 RSI: ffffffff81555913 RDI: 0000000000000006
[  670.735008] RBP: ffff888016bd74c8 R08: 0000000000000000 R09: 0000000000000000
[  670.735017] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff85d30790
[  670.735026] R13: 00003fffffffffff R14: 0000000000000000 R15: 0000000000000000
[  670.735038] FS:  0000000000000000(0000) GS:ffff8880e54f0000(0000) knlGS:0000000000000000
[  670.735051] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  670.735061] CR2: 00007f234490cbf0 CR3: 0000000016337000 CR4: 0000000000350ef0
[  670.735070] Call Trace:
[  670.735074]  <TASK>
[  670.735084]  _prb_read_valid+0x2f3/0x830
[  670.735110]  ? __pfx__prb_read_valid+0x10/0x10
[  670.735130]  ? desc_read+0x285/0x350
[  670.735151]  ? desc_read_finalized_seq+0x129/0x1c0
[  670.735171]  ? __asan_memcpy+0x3d/0x60
[  670.735193]  prb_read_valid+0x78/0xa0
[  670.735213]  ? __pfx_prb_read_valid+0x10/0x10
[  670.735231]  ? _prb_read_valid+0x6e9/0x830
[  670.735254]  printk_get_next_message+0x10b/0x570
[  670.735270]  ? __pfx__prb_read_valid+0x10/0x10
[  670.735289]  ? __pfx_printk_get_next_message+0x10/0x10
[  670.735304]  ? __lock_acquire+0x694/0x1b70
[  670.735331]  ? lock_acquire+0x15e/0x2f0
[  670.735348]  ? console_flush_one_record+0x100/0xb20
[  670.735366]  ? lock_is_held_type+0x9e/0x120
[  670.735387]  console_flush_one_record+0x64f/0xb20
[  670.735406]  ? __pfx_console_flush_one_record+0x10/0x10
[  670.735423]  ? __lock_acquire+0x694/0x1b70
[  670.735445]  ? do_raw_spin_lock+0x123/0x260
[  670.735468]  __console_flush_and_unlock+0xb1/0x1d0
[  670.735552]  ? __pfx___console_flush_and_unlock+0x10/0x10
[  670.735571]  ? is_printk_cpu_sync_owner+0x32/0x40
[  670.735588]  ? is_printk_legacy_deferred+0x67/0x80
[  670.735606]  vprintk_emit+0x4c1/0x690
[  670.735622]  ? __pfx_vprintk_emit+0x10/0x10
[  670.735645]  _printk+0xbe/0xf0
[  670.735663]  ? __pfx__printk+0x10/0x10
[  670.735682]  ? find_held_lock+0x2b/0x80
[  670.735696]  ? hci_rx_work+0xa70/0x1270
[  670.735715]  ? lock_release+0xc8/0x290
[  670.735737]  bt_err+0xdb/0x120
[  670.735753]  ? __pfx_bt_err+0x10/0x10
[  670.735771]  ? hci_rx_work+0x568/0x1270
[  670.735790]  ? find_held_lock+0x2b/0x80
[  670.735804]  ? hci_rx_work+0xa5c/0x1270
[  670.735822]  ? lock_release+0xc8/0x290
[  670.735843]  hci_rx_work+0xac1/0x1270
[  670.735867]  process_one_work+0x8e1/0x19c0
[  670.735894]  ? __pfx_process_one_work+0x10/0x10
[  670.735912]  ? move_linked_works+0x172/0x270
[  670.735939]  ? assign_work+0x196/0x240
[  670.735959]  worker_thread+0x67e/0xe90
[  670.735978]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  670.736002]  ? __pfx_worker_thread+0x10/0x10
[  670.736022]  kthread+0x3c8/0x740
[  670.736040]  ? __pfx_kthread+0x10/0x10
[  670.736055]  ? ret_from_fork+0x23/0x470
[  670.736070]  ? lock_release+0xc8/0x290
[  670.736089]  ? __pfx_kthread+0x10/0x10
[  670.736106]  ret_from_fork+0x38b/0x470
[  670.736118]  ? __pfx_kthread+0x10/0x10
[  670.736135]  ret_from_fork_asm+0x1a/0x30
[  670.736162]  </TASK>
[  670.736168] irq event stamp: 102773
[  670.736173] hardirqs last  enabled at (102779): [<ffffffff8154e480>] vprintk_emit+0x650/0x690
[  670.736191] hardirqs last disabled at (102784): [<ffffffff8154e411>] vprintk_emit+0x5e1/0x690
[  670.736208] softirqs last  enabled at (102568): [<ffffffff813bc0ec>] handle_softirqs+0x50c/0x770
[  670.736226] softirqs last disabled at (102557): [<ffffffff813bc484>] __irq_exit_rcu+0xc4/0x100
[  670.736243] ---[ end trace 0000000000000000 ]---
[  670.775938] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  670.776589] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  670.818261] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.819396] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.822099] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  670.823149] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  670.824430] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:28 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:28 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

12:18:28 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:28 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0xe}, {0xff4e, 0xfff, [0x3c0, 0x9, 0x0, 0x10, 0x2]}}}}, 0x1b)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:28 executing program 7:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:28 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, 0x0)
io_submit(0x0, 0x1, &(0x7f00000003c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x181001, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x400c330d)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x294001, 0x71)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:28 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab39eac554c6bee, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
io_setup(0x208, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x0, &(0x7f00000003c0))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="0100"/12, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='./file0\x00'])
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, &(0x7f00000004c0)='^', 0xfdef)

12:18:28 executing program 5:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xe9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040))
r1 = semget$private(0x0, 0x4, 0x0)
syncfs(r0)
semctl$GETNCNT(r1, 0x0, 0xe, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000280)=""/151)
write(r0, &(0x7f0000000100)="34ef9364e0d3f2b7567b9791e73bc45eb2188c2a29c766f1b7bac9ab58dd7f8127dce6dbb62da84984e26a0cc2728bc9a93d09493ed651a5e8b42aea0f8eee7429447f29d88d60", 0x47)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x24200, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

[  679.530573] random: crng reseeded on system resumption
[  679.539786] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.540486] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.541639] bt_err_ratelimited: 24 callbacks suppressed
[  679.541649] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  679.542247] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.543931] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  679.544006] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  679.545434] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:28 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0x0, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  679.588148] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  679.591696] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  679.599049] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  679.600457] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  679.612434] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  679.613155] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  679.613217] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  679.615189] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  679.617199] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  679.619224] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  679.619933] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.621069] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.621807] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  679.623421] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  679.625830] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.628326] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  679.628492] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  679.630706] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:28 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8, 0x3f}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x7, 0x1, 0x101, 0x724b, 0x40}}}}, 0x17)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x9, 0x4}, {0x7, 0x8000}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x1, 0x8}, {0xfff, 0x8, 0x9, 0xfd4f}}}}, 0x15)

12:18:28 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0x0, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

12:18:28 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x5c}, "9436af5d338698a3abd9b070e1cc96a1580902cffd76cda64eab85adb257805d579b1da5d951f5152250673b52be4b43aed080be8e66522912e511e943de21c1d32f2265aa86fbee723a65ca84ad0eb35c53a8bfae1af7942becb81b"}, 0x60)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0xdc, 0xc9, 0x86}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x0, 0xddc2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x7f}}}, 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x20, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x7f2e26bc4c4afa65, 0x2, 0x2, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x8000, 0x0, 0x8}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xbf}, "9a31ad6708be22353de3a825c925b9ddc43801152b2cb2ae951a8e4b79aab10a51fb3d2aa2fc6aedd8ebb0de234f083561889f3dbbca51528f65728efbcd056c65ed17c13a46e8200500071e6915514907e0b2e058dff9ba78089099299db0c11728eef3d5653bb5b8e767fea7d26c82dfc2cedcebbaed03463d6a7cdb5fffb772e5fb403d6d40c8755902b36b4a70d96fb20edd7c1c553c376098337b320dad82ba5c6e9786f07907d343bbd8d417d617bdedd9bb59a4aa3ad6e49c357278"}, 0xc3)
syz_emit_vhci(&(0x7f0000000300)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x5, 0xc9, 0x4, 0x3}}}, 0x9)

[  679.699948] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.700808] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.701583] Bluetooth: hci6: SCO packet for unknown connection handle 0
[  679.701691] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.703187] Bluetooth: hci6: SCO packet for unknown connection handle 201
[  679.703284] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  679.706650] Bluetooth: hci6: ACL packet for unknown connection handle 200
12:18:28 executing program 4:
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04227f09ffffffffffff80022571ac060001aaaaaaaaaa120440f3e2f6690008aaff0100001006fc3a43030008050000000000000309d597d20600130000000000002000acc749b02e420300aaaaaa100302b884888c09f4a6010000000000000405f76e7a0200ffaaaa0000aa127f67a58ea6ff0006000000000080000000000000"], 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16, @ANYRES64], 0x7)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_reconf_req={{0x19, 0x8, 0x10}, {0xff4e, 0xfff, [0x3c0, 0x9, 0x0, 0x0, 0x10, 0x2]}}}}, 0x1d)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x3, 0x8}, {0x401, 0x6a7, 0x4, 0xff}}}}, 0x15)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e796d40f44ecf7770235540cb73eb566be076f0696fc8ae901899bb90f39e9190b003e9e4cbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb200"/87], 0x54)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRES32], 0x19)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="02c82014010010000400080000fe0603486c060400f8ff0100"], 0x19)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03c9004a2a6f476881fed58fe6cf77ac034487b262a2d4a84b23329f4fc2b545a3757c17299bead743a641563e939f573689f0f26adb76a11f0b52103691d0bdf158e5a299fe104cdddc2b756d38"], 0x4e)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="02c9200a000601a740a0560a3ebf643c64ff8b6c05001afd0200b5020adfa79f89c81d2045cb985ffdb01a46121713014db373501e5f9c0d4689e7e5a3eca56aa80cb81d5f3f4afaf3a469d386fe4200b6c1f6285a8cb1ebebc675e2f3d38f4161c5e09f99c8ad3ec4cc3b6e5ff6e3e2ffe60f21d0a65d6cba1a6e32e0b4f71317ad53ad06cbeddc631ac8f38a7744cca4c23ecf9dff864afb8c8bc62f70714a050afb85a02341d49a9cc4f806220e7dd2a53b3f311798a6b43426630708ecf4ecc786e37f3c0f4e01b7731a388f70d1fdcfc8e5ead1be2a1ebf51172aa5d9"], 0xf)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a00000b01e4670d16d37ffe532dd2504400ffffffff85ffffff4391f9956513e2382194d7d8f87c9c1eafe9b0048018032b6e041a0000000000000000000000000000006626811f53ccb4ed69b1c4b174bf2c21650d701006886e6797f466102f557fbc4b6361da037cc31a0f4ebe748ca0bfff5f93fc7f12c99b46d41fcee057a0250862076310"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x1000, 0x7, 0x5}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x7fff, 0x3f, 0x0, 0x401}}]}}, 0x21)

[  679.782444] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  679.783802] Bluetooth: hci0: ACL packet for unknown connection handle 2661
[  679.785315] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  679.786117] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  679.786792] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  679.803954] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  679.804745] Bluetooth: hci2: ACL packet for unknown connection handle 2661
[  679.844614] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.845815] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.850199] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  679.851205] Bluetooth: hci6: ACL packet for unknown connection handle 201
[  679.852789] Bluetooth: hci6: ACL packet for unknown connection handle 200

VM DIAGNOSIS:
12:18:20  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff888018fa0000 RCX=0000000000000001 RDX=1ffff1100d9c6dda
RSI=0000000000000004 RDI=ffff88806ce36ed8 RBP=1ffff1100d9c10e4 RSP=ffff88806ce086b8
R8 =0000000000000001 R9 =ffffed100d9c10d1 R10=0000000000000003 R11=0000000000000001
R12=ffff88800f6d1b80 R13=ffff888018fa0970 R14=0000000000000000 R15=ffff888018fa0014
RIP=ffffffff81518b6c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e53f0000 00000000 00000000
LDT=0000 fffffe6d00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f098b71e3a4 CR3=000000001edb0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=000000000000006c RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff82910685 RDI=ffffffff88911600 RBP=ffffffff889115c0 RSP=ffff888016bd7668
R8 =0000000000000000 R9 =ffffed10015f5046 R10=000000000000006c R11=0000000000000001
R12=000000000000006c R13=0000000000000010 R14=ffffffff889115c0 R15=ffffffff82910670
RIP=ffffffff829106dd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e54f0000 00000000 00000000
LDT=0000 fffffe4400000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f234490cbf0 CR3=0000000016337000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000