cc 0x0c23 length: 249 > 4
[  610.690938] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  612.769509] Bluetooth: hci6: command tx timeout
[  614.817179] Bluetooth: hci6: command tx timeout
[  616.865134] Bluetooth: hci6: command tx timeout
[  618.913100] Bluetooth: hci6: command tx timeout
[  627.322655] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  627.323804] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  627.380639] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  627.381860] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  627.496513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  627.501424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  627.508101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  630.177176] Bluetooth: hci4: command 0x0406 tx timeout
19:03:04 executing program 6:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:03:04 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:04 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:03:04 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:03:04 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:03:04 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0x0, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:03:04 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c41"], 0x34}}, 0x0)

19:03:04 executing program 3:
syz_80211_inject_frame(0x0, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

[  636.977359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  636.982799] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:13 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:03:13 executing program 3:
syz_80211_inject_frame(0x0, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:03:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:03:13 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:13 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e"], 0x34}}, 0x0)

19:03:13 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:13 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:03:13 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  646.212967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:14 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  646.230447] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:14 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:03:14 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

[  646.334997] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:14 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

[  646.402590] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:24 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:03:24 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, 0x0, 0x0)

19:03:24 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e"], 0x34}}, 0x0)

19:03:24 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:24 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:24 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:03:24 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd494"], 0x34}}, 0x0)

19:03:24 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  656.753258] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  656.757580] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:24 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e"], 0x34}}, 0x0)

19:03:24 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

[  656.813715] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:24 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:03:24 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

[  656.831197] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:24 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f9"], 0x34}}, 0x0)

19:03:24 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:03:24 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a482"], 0x34}}, 0x0)

19:03:24 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:03:34 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f9"], 0x34}}, 0x0)

19:03:34 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:03:34 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:03:34 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, 0x0, 0x0)

19:03:34 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:03:34 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:34 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:34 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bc"], 0x34}}, 0x0)

[  666.822789] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:34 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

[  666.881992] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:34 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a4"], 0x34}}, 0x0)

19:03:34 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:03:34 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

[  667.054606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:03:34 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

19:03:34 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f9"], 0x34}}, 0x0)

19:03:35 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

[  667.189953] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
19:03:35 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e36"], 0x34}}, 0x0)

19:03:35 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, 0x0, 0x0)

19:03:35 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  667.303111] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  669.673594] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  669.678500] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  669.681511] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  669.688694] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  669.691773] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  671.714194] Bluetooth: hci6: command tx timeout
[  673.762068] Bluetooth: hci6: command tx timeout
[  675.809100] Bluetooth: hci6: command tx timeout
[  677.857094] Bluetooth: hci6: command tx timeout
[  686.448072] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  686.449971] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  686.481975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  686.483220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  686.575324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  686.581087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  686.586279] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:02 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e36"], 0x34}}, 0x0)

19:04:02 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:04:02 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

19:04:02 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:04:02 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:04:02 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d06780"], 0x34}}, 0x0)

19:04:02 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:04:02 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x0, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  695.132606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  695.133858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  695.140175] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  695.144324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:03 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x0, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7c"], 0x34}}, 0x0)

19:04:03 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:04:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:04:03 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

19:04:03 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d06780"], 0x34}}, 0x0)

19:04:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7c"], 0x34}}, 0x0)

[  695.463730] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
19:04:03 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:04:03 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x0, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:03 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:04:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

19:04:03 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

[  695.579607] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  695.589407] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
19:04:03 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

19:04:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

[  695.683961] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
[  695.689212] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  695.696160] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:13 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:04:13 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:04:13 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:04:13 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:04:13 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x0, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:13 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d06780"], 0x34}}, 0x0)

19:04:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

19:04:13 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236"], 0x34}}, 0x0)

[  705.953693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:13 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236"], 0x34}}, 0x0)

19:04:13 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49c"], 0x34}}, 0x0)

[  706.070704] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  706.080180] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  706.107860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:23 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[  715.381929] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:23 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:04:23 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:23 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49c"], 0x34}}, 0x0)

19:04:23 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:04:23 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:04:23 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236"], 0x34}}, 0x0)

[  715.385326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  715.387724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:23 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x0, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  715.456136] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:23 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa4"], 0x34}}, 0x0)

19:04:23 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:04:23 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:31 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236ad"], 0x34}}, 0x0)

19:04:31 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:04:31 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:04:31 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49c"], 0x34}}, 0x0)

19:04:31 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:04:31 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:31 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x0, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:31 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:04:31 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

[  723.955362] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:31 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x0, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  724.053151] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  724.066582] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:31 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:04:31 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

19:04:31 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:32 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x0, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:32 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e7302"], 0x34}}, 0x0)

19:04:32 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

[  724.270634] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
19:04:40 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e7302"], 0x34}}, 0x0)

19:04:40 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:04:40 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x0, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:40 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:04:40 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:40 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

19:04:40 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:04:40 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

[  732.684632] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  732.700358] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  732.711746] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:40 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

[  732.712896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:40 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

[  732.774846] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:40 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:04:40 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a482"], 0x34}}, 0x0)

19:04:40 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e7302"], 0x34}}, 0x0)

[  732.854580] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
19:04:40 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

[  732.918983] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
19:04:40 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49c"], 0x34}}, 0x0)

19:04:40 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:40 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

[  733.063043] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
19:04:40 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:04:40 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:40 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:04:41 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[  733.170476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  733.182503] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  733.192799] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  733.197785] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:04:51 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:04:51 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:04:51 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49c"], 0x34}}, 0x0)

19:04:51 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:51 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e"], 0x34}}, 0x0)

19:04:51 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

19:04:51 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:04:51 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

[  743.447261] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.450513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.458423] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.464791] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.476604] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
19:04:51 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:04:51 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:04:51 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e"], 0x34}}, 0x0)

19:04:51 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:04:51 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:04:51 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:04:51 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49c"], 0x34}}, 0x0)

19:04:51 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:05:01 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:05:01 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:01 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:01 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:01 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:05:01 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:05:01 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:05:01 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400"], 0x34}}, 0x0)

19:05:01 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

[  754.040741] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  754.055170] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  754.073313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:01 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:05:01 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:02 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

19:05:02 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

[  754.151738] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:02 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

19:05:02 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:02 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:05:15 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:05:15 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:05:15 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:15 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:05:15 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:15 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

19:05:15 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:05:15 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

[  767.603840] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  767.610790] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  767.616146] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:15 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

[  767.644937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:15 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:15 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:15 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:05:15 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

19:05:15 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:05:15 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

[  767.834739] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.6'.
19:05:25 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:05:25 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:05:25 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:25 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:05:25 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

19:05:25 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:25 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:05:25 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[  777.222541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:25 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[  777.268071] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  777.275886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  777.281449] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.6'.
[  777.289102] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:25 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:05:25 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:25 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:05:25 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000"], 0x34}}, 0x0)

19:05:25 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:25 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  777.444197] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.6'.
19:05:25 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

[  777.641996] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.6'.
19:05:34 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:34 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:34 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:34 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:05:34 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c0146"], 0x34}}, 0x0)

19:05:34 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:05:34 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

19:05:34 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:05:34 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[  786.969463] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  786.972730] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  786.975576] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.6'.
[  786.994963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  787.015630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:34 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:34 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:05:34 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:34 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:34 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000"], 0x34}}, 0x0)

19:05:34 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

[  787.160350] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.6'.
19:05:35 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:35 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:05:35 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:35 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[  794.017252] Bluetooth: hci6: command 0x0406 tx timeout
19:05:46 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:46 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:46 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:05:46 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:05:46 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:46 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:05:46 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:05:46 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

[  798.788871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  798.846340] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:05:46 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:05:46 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:05:46 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:05:46 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a536"], 0x34}}, 0x0)

19:05:46 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[  801.706686] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  801.710259] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  801.712394] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  801.716684] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  801.719149] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  803.745166] Bluetooth: hci6: command tx timeout
[  805.794447] Bluetooth: hci6: command tx timeout
[  807.841152] Bluetooth: hci6: command tx timeout
[  809.889101] Bluetooth: hci6: command tx timeout
[  818.390956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  818.392395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.451711] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  818.452816] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.534196] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  818.539480] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  818.547262] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:16 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:06:16 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:06:16 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:16 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f"], 0x34}}, 0x0)

19:06:16 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a536"], 0x34}}, 0x0)

19:06:16 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:16 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:06:16 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:06:16 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[  828.624347] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  828.630212] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:16 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:06:16 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:16 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:16 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

19:06:16 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:06:16 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[  828.841948] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  831.405807] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  831.408940] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  831.412269] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  831.418368] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  831.421626] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  833.441290] Bluetooth: hci6: command tx timeout
[  835.489379] Bluetooth: hci6: command tx timeout
[  837.537657] Bluetooth: hci6: command tx timeout
[  839.585135] Bluetooth: hci6: command tx timeout
[  847.011221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.012665] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.050199] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.051290] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.184726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  847.192485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  847.200813] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:44 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:44 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a536"], 0x34}}, 0x0)

19:06:44 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:06:44 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x0, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:06:44 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

19:06:44 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:44 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:06:44 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

[  856.685810] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  856.689195] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  856.692917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:44 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x0, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  856.804557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:44 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a536"], 0x34}}, 0x0)

19:06:44 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:06:44 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:44 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f007068"], 0x34}}, 0x0)

19:06:44 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:06:44 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:06:44 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[  857.141820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  857.161237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  857.168475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:53 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:06:53 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:06:53 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:06:53 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a536"], 0x34}}, 0x0)

19:06:53 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:53 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x0, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:06:53 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:06:53 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c0146"], 0x34}}, 0x0)

[  866.130475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:54 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[  866.211599] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  866.219656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  866.222889] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:06:54 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c0146"], 0x34}}, 0x0)

19:06:54 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:06:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:06:54 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:06:54 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:54 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:06:54 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0x0, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:03 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0x0, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:03 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:07:03 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:03 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:07:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:03 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:07:03 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[  875.353754] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[  875.374874] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  875.386244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  875.444637] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:03 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:03 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0x0, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:03 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:03 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:03 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:12 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:12 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:12 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:12 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:07:12 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:12 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:12 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:12 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[  884.937395] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:12 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[  884.978093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:12 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:12 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:12 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[  885.117698] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:12 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:13 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:13 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:13 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[  887.787688] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  887.790303] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  887.792739] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  887.797605] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  887.800299] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  889.825170] Bluetooth: hci6: command tx timeout
[  891.874145] Bluetooth: hci6: command tx timeout
[  893.921113] Bluetooth: hci6: command tx timeout
[  895.969153] Bluetooth: hci6: command tx timeout
[  904.415101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  904.416411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  904.470257] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  904.471733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  904.605724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  904.620587] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  904.629557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:42 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:07:42 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:42 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:07:42 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:42 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:42 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:42 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:42 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400"], 0x34}}, 0x0)

[  914.267058] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  914.275349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  914.280287] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:42 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[  914.328768] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:42 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:42 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400"], 0x34}}, 0x0)

19:07:42 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:42 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:42 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:42 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:42 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:52 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e"], 0x34}}, 0x0)

19:07:52 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:52 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:52 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:52 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:07:52 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:52 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:52 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[  925.125468] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  925.133209] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  925.135803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:53 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[  925.149195] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:07:53 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:07:53 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:07:53 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:07:53 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:07:53 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:07:53 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:03 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:08:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:03 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:08:03 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:03 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:08:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:03 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[  935.416838] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  935.428633] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  935.457329] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:03 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

[  935.508800] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:03 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:08:03 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:03 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:03 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49c"], 0x34}}, 0x0)

19:08:03 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:03 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:13 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:13 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:13 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:08:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:13 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:13 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:08:13 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:08:13 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e7302"], 0x34}}, 0x0)

19:08:13 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[  945.333957] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  945.335506] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  945.342616] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  945.351074] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:13 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd4"], 0x34}}, 0x0)

19:08:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:13 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e7302"], 0x34}}, 0x0)

19:08:13 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:13 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:13 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:13 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:13 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:13 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:13 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:22 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:22 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:22 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:08:22 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:08:22 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236ad"], 0x34}}, 0x0)

19:08:22 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:22 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:22 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa4"], 0x34}}, 0x0)

[  954.789699] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  954.790081] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:22 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:22 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  954.867988] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  954.879887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:22 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:31 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:08:31 executing program 1:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:08:31 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:08:31 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:08:31 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7c"], 0x34}}, 0x0)

19:08:31 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:31 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x0, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:31 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

[  963.908078] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  963.915284] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  963.916818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  963.922890] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:31 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x0, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:31 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

[  964.009349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  964.010754] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  964.017260] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:31 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x0, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:32 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:32 executing program 2:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:32 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:08:32 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d06780"], 0x34}}, 0x0)

19:08:32 executing program 5:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

[  964.424526] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:42 executing program 5:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:42 executing program 2:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:42 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0x0, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:42 executing program 1:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:08:42 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:08:42 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e36"], 0x34}}, 0x0)

19:08:42 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a4"], 0x34}}, 0x0)

19:08:42 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

[  974.604274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:42 executing program 2:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[  974.652476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:42 executing program 5:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:08:42 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bc"], 0x34}}, 0x0)

[  974.832850] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:42 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0x0, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:08:42 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e"], 0x34}}, 0x0)

19:08:42 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:42 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:08:42 executing program 0:
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:08:42 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

[  975.107760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:08:43 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[  977.848572] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  977.851642] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  977.856521] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  977.862866] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  977.865594] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  977.899773] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  977.909896] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  977.912645] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  977.937510] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  977.941821] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  979.938186] Bluetooth: hci5: command tx timeout
[  980.002084] Bluetooth: hci6: command tx timeout
[  981.986076] Bluetooth: hci5: command tx timeout
[  982.050037] Bluetooth: hci6: command tx timeout
[  984.033072] Bluetooth: hci5: command tx timeout
[  984.097056] Bluetooth: hci6: command tx timeout
[  986.082045] Bluetooth: hci5: command tx timeout
[  986.146071] Bluetooth: hci6: command tx timeout
[  987.194837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  987.195909] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  987.273374] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  987.273983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  987.383415] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  987.392250] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  987.403183] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  989.771970] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.773459] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  989.805056] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.806098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  989.889820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  989.895696] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  989.900967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:09:07 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:09:07 executing program 1:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:09:07 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:09:07 executing program 6:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:09:07 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0x0, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:09:07 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd494"], 0x34}}, 0x0)

19:09:07 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:09:07 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:09:08 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

[ 1000.210731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1000.246219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1000.276373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1000.278683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:09:08 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:09:08 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

[ 1000.462156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1002.731961] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1002.734099] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1002.738299] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1002.743252] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1002.745869] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1004.770091] Bluetooth: hci6: command tx timeout
[ 1006.817077] Bluetooth: hci6: command tx timeout
[ 1008.865127] Bluetooth: hci6: command tx timeout
[ 1010.913139] Bluetooth: hci6: command tx timeout
[ 1018.906459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1018.907848] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1018.962477] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1018.963574] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1019.051213] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1019.057150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1019.061921] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:09:37 executing program 1:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:09:37 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:09:37 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:09:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:09:37 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e"], 0x34}}, 0x0)

19:09:37 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:09:37 executing program 6:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0x0, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:09:37 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

[ 1029.427948] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1029.430266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1029.446151] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1029.457218] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1029.470836] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:09:37 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:09:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[ 1029.562514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:09:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:09:37 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:09:37 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:09:37 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:09:37 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:09:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[ 1029.972807] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1032.493427] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1032.498626] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1032.500780] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1032.509594] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1032.512384] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1034.529096] Bluetooth: hci6: command tx timeout
[ 1036.577101] Bluetooth: hci6: command tx timeout
[ 1038.625159] Bluetooth: hci6: command tx timeout
[ 1040.673090] Bluetooth: hci6: command tx timeout
[ 1048.786754] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1048.787900] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1048.851307] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1048.852633] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1048.946727] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1048.955605] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:05 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:05 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd49479910698b82e732b58e1"], 0x34}}, 0x0)

19:10:05 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:10:05 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:05 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:05 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:05 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:10:05 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

[ 1057.735646] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1057.736896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1057.740652] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1057.742735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1057.773940] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:05 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:05 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:05 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:05 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:10:05 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:10:05 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:10:05 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:05 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655"], 0x34}}, 0x0)

19:10:13 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:13 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:10:13 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:10:13 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:10:13 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:10:13 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:13 executing program 1:
syz_80211_inject_frame(0x0, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:13 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[ 1066.163255] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1066.169878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1066.211481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1066.213654] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1066.216697] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:14 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:10:14 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:10:14 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:14 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:10:14 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:14 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:14 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:14 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:14 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:10:14 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:10:14 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:10:14 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c01"], 0x34}}, 0x0)

19:10:14 executing program 1:
syz_80211_inject_frame(0x0, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[ 1066.675727] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1066.690709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:14 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:10:14 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

[ 1066.721036] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:14 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

[ 1066.748248] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1066.752208] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:14 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:10:14 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x0, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:14 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:10:14 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, 0x0, 0x0)

19:10:14 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:10:14 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:10:14 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

19:10:23 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x0, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:23 executing program 1:
syz_80211_inject_frame(0x0, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:23 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2"], 0x34}}, 0x0)

19:10:23 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:10:23 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:23 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:10:23 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce782"], 0x34}}, 0x0)

19:10:23 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

[ 1075.339667] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1075.341230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1075.353791] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1075.400752] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1075.401594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:23 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce782"], 0x34}}, 0x0)

19:10:23 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

19:10:23 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:10:23 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:23 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce782"], 0x34}}, 0x0)

19:10:31 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x0, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:31 executing program 0:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:31 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:31 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:31 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

19:10:31 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, 0x0, 0x0)

19:10:31 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:10:31 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

[ 1083.673632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1083.677301] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1083.698502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1083.711399] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1083.715982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1083.718753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1083.724701] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1083.730780] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:40 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, 0x0, 0x0)

19:10:40 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:40 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:40 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x0, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:40 executing program 6:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:10:40 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

19:10:40 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:10:40 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

[ 1092.872192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1092.874476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1092.880584] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1092.885430] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1092.906343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1092.907118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:40 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:10:40 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

19:10:40 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x0, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:40 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c4"], 0x34}}, 0x0)

19:10:40 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:10:40 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x34}}, 0x0)

19:10:41 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x0, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:41 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:10:41 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, 0x0, 0x0)

19:10:41 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:41 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:41 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:10:41 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

[ 1093.349729] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1093.362052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1093.371804] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1093.386933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1093.399121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1101.217107] Bluetooth: hci5: command 0x0406 tx timeout
19:10:50 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd67"], 0x34}}, 0x0)

19:10:50 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:50 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:10:50 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:50 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:50 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:50 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:10:50 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:10:51 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

[ 1103.199558] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1103.202923] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1103.206293] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:51 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

[ 1103.220770] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1103.227656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:10:51 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd67"], 0x34}}, 0x0)

19:10:51 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:51 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:10:51 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:51 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd67"], 0x34}}, 0x0)

19:10:51 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)

19:10:51 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e4"], 0x34}}, 0x0)

19:10:51 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:10:51 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa48"], 0x34}}, 0x0)

19:10:51 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:10:51 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:10:51 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x0, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[ 1103.656221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1103.663740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1103.670164] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:00 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:11:00 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:11:00 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:11:00 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd"], 0x34}}, 0x0)

19:11:00 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x0, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:11:00 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x34}}, 0x0)

19:11:00 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710"], 0x34}}, 0x0)

19:11:00 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000006c0)={0x14, r1, 0xb341daa0822653b3, 0x0, 0x0, {0x19}}, 0x14}}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r2)
sendmsg$IEEE802154_ADD_IFACE(r3, &(0x7f0000000880)={0x0, 0x7bcd, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c014655e400fb7e730236addfa45b7cfae8d35e368ab117c0a47c905eb6bcb8d47a1d6e58f5994c419a4369c468e49ddf7b873eee5ce78275941c37107477d334e431ed9a451f2ad16368f17dcdee11c661fe026201a0b08976a82d4dcec01ab41b36ab00b1881c959ebfac544e0f01d16b7f698c05c8face47d97bc56f0854797b340043f8ca95e423e9cda24a51194011cf57cfc2f99451d067800ca49cd49479910698b82e732b58e1b8a79c8e1d35578d02ca621fb70b9f5259295ccb6cae3e9c5d504f93f46d658c218a0e47a203224521daf559c8f70bff8237042295136870422cc2ec50bab6"], 0x34}}, 0x0)

[ 1112.834680] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:00 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd"], 0x34}}, 0x0)

[ 1112.904424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1112.906247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1112.914722] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1112.923480] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:00 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa48"], 0x34}}, 0x0)

19:11:00 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710"], 0x34}}, 0x0)

19:11:00 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 1)

19:11:00 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd"], 0x34}}, 0x0)

19:11:00 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1113.107442] FAULT_INJECTION: forcing a failure.
[ 1113.107442] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1113.108665] CPU: 0 UID: 0 PID: 14879 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1113.108702] Tainted: [W]=WARN
[ 1113.108706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1113.108714] Call Trace:
[ 1113.108718]  <TASK>
[ 1113.108723]  dump_stack_lvl+0xfa/0x120
[ 1113.108749]  should_fail_ex+0x4d7/0x5e0
[ 1113.108767]  _copy_from_user+0x30/0xd0
[ 1113.108785]  copy_msghdr_from_user+0x88/0x150
[ 1113.108805]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1113.108828]  ? lock_acquire+0x15e/0x2f0
[ 1113.108846]  ___sys_sendmsg+0xdc/0x1b0
[ 1113.108865]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1113.108885]  ? proc_fail_nth_write+0x97/0x220
[ 1113.108903]  ? lock_acquire+0x15e/0x2f0
[ 1113.108916]  ? __fget_files+0x34/0x3b0
[ 1113.108929]  ? find_held_lock+0x2b/0x80
[ 1113.108947]  ? __fget_files+0x203/0x3b0
[ 1113.108958]  ? lock_release+0xc8/0x290
[ 1113.108974]  ? __fget_files+0x20d/0x3b0
[ 1113.108996]  __sys_sendmsg+0x150/0x200
[ 1113.109017]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1113.109037]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1113.109051]  ? fput+0x6a/0x100
[ 1113.109070]  ? ksys_write+0x1a3/0x240
[ 1113.109083]  ? __pfx_ksys_write+0x10/0x10
[ 1113.109101]  do_syscall_64+0xbf/0x360
[ 1113.109114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1113.109127] RIP: 0033:0x7f63d56acb19
[ 1113.109137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1113.109149] RSP: 002b:00007f63d2c22188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1113.109160] RAX: ffffffffffffffda RBX: 00007f63d57bff60 RCX: 00007f63d56acb19
[ 1113.109169] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000005
[ 1113.109176] RBP: 00007f63d2c221d0 R08: 0000000000000000 R09: 0000000000000000
[ 1113.109184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1113.109191] R13: 00007ffe3830f0ef R14: 00007f63d2c22300 R15: 0000000000022000
[ 1113.109206]  </TASK>
19:11:01 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 1)

19:11:01 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1113.202852] FAULT_INJECTION: forcing a failure.
[ 1113.202852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1113.203950] CPU: 0 UID: 0 PID: 14887 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1113.203970] Tainted: [W]=WARN
[ 1113.203974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1113.203986] Call Trace:
[ 1113.203991]  <TASK>
[ 1113.203995]  dump_stack_lvl+0xfa/0x120
[ 1113.204022]  should_fail_ex+0x4d7/0x5e0
[ 1113.204041]  _copy_from_user+0x30/0xd0
[ 1113.204058]  copy_msghdr_from_user+0x88/0x150
[ 1113.204079]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1113.204099]  ? __pfx_perf_tp_event+0x10/0x10
[ 1113.204118]  ? lock_acquire+0x15e/0x2f0
[ 1113.204135]  ___sys_sendmsg+0xdc/0x1b0
[ 1113.204153]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1113.204174]  ? proc_fail_nth_write+0x97/0x220
[ 1113.204190]  ? lock_acquire+0x15e/0x2f0
[ 1113.204203]  ? __fget_files+0x34/0x3b0
[ 1113.204217]  ? find_held_lock+0x2b/0x80
[ 1113.204235]  ? __fget_files+0x203/0x3b0
[ 1113.204246]  ? lock_release+0xc8/0x290
[ 1113.204262]  ? __fget_files+0x20d/0x3b0
[ 1113.204278]  __sys_sendmsg+0x150/0x200
[ 1113.204306]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1113.204333]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1113.204350]  ? fput+0x6a/0x100
[ 1113.204371]  ? ksys_write+0x1a3/0x240
[ 1113.204385]  ? __pfx_ksys_write+0x10/0x10
[ 1113.204403]  do_syscall_64+0xbf/0x360
[ 1113.204416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1113.204429] RIP: 0033:0x7f32ed858b19
[ 1113.204438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1113.204450] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1113.204462] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1113.204471] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1113.204478] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1113.204485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1113.204493] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1113.204508]  </TASK>
19:11:09 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x0, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:11:09 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 2)

19:11:09 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}]}, @void}, 0x27)

19:11:09 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c0005000000"], 0x34}}, 0x0)

19:11:09 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdce"], 0x34}}, 0x0)

19:11:09 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:11:09 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 2)

19:11:09 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x0, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[ 1121.574330] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1121.591079] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1121.592691] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1121.594484] FAULT_INJECTION: forcing a failure.
[ 1121.594484] name failslab, interval 1, probability 0, space 0, times 1
[ 1121.595443] CPU: 1 UID: 0 PID: 14953 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1121.595463] Tainted: [W]=WARN
[ 1121.595467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1121.595475] Call Trace:
[ 1121.595480]  <TASK>
[ 1121.595485]  dump_stack_lvl+0xfa/0x120
[ 1121.595512]  should_fail_ex+0x4d7/0x5e0
[ 1121.595531]  should_failslab+0xc2/0x120
[ 1121.595549]  kmem_cache_alloc_node_noprof+0x79/0x690
[ 1121.595570]  ? __pfx_netlink_insert+0x10/0x10
[ 1121.595591]  ? __alloc_skb+0x2ab/0x370
[ 1121.595608]  ? find_held_lock+0x2b/0x80
[ 1121.595636]  ? __alloc_skb+0x2ab/0x370
[ 1121.595652]  __alloc_skb+0x2ab/0x370
[ 1121.595668]  ? __pfx___alloc_skb+0x10/0x10
[ 1121.595687]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1121.595709]  netlink_alloc_large_skb+0x69/0x150
[ 1121.595728]  netlink_sendmsg+0x676/0xd80
[ 1121.595750]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1121.595775]  ____sys_sendmsg+0xa67/0xc20
[ 1121.595791]  ? copy_msghdr_from_user+0xfb/0x150
[ 1121.595810]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1121.595828]  ? lock_acquire+0x15e/0x2f0
[ 1121.595844]  ___sys_sendmsg+0x10f/0x1b0
[ 1121.595863]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1121.595883]  ? proc_fail_nth_write+0x97/0x220
[ 1121.595900]  ? lock_acquire+0x15e/0x2f0
[ 1121.595913]  ? __fget_files+0x34/0x3b0
[ 1121.595926]  ? find_held_lock+0x2b/0x80
[ 1121.595943]  ? __fget_files+0x203/0x3b0
[ 1121.595954]  ? lock_release+0xc8/0x290
[ 1121.595970]  ? __fget_files+0x20d/0x3b0
[ 1121.595991]  __sys_sendmsg+0x150/0x200
[ 1121.596008]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1121.596031]  ? __pfx_ksys_write+0x10/0x10
[ 1121.596050]  do_syscall_64+0xbf/0x360
[ 1121.596064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1121.596077] RIP: 0033:0x7f63d56acb19
[ 1121.596087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1121.596098] RSP: 002b:00007f63d2c22188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1121.596111] RAX: ffffffffffffffda RBX: 00007f63d57bff60 RCX: 00007f63d56acb19
[ 1121.596119] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000005
[ 1121.596126] RBP: 00007f63d2c221d0 R08: 0000000000000000 R09: 0000000000000000
[ 1121.596134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1121.596142] R13: 00007ffe3830f0ef R14: 00007f63d2c22300 R15: 0000000000022000
[ 1121.596157]  </TASK>
[ 1121.606972] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:09 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 3)

[ 1121.646221] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1121.646552] FAULT_INJECTION: forcing a failure.
[ 1121.646552] name failslab, interval 1, probability 0, space 0, times 0
[ 1121.647838] CPU: 1 UID: 0 PID: 14958 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1121.647857] Tainted: [W]=WARN
[ 1121.647861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1121.647868] Call Trace:
[ 1121.647872]  <TASK>
[ 1121.647876]  dump_stack_lvl+0xfa/0x120
[ 1121.647898]  should_fail_ex+0x4d7/0x5e0
[ 1121.647914]  should_failslab+0xc2/0x120
[ 1121.647929]  kmem_cache_alloc_node_noprof+0x79/0x690
[ 1121.647948]  ? __pfx_netlink_insert+0x10/0x10
[ 1121.647965]  ? __alloc_skb+0x2ab/0x370
[ 1121.647985]  ? find_held_lock+0x2b/0x80
[ 1121.648005]  ? __alloc_skb+0x2ab/0x370
[ 1121.648020]  __alloc_skb+0x2ab/0x370
[ 1121.648037]  ? __pfx___alloc_skb+0x10/0x10
[ 1121.648056]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1121.648077]  netlink_alloc_large_skb+0x69/0x150
[ 1121.648097]  netlink_sendmsg+0x676/0xd80
[ 1121.648118]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1121.648142]  ____sys_sendmsg+0xa67/0xc20
[ 1121.648156]  ? copy_msghdr_from_user+0xfb/0x150
[ 1121.648174]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1121.648192]  ? lock_acquire+0x15e/0x2f0
[ 1121.648207]  ___sys_sendmsg+0x10f/0x1b0
[ 1121.648225]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1121.648246]  ? proc_fail_nth_write+0x97/0x220
[ 1121.648261]  ? lock_acquire+0x15e/0x2f0
[ 1121.648273]  ? __fget_files+0x34/0x3b0
[ 1121.648285]  ? find_held_lock+0x2b/0x80
[ 1121.648302]  ? __fget_files+0x203/0x3b0
[ 1121.648313]  ? lock_release+0xc8/0x290
[ 1121.648328]  ? __fget_files+0x20d/0x3b0
[ 1121.648344]  __sys_sendmsg+0x150/0x200
[ 1121.648362]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1121.648384]  ? __pfx_ksys_write+0x10/0x10
[ 1121.648415]  do_syscall_64+0xbf/0x360
[ 1121.648428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1121.648440] RIP: 0033:0x7f32ed858b19
[ 1121.648450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1121.648461] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1121.648474] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1121.648482] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1121.648489] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1121.648496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1121.648503] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1121.648519]  </TASK>
19:11:09 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c0005000000"], 0x34}}, 0x0)

[ 1121.689400] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:09 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdce"], 0x34}}, 0x0)

[ 1121.772568] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
19:11:09 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 3)

[ 1124.199628] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1124.203488] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1124.208747] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1124.214393] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1124.217926] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1126.242103] Bluetooth: hci4: command tx timeout
[ 1128.289103] Bluetooth: hci4: command tx timeout
[ 1130.337072] Bluetooth: hci4: command tx timeout
[ 1132.385056] Bluetooth: hci4: command tx timeout
[ 1140.269857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1140.271161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1140.312217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1140.313287] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1140.430451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:36 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 4)

19:11:36 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x0, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:11:36 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c0005000000"], 0x34}}, 0x0)

19:11:36 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdce"], 0x34}}, 0x0)

19:11:36 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}]}, @void}, 0x26)

19:11:36 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:11:36 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)

19:11:36 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 4)

19:11:36 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x0, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1148.993572] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1149.000192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1149.002732] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1149.011356] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1149.011788] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:36 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 5)

[ 1149.029160] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
19:11:36 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:11:45 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}]}, @void}, 0x26)

19:11:45 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)

19:11:45 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x0, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:11:45 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 5)

19:11:45 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 6)

19:11:45 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:11:45 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

19:11:45 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048"], 0x34}}, 0x0)

[ 1158.082297] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1158.083451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1158.083744] FAULT_INJECTION: forcing a failure.
[ 1158.083744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1158.085858] CPU: 1 UID: 0 PID: 15513 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1158.085878] Tainted: [W]=WARN
[ 1158.085882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1158.085889] Call Trace:
[ 1158.085894]  <TASK>
[ 1158.085898]  dump_stack_lvl+0xfa/0x120
[ 1158.085924]  should_fail_ex+0x4d7/0x5e0
[ 1158.085942]  _copy_from_iter+0x1dc/0x1660
[ 1158.085959]  ? lock_acquire+0x15e/0x2f0
[ 1158.085973]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1158.085997]  ? find_held_lock+0x2b/0x80
[ 1158.086016]  ? __pfx__copy_from_iter+0x10/0x10
[ 1158.086034]  ? lock_release+0xc8/0x290
[ 1158.086050]  ? __virt_addr_valid+0x100/0x5d0
[ 1158.086069]  ? __check_object_size+0x57b/0x880
[ 1158.086092]  netlink_sendmsg+0x809/0xd80
[ 1158.086115]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1158.086140]  ____sys_sendmsg+0xa67/0xc20
[ 1158.086155]  ? copy_msghdr_from_user+0xfb/0x150
[ 1158.086173]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1158.086192]  ? lock_acquire+0x15e/0x2f0
[ 1158.086207]  ___sys_sendmsg+0x10f/0x1b0
[ 1158.086225]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1158.086245]  ? proc_fail_nth_write+0x97/0x220
[ 1158.086262]  ? lock_acquire+0x15e/0x2f0
[ 1158.086275]  ? __fget_files+0x34/0x3b0
[ 1158.086288]  ? find_held_lock+0x2b/0x80
[ 1158.086305]  ? __fget_files+0x203/0x3b0
[ 1158.086317]  ? lock_release+0xc8/0x290
[ 1158.086332]  ? __fget_files+0x20d/0x3b0
[ 1158.086348]  __sys_sendmsg+0x150/0x200
[ 1158.086366]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1158.086389]  ? __pfx_ksys_write+0x10/0x10
[ 1158.086407]  do_syscall_64+0xbf/0x360
[ 1158.086420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1158.086434] RIP: 0033:0x7f63d56acb19
[ 1158.086443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1158.086455] RSP: 002b:00007f63d2c22188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1158.086467] RAX: ffffffffffffffda RBX: 00007f63d57bff60 RCX: 00007f63d56acb19
[ 1158.086476] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000005
[ 1158.086483] RBP: 00007f63d2c221d0 R08: 0000000000000000 R09: 0000000000000000
[ 1158.086490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1158.086498] R13: 00007ffe3830f0ef R14: 00007f63d2c22300 R15: 0000000000022000
[ 1158.086513]  </TASK>
[ 1158.106611] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1158.109605] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1158.116387] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:46 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 6)

19:11:46 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 7)

19:11:46 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f00706879"], 0x34}}, 0x0)

[ 1158.178564] FAULT_INJECTION: forcing a failure.
[ 1158.178564] name failslab, interval 1, probability 0, space 0, times 0
[ 1158.179561] CPU: 1 UID: 0 PID: 15522 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1158.179580] Tainted: [W]=WARN
[ 1158.179584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1158.179592] Call Trace:
[ 1158.179596]  <TASK>
[ 1158.179601]  dump_stack_lvl+0xfa/0x120
[ 1158.179627]  should_fail_ex+0x4d7/0x5e0
[ 1158.179645]  should_failslab+0xc2/0x120
[ 1158.179662]  __kmalloc_noprof+0xc8/0x6e0
[ 1158.179680]  ? lock_release+0xc8/0x290
[ 1158.179695]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1158.179715]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1158.179729]  genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1158.179746]  genl_family_rcv_msg_doit+0xab/0x2f0
[ 1158.179760]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1158.179776]  ? cap_capable+0xdb/0x3b0
[ 1158.179795]  ? security_capable+0x2f/0x90
[ 1158.179814]  genl_rcv_msg+0x532/0x7e0
[ 1158.179828]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1158.179841]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1158.179860]  ? __lock_acquire+0x694/0x1b70
[ 1158.179875]  netlink_rcv_skb+0x147/0x430
[ 1158.179894]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1158.179907]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1158.179933]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1158.179950]  ? selinux_netlink_send+0x507/0x880
[ 1158.179964]  ? is_vmalloc_addr+0x86/0xa0
[ 1158.179989]  genl_rcv+0x28/0x40
[ 1158.179999]  netlink_unicast+0x5a7/0x870
[ 1158.180024]  ? __pfx_netlink_unicast+0x10/0x10
[ 1158.180049]  netlink_sendmsg+0x8ac/0xd80
[ 1158.180070]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1158.180096]  ____sys_sendmsg+0xa67/0xc20
[ 1158.180111]  ? copy_msghdr_from_user+0xfb/0x150
[ 1158.180129]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1158.180148]  ? lock_acquire+0x15e/0x2f0
[ 1158.180163]  ___sys_sendmsg+0x10f/0x1b0
[ 1158.180182]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1158.180202]  ? proc_fail_nth_write+0x97/0x220
[ 1158.180219]  ? lock_acquire+0x15e/0x2f0
[ 1158.180232]  ? __fget_files+0x34/0x3b0
[ 1158.180244]  ? find_held_lock+0x2b/0x80
[ 1158.180262]  ? __fget_files+0x203/0x3b0
[ 1158.180273]  ? lock_release+0xc8/0x290
[ 1158.180289]  ? __fget_files+0x20d/0x3b0
[ 1158.180306]  __sys_sendmsg+0x150/0x200
[ 1158.180323]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1158.180346]  ? __pfx_ksys_write+0x10/0x10
[ 1158.180366]  do_syscall_64+0xbf/0x360
[ 1158.180379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1158.180392] RIP: 0033:0x7f63d56acb19
[ 1158.180401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1158.180412] RSP: 002b:00007f63d2c22188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1158.180424] RAX: ffffffffffffffda RBX: 00007f63d57bff60 RCX: 00007f63d56acb19
[ 1158.180433] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000005
[ 1158.180440] RBP: 00007f63d2c221d0 R08: 0000000000000000 R09: 0000000000000000
[ 1158.180448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1158.180455] R13: 00007ffe3830f0ef R14: 00007f63d2c22300 R15: 0000000000022000
[ 1158.180471]  </TASK>
19:11:46 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048"], 0x34}}, 0x0)

[ 1158.263540] FAULT_INJECTION: forcing a failure.
[ 1158.263540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1158.265434] CPU: 0 UID: 0 PID: 15524 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1158.265487] Tainted: [W]=WARN
[ 1158.265497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1158.265509] Call Trace:
[ 1158.265516]  <TASK>
[ 1158.265525]  dump_stack_lvl+0xfa/0x120
[ 1158.265566]  should_fail_ex+0x4d7/0x5e0
[ 1158.265598]  _copy_from_iter+0x1dc/0x1660
[ 1158.265626]  ? lock_acquire+0x15e/0x2f0
[ 1158.265653]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1158.265688]  ? find_held_lock+0x2b/0x80
[ 1158.265722]  ? __pfx__copy_from_iter+0x10/0x10
[ 1158.265748]  ? lock_release+0xc8/0x290
[ 1158.265776]  ? __virt_addr_valid+0x100/0x5d0
[ 1158.265812]  ? __check_object_size+0x57b/0x880
[ 1158.265852]  netlink_sendmsg+0x809/0xd80
[ 1158.265893]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1158.265940]  ____sys_sendmsg+0xa67/0xc20
[ 1158.265967]  ? copy_msghdr_from_user+0xfb/0x150
[ 1158.266008]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1158.266037]  ? __pfx_perf_tp_event+0x10/0x10
[ 1158.266071]  ? lock_acquire+0x15e/0x2f0
[ 1158.266099]  ___sys_sendmsg+0x10f/0x1b0
[ 1158.266133]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1158.266171]  ? proc_fail_nth_write+0x97/0x220
[ 1158.266200]  ? lock_acquire+0x15e/0x2f0
[ 1158.266224]  ? __fget_files+0x34/0x3b0
[ 1158.266246]  ? find_held_lock+0x2b/0x80
[ 1158.266278]  ? __fget_files+0x203/0x3b0
[ 1158.266299]  ? lock_release+0xc8/0x290
[ 1158.266328]  ? __fget_files+0x20d/0x3b0
[ 1158.266359]  __sys_sendmsg+0x150/0x200
[ 1158.266393]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1158.266436]  ? __pfx_ksys_write+0x10/0x10
[ 1158.266469]  do_syscall_64+0xbf/0x360
[ 1158.266493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1158.266516] RIP: 0033:0x7f32ed858b19
[ 1158.266532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1158.266553] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1158.266575] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1158.266589] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1158.266602] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1158.266615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1158.266628] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1158.266657]  </TASK>
19:11:46 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048"], 0x34}}, 0x0)

[ 1158.561652] Bluetooth: hci6: command 0x0406 tx timeout
19:11:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 8)

19:11:54 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:11:54 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:11:54 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:11:54 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6a"], 0x34}}, 0x0)

19:11:54 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x0, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:11:54 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 7)

19:11:54 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}]}, @void}, 0x26)

[ 1166.947955] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:54 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 9)

[ 1167.003368] FAULT_INJECTION: forcing a failure.
[ 1167.003368] name failslab, interval 1, probability 0, space 0, times 0
[ 1167.004447] CPU: 1 UID: 0 PID: 15573 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1167.004466] Tainted: [W]=WARN
[ 1167.004470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1167.004478] Call Trace:
[ 1167.004482]  <TASK>
[ 1167.004487]  dump_stack_lvl+0xfa/0x120
[ 1167.004512]  should_fail_ex+0x4d7/0x5e0
[ 1167.004531]  should_failslab+0xc2/0x120
[ 1167.004547]  __kmalloc_noprof+0xc8/0x6e0
[ 1167.004565]  ? lock_release+0xc8/0x290
[ 1167.004580]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1167.004600]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1167.004614]  genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1167.004631]  genl_family_rcv_msg_doit+0xab/0x2f0
[ 1167.004644]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1167.004661]  ? cap_capable+0xdb/0x3b0
[ 1167.004680]  ? security_capable+0x2f/0x90
[ 1167.004699]  genl_rcv_msg+0x532/0x7e0
[ 1167.004713]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1167.004726]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1167.004745]  ? __lock_acquire+0x694/0x1b70
[ 1167.004760]  netlink_rcv_skb+0x147/0x430
[ 1167.004780]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1167.004793]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1167.004819]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1167.004836]  ? selinux_netlink_send+0x507/0x880
[ 1167.004850]  ? is_vmalloc_addr+0x86/0xa0
[ 1167.004871]  genl_rcv+0x28/0x40
[ 1167.004881]  netlink_unicast+0x5a7/0x870
[ 1167.004920]  ? __pfx_netlink_unicast+0x10/0x10
[ 1167.004953]  netlink_sendmsg+0x8ac/0xd80
[ 1167.004986]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1167.005018]  ____sys_sendmsg+0xa67/0xc20
[ 1167.005033]  ? copy_msghdr_from_user+0xfb/0x150
[ 1167.005051]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1167.005070]  ? lock_acquire+0x15e/0x2f0
[ 1167.005086]  ___sys_sendmsg+0x10f/0x1b0
[ 1167.005104]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1167.005125]  ? proc_fail_nth_write+0x97/0x220
[ 1167.005141]  ? lock_acquire+0x15e/0x2f0
[ 1167.005154]  ? __fget_files+0x34/0x3b0
[ 1167.005166]  ? find_held_lock+0x2b/0x80
[ 1167.005184]  ? __fget_files+0x203/0x3b0
[ 1167.005195]  ? lock_release+0xc8/0x290
[ 1167.005211]  ? __fget_files+0x20d/0x3b0
[ 1167.005228]  __sys_sendmsg+0x150/0x200
[ 1167.005246]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1167.005269]  ? __pfx_ksys_write+0x10/0x10
[ 1167.005287]  do_syscall_64+0xbf/0x360
[ 1167.005300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1167.005313] RIP: 0033:0x7f32ed858b19
[ 1167.005322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1167.005334] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1167.005346] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1167.005354] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1167.005361] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1167.005368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1167.005375] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1167.005391]  </TASK>
[ 1167.032869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1167.036338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1167.042142] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1167.056758] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1167.078118] FAULT_INJECTION: forcing a failure.
[ 1167.078118] name failslab, interval 1, probability 0, space 0, times 0
[ 1167.079066] CPU: 1 UID: 0 PID: 15587 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1167.079088] Tainted: [W]=WARN
[ 1167.079092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1167.079100] Call Trace:
[ 1167.079104]  <TASK>
[ 1167.079109]  dump_stack_lvl+0xfa/0x120
[ 1167.079132]  should_fail_ex+0x4d7/0x5e0
[ 1167.079150]  should_failslab+0xc2/0x120
[ 1167.079166]  kmem_cache_alloc_node_noprof+0x79/0x690
[ 1167.079187]  ? do_raw_spin_unlock+0x53/0x220
[ 1167.079204]  ? __alloc_skb+0x2ab/0x370
[ 1167.079224]  ? __alloc_skb+0x2ab/0x370
[ 1167.079240]  __alloc_skb+0x2ab/0x370
[ 1167.079257]  ? __pfx___alloc_skb+0x10/0x10
[ 1167.079274]  ? __pfx_class_find_device+0x10/0x10
[ 1167.079299]  ieee802154_nl_new_reply+0x33/0x110
[ 1167.079322]  ieee802154_add_iface+0x244/0x970
[ 1167.079338]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1167.079352]  ? trace_kmalloc+0x1f/0xb0
[ 1167.079369]  ? __nla_parse+0x42/0x60
[ 1167.079386]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1167.079402]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1167.079419]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1167.079433]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1167.079452]  ? security_capable+0x2f/0x90
[ 1167.079472]  genl_rcv_msg+0x532/0x7e0
[ 1167.079486]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1167.079499]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1167.079516]  ? __lock_acquire+0x694/0x1b70
[ 1167.079532]  netlink_rcv_skb+0x147/0x430
[ 1167.079551]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1167.079564]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1167.079590]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1167.079607]  ? selinux_netlink_send+0x507/0x880
[ 1167.079621]  ? is_vmalloc_addr+0x86/0xa0
[ 1167.079641]  genl_rcv+0x28/0x40
[ 1167.079651]  netlink_unicast+0x5a7/0x870
[ 1167.079672]  ? __pfx_netlink_unicast+0x10/0x10
[ 1167.079697]  netlink_sendmsg+0x8ac/0xd80
[ 1167.079719]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1167.079744]  ____sys_sendmsg+0xa67/0xc20
[ 1167.079758]  ? copy_msghdr_from_user+0xfb/0x150
[ 1167.079776]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1167.079794]  ? lock_acquire+0x15e/0x2f0
[ 1167.079810]  ___sys_sendmsg+0x10f/0x1b0
[ 1167.079828]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1167.079849]  ? proc_fail_nth_write+0x97/0x220
[ 1167.079865]  ? lock_acquire+0x15e/0x2f0
[ 1167.079878]  ? __fget_files+0x34/0x3b0
[ 1167.079890]  ? find_held_lock+0x2b/0x80
[ 1167.079909]  ? __fget_files+0x203/0x3b0
[ 1167.079920]  ? lock_release+0xc8/0x290
[ 1167.079935]  ? __fget_files+0x20d/0x3b0
[ 1167.079952]  __sys_sendmsg+0x150/0x200
[ 1167.079970]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1167.079992]  ? __pfx_ksys_write+0x10/0x10
[ 1167.080011]  do_syscall_64+0xbf/0x360
[ 1167.080024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1167.080037] RIP: 0033:0x7f63d56acb19
[ 1167.080046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1167.080058] RSP: 002b:00007f63d2c22188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1167.080070] RAX: ffffffffffffffda RBX: 00007f63d57bff60 RCX: 00007f63d56acb19
[ 1167.080078] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000005
[ 1167.080085] RBP: 00007f63d2c221d0 R08: 0000000000000000 R09: 0000000000000000
[ 1167.080092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1167.080099] R13: 00007ffe3830f0ef R14: 00007f63d2c22300 R15: 0000000000022000
[ 1167.080115]  </TASK>
19:11:55 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 10)

19:11:55 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6a"], 0x34}}, 0x0)

19:11:55 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:11:55 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 8)

19:11:55 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x0, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:11:55 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6a"], 0x34}}, 0x0)

19:11:55 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:11:55 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}]}, @void}, 0x27)

[ 1167.401860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:11:55 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 11)

19:11:55 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:11:55 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53e"], 0x34}}, 0x0)

19:11:55 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5"], 0x34}}, 0x0)

[ 1167.575558] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1167.670422] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:04 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 9)

19:12:04 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:12:04 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}]}, @void}, 0x27)

19:12:04 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0) (fail_nth: 12)

19:12:04 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdce"], 0x34}}, 0x0)

19:12:04 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x0, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:04 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:12:04 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6a"], 0x34}}, 0x0)

[ 1176.925510] FAULT_INJECTION: forcing a failure.
[ 1176.925510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1176.927720] CPU: 0 UID: 0 PID: 15705 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1176.927760] Tainted: [W]=WARN
[ 1176.927768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1176.927782] Call Trace:
[ 1176.927791]  <TASK>
[ 1176.927800]  dump_stack_lvl+0xfa/0x120
[ 1176.927846]  should_fail_ex+0x4d7/0x5e0
[ 1176.927882]  _copy_from_user+0x30/0xd0
[ 1176.927916]  kstrtouint_from_user+0xbd/0x180
[ 1176.927956]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1176.928003]  ? __lock_acquire+0xc65/0x1b70
[ 1176.928048]  proc_fail_nth_write+0x7b/0x220
[ 1176.928078]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1176.928108]  ? lock_is_held_type+0x9e/0x120
[ 1176.928150]  vfs_write+0x2b7/0x1150
[ 1176.928175]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1176.928209]  ? __pfx_vfs_write+0x10/0x10
[ 1176.928237]  ? lock_release+0xc8/0x290
[ 1176.928270]  ? __fget_files+0x20d/0x3b0
[ 1176.928306]  ksys_write+0x121/0x240
[ 1176.928332]  ? __pfx_ksys_write+0x10/0x10
[ 1176.928369]  do_syscall_64+0xbf/0x360
[ 1176.928395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.928421] RIP: 0033:0x7f63d565f5ff
[ 1176.928440] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 1176.928463] RSP: 002b:00007f63d2c01170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1176.928487] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f63d565f5ff
[ 1176.928503] RDX: 0000000000000001 RSI: 00007f63d2c011e0 RDI: 0000000000000003
[ 1176.928518] RBP: 00007f63d2c011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1176.928532] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 1176.928547] R13: 00007ffe3830f0ef R14: 00007f63d2c01300 R15: 0000000000022000
[ 1176.928580]  </TASK>
19:12:04 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1177.016012] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1177.029878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1177.063773] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:04 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:12:04 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x0, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:15 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {}]}, @void}, 0x27)

19:12:15 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:12:15 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6a"], 0x34}}, 0x0)

19:12:15 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c0482"], 0x34}}, 0x0)

19:12:15 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 10)

19:12:15 executing program 3:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x0, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:15 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:12:15 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x0, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1187.425525] Bluetooth: Unexpected continuation frame (len 20)
[ 1187.426948] Bluetooth: hci4: SCO packet for unknown connection handle 0
[ 1187.427600] Bluetooth: hci4: link tx timeout
[ 1187.429939] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1187.464812] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1187.466279] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:15 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6a"], 0x34}}, 0x0)

19:12:15 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1187.597352] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1187.599691] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:15 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 11)

19:12:15 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:12:15 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c0482"], 0x34}}, 0x0)

19:12:15 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:12:15 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x2, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:12:15 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 12)

19:12:15 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}]}, @void}, 0x26)

[ 1187.918981] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1189.474328] Bluetooth: hci4: command 0x0406 tx timeout
[ 1191.457155] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1191.459209] Bluetooth: hci4: Injecting HCI hardware error event
[ 1191.461855] Bluetooth: hci4: hardware error 0x00
[ 1193.505135] Bluetooth: hci4: Opcode 0x0c03 failed: -110
19:12:24 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c0482"], 0x34}}, 0x0)

19:12:24 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:12:24 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}]}, @void}, 0x26)

19:12:24 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:12:24 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:24 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x0, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:12:24 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 13)

19:12:24 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x3, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1196.507432] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1196.557939] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:24 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3"], 0x34}}, 0x0)

[ 1196.621324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:24 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:24 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abf"], 0x34}}, 0x0)

19:12:24 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x4, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:12:24 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 14)

[ 1196.792137] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:24 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdce"], 0x34}}, 0x0)

19:12:24 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abf"], 0x34}}, 0x0)

19:12:24 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3"], 0x34}}, 0x0)

19:12:24 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x18}]}, @void}, 0x26)

19:12:24 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1197.040718] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1199.406967] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1199.411626] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1199.415779] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1199.421525] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1199.424278] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1201.505127] Bluetooth: hci5: command tx timeout
[ 1203.554054] Bluetooth: hci5: command tx timeout
[ 1205.601238] Bluetooth: hci5: command tx timeout
[ 1207.650237] Bluetooth: hci5: command tx timeout
[ 1215.603149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1215.604255] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1215.668553] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1215.669829] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1215.755466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1215.760896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1215.766866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:51 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 15)

19:12:51 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abf"], 0x34}}, 0x0)

19:12:51 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x5, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:12:51 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3"], 0x34}}, 0x0)

19:12:51 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:51 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x0, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:12:51 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}]}, @void}, 0x27)

19:12:51 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3"], 0x34}}, 0x0)

[ 1224.029438] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1224.031510] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1224.079734] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1224.085158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:12:51 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:52 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:12:52 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3"], 0x34}}, 0x0)

19:12:52 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:12:52 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 16)

19:13:00 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 17)

19:13:00 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:00 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}]}, @void}, 0x27)

19:13:00 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:00 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x6, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:00 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3"], 0x34}}, 0x0)

19:13:00 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x0, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:13:00 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:01 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:01 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x4, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1233.235431] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1233.235560] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1233.244548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:01 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1233.282847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:01 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:01 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 18)

19:13:01 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:01 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x7, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:01 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:01 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:01 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1233.469298] FAULT_INJECTION: forcing a failure.
[ 1233.469298] name failslab, interval 1, probability 0, space 0, times 0
[ 1233.470316] CPU: 1 UID: 0 PID: 16538 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1233.470336] Tainted: [W]=WARN
[ 1233.470340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1233.470347] Call Trace:
[ 1233.470352]  <TASK>
[ 1233.470356]  dump_stack_lvl+0xfa/0x120
[ 1233.470382]  should_fail_ex+0x4d7/0x5e0
[ 1233.470400]  should_failslab+0xc2/0x120
[ 1233.470416]  __kvmalloc_node_noprof+0x111/0x760
[ 1233.470429]  ? __pfx_dev_addr_init+0x10/0x10
[ 1233.470446]  ? lockdep_init_map_type+0x4b/0x240
[ 1233.470462]  ? alloc_netdev_mqs+0x945/0x1360
[ 1233.470483]  ? alloc_netdev_mqs+0x945/0x1360
[ 1233.470499]  alloc_netdev_mqs+0x945/0x1360
[ 1233.470515]  ? __pfx_ieee802154_if_setup+0x10/0x10
[ 1233.470533]  ieee802154_if_add+0xcf/0x1140
[ 1233.470548]  ? __asan_memset+0x1/0x50
[ 1233.470560]  ? __pfx_ieee802154_if_add+0x10/0x10
[ 1233.470575]  ? __pfx___mutex_lock+0x10/0x10
[ 1233.470595]  ? skb_put+0x138/0x1b0
[ 1233.470613]  ? genlmsg_put+0x265/0x2e0
[ 1233.470629]  ieee802154_add_iface_deprecated+0x42/0x60
[ 1233.470648]  ieee802154_add_iface+0x472/0x970
[ 1233.470664]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1233.470678]  ? trace_kmalloc+0x1f/0xb0
[ 1233.470695]  ? __nla_parse+0x42/0x60
[ 1233.470712]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1233.470726]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1233.470743]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1233.470757]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1233.470777]  ? security_capable+0x2f/0x90
[ 1233.470796]  genl_rcv_msg+0x532/0x7e0
[ 1233.470811]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1233.470824]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1233.470841]  ? __lock_acquire+0x694/0x1b70
[ 1233.470856]  netlink_rcv_skb+0x147/0x430
[ 1233.470876]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1233.470889]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1233.470915]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1233.470932]  ? selinux_netlink_send+0x507/0x880
[ 1233.470945]  ? is_vmalloc_addr+0x86/0xa0
[ 1233.470966]  genl_rcv+0x28/0x40
[ 1233.470981]  netlink_unicast+0x5a7/0x870
[ 1233.471002]  ? __pfx_netlink_unicast+0x10/0x10
[ 1233.471028]  netlink_sendmsg+0x8ac/0xd80
[ 1233.471049]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1233.471074]  ____sys_sendmsg+0xa67/0xc20
[ 1233.471089]  ? copy_msghdr_from_user+0xfb/0x150
[ 1233.471107]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1233.471126]  ? lock_acquire+0x15e/0x2f0
[ 1233.471141]  ___sys_sendmsg+0x10f/0x1b0
[ 1233.471159]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1233.471180]  ? proc_fail_nth_write+0x97/0x220
[ 1233.471197]  ? lock_acquire+0x15e/0x2f0
[ 1233.471210]  ? __fget_files+0x34/0x3b0
[ 1233.471222]  ? find_held_lock+0x2b/0x80
[ 1233.471243]  ? __fget_files+0x203/0x3b0
[ 1233.471255]  ? lock_release+0xc8/0x290
[ 1233.471271]  ? __fget_files+0x20d/0x3b0
[ 1233.471288]  __sys_sendmsg+0x150/0x200
[ 1233.471305]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1233.471328]  ? __pfx_ksys_write+0x10/0x10
[ 1233.471348]  do_syscall_64+0xbf/0x360
[ 1233.471361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.471374] RIP: 0033:0x7f32ed858b19
[ 1233.471383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1233.471394] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1233.471407] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1233.471415] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1233.471422] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1233.471429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1233.471436] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1233.471452]  </TASK>
19:13:10 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:10 executing program 3:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:10 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 19)

19:13:10 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:10 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:10 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:13:10 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x8, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:10 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {}, {0x18}]}, @void}, 0x27)

[ 1242.484761] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1242.544502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1242.560241] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:10 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 20)

[ 1242.575451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:10 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x9, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:10 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:10 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:10 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1242.717401] FAULT_INJECTION: forcing a failure.
[ 1242.717401] name failslab, interval 1, probability 0, space 0, times 0
[ 1242.719053] CPU: 0 UID: 0 PID: 16611 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1242.719082] Tainted: [W]=WARN
[ 1242.719087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1242.719097] Call Trace:
[ 1242.719104]  <TASK>
[ 1242.719110]  dump_stack_lvl+0xfa/0x120
[ 1242.719145]  should_fail_ex+0x4d7/0x5e0
[ 1242.719171]  should_failslab+0xc2/0x120
[ 1242.719193]  __kvmalloc_node_noprof+0x111/0x760
[ 1242.719215]  ? alloc_netdev_mqs+0xaf1/0x1360
[ 1242.719240]  ? lockdep_init_map_type+0x4b/0x240
[ 1242.719268]  ? alloc_netdev_mqs+0xaf1/0x1360
[ 1242.719291]  alloc_netdev_mqs+0xaf1/0x1360
[ 1242.719321]  ieee802154_if_add+0xcf/0x1140
[ 1242.719343]  ? __asan_memset+0x1/0x50
[ 1242.719362]  ? __pfx_ieee802154_if_add+0x10/0x10
[ 1242.719384]  ? __pfx___mutex_lock+0x10/0x10
[ 1242.719411]  ? skb_put+0x138/0x1b0
[ 1242.719437]  ? genlmsg_put+0x265/0x2e0
[ 1242.719459]  ieee802154_add_iface_deprecated+0x42/0x60
[ 1242.719487]  ieee802154_add_iface+0x472/0x970
[ 1242.719511]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1242.719531]  ? trace_kmalloc+0x1f/0xb0
[ 1242.719556]  ? __nla_parse+0x42/0x60
[ 1242.719581]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1242.719601]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1242.719626]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1242.719646]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1242.719675]  ? security_capable+0x2f/0x90
[ 1242.719704]  genl_rcv_msg+0x532/0x7e0
[ 1242.719725]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1242.719745]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1242.719769]  ? __lock_acquire+0x694/0x1b70
[ 1242.719792]  netlink_rcv_skb+0x147/0x430
[ 1242.719819]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1242.719839]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1242.719876]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1242.719901]  ? selinux_netlink_send+0x507/0x880
[ 1242.719920]  ? is_vmalloc_addr+0x86/0xa0
[ 1242.719950]  genl_rcv+0x28/0x40
[ 1242.719972]  netlink_unicast+0x5a7/0x870
[ 1242.720021]  ? __pfx_netlink_unicast+0x10/0x10
[ 1242.720058]  netlink_sendmsg+0x8ac/0xd80
[ 1242.720089]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1242.720126]  ____sys_sendmsg+0xa67/0xc20
[ 1242.720147]  ? copy_msghdr_from_user+0xfb/0x150
[ 1242.720174]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1242.720197]  ? __pfx_perf_tp_event+0x10/0x10
[ 1242.720224]  ? lock_acquire+0x15e/0x2f0
[ 1242.720246]  ___sys_sendmsg+0x10f/0x1b0
[ 1242.720273]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1242.720304]  ? proc_fail_nth_write+0x97/0x220
[ 1242.720327]  ? lock_acquire+0x15e/0x2f0
[ 1242.720346]  ? __fget_files+0x34/0x3b0
[ 1242.720364]  ? find_held_lock+0x2b/0x80
[ 1242.720389]  ? __fget_files+0x203/0x3b0
[ 1242.720406]  ? lock_release+0xc8/0x290
[ 1242.720429]  ? __fget_files+0x20d/0x3b0
[ 1242.720454]  __sys_sendmsg+0x150/0x200
[ 1242.720479]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1242.720513]  ? __pfx_ksys_write+0x10/0x10
[ 1242.720541]  do_syscall_64+0xbf/0x360
[ 1242.720560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1242.720578] RIP: 0033:0x7f32ed858b19
[ 1242.720591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1242.720608] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1242.720625] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1242.720637] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1242.720648] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1242.720658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1242.720668] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1242.720692]  </TASK>
19:13:10 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:10 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x8, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:19 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xa, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:19 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}]}, @void}, 0x26)

19:13:19 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0x0, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:19 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 21)

19:13:19 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:19 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:13:19 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:19 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1251.374720] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:19 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1251.416679] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:19 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1251.454064] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:19 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

[ 1251.546273] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:19 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:19 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:19 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xc, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:19 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 22)

19:13:19 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:19 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}]}, @void}, 0x26)

19:13:19 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0x0, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:19 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:19 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xf, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1251.806686] FAULT_INJECTION: forcing a failure.
[ 1251.806686] name failslab, interval 1, probability 0, space 0, times 0
[ 1251.807663] CPU: 1 UID: 0 PID: 16694 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1251.807710] Tainted: [W]=WARN
[ 1251.807714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1251.807722] Call Trace:
[ 1251.807727]  <TASK>
[ 1251.807733]  dump_stack_lvl+0xfa/0x120
[ 1251.807762]  should_fail_ex+0x4d7/0x5e0
[ 1251.807782]  should_failslab+0xc2/0x120
[ 1251.807798]  __kmalloc_cache_noprof+0x73/0x690
[ 1251.807818]  ? alloc_netdev_mqs+0xbe5/0x1360
[ 1251.807840]  ? alloc_netdev_mqs+0xbe5/0x1360
[ 1251.807857]  alloc_netdev_mqs+0xbe5/0x1360
[ 1251.807878]  ieee802154_if_add+0xcf/0x1140
[ 1251.807895]  ? __asan_memset+0x24/0x50
[ 1251.807908]  ? __pfx_ieee802154_if_add+0x10/0x10
[ 1251.807923]  ? __pfx___mutex_lock+0x10/0x10
[ 1251.807941]  ? skb_put+0x138/0x1b0
[ 1251.807956]  ? __nlmsg_put+0x159/0x1d0
[ 1251.807979]  ? genlmsg_put+0x265/0x2e0
[ 1251.807995]  ieee802154_add_iface_deprecated+0x42/0x60
[ 1251.808014]  ieee802154_add_iface+0x472/0x970
[ 1251.808030]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1251.808044]  ? trace_kmalloc+0x1f/0xb0
[ 1251.808062]  ? __nla_parse+0x42/0x60
[ 1251.808079]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1251.808093]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1251.808110]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1251.808124]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1251.808143]  ? security_capable+0x2f/0x90
[ 1251.808163]  genl_rcv_msg+0x532/0x7e0
[ 1251.808177]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1251.808191]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1251.808208]  ? __lock_acquire+0x694/0x1b70
[ 1251.808225]  netlink_rcv_skb+0x147/0x430
[ 1251.808244]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1251.808257]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1251.808284]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1251.808307]  ? selinux_netlink_send+0x507/0x880
[ 1251.808321]  ? is_vmalloc_addr+0x86/0xa0
[ 1251.808343]  genl_rcv+0x28/0x40
[ 1251.808353]  netlink_unicast+0x5a7/0x870
[ 1251.808374]  ? __pfx_netlink_unicast+0x10/0x10
[ 1251.808399]  netlink_sendmsg+0x8ac/0xd80
[ 1251.808421]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1251.808446]  ____sys_sendmsg+0xa67/0xc20
[ 1251.808461]  ? copy_msghdr_from_user+0xfb/0x150
[ 1251.808479]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1251.808497]  ? lock_acquire+0x15e/0x2f0
[ 1251.808513]  ___sys_sendmsg+0x10f/0x1b0
[ 1251.808532]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1251.808553]  ? proc_fail_nth_write+0x97/0x220
[ 1251.808570]  ? lock_acquire+0x15e/0x2f0
[ 1251.808583]  ? __fget_files+0x34/0x3b0
[ 1251.808595]  ? find_held_lock+0x2b/0x80
[ 1251.808613]  ? __fget_files+0x203/0x3b0
[ 1251.808624]  ? lock_release+0xc8/0x290
[ 1251.808640]  ? __fget_files+0x20d/0x3b0
[ 1251.808657]  __sys_sendmsg+0x150/0x200
[ 1251.808675]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1251.808698]  ? __pfx_ksys_write+0x10/0x10
[ 1251.808717]  do_syscall_64+0xbf/0x360
[ 1251.808730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1251.808743] RIP: 0033:0x7f32ed858b19
[ 1251.808752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1251.808764] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1251.808776] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1251.808784] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1251.808791] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1251.808798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1251.808805] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1251.808821]  </TASK>
[ 1251.881962] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:28 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:28 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}]}, @void}, 0x26)

19:13:28 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0x0, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:28 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 23)

19:13:28 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:28 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:13:28 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xc, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:28 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xf0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1260.757315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:28 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 24)

[ 1260.828676] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:28 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3"], 0x34}}, 0x0)

19:13:28 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

[ 1260.901908] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:28 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1261.026571] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:37 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(0x0, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:13:37 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}]}, @void}, 0x27)

19:13:37 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:37 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 25)

19:13:37 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c0005000000"], 0x34}}, 0x0)

19:13:37 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x0, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:37 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x102, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1270.103047] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1270.107200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:37 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

[ 1270.192920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:38 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 26)

[ 1270.197637] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
19:13:38 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:38 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:38 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710"], 0x34}}, 0x0)

[ 1270.301870] FAULT_INJECTION: forcing a failure.
[ 1270.301870] name failslab, interval 1, probability 0, space 0, times 0
[ 1270.303992] CPU: 0 UID: 0 PID: 16826 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1270.304031] Tainted: [W]=WARN
[ 1270.304038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1270.304052] Call Trace:
[ 1270.304060]  <TASK>
[ 1270.304069]  dump_stack_lvl+0xfa/0x120
[ 1270.304113]  should_fail_ex+0x4d7/0x5e0
[ 1270.304147]  should_failslab+0xc2/0x120
[ 1270.304177]  __kvmalloc_node_noprof+0x111/0x760
[ 1270.304206]  ? alloc_netdev_mqs+0xd0e/0x1360
[ 1270.304248]  ? alloc_netdev_mqs+0xd0e/0x1360
[ 1270.304280]  alloc_netdev_mqs+0xd0e/0x1360
[ 1270.304321]  ieee802154_if_add+0xcf/0x1140
[ 1270.304351]  ? __asan_memset+0x24/0x50
[ 1270.304377]  ? __pfx_ieee802154_if_add+0x10/0x10
[ 1270.304406]  ? __pfx___mutex_lock+0x10/0x10
[ 1270.304443]  ? skb_put+0x138/0x1b0
[ 1270.304471]  ? __nlmsg_put+0x159/0x1d0
[ 1270.304505]  ? genlmsg_put+0x265/0x2e0
[ 1270.304535]  ieee802154_add_iface_deprecated+0x42/0x60
[ 1270.304573]  ieee802154_add_iface+0x472/0x970
[ 1270.304604]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1270.304632]  ? trace_kmalloc+0x1f/0xb0
[ 1270.304665]  ? __nla_parse+0x42/0x60
[ 1270.304700]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1270.304727]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1270.304761]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1270.304788]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1270.304827]  ? security_capable+0x2f/0x90
[ 1270.304864]  genl_rcv_msg+0x532/0x7e0
[ 1270.304893]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1270.304919]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1270.304953]  ? __lock_acquire+0x694/0x1b70
[ 1270.304985]  netlink_rcv_skb+0x147/0x430
[ 1270.305022]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1270.305048]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1270.305099]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1270.305132]  ? selinux_netlink_send+0x507/0x880
[ 1270.305158]  ? is_vmalloc_addr+0x86/0xa0
[ 1270.305198]  genl_rcv+0x28/0x40
[ 1270.305219]  netlink_unicast+0x5a7/0x870
[ 1270.305260]  ? __pfx_netlink_unicast+0x10/0x10
[ 1270.305310]  netlink_sendmsg+0x8ac/0xd80
[ 1270.305353]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1270.305403]  ____sys_sendmsg+0xa67/0xc20
[ 1270.305431]  ? copy_msghdr_from_user+0xfb/0x150
[ 1270.305467]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1270.305499]  ? __pfx_perf_tp_event+0x10/0x10
[ 1270.305534]  ? lock_acquire+0x15e/0x2f0
[ 1270.305565]  ___sys_sendmsg+0x10f/0x1b0
[ 1270.305601]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1270.305643]  ? proc_fail_nth_write+0x97/0x220
[ 1270.305674]  ? lock_acquire+0x15e/0x2f0
[ 1270.305699]  ? __fget_files+0x34/0x3b0
[ 1270.305722]  ? find_held_lock+0x2b/0x80
[ 1270.305757]  ? __fget_files+0x203/0x3b0
[ 1270.305779]  ? lock_release+0xc8/0x290
[ 1270.305810]  ? __fget_files+0x20d/0x3b0
[ 1270.305844]  __sys_sendmsg+0x150/0x200
[ 1270.305879]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1270.305925]  ? __pfx_ksys_write+0x10/0x10
[ 1270.305961]  do_syscall_64+0xbf/0x360
[ 1270.305986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1270.306011] RIP: 0033:0x7f32ed858b19
[ 1270.306029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1270.306052] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1270.306087] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1270.306103] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1270.306117] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1270.306131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1270.306145] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1270.306178]  </TASK>
19:13:46 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}]}, @void}, 0x27)

19:13:46 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34) (fail_nth: 1)

19:13:46 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x109, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:46 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:46 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x0, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:46 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:46 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 27)

19:13:46 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(0x0, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[ 1278.974365] FAULT_INJECTION: forcing a failure.
[ 1278.974365] name failslab, interval 1, probability 0, space 0, times 0
[ 1278.976414] CPU: 0 UID: 0 PID: 16875 Comm: syz-executor.3 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1278.976456] Tainted: [W]=WARN
[ 1278.976465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1278.976480] Call Trace:
[ 1278.976489]  <TASK>
[ 1278.976499]  dump_stack_lvl+0xfa/0x120
[ 1278.976547]  should_fail_ex+0x4d7/0x5e0
[ 1278.976583]  ? sock_alloc_inode+0x27/0x1d0
[ 1278.976611]  should_failslab+0xc2/0x120
[ 1278.976643]  kmem_cache_alloc_lru_noprof+0x76/0x6a0
19:13:46 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1278.976672]  ? selinux_socket_create+0x99/0x590
[ 1278.976717]  ? sock_alloc_inode+0x27/0x1d0
[ 1278.976742]  sock_alloc_inode+0x27/0x1d0
[ 1278.976768]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1278.976794]  alloc_inode+0x67/0x250
[ 1278.976830]  sock_alloc+0x40/0x270
[ 1278.976856]  __sock_create+0xc1/0x810
[ 1278.976893]  __sys_socket+0x145/0x260
[ 1278.976925]  ? __pfx___sys_socket+0x10/0x10
[ 1278.976955]  ? ksys_write+0x1a3/0x240
[ 1278.976992]  ? __pfx_ksys_write+0x10/0x10
[ 1278.977027]  __x64_sys_socket+0x73/0xb0
[ 1278.977060]  do_syscall_64+0xbf/0x360
[ 1278.977087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1278.977114] RIP: 0033:0x7f436e8b9197
[ 1278.977134] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1278.977158] RSP: 002b:00007f436be2c0c8 EFLAGS: 00000283 ORIG_RAX: 0000000000000029
[ 1278.977183] RAX: ffffffffffffffda RBX: 00007f436e9caf60 RCX: 00007f436e8b9197
[ 1278.977201] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1278.977216] RBP: 00007f436be2d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1278.977232] R10: 0000000000000000 R11: 0000000000000283 R12: 0000000000000001
[ 1278.977247] R13: 0000000000000034 R14: 00000000200002c0 R15: 0000000000022000
[ 1278.977283]  </TASK>
[ 1279.004636] socket: no more sockets
[ 1279.015147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1279.023801] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:46 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 28)

19:13:46 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

[ 1279.099859] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1279.105373] FAULT_INJECTION: forcing a failure.
[ 1279.105373] name failslab, interval 1, probability 0, space 0, times 0
[ 1279.106380] CPU: 1 UID: 0 PID: 16890 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1279.106399] Tainted: [W]=WARN
[ 1279.106403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1279.106410] Call Trace:
[ 1279.106415]  <TASK>
[ 1279.106419]  dump_stack_lvl+0xfa/0x120
[ 1279.106445]  should_fail_ex+0x4d7/0x5e0
[ 1279.106464]  should_failslab+0xc2/0x120
[ 1279.106480]  __kmalloc_noprof+0xc8/0x6e0
[ 1279.106497]  ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0
[ 1279.106511]  ? dev_prep_valid_name.constprop.0+0x150/0x690
[ 1279.106531]  ? dev_prep_valid_name.constprop.0+0x150/0x690
[ 1279.106547]  dev_prep_valid_name.constprop.0+0x150/0x690
[ 1279.106567]  ? __pfx_dev_prep_valid_name.constprop.0+0x10/0x10
[ 1279.106589]  ? alloc_netdev_mqs+0xebf/0x1360
[ 1279.106611]  ieee802154_if_add+0x150/0x1140
[ 1279.106627]  ? __asan_memset+0x24/0x50
[ 1279.106640]  ? __pfx_ieee802154_if_add+0x10/0x10
[ 1279.106655]  ? __pfx___mutex_lock+0x10/0x10
[ 1279.106674]  ? skb_put+0x138/0x1b0
[ 1279.106689]  ? __nlmsg_put+0x159/0x1d0
[ 1279.106706]  ? genlmsg_put+0x265/0x2e0
[ 1279.106722]  ieee802154_add_iface_deprecated+0x42/0x60
[ 1279.106741]  ieee802154_add_iface+0x472/0x970
[ 1279.106757]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1279.106771]  ? trace_kmalloc+0x1f/0xb0
[ 1279.106788]  ? __nla_parse+0x42/0x60
[ 1279.106805]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1279.106819]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1279.106836]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1279.106849]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1279.106869]  ? security_capable+0x2f/0x90
[ 1279.106888]  genl_rcv_msg+0x532/0x7e0
[ 1279.106903]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1279.106916]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1279.106933]  ? __lock_acquire+0x694/0x1b70
[ 1279.106950]  netlink_rcv_skb+0x147/0x430
[ 1279.106968]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1279.106986]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1279.107012]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1279.107029]  ? selinux_netlink_send+0x507/0x880
[ 1279.107042]  ? is_vmalloc_addr+0x86/0xa0
[ 1279.107063]  genl_rcv+0x28/0x40
[ 1279.107073]  netlink_unicast+0x5a7/0x870
[ 1279.107094]  ? __pfx_netlink_unicast+0x10/0x10
[ 1279.107119]  netlink_sendmsg+0x8ac/0xd80
[ 1279.107140]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1279.107166]  ____sys_sendmsg+0xa67/0xc20
[ 1279.107180]  ? copy_msghdr_from_user+0xfb/0x150
[ 1279.107198]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1279.107216]  ? lock_acquire+0x15e/0x2f0
[ 1279.107232]  ___sys_sendmsg+0x10f/0x1b0
[ 1279.107250]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1279.107271]  ? proc_fail_nth_write+0x97/0x220
[ 1279.107287]  ? lock_acquire+0x15e/0x2f0
[ 1279.107300]  ? __fget_files+0x34/0x3b0
[ 1279.107313]  ? find_held_lock+0x2b/0x80
[ 1279.107330]  ? __fget_files+0x203/0x3b0
[ 1279.107342]  ? lock_release+0xc8/0x290
[ 1279.107357]  ? __fget_files+0x20d/0x3b0
[ 1279.107374]  __sys_sendmsg+0x150/0x200
[ 1279.107392]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1279.107415]  ? __pfx_ksys_write+0x10/0x10
[ 1279.107434]  do_syscall_64+0xbf/0x360
[ 1279.107446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1279.107460] RIP: 0033:0x7f32ed858b19
[ 1279.107469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1279.107481] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1279.107493] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1279.107501] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1279.107508] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1279.107515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1279.107522] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1279.107538]  </TASK>
19:13:47 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x0, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:47 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:47 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:47 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 29)

19:13:47 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:13:56 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 30)

19:13:56 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(0x0, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:13:56 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:56 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {}, {0x12}, {0x18}]}, @void}, 0x27)

19:13:56 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34) (fail_nth: 2)

19:13:56 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:56 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x201, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:56 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1288.243200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1288.252901] FAULT_INJECTION: forcing a failure.
[ 1288.252901] name failslab, interval 1, probability 0, space 0, times 0
[ 1288.253960] CPU: 1 UID: 0 PID: 16948 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1288.253983] Tainted: [W]=WARN
[ 1288.253986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1288.253993] Call Trace:
[ 1288.253998]  <TASK>
[ 1288.254003]  dump_stack_lvl+0xfa/0x120
[ 1288.254028]  should_fail_ex+0x4d7/0x5e0
[ 1288.254046]  should_failslab+0xc2/0x120
[ 1288.254062]  __kmalloc_cache_noprof+0x73/0x690
[ 1288.254081]  ? lockdep_init_map_type+0x4b/0x240
[ 1288.254097]  ? register_netdevice+0x4c4/0x1d70
[ 1288.254117]  ? lockdep_init_map_type+0x4b/0x240
[ 1288.254133]  ? register_netdevice+0x4c4/0x1d70
[ 1288.254151]  register_netdevice+0x4c4/0x1d70
[ 1288.254170]  ? mark_held_locks+0x49/0x80
[ 1288.254185]  ? __pfx_register_netdevice+0x10/0x10
[ 1288.254202]  ? mac802154_llsec_set_params+0x490/0x570
[ 1288.254218]  ? __local_bh_enable_ip+0xa1/0x110
[ 1288.254235]  ieee802154_if_add+0xc73/0x1140
[ 1288.254252]  ? __pfx_ieee802154_if_add+0x10/0x10
[ 1288.254276]  ? __pfx___mutex_lock+0x10/0x10
[ 1288.254295]  ? skb_put+0x138/0x1b0
[ 1288.254310]  ? __nlmsg_put+0x159/0x1d0
[ 1288.254327]  ? genlmsg_put+0x265/0x2e0
[ 1288.254342]  ieee802154_add_iface_deprecated+0x42/0x60
[ 1288.254362]  ieee802154_add_iface+0x472/0x970
[ 1288.254378]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1288.254392]  ? trace_kmalloc+0x1f/0xb0
[ 1288.254408]  ? __nla_parse+0x42/0x60
[ 1288.254426]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1288.254440]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1288.254457]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1288.254470]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1288.254490]  ? security_capable+0x2f/0x90
[ 1288.254510]  genl_rcv_msg+0x532/0x7e0
[ 1288.254524]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1288.254537]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1288.254554]  ? __lock_acquire+0x694/0x1b70
[ 1288.254569]  netlink_rcv_skb+0x147/0x430
[ 1288.254588]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1288.254602]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1288.254628]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1288.254644]  ? selinux_netlink_send+0x507/0x880
[ 1288.254658]  ? is_vmalloc_addr+0x86/0xa0
[ 1288.254679]  genl_rcv+0x28/0x40
[ 1288.254690]  netlink_unicast+0x5a7/0x870
[ 1288.254711]  ? __pfx_netlink_unicast+0x10/0x10
[ 1288.254736]  netlink_sendmsg+0x8ac/0xd80
[ 1288.254757]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1288.254783]  ____sys_sendmsg+0xa67/0xc20
[ 1288.254797]  ? copy_msghdr_from_user+0xfb/0x150
[ 1288.254815]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1288.254834]  ? lock_acquire+0x15e/0x2f0
[ 1288.254849]  ___sys_sendmsg+0x10f/0x1b0
[ 1288.254868]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1288.254888]  ? proc_fail_nth_write+0x97/0x220
[ 1288.254905]  ? lock_acquire+0x15e/0x2f0
[ 1288.254918]  ? __fget_files+0x34/0x3b0
[ 1288.254930]  ? find_held_lock+0x2b/0x80
[ 1288.254948]  ? __fget_files+0x203/0x3b0
[ 1288.254959]  ? lock_release+0xc8/0x290
[ 1288.254975]  ? __fget_files+0x20d/0x3b0
[ 1288.254992]  __sys_sendmsg+0x150/0x200
[ 1288.255009]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1288.255032]  ? __pfx_ksys_write+0x10/0x10
[ 1288.255051]  do_syscall_64+0xbf/0x360
[ 1288.255064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1288.255077] RIP: 0033:0x7f32ed858b19
[ 1288.255087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1288.255098] RSP: 002b:00007f32eadce188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1288.255110] RAX: ffffffffffffffda RBX: 00007f32ed96bf60 RCX: 00007f32ed858b19
[ 1288.255118] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1288.255125] RBP: 00007f32eadce1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1288.255132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1288.255139] R13: 00007ffcd98671cf R14: 00007f32eadce300 R15: 0000000000022000
[ 1288.255155]  </TASK>
[ 1288.328735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:56 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 1)

19:13:56 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:13:56 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:13:56 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 31)

[ 1288.470886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1288.473883] FAULT_INJECTION: forcing a failure.
[ 1288.473883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1288.475856] CPU: 1 UID: 0 PID: 16965 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1288.475893] Tainted: [W]=WARN
[ 1288.475900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1288.475913] Call Trace:
[ 1288.475920]  <TASK>
[ 1288.475928]  dump_stack_lvl+0xfa/0x120
[ 1288.475971]  should_fail_ex+0x4d7/0x5e0
[ 1288.476009]  _copy_from_user+0x30/0xd0
[ 1288.476039]  copy_msghdr_from_user+0x88/0x150
[ 1288.476074]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1288.476118]  ? lock_acquire+0x15e/0x2f0
[ 1288.476149]  ___sys_sendmsg+0xdc/0x1b0
[ 1288.476183]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1288.476222]  ? proc_fail_nth_write+0x97/0x220
[ 1288.476252]  ? lock_acquire+0x15e/0x2f0
[ 1288.476276]  ? __fget_files+0x34/0x3b0
[ 1288.476298]  ? find_held_lock+0x2b/0x80
[ 1288.476331]  ? __fget_files+0x203/0x3b0
[ 1288.476353]  ? lock_release+0xc8/0x290
[ 1288.476382]  ? __fget_files+0x20d/0x3b0
[ 1288.476413]  __sys_sendmsg+0x150/0x200
[ 1288.476446]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1288.476483]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1288.476507]  ? fput+0x6a/0x100
[ 1288.476536]  ? ksys_write+0x1a3/0x240
[ 1288.476560]  ? __pfx_ksys_write+0x10/0x10
[ 1288.476593]  do_syscall_64+0xbf/0x360
[ 1288.476617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1288.476639] RIP: 0033:0x7f3f2e109b19
[ 1288.476656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1288.476677] RSP: 002b:00007f3f2b65e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1288.476699] RAX: ffffffffffffffda RBX: 00007f3f2e21d020 RCX: 00007f3f2e109b19
[ 1288.476714] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1288.476727] RBP: 00007f3f2b65e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1288.476741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1288.476754] R13: 00007ffe5eda819f R14: 00007f3f2b65e300 R15: 0000000000022000
[ 1288.476783]  </TASK>
[ 1288.570625] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:56 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:13:56 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x300, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:13:56 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}]}, @void}, 0x26)

19:13:56 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 2)

[ 1288.768683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1288.829848] FAULT_INJECTION: forcing a failure.
[ 1288.829848] name failslab, interval 1, probability 0, space 0, times 0
[ 1288.831565] CPU: 0 UID: 0 PID: 16977 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1288.831601] Tainted: [W]=WARN
[ 1288.831608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1288.831621] Call Trace:
[ 1288.831629]  <TASK>
[ 1288.831637]  dump_stack_lvl+0xfa/0x120
[ 1288.831679]  should_fail_ex+0x4d7/0x5e0
[ 1288.831711]  should_failslab+0xc2/0x120
[ 1288.831740]  kmem_cache_alloc_node_noprof+0x79/0x690
[ 1288.831776]  ? __pfx_netlink_insert+0x10/0x10
[ 1288.831811]  ? __alloc_skb+0x2ab/0x370
[ 1288.831841]  ? find_held_lock+0x2b/0x80
[ 1288.831879]  ? __alloc_skb+0x2ab/0x370
[ 1288.831908]  __alloc_skb+0x2ab/0x370
[ 1288.831939]  ? __pfx___alloc_skb+0x10/0x10
[ 1288.831976]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1288.832024]  netlink_alloc_large_skb+0x69/0x150
[ 1288.832061]  netlink_sendmsg+0x676/0xd80
[ 1288.832110]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1288.832158]  ____sys_sendmsg+0xa67/0xc20
[ 1288.832189]  ? copy_msghdr_from_user+0xfb/0x150
[ 1288.832223]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1288.832256]  ? lock_acquire+0x15e/0x2f0
[ 1288.832285]  ___sys_sendmsg+0x10f/0x1b0
[ 1288.832319]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1288.832359]  ? proc_fail_nth_write+0x97/0x220
[ 1288.832388]  ? lock_acquire+0x15e/0x2f0
[ 1288.832412]  ? __fget_files+0x34/0x3b0
[ 1288.832434]  ? find_held_lock+0x2b/0x80
[ 1288.832466]  ? __fget_files+0x203/0x3b0
[ 1288.832486]  ? lock_release+0xc8/0x290
[ 1288.832515]  ? __fget_files+0x20d/0x3b0
[ 1288.832545]  __sys_sendmsg+0x150/0x200
[ 1288.832578]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1288.832620]  ? __pfx_ksys_write+0x10/0x10
[ 1288.832653]  do_syscall_64+0xbf/0x360
[ 1288.832677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1288.832700] RIP: 0033:0x7f3f2e109b19
[ 1288.832716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1288.832737] RSP: 002b:00007f3f2b65e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1288.832759] RAX: ffffffffffffffda RBX: 00007f3f2e21d020 RCX: 00007f3f2e109b19
[ 1288.832774] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1288.832787] RBP: 00007f3f2b65e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1288.832800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1288.832813] R13: 00007ffe5eda819f R14: 00007f3f2b65e300 R15: 0000000000022000
[ 1288.832841]  </TASK>
19:13:56 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x0}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

[ 1288.971845] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:13:56 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x201, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1289.314654] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1291.627289] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1291.635274] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1291.637664] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1291.642482] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1291.646497] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1293.729157] Bluetooth: hci5: command tx timeout
[ 1295.777772] Bluetooth: hci5: command tx timeout
[ 1297.825133] Bluetooth: hci5: command tx timeout
[ 1299.874177] Bluetooth: hci5: command tx timeout
[ 1308.365870] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1308.366999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1308.416627] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1308.418057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1308.535458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1308.551895] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:27 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 32)

19:14:27 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x324, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:14:27 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}]}, @void}, 0x26)

19:14:27 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, 0x0, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:14:27 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 3)

19:14:27 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:14:27 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x2}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:14:27 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 1)

[ 1319.757946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1319.758485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1319.761642] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1319.764879] FAULT_INJECTION: forcing a failure.
[ 1319.764879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1319.766584] CPU: 0 UID: 0 PID: 17490 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1319.766632] Tainted: [W]=WARN
[ 1319.766639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1319.766652] Call Trace:
[ 1319.766660]  <TASK>
[ 1319.766669]  dump_stack_lvl+0xfa/0x120
[ 1319.766711]  should_fail_ex+0x4d7/0x5e0
[ 1319.766744]  _copy_from_user+0x30/0xd0
[ 1319.766775]  copy_msghdr_from_user+0x88/0x150
[ 1319.766811]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1319.766849]  ? __pfx_perf_tp_event+0x10/0x10
[ 1319.766883]  ? lock_acquire+0x15e/0x2f0
[ 1319.766912]  ___sys_sendmsg+0xdc/0x1b0
[ 1319.766946]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1319.766992]  ? proc_fail_nth_write+0x97/0x220
[ 1319.767021]  ? lock_acquire+0x15e/0x2f0
[ 1319.767045]  ? __fget_files+0x34/0x3b0
[ 1319.767067]  ? find_held_lock+0x2b/0x80
[ 1319.767100]  ? __fget_files+0x203/0x3b0
[ 1319.767121]  ? lock_release+0xc8/0x290
[ 1319.767150]  ? __fget_files+0x20d/0x3b0
[ 1319.767181]  __sys_sendmsg+0x150/0x200
[ 1319.767213]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1319.767250]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1319.767274]  ? fput+0x6a/0x100
[ 1319.767302]  ? ksys_write+0x1a3/0x240
[ 1319.767326]  ? __pfx_ksys_write+0x10/0x10
[ 1319.767358]  do_syscall_64+0xbf/0x360
[ 1319.767382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1319.767405] RIP: 0033:0x7f311d29bb19
[ 1319.767422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1319.767443] RSP: 002b:00007f311a811188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1319.767465] RAX: ffffffffffffffda RBX: 00007f311d3aef60 RCX: 00007f311d29bb19
[ 1319.767480] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1319.767494] RBP: 00007f311a8111d0 R08: 0000000000000000 R09: 0000000000000000
[ 1319.767507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1319.767520] R13: 00007ffea92c6e8f R14: 00007f311a811300 R15: 0000000000022000
[ 1319.767549]  </TASK>
19:14:27 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 33)

19:14:27 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 2)

[ 1319.920622] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1319.938262] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:27 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 4)

[ 1319.988132] FAULT_INJECTION: forcing a failure.
[ 1319.988132] name failslab, interval 1, probability 0, space 0, times 0
[ 1319.989918] CPU: 0 UID: 0 PID: 17503 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1319.989953] Tainted: [W]=WARN
19:14:27 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x500, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1319.989960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1319.989974] Call Trace:
[ 1319.989987]  <TASK>
[ 1319.989996]  dump_stack_lvl+0xfa/0x120
[ 1319.990038]  should_fail_ex+0x4d7/0x5e0
[ 1319.990070]  should_failslab+0xc2/0x120
[ 1319.990098]  kmem_cache_alloc_node_noprof+0x79/0x690
[ 1319.990135]  ? __pfx_netlink_insert+0x10/0x10
[ 1319.990169]  ? __alloc_skb+0x2ab/0x370
[ 1319.990200]  ? find_held_lock+0x2b/0x80
[ 1319.990239]  ? __alloc_skb+0x2ab/0x370
[ 1319.990268]  __alloc_skb+0x2ab/0x370
[ 1319.990299]  ? __pfx___alloc_skb+0x10/0x10
[ 1319.990333]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1319.990374]  netlink_alloc_large_skb+0x69/0x150
[ 1319.990410]  netlink_sendmsg+0x676/0xd80
[ 1319.990449]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1319.990495]  ____sys_sendmsg+0xa67/0xc20
[ 1319.990522]  ? copy_msghdr_from_user+0xfb/0x150
[ 1319.990555]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1319.990589]  ? lock_acquire+0x15e/0x2f0
[ 1319.990630]  ___sys_sendmsg+0x10f/0x1b0
[ 1319.990664]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1319.990702]  ? proc_fail_nth_write+0x97/0x220
[ 1319.990731]  ? lock_acquire+0x15e/0x2f0
[ 1319.990755]  ? __fget_files+0x34/0x3b0
[ 1319.990776]  ? find_held_lock+0x2b/0x80
[ 1319.990808]  ? __fget_files+0x203/0x3b0
[ 1319.990829]  ? lock_release+0xc8/0x290
[ 1319.990857]  ? __fget_files+0x20d/0x3b0
[ 1319.990888]  __sys_sendmsg+0x150/0x200
[ 1319.990920]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1319.990962]  ? __pfx_ksys_write+0x10/0x10
[ 1319.990995]  do_syscall_64+0xbf/0x360
[ 1319.991019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1319.991042] RIP: 0033:0x7f311d29bb19
[ 1319.991058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1319.991079] RSP: 002b:00007f311a7f0188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1319.991100] RAX: ffffffffffffffda RBX: 00007f311d3af020 RCX: 00007f311d29bb19
[ 1319.991115] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1319.991128] RBP: 00007f311a7f01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1319.991141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1319.991154] R13: 00007ffea92c6e8f R14: 00007f311a7f0300 R15: 0000000000022000
[ 1319.991183]  </TASK>
19:14:27 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:14:27 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 34)

[ 1320.122372] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:28 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 3)

19:14:28 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x3}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:14:28 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x6, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0xc}, {0x12}, {0x18}]}, @void}, 0x26)

19:14:28 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 5)

19:14:28 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x600, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1320.284913] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:28 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0) (fail_nth: 35)

19:14:28 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, 0x0, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[ 1320.394437] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1320.397593] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:28 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x700, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:14:28 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 6)

[ 1320.482839] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1320.500285] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1320.552399] FAULT_INJECTION: forcing a failure.
[ 1320.552399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1320.553704] CPU: 1 UID: 0 PID: 17535 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1320.553737] Tainted: [W]=WARN
[ 1320.553742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1320.553750] Call Trace:
[ 1320.553755]  <TASK>
[ 1320.553760]  dump_stack_lvl+0xfa/0x120
[ 1320.553796]  should_fail_ex+0x4d7/0x5e0
[ 1320.553821]  _copy_from_iter+0x1dc/0x1660
[ 1320.553843]  ? lock_acquire+0x15e/0x2f0
[ 1320.553866]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1320.553893]  ? find_held_lock+0x2b/0x80
[ 1320.553921]  ? __pfx__copy_from_iter+0x10/0x10
[ 1320.553944]  ? lock_release+0xc8/0x290
[ 1320.553971]  ? __virt_addr_valid+0x100/0x5d0
[ 1320.554000]  ? __check_object_size+0x57b/0x880
[ 1320.554030]  netlink_sendmsg+0x809/0xd80
[ 1320.554057]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1320.554091]  ____sys_sendmsg+0xa67/0xc20
[ 1320.554112]  ? copy_msghdr_from_user+0xfb/0x150
[ 1320.554145]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1320.554173]  ? lock_acquire+0x15e/0x2f0
[ 1320.554202]  ___sys_sendmsg+0x10f/0x1b0
[ 1320.554235]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1320.554271]  ? proc_fail_nth_write+0x97/0x220
[ 1320.554294]  ? lock_acquire+0x15e/0x2f0
[ 1320.554312]  ? __fget_files+0x34/0x3b0
[ 1320.554327]  ? find_held_lock+0x2b/0x80
[ 1320.554351]  ? __fget_files+0x203/0x3b0
[ 1320.554366]  ? lock_release+0xc8/0x290
[ 1320.554385]  ? __fget_files+0x20d/0x3b0
[ 1320.554406]  __sys_sendmsg+0x150/0x200
[ 1320.554429]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1320.554462]  ? __pfx_ksys_write+0x10/0x10
[ 1320.554485]  do_syscall_64+0xbf/0x360
[ 1320.554501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1320.554516] RIP: 0033:0x7f3f2e109b19
[ 1320.554527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1320.554544] RSP: 002b:00007f3f2b67f188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1320.554560] RAX: ffffffffffffffda RBX: 00007f3f2e21cf60 RCX: 00007f3f2e109b19
[ 1320.554572] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1320.554583] RBP: 00007f3f2b67f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1320.554591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1320.554600] R13: 00007ffe5eda819f R14: 00007f3f2b67f300 R15: 0000000000022000
[ 1320.554634]  </TASK>
[ 1320.591398] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:37 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, 0x0, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:14:37 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}]}, @void}, 0x27)

19:14:37 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x4}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:14:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 4)

19:14:37 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:14:37 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x900, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:14:37 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 7)

19:14:37 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1329.766043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 5)

[ 1329.852751] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1329.890259] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1329.893175] FAULT_INJECTION: forcing a failure.
[ 1329.893175] name failslab, interval 1, probability 0, space 0, times 0
[ 1329.894857] CPU: 0 UID: 0 PID: 17622 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1329.894912] Tainted: [W]=WARN
[ 1329.894923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1329.894938] Call Trace:
[ 1329.894945]  <TASK>
[ 1329.894954]  dump_stack_lvl+0xfa/0x120
[ 1329.895002]  should_fail_ex+0x4d7/0x5e0
[ 1329.895034]  should_failslab+0xc2/0x120
[ 1329.895062]  __kmalloc_noprof+0xc8/0x6e0
[ 1329.895093]  ? lock_release+0xc8/0x290
[ 1329.895121]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1329.895155]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1329.895180]  genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1329.895213]  genl_family_rcv_msg_doit+0xab/0x2f0
[ 1329.895238]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1329.895269]  ? cap_capable+0xdb/0x3b0
[ 1329.895302]  ? security_capable+0x2f/0x90
[ 1329.895336]  genl_rcv_msg+0x532/0x7e0
[ 1329.895363]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1329.895387]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1329.895420]  ? __lock_acquire+0x694/0x1b70
[ 1329.895449]  netlink_rcv_skb+0x147/0x430
[ 1329.895484]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1329.895509]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1329.895557]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1329.895588]  ? selinux_netlink_send+0x507/0x880
[ 1329.895613]  ? is_vmalloc_addr+0x86/0xa0
[ 1329.895651]  genl_rcv+0x28/0x40
[ 1329.895670]  netlink_unicast+0x5a7/0x870
[ 1329.895709]  ? __pfx_netlink_unicast+0x10/0x10
[ 1329.895756]  netlink_sendmsg+0x8ac/0xd80
[ 1329.895796]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1329.895844]  ____sys_sendmsg+0xa67/0xc20
[ 1329.895871]  ? copy_msghdr_from_user+0xfb/0x150
[ 1329.895905]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1329.895934]  ? __pfx_perf_tp_event+0x10/0x10
[ 1329.895968]  ? lock_acquire+0x15e/0x2f0
[ 1329.895998]  ___sys_sendmsg+0x10f/0x1b0
[ 1329.896032]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1329.896071]  ? proc_fail_nth_write+0x97/0x220
[ 1329.896101]  ? lock_acquire+0x15e/0x2f0
[ 1329.896125]  ? __fget_files+0x34/0x3b0
[ 1329.896147]  ? find_held_lock+0x2b/0x80
[ 1329.896180]  ? __fget_files+0x203/0x3b0
[ 1329.896201]  ? lock_release+0xc8/0x290
[ 1329.896230]  ? __fget_files+0x20d/0x3b0
[ 1329.896262]  __sys_sendmsg+0x150/0x200
[ 1329.896295]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1329.896338]  ? __pfx_ksys_write+0x10/0x10
[ 1329.896372]  do_syscall_64+0xbf/0x360
[ 1329.896396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1329.896419] RIP: 0033:0x7f3f2e109b19
[ 1329.896436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1329.896457] RSP: 002b:00007f3f2b67f188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1329.896479] RAX: ffffffffffffffda RBX: 00007f3f2e21cf60 RCX: 00007f3f2e109b19
[ 1329.896493] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1329.896507] RBP: 00007f3f2b67f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1329.896520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1329.896533] R13: 00007ffe5eda819f R14: 00007f3f2b67f300 R15: 0000000000022000
[ 1329.896563]  </TASK>
[ 1329.970131] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:37 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 6)

19:14:37 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:14:37 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 8)

19:14:37 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x71}, {0x8, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x74)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1330.064865] FAULT_INJECTION: forcing a failure.
[ 1330.064865] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1330.066965] CPU: 0 UID: 0 PID: 17634 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1330.067029] Tainted: [W]=WARN
[ 1330.067041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1330.067055] Call Trace:
[ 1330.067063]  <TASK>
[ 1330.067072]  dump_stack_lvl+0xfa/0x120
[ 1330.067117]  should_fail_ex+0x4d7/0x5e0
[ 1330.067150]  _copy_from_iter+0x1dc/0x1660
[ 1330.067181]  ? lock_acquire+0x15e/0x2f0
[ 1330.067209]  ? __virt_addr_valid+0x1c6/0x5d0
[ 1330.067248]  ? find_held_lock+0x2b/0x80
[ 1330.067284]  ? __pfx__copy_from_iter+0x10/0x10
[ 1330.067312]  ? lock_release+0xc8/0x290
[ 1330.067343]  ? __virt_addr_valid+0x100/0x5d0
[ 1330.067381]  ? __check_object_size+0x57b/0x880
[ 1330.067425]  netlink_sendmsg+0x809/0xd80
[ 1330.067469]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1330.067519]  ____sys_sendmsg+0xa67/0xc20
[ 1330.067549]  ? copy_msghdr_from_user+0xfb/0x150
[ 1330.067585]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1330.067618]  ? __pfx_perf_tp_event+0x10/0x10
[ 1330.067656]  ? lock_acquire+0x15e/0x2f0
[ 1330.067686]  ___sys_sendmsg+0x10f/0x1b0
[ 1330.067723]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1330.067765]  ? proc_fail_nth_write+0x97/0x220
[ 1330.067796]  ? lock_acquire+0x15e/0x2f0
[ 1330.067822]  ? __fget_files+0x34/0x3b0
[ 1330.067845]  ? find_held_lock+0x2b/0x80
[ 1330.067880]  ? __fget_files+0x203/0x3b0
[ 1330.067902]  ? lock_release+0xc8/0x290
[ 1330.067933]  ? __fget_files+0x20d/0x3b0
[ 1330.067966]  __sys_sendmsg+0x150/0x200
[ 1330.068002]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1330.068047]  ? __pfx_ksys_write+0x10/0x10
[ 1330.068083]  do_syscall_64+0xbf/0x360
[ 1330.068108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1330.068132] RIP: 0033:0x7f311d29bb19
[ 1330.068151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1330.068174] RSP: 002b:00007f311a811188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1330.068197] RAX: ffffffffffffffda RBX: 00007f311d3aef60 RCX: 00007f311d29bb19
[ 1330.068213] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1330.068227] RBP: 00007f311a8111d0 R08: 0000000000000000 R09: 0000000000000000
[ 1330.068242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1330.068256] R13: 00007ffea92c6e8f R14: 00007f311a811300 R15: 0000000000022000
[ 1330.068287]  </TASK>
[ 1330.072023] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:49 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:14:49 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:14:49 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x10}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:14:49 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 7)

19:14:49 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}]}, @void}, 0x27)

19:14:49 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 9)

19:14:49 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x2, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:14:49 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x901, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1341.505472] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1341.571968] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1341.575770] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1341.577528] FAULT_INJECTION: forcing a failure.
[ 1341.577528] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.578618] FAULT_INJECTION: forcing a failure.
[ 1341.578618] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.579240] CPU: 1 UID: 0 PID: 17699 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1341.579276] Tainted: [W]=WARN
[ 1341.579284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1341.579296] Call Trace:
[ 1341.579304]  <TASK>
[ 1341.579313]  dump_stack_lvl+0xfa/0x120
[ 1341.579356]  should_fail_ex+0x4d7/0x5e0
[ 1341.579389]  should_failslab+0xc2/0x120
[ 1341.579417]  kmem_cache_alloc_node_noprof+0x79/0x690
[ 1341.579456]  ? do_raw_spin_unlock+0x53/0x220
[ 1341.579485]  ? __alloc_skb+0x2ab/0x370
[ 1341.579523]  ? __alloc_skb+0x2ab/0x370
[ 1341.579551]  __alloc_skb+0x2ab/0x370
[ 1341.579582]  ? __pfx___alloc_skb+0x10/0x10
[ 1341.579614]  ? __pfx_class_find_device+0x10/0x10
[ 1341.579658]  ieee802154_nl_new_reply+0x33/0x110
[ 1341.579698]  ieee802154_add_iface+0x244/0x970
[ 1341.579727]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1341.579753]  ? trace_kmalloc+0x1f/0xb0
[ 1341.579783]  ? __nla_parse+0x42/0x60
[ 1341.579815]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bc/0x290
[ 1341.579842]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[ 1341.579874]  genl_family_rcv_msg_doit+0x1fe/0x2f0
[ 1341.579899]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1341.579934]  ? security_capable+0x2f/0x90
[ 1341.579969]  genl_rcv_msg+0x532/0x7e0
[ 1341.580004]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1341.580028]  ? __pfx_ieee802154_add_iface+0x10/0x10
[ 1341.580059]  ? __lock_acquire+0x694/0x1b70
[ 1341.580088]  netlink_rcv_skb+0x147/0x430
[ 1341.580123]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1341.580147]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1341.580195]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1341.580226]  ? selinux_netlink_send+0x507/0x880
[ 1341.580250]  ? is_vmalloc_addr+0x86/0xa0
[ 1341.580288]  genl_rcv+0x28/0x40
[ 1341.580307]  netlink_unicast+0x5a7/0x870
[ 1341.580345]  ? __pfx_netlink_unicast+0x10/0x10
[ 1341.580391]  netlink_sendmsg+0x8ac/0xd80
[ 1341.580431]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1341.580477]  ____sys_sendmsg+0xa67/0xc20
[ 1341.580504]  ? copy_msghdr_from_user+0xfb/0x150
[ 1341.580537]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1341.580572]  ? lock_acquire+0x15e/0x2f0
[ 1341.580600]  ___sys_sendmsg+0x10f/0x1b0
[ 1341.580633]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1341.580672]  ? proc_fail_nth_write+0x97/0x220
[ 1341.580701]  ? lock_acquire+0x15e/0x2f0
[ 1341.580725]  ? __fget_files+0x34/0x3b0
[ 1341.580747]  ? find_held_lock+0x2b/0x80
[ 1341.580780]  ? __fget_files+0x203/0x3b0
[ 1341.580801]  ? lock_release+0xc8/0x290
[ 1341.580829]  ? __fget_files+0x20d/0x3b0
[ 1341.580861]  __sys_sendmsg+0x150/0x200
[ 1341.580893]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1341.580936]  ? __pfx_ksys_write+0x10/0x10
[ 1341.580971]  do_syscall_64+0xbf/0x360
[ 1341.580994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1341.581017] RIP: 0033:0x7f3f2e109b19
[ 1341.581034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1341.581055] RSP: 002b:00007f3f2b67f188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1341.581077] RAX: ffffffffffffffda RBX: 00007f3f2e21cf60 RCX: 00007f3f2e109b19
[ 1341.581092] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1341.581105] RBP: 00007f3f2b67f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1341.581118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1341.581131] R13: 00007ffe5eda819f R14: 00007f3f2b67f300 R15: 0000000000022000
[ 1341.581161]  </TASK>
[ 1341.603639] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1341.604207] CPU: 0 UID: 0 PID: 17704 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1341.604246] Tainted: [W]=WARN
[ 1341.604253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1341.604266] Call Trace:
[ 1341.604273]  <TASK>
[ 1341.604282]  dump_stack_lvl+0xfa/0x120
[ 1341.604324]  should_fail_ex+0x4d7/0x5e0
[ 1341.604356]  should_failslab+0xc2/0x120
[ 1341.604384]  kmem_cache_alloc_node_noprof+0x79/0x690
[ 1341.604419]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 1341.604445]  ? __alloc_skb+0x2ab/0x370
[ 1341.604483]  ? __alloc_skb+0x2ab/0x370
[ 1341.604511]  __alloc_skb+0x2ab/0x370
[ 1341.604542]  ? __pfx___alloc_skb+0x10/0x10
[ 1341.604585]  netlink_ack+0x167/0xbf0
[ 1341.604618]  ? __lock_acquire+0xc65/0x1b70
[ 1341.604655]  netlink_rcv_skb+0x344/0x430
[ 1341.604689]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1341.604714]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1341.604762]  ? netlink_deliver_tap+0x1ae/0xce0
[ 1341.604793]  ? selinux_netlink_send+0x507/0x880
[ 1341.604818]  ? is_vmalloc_addr+0x86/0xa0
[ 1341.604857]  genl_rcv+0x28/0x40
[ 1341.604876]  netlink_unicast+0x5a7/0x870
[ 1341.604915]  ? __pfx_netlink_unicast+0x10/0x10
[ 1341.604961]  netlink_sendmsg+0x8ac/0xd80
[ 1341.605009]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1341.605055]  ____sys_sendmsg+0xa67/0xc20
[ 1341.605082]  ? copy_msghdr_from_user+0xfb/0x150
[ 1341.605116]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1341.605150]  ? lock_acquire+0x15e/0x2f0
[ 1341.605179]  ___sys_sendmsg+0x10f/0x1b0
[ 1341.605212]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1341.605251]  ? proc_fail_nth_write+0x97/0x220
[ 1341.605280]  ? lock_acquire+0x15e/0x2f0
[ 1341.605304]  ? __fget_files+0x34/0x3b0
[ 1341.605326]  ? find_held_lock+0x2b/0x80
[ 1341.605359]  ? __fget_files+0x203/0x3b0
[ 1341.605380]  ? lock_release+0xc8/0x290
[ 1341.605408]  ? __fget_files+0x20d/0x3b0
[ 1341.605440]  __sys_sendmsg+0x150/0x200
[ 1341.605472]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1341.605515]  ? __pfx_ksys_write+0x10/0x10
[ 1341.605548]  do_syscall_64+0xbf/0x360
[ 1341.605572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1341.605595] RIP: 0033:0x7f311d29bb19
[ 1341.605612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1341.605633] RSP: 002b:00007f311a7f0188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1341.605655] RAX: ffffffffffffffda RBX: 00007f311d3af020 RCX: 00007f311d29bb19
[ 1341.605670] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000006
[ 1341.605683] RBP: 00007f311a7f01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1341.605696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1341.605709] R13: 00007ffea92c6e8f R14: 00007f311a7f0300 R15: 0000000000022000
[ 1341.605739]  </TASK>
19:14:49 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xa00, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1341.749357] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:49 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 8)

19:14:49 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 10)

19:14:49 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:14:49 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x3, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[ 1341.876867] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:49 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x4c}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:14:49 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 9)

19:14:49 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0xc}, {0x12}, {0x18}]}, @void}, 0x27)

19:14:50 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 11)

[ 1342.166450] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:14:50 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

[ 1342.180617] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1342.264971] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1342.271898] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1342.278505] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1342.495708] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:00 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:15:00 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x54}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:15:00 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 10)

19:15:00 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed, 0x4, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:15:00 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x4, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:15:00 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xc00, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:15:00 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 12)

19:15:00 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}]}, @void}, 0x27)

[ 1352.719544] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1352.724362] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1352.738645] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:00 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0) (fail_nth: 11)

[ 1352.823358] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1352.825503] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1352.964480] FAULT_INJECTION: forcing a failure.
[ 1352.964480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1352.967803] CPU: 1 UID: 0 PID: 17817 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
[ 1352.967840] Tainted: [W]=WARN
[ 1352.967847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1352.967859] Call Trace:
[ 1352.967867]  <TASK>
[ 1352.967875]  dump_stack_lvl+0xfa/0x120
[ 1352.967916]  should_fail_ex+0x4d7/0x5e0
[ 1352.967947]  _copy_to_user+0x32/0xd0
[ 1352.967984]  simple_read_from_buffer+0xe0/0x180
[ 1352.968022]  proc_fail_nth_read+0x18a/0x240
[ 1352.968048]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1352.968073]  ? security_file_permission+0x22/0x90
[ 1352.968109]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1352.968134]  vfs_read+0x1eb/0xc70
[ 1352.968162]  ? __pfx_vfs_read+0x10/0x10
[ 1352.968187]  ? lock_release+0xc8/0x290
[ 1352.968217]  ? __fget_files+0x20d/0x3b0
[ 1352.968249]  ksys_read+0x121/0x240
[ 1352.968271]  ? __pfx_ksys_read+0x10/0x10
[ 1352.968304]  do_syscall_64+0xbf/0x360
[ 1352.968327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1352.968350] RIP: 0033:0x7f311d24e69c
[ 1352.968366] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1352.968387] RSP: 002b:00007f311a7f0170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1352.968409] RAX: ffffffffffffffda RBX: 0000000000000034 RCX: 00007f311d24e69c
[ 1352.968423] RDX: 000000000000000f RSI: 00007f311a7f01e0 RDI: 0000000000000004
[ 1352.968436] RBP: 00007f311a7f01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1352.968449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1352.968462] R13: 00007ffea92c6e8f R14: 00007f311a7f0300 R15: 0000000000022000
[ 1352.968491]  </TASK>
[ 1353.032628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:11 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 13)

19:15:11 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x0, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:15:11 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xea0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:15:11 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}]}, @void}, 0x27)

19:15:11 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x5, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:15:11 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:15:11 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x58}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:15:11 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1363.832909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1363.838061] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1363.879400] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1363.882246] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:11 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0) (fail_nth: 14)

19:15:11 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1364.121928] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1364.191331] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:12 executing program 1:
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16}, {0xc}, {0x12}, {0x18}]}, @void}, 0x27)

19:15:12 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

19:15:12 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x6, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

19:15:12 executing program 3:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x8, 0x3}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x6, [{}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x34)

19:15:12 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x40, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

19:15:12 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:15:12 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0xf00, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

[ 1364.470642] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:12 executing program 4:
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x0, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

19:15:12 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x0, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1364.571505] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:12 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe5"], 0x34}}, 0x0)

19:15:12 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x2, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f3"], 0x34}}, 0x0)

[ 1364.703779] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:12 executing program 6:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x2000, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930"], 0x34}}, 0x0)

19:15:12 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000880)={0x0, 0x7, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000005002000000000000c000500000000000000000009001f0070687930000000029a6abfe53ecd6710d219298fd92af728bf62ab999c3dcec35c3468eb62fafdcefa4891a5a4827aa0ef77130048362c04825ba3f35486a5361c"], 0x34}}, 0x0)

[ 1364.788747] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
19:15:12 executing program 7:
syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x7f}, {0x9, [{@none, 0x80, 0x2, "2571ac", 0x6, 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x0, "f3e2f6", 0x69, 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0xfc, "3a4303", 0x800, 0x5}, {@any, 0x3, 0x9, "d597d2", 0x6, 0x13}, {@any, 0x20, 0x0, "acc749", 0x5, 0x5a}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x2, "b88488", 0xa8c, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1f, "cfc133", 0xa60e, 0x1}, {@any, 0x4, 0x5, "f76e7a", 0x2, 0xff}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x67, "a58ea6", 0xff, 0x6}]}}}, 0x82)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x81, 0x0, 0x804}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x3, 0xc}, {0x401, 0x6a7, 0x4, 0xff, [0x1, 0x6]}}}}, 0x19)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="030000502bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566be07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c248dbc73be336b0e1cb2cf1f2859a4c280e00466"], 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x8, 0xfe00}}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xfff8, 0x1}}]}}, 0x19)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="04480f080003c80001c8a43d4d14eb3114007b684370cc7d3452897f7ab2858cc15eecd1795cd8d512b4b2d079160da36d8af86514c82f10a07ae00a50e3939ae66917d70b26a628859ba31307f7efc3b4a19dc6be12a274d95a86cf06918a3c6f34636c4d0796b442f79d0599db6299814695da1bc36fbef4621e804eceeee4b704ece077754414eb21c03e8de4e561b3e304698dba04ebe4ae35f024703e469a0b761d2589728911e51735f57ccfe2690b0ab7c57c73b08eeffa96d63b9b05b159d1389e65cf36628ebc0b57c4160c12bc4b09367d9844c2167b59713a5d3c2d3094ca4126e88d05dc0e8f175218fd8283a542cb39242e5a9411ba82aaeb4f21b9489a1d749c5342a811cc222b2673e6bee0dafee069d12c776da0"], 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000380), 0x1fb, 0x2000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0xffffff85})
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c9e00a8da2fc2600131b42038000"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8c}, "b85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6bd67517df18abe884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf21b034e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3"}, 0x90)
clone(0x4c01f900, 0x0, &(0x7f0000000080), 0x0, 0x0)

[ 1364.856557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1367.594645] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1367.597506] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1367.600181] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1367.604592] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1367.607812] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1369.633102] Bluetooth: hci5: command tx timeout
[ 1371.681137] Bluetooth: hci5: command tx timeout
[ 1373.729133] Bluetooth: hci5: command tx timeout
[ 1375.777308] Bluetooth: hci5: command tx timeout
[ 1382.945045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1382.945889] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1382.993725] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1382.994628] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1383.059553] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1383.063240] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1383.066719] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1390.373642] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff8880428fed80 (size 704):
  comm "syz-executor.4", pid 17025, jiffies 4295958503
  hex dump (first 32 bytes):
    c0 1d 03 0d 80 88 ff ff 04 0e 04 01 1a 0c 00 05  ................
    28 00 00 00 97 00 00 00 a9 30 e9 67 00 00 00 00  (........0.g....
  backtrace (crc 3092f88d):
    kmem_cache_alloc_node_noprof+0x3ef/0x690
    kmalloc_reserve+0x189/0x2b0
    __alloc_skb+0x161/0x370
    vhci_write+0xbb/0x480
    do_iter_readv_writev+0x5af/0x910
    vfs_writev+0x2d4/0xcd0
    do_writev+0x129/0x330
    do_syscall_64+0xbf/0x360
    entry_SYSCALL_64_after_hwframe+0x77/0x7f

BUG: memory leak
unreferenced object 0xffff88803b35a640 (size 232):
  comm "kworker/u11:0", pid 7967, jiffies 4295958503
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace (crc f3ba3124):
    kmem_cache_alloc_noprof+0x414/0x690
    skb_clone+0x191/0x400
    hci_event_packet+0x2d6/0x10e0
    hci_rx_work+0x96c/0x1270
    process_one_work+0x8e1/0x19c0
    worker_thread+0x67e/0xe90
    kthread+0x3c8/0x740
    ret_from_fork+0x34b/0x430
    ret_from_fork_asm+0x1a/0x30

BUG: leak checking failed

VM DIAGNOSIS:
19:15:47  Registers:
info registers vcpu 0
RAX=00000000007ebef7 RBX=0000000000000000 RCX=ffffffff84bbe5f7 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff814c8304 RBP=dffffc0000000000 RSP=ffffffff85a07e00
R8 =0000000000000001 R9 =ffffed100d9c630a R10=ffff88806ce31853 R11=0000000000000001
R12=ffffffff8643b450 R13=1ffffffff0b40fc7 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff84bbd31e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e55d7000 00000000 00000000
LDT=0000 fffffe4300000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f22c41736b8 CR3=000000001e6c7000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=0a64656c69616620676e696b63656863
XMM02=31636e75662e6e75522e6c697475736f XMM03=00000000000000000000000000000000
XMM04=2f225b206e7572206f742064656c6961 XMM05=6c222022726f7475636578652d7a7973
XMM06=22646574707572726f632220226b6165 XMM07=31207375746174732074697865203a5d
XMM08=30343778302f38633378302b64616572 XMM09=6f665f6d6f72665f746572202020200a
XMM10=200a30333478302f62343378302b6b72 XMM11=6b726f665f6d6f72665f746572202020
XMM12=0a0a303378302f613178302b6d73615f XMM13=65080a657a696d696e696d2063657865
XMM14=7566206365786509006e656720636578 XMM15=00026873616d7320636578650a007a7a
info registers vcpu 1
RAX=000000000070688d RBX=0000000000000001 RCX=ffffffff84bbe5f7 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff814c8304 RBP=dffffc0000000000 RSP=ffff888009717e58
R8 =0000000000000001 R9 =ffffed100d9e630a R10=ffff88806cf31853 R11=0000000000000001
R12=ffffffff8643b450 R13=1ffff110012e2fd2 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff84bbd31e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56d7000 00000000 00000000
LDT=0000 fffffe4400000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fffb4155f98 CR3=000000001e6c7000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000004155b31000000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000