40702040003070800ff00fa00ff0f0300023f040a0402007f000000000000001000000000"], 0x57)

[  635.208643] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  635.361799] Bluetooth: hci7: Received unexpected HCI Event 0x00
[  635.448775] loop6: detected capacity change from 0 to 240
[  635.461427] isofs_fill_super: get root inode failed
[  635.477203] loop5: detected capacity change from 0 to 16
[  635.486305] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  635.496592] loop5: detected capacity change from 0 to 16
[  635.497227] SELinux: security_context_str_to_sid (root) failed with errno=-22
15:35:21 executing program 0:

15:35:21 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
openat(r0, &(0x7f0000001180)='./file0\x00', 0x0, 0x199)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f0000001100)={0x1, 0x1, 0x1000, 0xdf, &(0x7f0000000000)="dacda20cff515273caef60b8a14f0972b6dadd90ba5c38b3405c91c5bb743be97a54eaab8977f31043b9b4b0d8f4cb2875f9c62dbcb45b80f6d589acfa8d2d634f1e8ec05b881e3d2344f31d0933f913f2ff455eb1f59d913791040b608157949094df414c600d0fbb368df2ee7400c742c0235c3d9a52fe13cd6456ab945ac82bd0a8aabb212f35d597ab8213f1a4adc587e21e36817f93b49ebac9d632497ad83f932be3841b1a46c63abe7b0b0fd8569cd1d3fbae6d48cd204551e4e2d84c976a9c330348fbb55610f763b9a0cfa8743c690506b6b76cbfff8b7a6b546d", 0x1000, 0x0, &(0x7f0000000100)="9bce96eee2cde399ece7fe0e01c8b76f4d6f77352c0e122ef2e9c9a6221be1c0af09a211460400344b8ec7a5a9e5df2c586b4677e8c0e9b204addd67648cab4adda35420aa9f275f5c20c3f2944e3dc577f82d5b8c6dbafaf17eb5b65f3d279c3f6bc9f5a551703878419b3da75a8636e590079952f8d7040dfc20df23f93625b2bf62abd7fd28ce00f7e0c78ae11688780aeb505d411899a6f262ad62edbe70a6f4cbac1d65b53723d1b826b32123bf5ff6760ef8e39ad7e61be5f3a2b0df69cf025d77119fdc98e79b8dbfca60413387b9c0995f53af7138e199fe0150cf0ebf120227a87bc2c86c6349363f406dbd250556e0b24f2a345299821ab8c5395bae384f9dafc19760a237498f43e670bcb908a7fb25ecdb74c4f5f5639a451d50b3ed5d332b9cec39ef512a2f6c90f7b66af6373c84b8bbbade2b04a23b8c8ae3ebf0c10b10d1ef693184b7f86992f2ad70a4e8c45c6d01896c48df722bbe1907ba895be37eb46b3980919311924788557882a024fce4b818d6b99acb1c82282842e4e15a0d1de837bcaf4c2952d9d314b66c1b9b5e1759ba93bb6c1bb0053600330281df61a1fbcc4a7fe72ed6d8e7849e63a8262d143a3ee41e5fe68a0340b280ba7e954b1c278ef4ef4ede0795b025c781f8fb094830e1a3471de4535bf42174d41acea91a8a3d6427559ac54410f26bfcac5526bb48261f17f8a4fe6a101568e027851687e6d5b7668a26c87d4d1b7ae4b9cf31635f51297969930a1b2504e89d8dc3166cb316334000043cf0e2ee23ae9bcb7bf8bc328ad333027c04fa94e96d3f32f1dbc9b21e98ccd44bb0c9f4e9f2a77978d0d07be39dd8245b2c0a8e7b0793cb914006ed706a57e03be32d667632bf87f190e25d224a37b62c7308375f1a94e728fc1803a79e5f43b1fcaf8194895bca1af6cfede59a16b0b5fe24b0b70b8dc63a8676b5da56ae0069edcaadf9615d0d4d1b9bec4bff35466bfe7427ef68584e789d4cb3807f5c0641103925428754d18d2220358b14cf71d83dba62e52a2ccff8321631d9830fa8c669e36c2b60247810c1b3312fc6d5b78883b4b7e736a8cabadcf36bf8d73eacc6222a700bdfee2069b15eccf19c592dd7a8e61c1ed75cca6e0efb46edb73833f34b4fadbea936ec17c6deebf7cd3e02540cffa10126d644463ec12895d40a7343e9c11f9a3f4df1821b101b4ca0b38499850b772c3990563a103072b22d2c1b0acce9c3962303b9b76db5cae365cef2265833e054d466ea23decad1af4d7aa4462429722e975618a0e3b7f72fab419ad03ce09b7255946c9b0a5f01729c937f43a8ab95559fcfea343b0fe2feb9c9d9be82f585365444dbc2b8551c7ede11c78ef353eca9908c553230b5236c1a4b79896a397c0924e161ef765adde4d73d224bac5171cf01c58be652eca9ed459ebfadfc6a176eac3f851a0b8efeb016f5ab906f08531a905dd5dff51bd78a57bec8b007d4aa2b8a74393c903f53bc3f7a61c287cdae9d17d265139eef9f8e0a9b8c8ee86cc382d878e007a10342134c67044664ff6a9dad7bfc008e64e0408e7909dd53fe2affc1c5647969f1c782d6c67c02e7a1865be508c1b9996259eb1bc0373730d0d16023e719256a83e80be3690be20847578ff09fe1e3e01055a5e250f6a841b913df6dca48f46996d58ffc7f8c4a9930ca8d19ce0d3c6c85439e4ac1efac4d36279ce86b612a3a29804d569905bcece96cb8f5db356ca5157866b6943e3b962bb3073d78b5524b345cc1cc5efc7639ebcd0565eefb58be643f78fb88f2206f5d097c5dc8ff115d08c6009b4508ad78a96378ccba8ca1b5f8dafde55d60a90497f8bb73ded5722ca89b57e65effd9e92c17327f5b025b5cc5ca678bb0539f7deab2d8cae6cb9729d0c8239db362f572549723a65188a1bbd23208e804ef88fa1ce6a1467836d9f4fa5db87e3b3f2c08c40a09ede12e15d836e263dc049e24e903bf5db7b076d0b5e04f11244fb48286de8e7a9710fee003567ab54ae5be17e1a9487e6534e520a408a62ab05593e06a6054532d5f4c630485e2764380191256115c031d6f081d6cde3770cb66ccbb9511cd4b9fa123cedf050de61b48bf5df0cd3e401ee0ff143777c5c6e05adb636508594a5d5618980942640803662f3956d45e229ad18906b7c0d6dc0b7acc9acc04b2a84c47fc3b21400780ca75048ba3fee0b7bda77c45f7d177b80fadeb54fdf1408848c81106284f15b6a260e7691266363b13e14b79b539aaa2a5adfbfff1eeb9b39d55cd1d84d3bd0ec15d615e6089c343632c6b9430b98249fe93945f904d3677ff1b572bf4cc84b47647eb4601b2ef947e271dbf552bf221de3dc625f197a1d6301dc315c0556e5aacb0de9cee4a6067f377189fe34569c71c4f2c23164c47f6fa62357385854935a3b933e7df9460151991d8b555cb07b83dbf8300b3dc6d420bdf29a27fc6ca5331029efc8c6672f133b9c78e52c710f050272bc8a5475c2edf00c4df248d1ca716d7031c1d79e8c714a54a822edfd2608890b1c969206277f1a70df58bfa5f219dfb2719d1f3a09b14ad713665a28d5e19cf32f1740fb6d693f214215b6f382d4d4ee9817fb0f97d00fd1a5c3b8511e1149fd62155df6b9c290f3909ddf5b2a52a98ce6a5cfa6a177b9d662a264ad35854ca0bd908c3028ffeefce208d0ab768a65e3c99f68809aa56d58e83d48f236b127520d57318e56ef080827a8420937dd231dd430fa46f6bbdfcb5ede588780c0d0fa650f1866d07b87b19d372164e52cc0cd7263ffdee8d6e303b296ee23dc870e3e63babe99e4ef747a7b1eb382ee3bcdbe36c04733a24f382afdf82cfd7efa2e58524da1be109013199cae4cd7c5bd60e3e0d72edc5c163c52069e8cab7cdfdaab76d7d71cc162761094e07105615e1a2a207dac6247fe7fac57ad4c36b2a876ab7bc2b9e3f3f3d377c513b7288a9a6d92c22beb350d5b792064b992036188828b14e8ad9fb56d31995249f9f8e144843d82cf5b302066eb315f1cab3d1bd20f6329a6f0ea3b65e77d9886a2dca9dce5855aed7e87bbf377a34c5f204c2c71591b33a8b3711517267dcb7d3e945c6cbfadf323baa54f8503bf938b42fc2382bcd30ce32c9580dc08a1939c0a2973a696e6d07dab4cad0332310498df45f4ce5606c67747675eda9c65c2ff5f296b40f5b2ae7ee9b7d1d761406fcdcde5a0c218300d503a64a6a42b7976f34f12984a08182736f3a82d4811ad17d104e9499aa02315559b9e3bf239838a5ef31ff5b8731929602dd86e5a700165f190fc993d464a355e447082f5f109d44409f169c2d256643239d8f72f804c5ce184c63d8d0d2a1d26a1ae12fd67b722bd8b6c74def8b44cec773a10ffc1e9bc40471ff17a4f90c414d572bf4ad7ba9a1ec29d46fb94710048e0faab764d0ae3e2af78be46c004acabe8ebe0fb24c9c90352b321015fe1332eb84b4114e8dc3173ce4cb5965a11b3412a7467e088a45d72d66d5edd0f9388cc89ce0d3ab27b4408494fbeb04754876cadc44c8c002449d54455d05ab22fa62ef7e20cbc2384930be195ea92a30309dffd3096d9df98f8b1c705c2c3dfec7107973110767f7a57df8adfd379346d173fadc423a509bee43935fa060a681297153474752f05ec2a6872cf9703f6d6d3e80a12c7d2d4fb1029847f3866eb8d0a8c81e6cfcb20ff01f13178eb982b24a415e05a791a492cfaa9c95a73ae60fdf13bf30dc44f4f6e55bf69083c5f7a7f8c2409489c870066ca2d55a87e0b94600e70871d712ee72f57d6558545cd970033ba2cd4fe7eee021e9b1b3a132be9923087d0e6375a2b99735b06b43ba39c64d9d0ce6db882ae4b162b6cbf9139d3ece10e815adb4311d7b0f8bff24f5e40394a79b6c533f4b84b01f6d4f31ca445a24205e469c7b43f5c737a2170c72975e5d869900cf92329eef1c1a03df2aa309636c4753cc5aa8973143bbdea887fa6eccf9d9d181d292803165208fe767a6014dac27c4ad755e60e57b38f3ab86c112e99ee7c835f1184c8eb7991ee109cb69545cd9febea292334b8de0f254140a6f8dd44e1389afb34a7f24113d9b2e3a0426b97ce1d928ab750fe0f8302f523d186539cda3f000dd2d9cd48df6eb0af68a3efba0c67a30c8876586b29fed5c455c9ce42f11a137238cb7361c7cf5828140b427d9314048ecb3af3a36148b72055f6b8d235f3e39f014e470eb78b833457d951510adf6d7a6c6a9b6d4b6e29e0caa7f1c6813095b30dabf6839606fdd3cf50723b74623b710f9c3db17f9339eca8e25e2ae1c554fc7e085fd62d4272171aa91480a4e121e20f5b62c01e55d44ccbf3e75138ed1d4e4ed6f5faa90cc798133fb9595baa52dfa47c1b5f91c7becddee7718896c8d6e77a2fe39c095f957a9bc75d81c0793f729627c4cd0f8c70b39fc07532fe36b5b9b22bf67fd3c1f9212d17f0648601af0a659c777d20e742f750c772096be1c2ac499b9a33f9991d5d46689b98115f6e05e9fd4240187662b7764c8be9ccc44a77f798afdcda5255c15150565039c0d544613accb4dab357734cc81132c80c3e4dabc5d4ccfde4f7182e4732bbdffa33330d66fdb016f3db0da3e40d5a9997666de13687e105c979be50d92888e4025f8ce265824c08dbc484e4031aaf0072e129832e3748eb82cf237ed97a3f11291f7085f163569a58e60e8bf489d2ee6d73d03d2586df7fbf9fb829ad0278bc14203f260fdfa5fce85b07c16da9701e9faf0b1ab662e042be6bf47010ed55f25e8d0633fdaa150cc0890b506420fd9ec9ac696197f9750b0226b149c694fa7fc3d14f3cd657a46a6c41900dfca59d8ca33ad71d7bee807ba761a30c3b89fe543347a8ba915f296eb2053e7bd057181b6060e2ced576e43e2903294cbc0a1bc5a6fd7dbcb076bf022b92fcca2ea53788d4bc19ec538bd08e9da707c5a85fef405a86f5aea9d567cfe308c8ae71e41ceadff8161cdaafdd1ec79343b1839e09c23ca3fee44991a1dfeb9dcf881f2c1992f774885855c74a0b50f3e8902680adc314f1ac6486c1989192a3152a37bba02304c820cedd002ad22d9d4de7ed4594b24be7e03ac882d23da9906a602b7383a951c72ddb2c9365aceacc2a6843992dd24a00aea75867d2838c9b14d6ce4bdf2b474b0b1e93d3c7577ee7a3a474e4d5dec0bbabc4c46807daef4ef2a53127ddd79d12102622d100a121f464cfb7460137df72ef4328db80582a65309a7db410c72b1ac1d89e3d6888f43c9105d96227815ae3071a93a28670aedca2f9c1ff08528b60bf99a3205a80fb4cc004ba932b3937df21a663d0acc7d184f7cf47b1bbd10306d09148dddf00ed404f214a09f56c48d5e2136f2ab843718f19803d6d6ade1cb4ab8784167c0435acef2fde7f55da683bd5c3151a920d62d440a0b15948a9f152ad723943cf7d88bac15c5ce38b9a6647d587cc8d171ebd3b3131e537ef3c28b9c916c2b9889bb767f13388a4578608eea9835d689c41617fb03d72e2a990b37393cceea1436542a019fe40fd5d084ac7d0fc71fa7e204d8d63983e57d34352a0f8c14b93e7c76a9778afa7a9d3e207cc382005d8cdf90c39c5c279376490d6ea9d95b6191e3eb42ee54187d3a67f44315ecf72b33a39120f9d0536c700f13db4449f0408ad88a76026698ebc7ecc23daad95f1479ab6c28b4abcba581fde740efcad94e45c4429848123594605ff18bbb161e0624c91162bbc2f88522555cd3ba4b78a4358d146aacbd58a593311cb8"})

15:35:21 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03000000b4230b95da90d8c4596bda54682f1b3eaa83b907fdf1f67b6c8c2da34d3caefa8f4a116af017b9458a0fdf7ae354c1794811dbd12d540abbbfcea066feeb90259fc2a8e5ae58429742c5591f4f5cd6e862fdb816a8cadd55bc3ec2b1d48ede0c14f0ffb1e171a65ba7241b52a3cf8d41841aa82b8bfadaa2f1705c3eba53db203f4bc21de8866e9759e3da4a2692200723105413387f43b93aee3e20c641f53623265f3c"], 0x4)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x6b}, "3c7639fec8930c2bb3153e977affd5c795a5ff0eb77417db16ab8b683675e9f7d502f5dc332d703faa72315eb78912ee83eac584db7b985c852a1c740d6b6cedb364b534a4bf03e5a247b5d53485db4cd48a37ae51af155d5c5977f0261240c0a9664b5067e557178a3cb5"}, 0x6f)
syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xcc}, "58df7a01d023de6bf578be0cdfb2e8875d3eee1f9e9b15da40c74c7f28e307a78bdf45b6a25a4dd3354761299a9f4da3bc557ed1c5357733b1bb0a66573aad82f498dba327b891ac41c0eb59813759d290502fc26e2e35af23660e877e4ef79d47d01798d789c409589522b0de7b3a776173969c9e1e95c5ca1f27dac3fccf1513cad1656ca7b204a00ba86309232ef8c7dd265092ceb3389fc26c9b34c077854cdb3350250bf4a090173d43ee76e2db958f932030c0837e90bf9804574211e05daf22190a6c2dd5efdd68a5"}, 0xd0)

15:35:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x1f, @any, "1a48230af4dd95f285225994b5330d279f4910e7ee8ecf03fab8fd683cf3a02a9121e58ebb3e47040bd0ba5d1136418395690f7fe6456b94ecca1d582445901022653cc7c1324b57d7f8019ee7151c734f12cfa2b6eb1c47619784cbf112be6cb58a8013416e0752afbecf9e930933cbaef34926b6a2e786b6c4c71cb52fd725c80e2ff2fb5f37371628165de046f8a1cdd9ecba6e52717fc9696137d70c357be029f4d90d8d9c5f49c9cccb4187ea8c5282d2296205c1fabf0797daaeffb0425ecd9aae68abace39474a297c44f4d43a607df45e7e57962a6425e9c39994df5e004bbfdf2c8a7e169476a9ae7de0a535cf891d32d37d67d"}}}, 0x102)

15:35:21 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000", 0x9b, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:35:21 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_keypress_notify={{0x3c, 0x7}, {@none, 0x2}}}, 0xa)

15:35:21 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000040)=@v1={0x1000000, [{0x7fff, 0xffff8332}]}, 0xc, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:35:21 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04"], 0x7)

[  647.663901] loop6: detected capacity change from 0 to 240
[  647.672158] Bluetooth: hci7: Received unexpected HCI Event 0x00
15:35:21 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043b0000"], 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_logical_link_complete={{0x46, 0x4}, {0x1, 0xc8, 0xff}}}, 0x7)

[  647.687718] isofs_fill_super: get root inode failed
15:35:21 executing program 0:

15:35:21 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040804ff"], 0x7)

[  647.718277] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:35:21 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000", 0x9b, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:35:21 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0x0, 0x3b}, "5de9ed46ce447cbbbc16d5dcf81015f80f7ba93bd091c7e0f48ad42cf2f9127302ae98bcad9183191471963851c8a05309e3b57d0b583638d6e347"}, 0x3f)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_channel_selected={{0x41, 0x1}, {0xc8}}}, 0x4)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x3, 0x3, 0x61}, @l2cap_cid_signaling={{0x5d}, [@l2cap_conf_rsp={{0x5, 0x1, 0x59}, {0xe, 0xff, 0x9, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x2, 0x2, 0x2}}, @l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x9d, 0x2, 0x103, 0x7, 0x8, 0x200}}, @l2cap_conf_ews={0x7, 0x2, 0x77}, @l2cap_conf_rfc={0x4, 0x9, {0x1, 0x8, 0x2, 0xd6e, 0x5, 0x1}}, @l2cap_conf_efs={0x6, 0x10, {0x4, 0x0, 0x0, 0xf413, 0x800, 0x2}}, @l2cap_conf_mtu={0x1, 0x2, 0x98a}]}}]}}, 0x66)

15:35:21 executing program 5:
msgctl$IPC_RMID(0xffffffffffffffff, 0x0)

15:35:21 executing program 0:

15:35:22 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

[  647.720777] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  647.923447] loop6: detected capacity change from 0 to 240
15:35:22 executing program 3:
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'batadv0\x00', <r1=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'vxcan0\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000780)={'sit0\x00', &(0x7f0000000700)={'ip6_vti0\x00', <r3=>0x0, 0x4, 0x1f, 0x79, 0x100, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x20, 0x7800, 0x4, 0x7b6}})
ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000840)={'ip6_vti0\x00', &(0x7f00000007c0)={'ip6_vti0\x00', <r4=>0x0, 0x29, 0x3, 0x8, 0x549, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @remote}, 0x700, 0x6, 0xe6, 0x6}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000a40)={&(0x7f0000000880)={0x184, r0, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x184}, 0x1, 0x0, 0x0, 0x20004094}, 0x800)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0x134}, "6935dd2337915d9a4ac632d0d519424b2f498ebb067af275e7afae89907228ecbf0f19e554e467c515baaa89a7e9d4fce733b39250cec0853a400ab5ab04de5bc6571824fc3a4e37c1118f8852afee255d0e83777845a249615c4c311b333c17bf87ce65d785df0a2265ef46f69e31d49a0260fa00f1ffffffd811946d6ffd2b57454f48bc0dffffffff0000000022841a3860da701c6905d8a3161785a61592200492c9a70979ae57f0d74fb5bf73630e5eb108167a307f5bb5adc38d918f5b883ba92d74495340b11bc06242127eb2bf140176a7c4775ed7bcb45b24476fccc3a7cf1033dc8600e758855f09064a2a67f8648356adbdc9e06891c6d3cf495dff7b0987c51e68b9913e0e7d8023f8e6fc2c9112395b00e7c0d9418339e0e7d6e70b3206242800000000000001ffd3046dcc47ce"}, 0x138)

[  647.934595] isofs_fill_super: get root inode failed
15:35:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/191})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="5a69b61d55af9a4af3407a447880174f169a21f8c3fddf6e3129d418dbe9acd78cc472143fdd6e1ee77ab2cbaeb50eb140869b20797ff9c0"], 0xd)

15:35:36 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000", 0x9b, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:35:36 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000040)=@v1={0x1000000, [{0x7fff, 0xffff8332}]}, 0xc, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:35:36 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x1f, @any, "1a48230af4dd95f285225994b5330d279f4910e7ee8ecf03fab8fd683cf3a02a9121e58ebb3e47040bd0ba5d1136418395690f7fe6456b94ecca1d582445901022653cc7c1324b57d7f8019ee7151c734f12cfa2b6eb1c47619784cbf112be6cb58a8013416e0752afbecf9e930933cbaef34926b6a2e786b6c4c71cb52fd725c80e2ff2fb5f37371628165de046f8a1cdd9ecba6e52717fc9696137d70c357be029f4d90d8d9c5f49c9cccb4187ea8c5282d2296205c1fabf0797daaeffb0425ecd9aae68abace39474a297c44f4d43a607df45e7e57962a6425e9c39994df5e004bbfdf2c8a7e169476a9ae7de0a535cf891d32d37d67d"}}}, 0x102)

15:35:36 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x7)

15:35:36 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0xa5)

15:35:36 executing program 0:
syz_emit_vhci(0x0, 0x0)

15:35:36 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x8000)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {{}, {@void, @val={0x8}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0xd004}, 0xc051)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:35:36 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8103500310001000e73030005001f06000400050074000d0308000900ff0301007baaee6f040001fe7f000702040000fe0400118302000500d793f645d0e6e674205dc35121c7bf44b9b0e4a199738804277766"], 0x3a)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

[  662.263482] loop6: detected capacity change from 0 to 240
[  662.275530] isofs_fill_super: get root inode failed
[  662.288589] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:35:36 executing program 0:
syz_emit_vhci(0x0, 0x0)

15:35:36 executing program 4:
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x1f, @any, "1a48230af4dd95f285225994b5330d279f4910e7ee8ecf03fab8fd683cf3a02a9121e58ebb3e47040bd0ba5d1136418395690f7fe6456b94ecca1d582445901022653cc7c1324b57d7f8019ee7151c734f12cfa2b6eb1c47619784cbf112be6cb58a8013416e0752afbecf9e930933cbaef34926b6a2e786b6c4c71cb52fd725c80e2ff2fb5f37371628165de046f8a1cdd9ecba6e52717fc9696137d70c357be029f4d90d8d9c5f49c9cccb4187ea8c5282d2296205c1fabf0797daaeffb0425ecd9aae68abace39474a297c44f4d43a607df45e7e57962a6425e9c39994df5e004bbfdf2c8a7e169476a9ae7de0a535cf891d32d37d67d"}}}, 0x102)

15:35:36 executing program 5:
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000540), r1)
sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000bfecdada6be6ac4829560104bc5ccfaf3fa5ed211eb391eee195bd4642b6fda445ad0d7b13937b4f97977205c8ee21bd2079f7c475bb49ee598c8b38bbcbac8c372d4adb08899e6b40cf34f136d58099da7eff9ac376d504b3e6a08ca4168b80083d890f299fc2d6908e668d83b87e1dc4b75f2b0a732515f3f4b867c3a4f20d3646b29fa74acb09a57b86c1eac87d13a673bf35612f304e01d529f024cc08a0f262651c4820d4b66aab75d393ec09a5e5eca3bc02b85e5ab9cc8cbea52e20a6b05934ceceed34895a08e92e21472af452f6a1601863f2edbaeda1b3e67176df4be32eb36a245720a151b0a6abe7d19e6a8d09b1aab78e9ed03c87d6d2486966bbe95229fe18e40251d101a5c1a8cf682cec82e6fb89f6775120f5a816cf8d6bfaa253440bb31c119d801a368067fb0dd40e6a99beccbdc2ea5e842e72b9b7b95e719fc5870fee13bbc15adedc5fa8d99c3a700572129baccc1809bf7163d1aff4bfbacdea95ce251aaeaa02310bdaf4415005a95fa0062b261cce8ab8fe80b379c9a08ad48be5bc80bb0b070e491fae32b734a6a5f463ea0b2aa83a858826e872f284a2a8ce8b78c14f263297e933ffc820959a2272cd86397fc5a3f565a71088ee0f92dec5acf7c0c96140134e093bdf320ed8822b72201d5143cd96585ee7cc0b0d07f0c2bc6951b82f11e39c3729724ec75112aade6b03c8c8", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000"], 0x14}}, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x40, r2, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x4000041)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, r0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0x7, 0x1, '*,\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x10de0da2d2c7f6d6}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @broadcast}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x40}, 0x1, 0x0, 0x0, 0x404080c}, 0x4000010)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r0, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x40054)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)

15:35:36 executing program 2:
r0 = semget(0x2, 0x2, 0x4)
semtimedop(r0, &(0x7f0000000140)=[{0x0, 0x6}], 0x1, &(0x7f0000000180)={0x0, 0x3938700})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfffffe03}, "37372d7986a6fd89136245960182762508fb0e91f2349531782b174b15f3e3dbc109f34513796b5e919b4ef33359849b47f96ef742b25c345684f09b87fd0f93136a038dccac36440ef5038e63adf10c3646d2b2a172c6206f2708d4ad388cf96b2d969dd7e1f3da02ec7137c7f02d6f3ddc95061bca1a3c6c1be657da2758be12a232d11ed7e34210379386f8763b69ec170c7d3dfa5e4c3e876afb822a80b22649b70a7fa37a4aa70de7c508011e0cd6588244fa8d31b503aa8306f51ca6f5fd2d"}, 0xc6)

15:35:36 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x7)

15:35:36 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022", 0x9d, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:35:36 executing program 3:
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x1c}, @l2cap_cid_le_signaling={{0x18}, @l2cap_ecred_conn_rsp={{0x18, 0x6, 0x14}, {0xa8dd, 0xff, 0x6, 0x0, [0x0, 0x8001, 0x5, 0x0, 0x8, 0xbf1d]}}}}, 0x21)

[  662.289438] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  662.543182] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  662.573635] loop6: detected capacity change from 0 to 240
[  662.601987] isofs_fill_super: get root inode failed
15:35:36 executing program 0:
syz_emit_vhci(0x0, 0x0)

15:35:48 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:35:48 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49}, {0x8}}, @l2cap_move_chan_req={{0xe, 0x81}, {0x8, 0x4}}]}}, 0x4)

15:35:48 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022", 0x9d, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:35:48 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x7)

15:35:48 executing program 3:
prctl$PR_SVE_GET_VL(0x33, 0xe9d5)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="806683f5cc8fdaea45aa5baae9f8c42031c2db956bac694ca1e3ff15b12e24017e99d7ae628f57eaee1eb9c9"], 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x6, 0x4}, {0x400, 0x400}}}}, 0x11)

15:35:48 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000040)=@v1={0x1000000, [{0x7fff, 0xffff8332}]}, 0xc, 0x0)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:35:48 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_confirm_req={{0x33, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x2}}}, 0xd)

15:35:48 executing program 5:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="030004f5ca6e8fba25a3b0114c197b9ae0cccccfff19b80dd3eb49ef8f0ccb4919173137b2629cfd8380a20670e9d0c1697e96cfcaab75e2aa6420193fd77d2b389a031b4e791148dabedf8a92ef6e00b98afa8fa609dbd4b6fa2af742b448921fa2500cbe39f16e23f08f259de80e20f5013c7b9320cc81dfa953eac35dcac5ea331875d071fd3404337b01871914e3a7cc1b22d0d0779dc2279e09905a8e6d"], 0x4)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x9e}, "163426ac41f9942782127f78d1b280bb3b8f8546003c2ac4d5521c5fa581adbec6f3414a32c878461a2ce8de5004a9810900b55a9f28639ee028493adfac6178fac1963da387ad124405484723b16a6a1f3fbdf8439d094313f190649bcbef603ca6d5bdce62e386937d9bb493313a0d69f4e3bf35fbcb08bf2ad2b38acc2f5ba7a918f1bfc0806ee5e0fdeae78f0c41769687b921e72f0b95bc5bda7c33"}, 0xa2)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="04027108000004000000fa040012c6b1547eb4d0ae7df69f41f6947ecb2bab3bc5df421209484ff57c00fffdffffffff09dc2adb4a944000aaaaaaaaa11105038083f8fe0300ffffffffffff0402006b176b0104ffffffffffffc04f80454cd3050000f3ffb920054f477503000000000000000000000000000000000000f5e4150ff60b759397558f9befce87947722536066107d205c9b636fccb012f50d1a1d40537a60c850e757a2c7dfd2c812e4e8671bc47b48c2576945"], 0x74)

[  674.853224] Bluetooth: hci4: SCO packet for unknown connection handle 1024
[  674.857478] Bluetooth: hci4: SCO packet for unknown connection handle 1024
[  674.864785] loop6: detected capacity change from 0 to 240
[  674.869021] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  674.897628] isofs_fill_super: get root inode failed
15:35:49 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x6e}, "3b40ba038a4c12db953dc4986b247dc5dbac66077f139db5e9e4661678af0b3ac76a94bbd2a14d6684ab9f97707238cd9cc35bc4f17c1deadc844013b24b78763173f3e6adfa5bbf2a45db6a5181a306483da4fdd753485f1c49fe7e0fd61275fd58b0ef2ab16ffa9f332ae528a7"}, 0x72)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x2, 0x4}, {0x40, 0x8001}}]}}, 0x11)

15:35:49 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2e}, "e4ac163f1c7ee9a8cda29cb5ae802492aedfd5c3f52998d4293fb116f95c5ff3d61a64f495edcaa03897e0dbab99"}, 0x32)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_keypress_notify={{0x3c, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x5}}}, 0xa)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xe}, "08edd35d0ec0d5819d1433c8e1f8"}, 0x12)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x1d}, {0x2, [{@none, 0x4d, 0xb, "4612c5", 0x7ff, 0x5}, {@any, 0x3, 0x2, "06d88b", 0xfffe, 0x4}]}}}, 0x20)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "3af4fde3228545081abf2f7fe0f525f1", 0x2}}}, 0x1a)

15:35:49 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49}, {0x8}}, @l2cap_move_chan_req={{0xe, 0x81}, {0x8, 0x4}}]}}, 0x4)

15:35:49 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04"], 0x7)

15:35:49 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {}, "bee2a92b1b2173a5e400789ba81a4ac3cc7e11686d5ff9838712f855fec35056026f33056137dc710239ad1b5c5bb78c1b611772"}, 0x42)

15:35:49 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:35:49 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022", 0x9d, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:35:49 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000040)=@v1={0x1000000, [{0x7fff, 0xffff8332}]}, 0xc, 0x0)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:35:49 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03000000d984a85465e70885107587b93ecd23216a5a834b00000d3f879de8094aaa21ee6e0f1c10f7119c3fb012786b7c0dd29dd46a8e118967f598aefa13ade9ad838904d915955014a98c8269704931de6247775913263edae5357ccb415944ff12e4"], 0x4)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x9, 0xc8, 0xd463, 0xff5d, 0x1f, 0x7}}}, 0xe)

[  675.212216] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  675.239854] Bluetooth: hci7: Received unexpected HCI Event 0x00
[  675.241537] loop6: detected capacity change from 0 to 240
[  675.243344] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  675.246421] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  675.275652] isofs_fill_super: get root inode failed
15:36:00 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000001240)={&(0x7f0000000000), 0xc, &(0x7f0000001200)={&(0x7f0000000040)={0x38, 0x0, 0x10, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x115d}, @l2cap_cid_signaling={{0x1159}, [@l2cap_cmd_rej_unk={{0x1, 0xe7, 0x2}, {0x1735}}, @l2cap_disconn_rsp={{0x7, 0x7f, 0x4}, {0x3f, 0x7fff}}, @l2cap_info_rsp={{0xb, 0x7, 0x1d}, {0xfff7, 0x0, "2adeab358a0bcd98a494e1f5e39a82174a67d21f0ecdeef8f7"}}, @l2cap_create_chan_rsp={{0xd, 0xff, 0x8}, {0x4, 0xffff, 0x1, 0x200}}, @l2cap_conf_req={{0x4, 0x1f, 0xe}, {0x0, 0x20, [@l2cap_conf_ews={0x7, 0x2, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_info_rsp={{0xb, 0x1, 0x1a}, {0x7, 0x6, "3a464acb00c82347fd8717500fd7a0c5a2a4f8506ff8"}}, @l2cap_info_rsp={{0xb, 0xb7, 0x1004}, {0x4, 0xcca9, "b53eb970b7e446547b79b92a8a494352dd1989f7f503f76077ea43e878d74ff9c75cf43d1db1255dfc47e92c947037e54bf85c759eee89e314f1549175f542ff63499c0df6bef39763f40a2e8d88ececa5fe75b7a9798a170298ad9320ad2ecf6b2671b57aace686fa5bc64fb89b56bb9278885053f2062604f52f36d269accf57f46650e40036ef346aaa79848e7d70ab1f692da809e2c2befd55bf44e2b27cfbda24ff483c675756eea58bd493d1314d1a6b426c43d4ddce816863a9ae4dc5cd38ae0f560bb002399fb8d0535547c4c42ec9417ba18f016014aeaa5830d307df08f2ab13915030b647ce174b820eafa86b8f64f462149fb04d60aa6737589c9d7ca4a9697982c07c7d0454a84fa6a5c9acd429ffb06759f2548fca9e20f4d6b33bc75bb6ee32ba282b4aadbf1e9e4081c19fc1161c9f14fe77cfed1d83f0e4c98b84100495570d3db48c1e1a39ace694bfea7f3b57b679e20fe65911e7310a229696c8a82bdb2f6fb6d3b7d6df323991aed9b36cfb260aa6baab1f10c43db76572301e4a9db1072a6b0857f6af7b30c4e5eaf4dffee86d2233f827d11c1073a6b3c9d168d67092559558ae81368c17ebf7bdf1387f86f6b01497dcc717367135f519f9618ac2b9977d9a934254e4d7d19ad153a33800939cbbb6023725745592b227c0abd1e37f84828426cec3a2473546a334febdfe9252b81688d3e78014715e5669c988ffb7a6cc7fb6e407c6b7647656e317136d226667ed38616a76ec65bf7d54cb92025ea4e0f49b9c50b8db0d635101a201ba33824b724835d66fad17218741650e6d0e0dafff97bed1e17235dce1caa13b02d6086a3a864ee5c561254e30a16381ac32f39b3a71a2553a0e23ab8e8bcca08c531ab39f4b8f25d9f99686ebf765915922528fe7408f48a988afc1e7cf0cd381c5f97efc7e4c38aedf7961f2e1b2d3954b612d6285afbd09b6721c6a724af2ed732b0328785caf05f83d5dad389e1f06805277644f771ed3c8e9bd466dec67b0c7aec7b36cfcee243bcc37eab654da2735fe47353b91b5952075fce0cfca8d93a27dd941c80880409d225946eb7065155581f743ea1ba519ce2edda1c3ad9e65cd380f2f296432cd93ef1386adeec715a7c11e38408da92f3a1b2e00f8f55a946272538b4ccb705797e4000e6493f331707b5162becb43861819a7867ca479ae1d5c6e5966cf176d7eefd9864a4324fb7e530dbfe2d5f48b8e0df9782f52cbdb9e868266d991962ced4aeb07447aff5bb47e64605f6a2d665aba3548011304a6579a227c05c4802d731433d2ec6464e1be79869d17b8f81f439e64e02d38694d775b4886736de0c72c4c08e5139e26225d29ffbaff588ee897a617101933c429ac3bfe967414b5d6383a1adb900a9d6fdb32b71eaa1b781ee820b72ccab43c474a69f66e0758a1283cd33ecd48a63a20e937d587c2ff95982c95e04b7f6bf65cc66918d40b0251164ec448d7024d6f57fc4ad3a2717e480a9e2dc0662ae6ef5bb26278206f6602fec2ec42efabcad9da18e5f67959106db88dde87340c229185842992da36a64b57f7776f114f04a33155e9dc243e6e95ced2f545bd9e5eb14661e64145214d4be1f04e8a4e43c254297f7f7b1d032a497239509bedaa453433ddfff1ad9536dada7e7c4177ad108113b40699b93bd6a5f3624ff5fe7428673ae929b30cebfd7d594591cf0644afe49b401296b929c9a7efebd8da94b2b32a7a3d10c94b492431877e1e910e76ab8ce77b3c223f26bdbe3d85fa22eae8638b6369592f356ae3ca5797491398df9e4988a977cb7c1dc461579b593db1183b94ae4bec604ee471058dd5894218e99e7276af3dce684b2ad51a000c0ab5c46afe3606c4fe409f60a284d7d61877ba040d2459f998b3b225fc2273bfcc12ba395e7b57f226bf82da510bdae72473a47238e6067b6d7cf5dbbf1986d51832beed6a706a64190589713b29bee57bf3ac65735807801f82d2ca7d86fd1f4f83449e56b79bd20ac8e97382e157395f00809d77a5ae2f62af78d9bcf2f32503be1b27bf9f7022600089534423e23bd640419824e68ef6e896e2e0880c673f09fe580f8a8322c2786f4ac0f59539d6df1f0eb10edef8a27028b6768b8c42b36693227a51e3829db92703a6ea3152b9cc0f4f4d454adceff746ed63020df5fc2941d048ebc0e3f1fe3ee9fe8c8da4a33e504f3f5df1d74ba75fa6725a9d33ed9a5c4caec81eb1add4427d00000e551be89ac061d9d969bde2a95c177e8aa48e02e32bf74c578d50679f0b534d39f5b28c14b9f55947b22d79e9be17727da1bb32a4de9bcfff501f50797f47f20eddcfad1b802e4567bb3d078b83d27cd9577f4ca5d99bc125bb7fa08ee8d4c83f723f0ffb4d1d786e9c924c64d9562c0fbfdf6d6c231122fbce40099955c330b46a633752c2be5814894c469e6e1e22171828f9749ef3de85cdcf3b09e42ec1795bf18d4cc0ad380a029de07c9994332ee6d5c38a6542e5ecdee94f065e90510908842b14a3a48e06ea1b57f5fea8994d8148b74137b6882e7390fce3436bbd479ec4026ef1b4e42cd279aa280891ee78657f38f00479b99b01a196f084d8f9d8bbc5fc1007d896435bd4ecfa003b3e86087705d1fe4bc5433398f24d8c266e16d3b827e181747ff5cf58cc85646dabe9923363a54f4da3a534127c5d5bc3a44807e3d31c4250127e3d1e889ba35462f21ae78471857e644c2bba7ea6eb265653b06ff606a9e7bf1b1e533352b3e5f63cfe3f52c935ab98d060c351ce3e2a6207f6e45212de5bf829773cbdff7415ddb78a8295f6402c2fc278a251cf0faa48e0fd931ca5da124be606ec520ed362b4bf98aa75d1eb1765d4dc0d66c9ef1b758a6845d64327dce8941b4199c7df1b83452f0c42463b6243fe284a1ce04843cc7c895788f9d95b9d16255b27dec3cc772486a8c35b7d7b3807ef4be9f5e8fd26284e459e47a21258b23d71ca4c660f643c8c22581e8b59bc18e115fcefa1ea6d913fd587541e4395a2322bdee0b08e336412fdf9f72a6d3463e7ce97b683f1fa508cd084b2e5ad3f7bf0db7222d0b560d836a13f1fca0a6fc42c1161059ca463b70d038244d35f58ce090d64dabe69b0fbe2b35321fef63f4d6b86f33fa6011eecef8b540cbf8ef34afedaac0fe5b1a803c2298830aeae5b4848c7b53c466623ba86379d15248694eb00802ed5a28b849f5f4939f5409b370666a67b3ae39ca127fea8a6c3ee6386026729713f201c2b3569d6b1f9554ad7b6d424daee8a10cfeda8665e05049477cc4a6fe88bff6a5ae5a482cb27edb8e16ae661650c0c8545d21614f58409b6863aa5cfc782891b2b0cfe12cf038a87ff379b8c7829ddb8186dc0b736fbc2195fa734390afb983a37efd9f717bf0ba67209322e0e224b6dd6d229146bebac0e9907dc92f69f47726960d0c5c0882c9e48401c87cbf6faca8e1c9d32b147f8604ecb98180b6141db2a6c2e12d5809098a28c66fc5bf0002d8084b30995d4957dec0ea5380b57ac52ebb0205331a45a6234275d7a3807d38afaafe79645cb81c02d9867d0635891a8583ea20ba8239489d2bfa57e261afbf8df340f5650e2dc00b6565a99f92f1fdad9a0675172db6e8634e7c5b9f7b06a83232219bbe890554e734ff292234f0367c859703e5c9f323456f06f9c3ff835474b5879c027a539389ee757386f386ec144de7d8be5e09b6e8b63480b99b79effa59451d456f7e0721b1a783553584460fd477903fe715e051787f15019523e65b7c14762f1f01aa8bd97645a0dd2eec2925d7bed70e967e4168853c587df9c6d9bb8a56e0c629b855186b2e7d332065f061b3ef5503ca1b57930e09508ad4caf6c6941b666f3c4263ad4b745dd0c7f34929281ad01bf41cae0d3dd3dee8f48a7a37780a406165299de2402d09d09bd3462305027b60fd6f18459a9c8d6fffdf5606641254f7c82ed57dccd0a58e584acf3c2e862774ed91b4d22dc4dd9a0313ec6c82cbb5d316a62d132c272c9dc621286e54ba1ec973eb097bb16a7cf6ab527224e900e538125c61f57709d72e184b9e6aba1b2b66741713f048ed37352d50fe84386234ed4442271f28cba4abad4ca340f6a03cdac41b828f03e5323de68134ea5aed8080305d6d262f7dadc19bd994a5b431389dea9fc13a3f9c9661a573495a8717171799fed1fbb581b4811fac87a99ca757297ea9abced122b10b1ea1eccc7d274f11356005cad69ea90a0e7849f46615875719a362f6d03c66828795507bca7ed98aecedad1bd65d4dd3501b207733d412d32b59bdafbaccec698d34b500062026fae7025bc1d71b52a17db27618f7817a6e0142479bed928fa59130430a6cb7d360dcbc52af35ae8a585f31ceee71c5e60b7949e892fadfa7a9c665cc26e7c906d6e576c49fe8c790061130e65c5593931e80af885c5d597b76dd963eef501f1949368f7c8999e8802932daeb05095f8ffbd5b790937ab836bb43df7ec4dcb539322fab5071b8262a22746316dbfe30b773a375cc641fe36d3116009f1c31c6ab9c31748e46adc6802d4db9c12123457510de82b5068c6f2d3e710a05dcb6d216c530906b5352266835412e86645cad1e650196d884efe833dcf069f45e6a85349901a58ce94c8109857eb0cb382a917d6ff93e4632483edb37aa39c6aade24aa4c9b706218ce28000cdf7d9668ef6b23f1063e9559cb3796277c74791a345df0a6a064ff93103b634798ea596b154cd3c78d7ac9808314977ed2c96946f8b2274b25172c38cff4a0437d0c98c139532a0435fdcc5f2c76279fd567375a7eaa9b6b3d662d553cf2e7d3c19cd26d657793f6dafb51aa5e7772934d1f377dd0bf32a691f2caccbaa745fcdc7c4dd37efb7ead2d391711ec352cc584f697ffecd378c9d0057b436df701757cb47b49375d3d2fa35564d723d4fbbd7e4c4df9936822b962f5a1edc2211aca7b145b0c7ce3aceae0b32f6f3884544ec68618d151dd2d4ec26ebd07f28da9cfb6850fa88f93232f38c2dfbc75e2e2aef8b80b424f31b9176ecb39fbc40cbfeae421d35352255e18f6374f333b7f231ebebc3a13903e7c69511c096bf86431a4afb668df2fbba51a5a136bcfdf76cdfaecf95613e9fec7b0b53a969fedc0e7f799f3409d1b0b9542a4d2b6d6f5ac6e2d78221c9ee1505e110681bfa36a8f27a5525b702eebe918acad84f20af7cca8890404a73f2538e870b33d9a9748d8cfd1c50bfda933b6cabbe07a95c59c62411c62a8a3259c75d26423e1c90fd98c4b3e066b52ed937fe209796861c8ace97def1bbba3cb6840a663af2fdf0ecfb40e2e886951475923540870f3991ca608ec6e99f9d937b1a625dc863124d79562a6d8a1dd5207120950d0b49ed2dceb6fcecfd045a1317f3b3f5493c7098d8306003068b9e93e87b452979a23d1b66ae13b30f4fa0e9a3568fa8ea9519a915993b4743d352086b0ae938df039a0e9443c41221e9404d3646454a6cfd6fca840d8fc3caba82180b5576ec0eefb6ceedeb908822160ae1eb1b55820c316fb850ef5b93d9b1e9b0bfa1551545fabeb8adb00b69429cb65a47cdc9fb901ad2812466b0431636d7fcc8bf90065fb7cbe2dabd057a2ab3e52f66b6b01efc31cb365ca4ca5be290b69dc88b68a0851e030f586011c10a53db5d1983eeb2f6fa6bdaecb84bd3f8bee1909430c47816f00ca3d7632474b3dcfe732068bc9f60b4bb043b3fc05b8dad7cd483320535315ad43011cb2282bcf39dd4eda8"}}, @l2cap_info_rsp={{0xb, 0x3, 0xda}, {0x3ad2, 0x2cd3, "27ec38e7ca6b37c96ba7dc59d4c01a3e775aba6454ff67b8de243db31c8b0c315bde27afa46167263eded55fcad31a366fe0bf7b71e4c947687839d799f93628b3387f4e4a6fa70b26e7ecd9c18f720eb8ea3ecb404c3f0441fce4e68024a3704221477f9d5222b3a767ea2605907d3ff1cb5664a82aa956021f6f9cc7d6cf7991455f13ab97159bb43b9b590821c9bee83d7e195ebdb6e01f0bdb6c279f3a902286a1de035aa5b3cd6c7808a1193ab74ada67e6c156c91baa0db88b461b1b56b640db144232d4e423b7cfabf09a8131646141c573b7"}}, @l2cap_move_chan_rsp={{0xf, 0x38, 0x4}, {0x7, 0x6}}]}}, 0x1162)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

15:36:00 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000007f00)={0x1c, 0x21, 0x1, 0x0, 0x0, "", [@generic="026b02db13cfb35673"]}, 0x1c}], 0x1}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="030000007fa31cfb8df3e29981ee64e736ae"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x1, 0xc0}, @l2cap_cid_signaling={{0xbc}, [@l2cap_conf_req={{0x4, 0xe4, 0x45}, {0x33, 0x8, [@l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x6, 0x7f, 0xfff8, 0x33db, 0x4}}, @l2cap_conf_efs={0x6, 0x10, {0x81, 0x1, 0x7, 0x65, 0x9, 0x38}}, @l2cap_conf_flushto={0x2, 0x2, 0x7d4}, @l2cap_conf_ews={0x7, 0x2, 0x8001}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x17, 0x7, 0x9, 0x40, 0x200}}, @l2cap_conf_flushto={0x2, 0x2, 0xb14}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_disconn_req={{0x6, 0x8, 0x4}, {0x8}}, @l2cap_conf_req={{0x4, 0xea, 0x28}, {0x8001, 0x1, [@l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x6, 0x81, 0xecc, 0x8000, 0x5}}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x6, 0x3f, 0x5, 0x3, 0x40}}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0xcb0}]}}, @l2cap_conf_rsp={{0x5, 0xff, 0x27}, {0x9, 0x1, 0x6, [@l2cap_conf_rfc={0x4, 0x9, {0x4, 0x3f, 0x5, 0x1, 0xaf9c, 0xfffb}}, @l2cap_conf_efs={0x6, 0x10, {0x1f, 0x1, 0x4, 0x4, 0x1, 0xffffffff}}, @l2cap_conf_ews={0x7, 0x2, 0x800}]}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x1, 0x5, 0x1, 0xfffa}}, @l2cap_disconn_rsp={{0x7, 0x7, 0x4}, {0x8001, 0x4}}]}}, 0xc5)

15:36:00 executing program 2:
r0 = memfd_secret(0x80000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000040), &(0x7f0000000080)={0x0, 0xfb, 0x1a, 0x0, 0x7f, "6fcbe2dc1e9f1f2794721aeb77e94373", "f15f2ec639"}, 0x1a, 0x1)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043b0a00000000070600000000"], 0xd)

15:36:00 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4e}, @l2cap_cid_signaling={{0x4a}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x6}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49, 0x2}, {0x8}}]}}, 0x53)

15:36:00 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000040)=@v1={0x1000000, [{0x7fff, 0xffff8332}]}, 0xc, 0x0)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:36:00 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04"], 0x7)

15:36:00 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:36:00 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000002200", 0x9e, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

[  686.401261] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  686.412660] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  686.416346] loop6: detected capacity change from 0 to 240
[  686.417407] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  686.418348] Bluetooth: hci7: Received unexpected HCI Event 0x00
[  686.444455] isofs_fill_super: get root inode failed
15:36:00 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0xc1, 0xa}, {0x7f, 0x9, 0x7, 0x68, 0xffff}}}}, 0x17)

15:36:00 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRESDEC], 0xd)

15:36:00 executing program 4:
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x0, @any, "1a48230af4dd95f285225994b5330d279f4910e7ee8ecf03fab8fd683cf3a02a9121e58ebb3e47040bd0ba5d1136418395690f7fe6456b94ecca1d582445901022653cc7c1324b57d7f8019ee7151c734f12cfa2b6eb1c47619784cbf112be6cb58a8013416e0752afbecf9e930933cbaef34926b6a2e786b6c4c71cb52fd725c80e2ff2fb5f37371628165de046f8a1cdd9ecba6e52717fc9696137d70c357be029f4d90d8d9c5f49c9cccb4187ea8c5282d2296205c1fabf0797daaeffb0425ecd9aae68abace39474a297c44f4d43a607df45e7e57962a6425e9c39994df5e004bbfdf2c8a7e169476a9ae7de0a535cf891d32d37d67d"}}}, 0x102)

15:36:00 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4e}, @l2cap_cid_signaling={{0x4a}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x6}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49, 0x2}, {0x8}}]}}, 0x53)

15:36:00 executing program 5:
ioctl$sock_inet6_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000))
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)

15:36:00 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04"], 0x7)

15:36:00 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000002200", 0x9e, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:36:00 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[  686.651458] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:36:00 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)

15:36:00 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4e}, @l2cap_cid_signaling={{0x4a}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x6}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49, 0x2}, {0x8}}]}}, 0x53)

[  686.681883] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  686.692644] Bluetooth: hci7: Received unexpected HCI Event 0x00
[  686.722099] loop6: detected capacity change from 0 to 240
[  686.736341] isofs_fill_super: get root inode failed
[  686.801170] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:36:15 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:36:15 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03000000011ac2aee3d1ac724a06cfc3bb3348bf505189c8f87f5a659e437ab7ee1f00000000000000a4ee35a33a8147b2f2740a1f0227801ae957eea66ef91a3b9adaace7aabe37d1350855fc09a972"], 0x4)

15:36:15 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:36:15 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49}, {0x8}}, @l2cap_move_chan_req={{}, {0x8, 0x4}}]}}, 0x4)

15:36:15 executing program 4:
perf_event_open(&(0x7f0000000280)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100005e}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x6f3}, {0x7, [{@any, 0xff, 0x7f, "7e18c0", 0x3ff, 0x89, "e5a05e7b6616b0a77499bf12b011ab4840bbef41bc1f7c782dd13c3e19c5d7907980a15fcc0194bd67e96e35ef80b6ada154784808938e509991aaec9d25d63618e41746b6568adc64feb3fec632742c056b1447c6d5d93429b272a7fe00b417abbb19e9031f1f7865349e9556664bf00532bc67aada6097c30b4dc96795556af89b4318b921bfe6bf097ce254948837eb07f601eb64f53f421341f9574f3403f106aafbb899adb3fe7adc4bd60b909a25eae8a155cba592b00275d47b50a75187a77ec0a00bb51502993946d02228a219ad18d07debe98a9374918cc75f4f3efc41085661bfa9e0eea1bb12d457bc50"}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x71, 0x2, "65f6f4", 0x3ff, 0x80, "73017ad12ba3f0ae14b6a6e6cb1de5dc8d2b8ddbef01dc457db3bc75724874644befec833c96d8f3293f5fdcf4636dce520793faf755355b6ce6839644ee2f13008dd460cb43774df8fcb53294dc805ac9f8ce77e2965f6ee4d435338bb3360a2616d470b83f4cbcefe67f9464662689ad1129953231eb1fd2b527ed26d604657cb409eb3dd5c5586486b842eecfc6cf82b6c9914de2f5c2ca03494dfeabe08252842e73061908d95fd66a03d0fe546b4b4262ec4a0d6dda7d008298b8326d23843d24e4259f5e3da5bb6267bc3fdc7b8754268c4fd6065adaee638edf566b6590c26ebced3a4bcef347584829919c40"}, {@none, 0x1, 0x8, "218d15", 0x8001, 0x1, "666964d0e4bed0c09a01eb8ec12384c78474dd36945ab69b754119e2e141f76b75fef4f1c907ac3605ed54a47d99837a72d0af18fe7f72df98b4b0c283972b0bddae42c412391da18733b90a18782e5f6619bf738ed05ff06238be3ae668f29a74216cf9a7cc82120db794c58275d02df5101226d2e85fae164932d5294004522589032caf2935f1a9e90c1f3a60ec6ca0416ecd826ae13c08fbdfc5ea22c2b2334a76d8b8cf1f7938d57083393601c6dc4b1dd2e197cce4e55185939fbf6957c2af4f7719c65bd02c955f280ab0a1a9cf81d6d3d6892a7d55800113749c178c5932b73b9c5309e2d823ec23bfedebf9"}, {@any, 0x5, 0x2, "e97c73", 0xffc1, 0x5, "8325d0f7f62c2f34fccd01a3584c4d6a0472693f87b18e50ab3ab88d39cb06d77de786ebd3816da20262b724a6606b471879df68c4a6c7f905e76302065e22b9415b297621443fe364c19135476fb0fe444b4442a7ea016abf60cda8b572f65bdb3b0fd96d5be52a0918ea00e0d4255e6a339bc3631abacde0b4e371b51959c084f2823889900110f57969f6e209d56cf4c9edfb0a679bfa4d779c77e0b3fa1dae75e83d708cad29885ec5f5c45703ce9a68ec66f92ffc76cafed005243bbb8ce63f5c282b04800404309585f9e6e14d9f71709f038c9d67d70c73174a055dc19bc26ddb853c6a0f5922eab182c38dc2"}, {@none, 0x20, 0xa6, "afe0ec", 0x0, 0x3, "4c7f4b53bb83d3d35b7d46afdc495adeced049204a3de685868081234f000f83c6558694ffe8285c6f40dac7db753906f400a9235786233c9b5a3857b415a7c58d4606030fa3ffc37cc3099334c6c8c022793b45b70534a2e78b97b4eec7513a03ca376391610e063ea55e6da8d8dc044adc62992cac7869933339b085cc62a1c4fd9bc91eb17cac2201fa8103cb5be2ac6f9937fbebb0b05ab1c71cedb82397553718592f3b95165aba46cdd4fc9079ff8ccc175b24e04703db4e7bbfde0bc85f54da2eb6f6ad1aa2a53346ceb93fb2df6c85f77ea4e00852dd34281f74ce0ce3b43d0c898991f85a35bcf98f899b35"}, {@none, 0xfd, 0x1f, "3063f8", 0x0, 0x7e, "1f56d57d38d954d56ff1e3c769a28d96096c9c2a2c150972a93f6e0e492d16f4820fe0f818d6cc17c867c3444f3e94d9dabab54300c15a62509d55dadae69fbbba763a00dca5a21bc9117397a72f0847d4078bf1f1bdc1dcb2916e31d64d3d0d8438d965f41833ac9f10a58621b745c8f0a35b9f14107b6ff256f2f1e0f5d8c2093c7f2ee042b2f492b1f9c64f109e89977003f65cb85865cda822f728c7fc04b01d4262482596f62ee0a537079753dc194799f8100852fd1c340f00b2604451ef55ea24305fa4fcab7ba03b97a63bbd46088045f64057e805d852d6955c0c7d70616694e74e86bcb1398b94f776012f"}, {@any, 0x9, 0x2, "738c89", 0x1, 0x9, "322ac4484764bcbeac89abf09edbccb37e89d67e12d2737cf64c17c78c3637022df896c56aa7a0b5856a9f9eeed2a32766f32f2a74eae559e8030839374467482e9ddc331e070d32bed3b000206279edbdf285fdd891f552c9d77743425dd6e16f41591493941837c28e5088748767ec1bbf28ac457214fbe1c250abd5a8490a0899a5831fc90c4c232da3bf76fd25e6bf8f0f3317c5dd27082bfe9fe3fd8196ea4962cac73c13afa3714e643b559c887d140ce2303eb3744570799c8536cdbadb63532542edb9749ca1dc81a5f62d7e6c977a53aa577d036bf5a69b09b021c50af92cb24495c991a12afda941037e0d"}]}}}, 0x6f6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_conn_param_update_rsp={{0x13, 0x7, 0x2}, {0x7}}}}, 0xf)

15:36:15 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:36:15 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000002200", 0x9e, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:36:15 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_conf_rsp={{0x5, 0x3, 0x19}, {0x3, 0x20, 0xd7a, [@l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0xfff7}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x8, 0xc1, 0x0, 0x2, 0x1}}]}}]}}, 0x26)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="25ea315734090f3e009178895fcf306ed5f9f0d84e04a186c089e3d63e10a56558a143f845accc89d8cc9b57693e79037b147fcdfd11a49e148846ac1b66bfcc4ef3997381d6c052bda6dda24b6e88f668baaa670ff5409446ab99d31994b76843b574b333f832c00137c629d1079b641282377f6a1f6cb9ad9258bc7c34aae7da"], 0x9)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x1, 0xc9}}}, 0x6)

15:36:15 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x4)

[  701.291914] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  701.292637] loop6: detected capacity change from 0 to 240
[  701.299205] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  701.300603] Bluetooth: hci7: hardware error 0x7f
[  701.321428] isofs_fill_super: get root inode failed
15:36:15 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  701.350242] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:36:15 executing program 5:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x8c, r0, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x3}, @NL80211_ATTR_KEY_SEQ={0xc, 0xa, "7f72e8c5bd7a91cd"}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "9f78e3e78c"}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "103043184b"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x24, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x3}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}]}, 0x8c}, 0x1, 0x0, 0x0, 0x24010899}, 0x8010)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000200)=0x1, 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0x0, 0x2c}, "7b881e3e9cdc85eba3f9359e73e5145c4c6d1a069987339feaa9b7cc678d20220ca7c1a9a8a7ba9c984150bd"}, 0x30)

[  701.633933] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  703.357071] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  703.358908] Bluetooth: hci7: hardware error 0x7f
[  705.411509] Bluetooth: hci7: Opcode 0x c03 failed: -110
15:36:29 executing program 7:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:36:29 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:36:29 executing program 5:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="03c800a3c8856f4834f2fd353f855d25c9b33150f478d4327be20630033ce67e0be2ace4d4bb2a5019b1cae6dec09b5503e85eb012ebb586e61cc1f3628ecfb28108b273f2ad0de842ed0b526cdaff5ccc0c7c147458e835a44bfa8db7b0466c651faafba78abfc043e1c83feb703c5e4562feb15e2ddb3b19eed1d7f0d7b8a32b3c92e26bd6b5773633436da18cbf6f8f196ab3222ab3299180a63219"], 0xa7)

15:36:29 executing program 4:
semctl$SEM_INFO(0xffffffffffffffff, 0x0, 0x13, &(0x7f0000001240)=""/4096)
r0 = semget(0x3, 0x3, 0x200)
semctl$SEM_INFO(r0, 0x1, 0x13, &(0x7f0000000000)=""/56)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)

15:36:29 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49}, {0x8}}, @l2cap_move_chan_req={{}, {0x8, 0x4}}]}}, 0x4)

15:36:29 executing program 2:
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x464, 0x200, 0x70bd25, 0x25dfdbff, "34aaedae12f70b70096526be82dd33", [""]}, 0x20}}, 0x8141)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x3, 0x30}, @l2cap_cid_signaling={{0x2c}, [@l2cap_conn_rsp={{0x3, 0x3f, 0x8}, {0x5, 0x5, 0x6}}, @l2cap_conf_rsp={{0x5, 0x1, 0x1c}, {0x200, 0x10, 0x5, [@l2cap_conf_ews={0x7, 0x2, 0x40}, @l2cap_conf_efs={0x6, 0x10, {0x6, 0x0, 0x3, 0x6, 0x93c, 0x1}}]}}]}}, 0x35)

15:36:29 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:36:29 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x4, 0x1, 0x401, 0x0, 0x0, {0x3, 0x0, 0x7}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x1)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="00686bbcfbbdb04d07a4630007"], 0x4)

[  715.609661] loop6: detected capacity change from 0 to 240
[  715.657708] isofs_fill_super: bread failed, dev=loop6, iso_blknum=60, block=120
15:36:29 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:36:29 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)

15:36:29 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0300fea99a9c060d5b5d2e96a7e6c30000"], 0x4)

15:36:29 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04030b330600ffffddffffff00b5"], 0xe)

15:36:29 executing program 2:
r0 = getpid()
getpriority(0x1, r0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0xff, 0x1, 0x5, 0x3, 0x0, 0x8001, 0x8100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x101, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x880, 0x5, 0x49, 0x8, 0x7, 0x0, 0x7, 0x0, 0x401, 0x0, 0x10001}, r0, 0x9, 0xffffffffffffffff, 0x2)
r1 = getpid()
getpriority(0x1, r1)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0xff, 0x1, 0x5, 0x3, 0x0, 0x8001, 0x8100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x101, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x880, 0x5, 0x49, 0x8, 0x7, 0x0, 0x7, 0x0, 0x401, 0x0, 0x10001}, r1, 0x9, 0xffffffffffffffff, 0x2)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
kcmp(r0, r1, 0x4, 0xffffffffffffffff, r2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)

15:36:29 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49}, {0x8}}, @l2cap_move_chan_req={{}, {0x0, 0x4}}]}}, 0x4)

15:36:29 executing program 5:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_SET(r7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x2c, 0x0, 0x1, 0x0, 0x0, {0x6}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x2c}}, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r8, 0x29, 0x46, 0x0, 0x0)
r9 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'sit0\x00', <r10=>0x0})
sendmmsg$inet6(r8, &(0x7f00000006c0)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000"/32, @ANYRES32=r10], 0x28}}], 0x1, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r6, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x58, 0x0, 0x2, 0x70bd29, 0x25dfdbff, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4010}, 0x8001)
sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x4, 0x4}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0xd}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xb}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x4008000}, 0x1)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)

15:36:30 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{0x1, 0x49}, {0x8}}, @l2cap_move_chan_req]}}, 0x4)

[  715.668853] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  715.684838] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  715.862632] loop6: detected capacity change from 0 to 240
[  715.937858] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  715.943347] isofs_fill_super: bread failed, dev=loop6, iso_blknum=60, block=120
[  716.031200] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  716.071126] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:36:46 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:36:46 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="945b5bcd4b0428a92f7056154850"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:36:46 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:36:46 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x4)

15:36:46 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x1, 0x1, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_move_chan_req={{0xe, 0x0, 0x3}, {0x0, 0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7, 0x2}, {0x4}}, @l2cap_disconn_rsp={{0x7, 0xff, 0x4}, {0x8b}}, @l2cap_create_chan_rsp={{0xd, 0x1f, 0x8}, {0xa9, 0xfff, 0x4, 0x400}}, @l2cap_info_req={{0xa, 0x4, 0x2}, {0x401}}]}}, 0x30)

15:36:46 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4f}, @l2cap_cid_signaling={{0x4b}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x6}, {0x7e, 0x50, 0x7fff}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x54)

15:36:46 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0xff, 0xc9, 0xc8, 0x7}}}, 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0xa0}}}, 0x4)

15:36:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)

[  716.084310] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  732.204740] loop6: detected capacity change from 0 to 240
15:36:46 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4f}, @l2cap_cid_signaling={{0x4b}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x6}, {0x7e, 0x50, 0x7fff}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x54)

[  732.269318] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  732.299289] isofs_fill_super: bread failed, dev=loop6, iso_blknum=60, block=120
15:36:46 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:36:46 executing program 5:
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)

15:36:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)

15:36:46 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x3, 0x2}}}}, 0x11)

15:36:46 executing program 2:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
ioctl$PTP_SYS_OFFSET(r0, 0x43403d05, &(0x7f0000000380)={0x11})
read$eventfd(0xffffffffffffffff, &(0x7f0000000040), 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x3, 0xe3}, @l2cap_cid_signaling={{0xdf}, [@l2cap_info_rsp={{0xb, 0x0, 0xc6}, {0x200, 0x0, "a80a150802e4af322cb4240276e855b6dc25c8df4750e4d5207812b932031bf88169784acc53b4dbe8ea5536078c636291049640e7a92bd63e88e913127f24e12632b986e8d4b203c67b34bf21b27f7fa4c13adb7b37c385adc6e4f255e2bf13b7866685557d2bccff0ca88c03efd45ba578292c3adb66ea19729344109d54744a56938e59844df8c8f9ce31fb605cf8a71121104bad3d2332f2fd35729aacd81086b883c468c8c048682c13c93e8723b3542ccb23d3f6b911c19df0373fd4265418"}}, @l2cap_create_chan_req={{0xc, 0x1, 0x5}, {0x7, 0x1}}, @l2cap_info_req={{0xa, 0x40, 0x2}, {0x11c}}, @l2cap_info_req={{0xa, 0x1, 0x2}, {0x902}}]}}, 0xe8)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x60}, "6005f398d3fc921eb8a2cfdb8603ab9b296e7f868b73cdc814c3972f55cd7febca37f5991ce14948aee1ab2315f726365fa335af952022dbcaf127ec78d960eb6f2bde5ed91eb7fec9228d8be4e3e47a7c7aac2a6d1b944175268d3c7dbd8b39"}}, 0x63)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x5, 0x4}, {0x0, 0x2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000280)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="04ff9357269133252a8daeba8affd9a7047a663bac170dd0e9318ec37afe9618633b3b47fe4b04706eb39a3b6def4db7f5c800b2a0c9c484331f4c58e8a4c85d190e92e395c447a6d6db612c9e3cd00bd1172028b8658fcaeeecc43477989ec12b113d87da2ba4d19e7b094c62b41cc74077930b665f80ecfc30221483c8e17831657cf133b2aef92ebf98bfeb4ebba93692598b0deb9db2241a0b190865f0e3f785e2b91d734a74a6e4e6a3adbba44fadb54dd8de9fd39c4cbe"], 0x96)

15:36:46 executing program 7:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[  732.416830] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:36:46 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, 0x0)
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:36:46 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4f}, @l2cap_cid_signaling={{0x4b}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x6}, {0x7e, 0x50, 0x7fff}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x54)

[  732.579020] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:36:46 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="0f090080"], 0x4)

15:36:46 executing program 4:
r0 = socket(0x29, 0x5, 0x177)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={'ip_vti0\x00', {0x2, 0x0, @multicast1}})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

[  732.581113] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  732.642096] loop6: detected capacity change from 0 to 240
[  732.674793] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:36:46 executing program 3:
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x4}}}, 0x4)

15:36:46 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none, 0x40}}}, 0xd)

15:37:00 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0500"], 0x7)

15:37:00 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:37:00 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{}, {0x8}}, @l2cap_move_chan_req]}}, 0x4)

15:37:00 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, 0x0)
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:37:00 executing program 7:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:37:00 executing program 5:
write$P9_RGETATTR(0xffffffffffffffff, &(0x7f00000000c0)={0xa0, 0x19, 0x2, {0x1062, {0x10, 0x3, 0x8}, 0xc0, 0x0, 0xffffffffffffffff, 0x3, 0x101, 0x6, 0x9, 0x0, 0x7, 0x268, 0x1, 0xe1, 0x9, 0x2, 0x0, 0x6, 0x7ff, 0x2}}, 0xa0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x41}, 0x2)

15:37:00 executing program 2:
fcntl$notify(0xffffffffffffffff, 0x402, 0x2)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0400000a0000f6ffffda9c518d000000009559e5810152a37b3fa668cf95a5d10cde9d8d0c5c99e9090e2a819539c0391d74bea52c2348f0f5ff99c91d697fe57735"], 0xd)

15:37:00 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x88}, {0x9, [{@none, 0xf4, 0x53, 0x6, "8ce30b", 0x9, 0x6}, {@any, 0x0, 0x8, 0xc0, ')!^', 0x1000, 0x1}, {@none, 0x7f, 0x2, 0xf8, "9e71be", 0x40, 0x1f}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1, 0x69, 0x3, "5c7b1d", 0x1, 0x40}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0xff, 0x1, "e3a9fc", 0x5, 0x4}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xdd, 0x1f, 0x1, "f9abd6", 0x5f, 0x4}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xfa, 0x20, 0x94, "a5ded0", 0x2, 0x40}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x0, 0x9f, "1d5f2f", 0x7ff, 0x20}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0xa8, 0x6, "f98c67", 0x1f, 0x1}]}}}, 0x8b)

[  746.927395] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  746.927914] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  746.930092] loop6: detected capacity change from 0 to 240
[  746.934056] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  746.938159] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:37:01 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=r0], 0xfffffffffffffedb)

15:37:01 executing program 3:
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x14, 0x6, 0x1, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000895}, 0x8800)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x3, 0x50}, @l2cap_cid_signaling={{0x4c}, [@l2cap_create_chan_rsp={{0xd, 0x7, 0x8}, {0x200, 0x9, 0x28c}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0x9}}, @l2cap_conf_rsp={{0x5, 0xb2, 0x1b}, {0x0, 0x1ec, 0x7, [@l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x2, 0x2, 0x81, 0x7f, 0x2, 0x2}}]}}, @l2cap_create_chan_req={{0xc, 0xf9, 0x5}, {0x7, 0x1, 0x81}}, @l2cap_disconn_rsp={{0x7, 0x3, 0x4}, {0x800, 0x3f}}, @l2cap_info_rsp={{0xb, 0x1f, 0x6}, {0x20, 0x1, 'Dt'}}]}}, 0x55)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x5, 0x1, 0x41b}}}, 0x7)
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0xd9}, @l2cap_cid_signaling={{0xd5}, [@l2cap_info_rsp={{0xb, 0x7e, 0x84}, {0xfff, 0x200, "806de54789ad5fd0d580f8479c8cba553252d476bcf50e59e1361e785c871045f3404a45f8f9fa091231a6e1151d899f4d0f59ead3965f17f07734c7ea5cedc05a18982f60b1b0da95bfe3892b769f752aa35cf544c513482b99d73768f96436f8bf148f5f22eb209b27052924097a238ec9896ac3d737660d5c0b0549664c3d"}}, @l2cap_conn_req={{0x2, 0x9, 0x4}, {0x800, 0x4}}, @l2cap_conn_req={{0x2, 0xff, 0x4}, {0x8, 0x2af}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5, 0x2}, {0x5}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0x2, 0x0, 0x6, 0x5}}, @l2cap_cmd_rej_unk={{0x1, 0xfc, 0x2}}, @l2cap_info_req={{0xa, 0x1, 0x2}}, @l2cap_move_chan_req={{0xe, 0x40, 0x3}, {0x7ff, 0x8}}, @l2cap_conf_req={{0x4, 0x6, 0xc}, {0xf2, 0x2, [@l2cap_conf_ews={0x7, 0x2, 0x3}, @l2cap_conf_mtu={0x1, 0x2, 0x101}]}}, @l2cap_conn_req={{0x2, 0x9, 0x4}, {0x7ff, 0x6}}]}}, 0xde)

15:37:01 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_ecred_conn_req={{0x17, 0x0, 0xa}, {0x9c5, 0x1, 0xff01, 0x4, [0x45]}}}}, 0x17)

15:37:01 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  746.944041] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  747.190932] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:37:12 executing program 2:
open(&(0x7f0000000040)='./file0\x00', 0x20000, 0x90)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)

15:37:12 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="030017004676c98cafcf75cffee2c92e32d55e9ef2a8578c116298e2d9cbf0124bcf05dd62d4dbb90033e4ef39f623da3ea71e850fb57b98e44d03ca4046f61d78d17b7398545fb4c3ec9b2bbae9b686287a2fcdd7d6ec885d"], 0x4)

15:37:12 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, 0x0)
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:37:12 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk={{}, {0x8}}, @l2cap_move_chan_req]}}, 0x4)

15:37:12 executing program 7:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x1, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:37:12 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESDEC], 0x7)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1004)

15:37:12 executing program 3:
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="000c00041e0aae87e69b4f8db584b194eda16b2e19cf5b43f03039fe69ecd1e39fae1a0f3015a8dc0f9c569f40f8f65694c57a84a1badd5e2614a4f2f67591054f8b7f571174bc7addb196ce2234be87d3cb2f36fafa64effc41e87b82663f4ee96881310eb58266379e5c120eff66578e92eed4392a4c980b7f4088675bc016acb1a4c6cf9f9f508803ddaaf0ba190739b207776d03a9125fd5529a9e00043facb9c87f8097e81ad3bb2b6d2a14b9324fda46320364488c0004276c1dcebc60580c685c930b2153c3100b3794507804f7aefb4036759cf10265cc152a3a9c5fc4d8b7baf336e6e149ddd88e75530bdb2e9d682081e25d2ed23ec168fdd81dff5f3aa66eb800bd8ba720a2d8ca0c00007cfa550d445d3c42e289ee14ad7c8edd8cb23d08b16c028376c80a70bf4fe4ddad5b5bd8db270e8b3f418cee0cff5d90b3a8e90f181023977993fa08855d71cf7d80437755e5feed0a07faf3bd21e2eb46811e7b207800eb70165cc6e5087e60"], 0x4)

15:37:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  747.197641] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  758.576299] loop6: detected capacity change from 0 to 240
[  758.582209] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:37:12 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

[  758.609463] Bluetooth: hci4: SCO packet for unknown connection handle 1792
15:37:12 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03001808"], 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x6, 0xa}, {0x9, 0x7, 0x200, 0x2}}}}, 0x17)

15:37:12 executing program 2:
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="041b2bffffffffffff0000000016a4133b52d94550f11d2f55533e6de31f723c68c87442a5f99f16f49d6ece9e5d8d0839777fe90c6a983b3ddc71974dbc15bf0c6eb3790f00fe3125ab998b1b2b602c03241c6f4e8343149455d7009a4e3a121463bbc9adf7cfaca85b9276a33456b7f0b5d70969a0309be95eb1424f3799b48cce28019b7e4aecf14e53343719a5fa25"], 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x9, 0xa}, {0x5, 0x7, 0x6, 0x2, 0x9}}}}, 0x17)

15:37:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:37:12 executing program 6:
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(0xffffffffffffffff, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:37:12 executing program 5:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0x1}, {0x4, 0xb0d1, 0x0, 0x7, 0x6}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:37:12 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, 0x0)

[  758.609882] Bluetooth: hci4: SCO packet for unknown connection handle 1792
[  758.688559] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:37:12 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x2)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000040))
ioctl$TCGETA(r1, 0x5405, &(0x7f00000000c0))
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESDEC=r0, @ANYRES64=r0], 0xffffffffffffff30)

15:37:12 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{0x5, 0x1f}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

[  758.848691] Bluetooth: hci4: ISO packet too small
[  758.853509] Bluetooth: hci4: ISO packet too small
[  758.883838] loop6: detected capacity change from 0 to 240
[  758.898924] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  758.908294] serio: Serial port tty29
15:37:26 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:37:26 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, 0x0)

15:37:26 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0xbc3, 0xde4d, 0x6, 0x6, 0xf}})
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000040))
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x2fb}, {0x3, [{@none, 0x81, 0x3, "f14f03", 0x4, 0x3f, "6bd9f8b830dd7bbc776fdbdd18f50e7c28d109bd413bb5a49881efc539f02e4f9b5a6d7811b7ab49b7f875bcf6d3635f87f94cd8d6a12cb49fbc1e194ae4197797c78da9212f6e027b52acc60d712e9ba29e106230a7c02291dc606b8079e3de83e2dd8af16efc0cf0803ebfef874ed414a6e846e5963454f9d3423c73f274b5560a0d04fde1e3b76ce2c4950fd61612a873759dd7a795813dbb6d947e230a0d622cfc3e0134562ef34d26ce95c88991277203c79ee4dd124a6311e56dea7ce0861b477d7f90c0c37c73269b602ce7e2544d1b4004d0e90922ee904011ef35bcc2a1c15597ee3d2796eb7313100fbb67"}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xf9, 0xf4, "baf138", 0x7, 0x2, "f6697f32aaa9f434489a8ff04c7857b69112f4fd884a82e840d72126d054e318485023bb5c180338d991b3a0f17c003bf7806f34b2425b484a9d7470e946c267bcd35993dd939039d1d63e87acb90f6a9ddd02455c9630e0a044bf42fed0293167dcc2dfb8d8e08e704071ec990c7a95aef7ecffc13719b86a18babae115cc9e5e47b94d56d0fbae0425bb67063c418e4c11f9d41d2e0b11b9c7181bf3d7a974d4167c23559a2f030ff5855b0227449cd6bbb066f6c274bcdd2577b143945931da4081ae7339e6aab7c5c1df58d1495791acdd0bcf1a39b14b726c06827ba95a71c14e48aa475c76a54342dad4af5d0b"}, {@any, 0xe1, 0x1f, "6a0995", 0x8, 0xaf, "5923c0432ca674ea8a197a8391101d49238e47680920b4b09aa792de70863437e0b8a1981e5d8aa5f0f42c6a0bec912721d6c94dd1c4b5df49e1fef2443790d003b971a92ee0536758b67650a653829ac74c5b69d0ce935b9d6c483ae8132679d72d94d661d49ff9e5e5e55037daab8bbbe051649c839052816ebeedcecd49359f0396091f32c05d05179f71350c338bb07e9a8c8a9da69cfdd1629be3d0226da3945a1e8a5ec99a01ea6d2a320a0faa3938fee8af51dacdbb50985612bef8ee9038cff681ced86a53ce6e21fe262d1ac63daeb7d4567fce327ebaaa8fc8f04296d015f23e2fd56a4cd776fbf00c6f97"}]}}}, 0x2fe)

15:37:26 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x4b}, "c5abe08abb0ea136137aad4f79ed9dc4f911c1b747e7aca8c879881a8fb0b0b8b380585a4e8a88fdc539b074d91f40bf14504092615ef62675553fcda8ca01f021be9015a8221cf5ba8fc7"}, 0x4f)

15:37:26 executing program 6:
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(0xffffffffffffffff, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:37:26 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4b}, @l2cap_cid_signaling={{0x47}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x50)

15:37:26 executing program 5:
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000597c0)={0x0, [], 0xff, "3e3b3204ece552"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004f540)={<r0=>0x0, ""/256, <r1=>0x0, <r2=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000597c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {r0}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {r1}, {}, {r0}, {}, {}, {}, {}, {r0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r0}], 0xff, "3e3b3204ece552"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000080)=ANY=[@ANYRES64=<r3=>0x0, @ANYBLOB="01010000000000000800000000000000090b000000000000ff000700000000008000000000000000040000000000000004000010010100000400000000010000020000000000000006000000000000000900000000000000ff03000000000000080000000000000000000000000000009a513f0c8a54c70df363dd61df2be5ed8bbc4906331025e56b8c5f65d7e91c9a2c52ab8b1b7f3a1fea9bf2f19cc060366fcffb1eb644726ed3c1c384e21029b86ee4284c5835b6068ed719282078bfe03ec3f2d320b7915052d072"])
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004f540)={<r5=>0x0, ""/256, <r6=>0x0, <r7=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000597c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {r5}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {r6}, {}, {r5}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}], 0xff, "3e3b3204ece552"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f0000056b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}], 0x0, "5d2f3aae6f5980"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004f540)={<r8=>0x0, ""/256, <r9=>0x0, <r10=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000597c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {r8}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {r9}, {}, {r8}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}], 0xff, "3e3b3204ece552"})
r11 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r11, 0x4c82)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004f540)={<r12=>0x0, ""/256, <r13=>0x0, <r14=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000597c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {r12}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {r13}, {}, {r12}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}], 0xff, "3e3b3204ece552"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r11, 0xd000943d, &(0x7f0000056b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}], 0x0, "5d2f3aae6f5980"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004f540)={<r15=>0x0, ""/256, <r16=>0x0, <r17=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000597c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {r15}, {}, {}, {}, {}, {r16}, {}, {}, {}, {}, {}, {}, {r16}, {}, {r15}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r15}], 0xff, "3e3b3204ece552"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000048480)={0xa3d1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {r3}, {r5}, {r9}, {r12, r17}], 0x12, "d6c68f7262c0c9"})
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00'], 0x4)

15:37:26 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, 0x0)

[  772.656598] loop6: detected capacity change from 0 to 240
[  772.656909] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:37:26 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4b}, @l2cap_cid_signaling={{0x47}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x50)

15:37:26 executing program 4:
r0 = getpid()
getpriority(0x1, r0)
perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0xff, 0x1, 0x5, 0x3, 0x0, 0x8001, 0x8100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x101, 0x2, @perf_bp={&(0x7f0000000180), 0x4}, 0x880, 0x5, 0x49, 0x8, 0x7, 0x0, 0x7, 0x0, 0x401, 0x0, 0x10001}, r0, 0x9, 0xffffffffffffffff, 0x2)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
kcmp(r0, 0x0, 0x0, r1, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:37:26 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:37:26 executing program 6:
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(0xffffffffffffffff, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

15:37:26 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="f44cfb6865b358bbc5dec942460204e00b4d81335b83f55bc46a3a7af8edb944bdd09fe0b06c07639a500ae549349c41f2f463af8084908b0ccf8392db666e6815749175e621ddd1a60f5ece16299b0111f47a9843d67bc1276126c8303c68e05dba6d1615823c4f37528f21e15e3ad049e0a46c2702ca77a6afda458322cb5efc4b63a77b801b211f0ad1e152f069016a"], 0x4)

15:37:26 executing program 5:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="19000000f7032680b1e28aebf3e2b3d93911f23c56e3906a83109076d98826e34cec5f42bd23cb79bdb0deaec7b79e94e9fbe814d5115352e9b62e07b2cba983f6325b14b30aef525e978d62adf7b027565e56731ce4e2bdda6f739a17800256f432b0f8e4a2300b0d194aa9dbf8c2939bf7654d9c422fd4980beb27c5fa489cff96aac3f8b2e704fe24060dc390da597935d31670fa6478a281bf691211ab574e3459df8b47e188776be39df59854f345a4db7b400bb0da3b13b53a1dab5671a131e8c09715cf2bd1e879b64628c9b46b39ae28e887214348746e440c17f90351c02a7e80d4e8"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_PAGE_SCAN_TYPE={{0xf}, 0x1}}}, 0x7)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_conn_req={{0x17, 0xff, 0x12}, {0xa8, 0x3ff, 0x4, 0x5, [0xff64, 0xfff7, 0x200, 0x4, 0x8]}}}}, 0x1f)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x1, 0x0, 0x66}, @l2cap_cid_signaling={{0x62}, [@l2cap_disconn_req={{0x6, 0x6, 0x4}, {0x4, 0x3}}, @l2cap_conn_req={{0x2, 0x90, 0x4}, {0x1, 0x1}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x6, 0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x8, 0x2}, {0x2}}, @l2cap_move_chan_req={{0xe, 0x5, 0x3}, {0x7, 0xfb}}, @l2cap_disconn_req={{0x6, 0xf9, 0x4}, {0x6, 0x1000}}, @l2cap_info_rsp={{0xb, 0x1, 0x31}, {0x4, 0x40, "e0faa472eee220eced7c2a0cf06817f6be36d05667abc31630d2e940dca08a6e5612a561c1c6fe5db99b485a11"}}]}}, 0x6b)

[  772.814771] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:37:26 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:37:26 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4b}, @l2cap_cid_signaling={{0x47}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f, 0xa}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x2, 0x401}]}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x50)

15:37:26 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  772.865919] loop6: detected capacity change from 0 to 240
[  772.898367] Bluetooth: hci4: unexpected event for opcode 0x0c47
[  772.899604] Bluetooth: hci4: ACL packet for unknown connection handle 1
[  772.901173] Bluetooth: hci4: unexpected event for opcode 0x0c47
15:37:27 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xb6}, "a1726559d80d4dfc813991e15e0fc368fd19a2c0f0211a319fe56532942b11e62958fd84089bae449f68e6b234a5e0d4c017e2fb910d479bba9f5b5f845bbcde63d7f4998e48abd941dee3670f505dc2c55b2e904df8202eed0805c069d7e719a2a5c45d3a3b1a60b8a85bb95b33fd1880e374982cb23dbcf5a28f0b425ef517c043af3c337484cbf2ba6486a1512cc962ce30359763fa5fb6f03e5b97361ab352f865df3ada6a4833c513248d662890d1d219dc7d4a"}, 0xba)

15:37:27 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, 0x0, 0x8, 0x0)

15:37:27 executing program 5:
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, <r0=>0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f00000000c0)=""/78, 0x4e}, {&(0x7f0000000140)=""/76, 0x4c}, {&(0x7f0000000240)=""/186, 0xba}, {&(0x7f00000001c0)=""/56, 0x38}, {&(0x7f0000000300)=""/90, 0x5a}, {&(0x7f0000000380)=""/172, 0xac}], 0x7, &(0x7f00000004c0)}, 0x10000)
lgetxattr(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000680)=@known='user.syz\x00', &(0x7f00000006c0)=""/4096, 0x1000)
sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x54, 0x0, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x11}, @BATADV_ATTR_ISOLATION_MASK={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1000}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x4c05}, 0x20000080)
syz_emit_vhci(&(0x7f00000016c0)=ANY=[@ANYBLOB="f2e5ffc274777d8e03e6ff"], 0x4)

15:37:27 executing program 2:
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f00000003c0)=0x8, &(0x7f0000000400)=0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000380), 0x4)
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x535080, 0x0)
mq_timedsend(r1, &(0x7f00000000c0)="1f8795ad45e34c1fafa4630f3022294d343b80cdb06186bd66f0733cda80acc1f23a33333cbc3b4eac33892f85d90efe5cf3bbaa478a6b8162b2f87ef3035b9babe273b55cee425aa8af60964c7b30a5f739c483017085fb8295151b72d128b894f56e0143eeed4c3dfccceba5caeb87fa9936414209518e57049a2647e9a7d9b9b04f72ff7fceb3a7b12d8bc7cd6850077eeaa91500a1fc2e464b30b2dfe17bcf5fac4eb60bdcdf8794c85a14ac0f4c1f6802722b41f35b35503093880845f3ff2dcd4382c127a355004da3b0c93eeda2c60c36b4604926d96e063ebdab53135e69779ad0c33790aa", 0xfe, 0x2, &(0x7f00000001c0)={0x77359400})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c9005dac4b6925e932a55f8a108827ff8172d9199c376314efd1ac6226a0b460e6969f7231414d36b2644bd7651512462eb6e81dfbf5a0d2dcf751644e5d468bf46f68f8070569a09ffc3347d2c5f8e44bc2f0ed29dc70f0b8553f81e2c00625"], 0x61)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NETID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r2, 0x20, 0x70bd26, 0x25dfdbfb, {{}, {}, {0x8, 0x2, 0x7f}}, ["", "", ""]}, 0x24}}, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r2, 0x100, 0x70bd26, 0x25dfdbff, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

[  772.963133] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  773.043115] loop6: detected capacity change from 0 to 240
15:37:41 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x1c, 0x198, &(0x7f00000002c0)})

15:37:41 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xde}, "a1c1b11ec925d8dac3cf10781efe296c9147193444451fa12a25c6b59156f0300628eaf4d476a831c578e2290ffaa888b87d3723e2e93963cd744d3abf0a64becd03f14cf85e63c6a7d12085ccb1948d88be6178a3c8ca1ab9f2201f98db4079420a6fb4e13429e67cb76f66a00de5a95d0fb12e99a6375b8b83e604f48edd0a38db2131ea60afb06aa292ac88fe43b2a13dc50513eb42bbf2c2bbdbee8a1324ca30a7ed4dfb0e7a68c7160c8f2140c7e6cce19aaaf09990fec61ccdfee705bfea4c0bd1e3c4e028039da4bdafc0b69cd090a7c0c40f38cdf192ca14fd97"}, 0xe2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:37:41 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040d14e6c9000a04000000065451e744a537000000ffff0000060000007a59c56e934aa83a305b4f6ed75271856137da7b21aef17f77a164d0bd05"], 0x17)

15:37:41 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000040)={0xffffffff, 0x3ff, 0x7f, 0x6fb, 0x80000000})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32], 0x4)

15:37:41 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{}, {0x7e, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:37:41 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:37:41 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03000001c7127f37ab2d166f32e1a7c092586656975eccba11a9f4bc98e45d5e353b372f8ac3e2a6628a14ab0242299c9561e20fea94d8d0a2e39e75647a6ed910ef840d2c7bf3dfa19e9b66d9a29c25d28b4d1b65ab62d239f6a9"], 0x4)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)

15:37:41 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, 0x0, 0x8, 0x0)

[  787.313440] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  787.313731] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  787.330693] loop6: detected capacity change from 0 to 240
15:37:41 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="f266b0a406c9b88e623558ec1c2a6c526d505cc6f3a3704ec1561442049a8c4d734d6f711b6095ae4f6a28e9130f37789a0bc4bd6984ecdec6a441e34768b5ae9cc3858eb95823404207c1b70fc2c62fb0e939970f2d4f9c5d462c34d47fb0b8f29031a631d864"], 0x4)

[  787.356629] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:37:41 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, 0x0, 0x8, 0x0)

[  787.536047] loop6: detected capacity change from 0 to 240
15:37:53 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x0, 0x0)

15:37:53 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{}, {0x0, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:37:53 executing program 5:
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9}}, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03c8008d027857ba6958307b5eab7f7d31cca34589f430406a32a8e6caa7d599745cf9c8bc22cb4322ab3bd3984fbfdee07b9bd3182bcc7267a4bc2ff65e56632f12f594ad5ca9b2f5cd08527ec71cb15eb6c99fb896545cad7b09e65efd2dc35f32c0e4f2920d8135b13277ae91b97243515b0e70a0e8593bcfce6d805e70e99f428cd470c92fe35b69b59c7a194b4eb535ac007491a8a5c40cc157b01f2d2a9b33e69b946ad05e0f0d985a9d0cfc73e725810bd49dbe1701f8a302bfc4751254bc8797ae7099212036beaf5a6b74dcac66eaf2f54a480f42eaa17f3dc4216e9e5ff4ce1bb91dc59b1d688a0bd6256a168427498f13d6e06609225b6e9111c649033f40fb20e2296daa57f51dc778048be4b56a0eb1303f01d6ea3f0ba40b90c8b0b53c3d2d9fdc71ff"], 0x91)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)

15:37:53 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x9}, {0x2, [{0xc8, 0x4}, {0xc9, 0x3b}]}}}, 0xc)

15:37:53 executing program 1:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:37:53 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_role_change={{0x12, 0x8}, {0x9, @any, 0x8}}}, 0xb)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:37:53 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x1c, 0x198, &(0x7f00000002c0)})

15:37:53 executing program 4:
clock_gettime(0x0, &(0x7f0000004700)={<r0=>0x0, <r1=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000004540)=[{{&(0x7f0000000040)=@in={0x2, 0x0, @local}, 0x80, &(0x7f00000003c0)=[{&(0x7f00000000c0)=""/131, 0x83}, {&(0x7f0000000180)=""/218, 0xda}, {&(0x7f0000000280)=""/142, 0x8e}, {&(0x7f0000000340)=""/70, 0x46}], 0x4, &(0x7f0000000400)=""/253, 0xfd}, 0x60}, {{0x0, 0x0, &(0x7f0000002a40)=[{&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/159, 0x9f}, {&(0x7f00000015c0)=""/128, 0x80}, {&(0x7f0000001640)=""/4096, 0x1000}, {&(0x7f0000002640)=""/17, 0x11}, {&(0x7f0000002680)=""/207, 0xcf}, {&(0x7f0000002780)=""/166, 0xa6}, {&(0x7f0000002840)=""/148, 0x94}, {&(0x7f0000002900)=""/237, 0xed}, {&(0x7f0000002a00)=""/58, 0x3a}], 0xa, &(0x7f0000002b00)=""/57, 0x39}, 0x5}, {{&(0x7f0000002b40), 0x80, &(0x7f0000003100)=[{&(0x7f0000002bc0)=""/171, 0xab}, {&(0x7f0000002c80)=""/29, 0x1d}, {&(0x7f0000002cc0)=""/139, 0x8b}, {&(0x7f0000002d80)=""/252, 0xfc}, {&(0x7f0000002e80)=""/22, 0x16}, {&(0x7f0000002ec0)=""/244, 0xf4}, {&(0x7f0000002fc0)=""/29, 0x1d}, {&(0x7f0000003000)=""/65, 0x41}, {&(0x7f0000003080)=""/87, 0x57}], 0x9}, 0xd0f}, {{&(0x7f00000031c0)=@rc={0x1f, @none}, 0x80, &(0x7f0000003780)=[{&(0x7f0000003240)=""/252, 0xfc}, {&(0x7f0000003340)=""/109, 0x6d}, {&(0x7f00000033c0)=""/17, 0x11}, {&(0x7f0000003400)=""/237, 0xed}, {&(0x7f0000003500)=""/130, 0x82}, {&(0x7f00000035c0)=""/211, 0xd3}, {&(0x7f00000036c0)=""/92, 0x5c}, {&(0x7f0000003740)=""/43, 0x2b}], 0x8}, 0x1}, {{&(0x7f0000003800)=@qipcrtr, 0x80, &(0x7f0000003f00)=[{&(0x7f0000003880)=""/40, 0x28}, {&(0x7f00000038c0)=""/12, 0xc}, {&(0x7f0000003900)=""/246, 0xf6}, {&(0x7f0000003a00)=""/197, 0xc5}, {&(0x7f0000003b00)=""/180, 0xb4}, {&(0x7f0000003bc0)=""/226, 0xe2}, {&(0x7f0000003cc0)=""/159, 0x9f}, {&(0x7f0000003d80)=""/116, 0x74}, {&(0x7f0000003e00)=""/210, 0xd2}], 0x9, &(0x7f0000003fc0)=""/102, 0x66}, 0x7fffffff}, {{&(0x7f0000004040)=@vsock, 0x80, &(0x7f0000004380)=[{&(0x7f00000040c0)=""/252, 0xfc}, {&(0x7f00000041c0)=""/115, 0x73}, {&(0x7f0000004240)=""/159, 0x9f}, {&(0x7f0000004300)=""/102, 0x66}], 0x4}, 0xff}, {{&(0x7f00000043c0)=@nfc, 0x80, &(0x7f0000004500)=[{&(0x7f0000004440)=""/159, 0x9f}], 0x1}, 0x2e}], 0x7, 0x10020, &(0x7f0000004740)={r0, r1+10000000})
clock_gettime(0x0, &(0x7f00000068c0)={<r2=>0x0, <r3=>0x0})
futex(&(0x7f0000006940), 0x10f, 0x2, &(0x7f0000006980)={0x77359400}, &(0x7f00000069c0)=0x1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000006840)=[{{0x0, 0x0, &(0x7f0000005e80)=[{&(0x7f0000004980)=""/27, 0x1b}, {&(0x7f00000049c0)=""/253, 0xfd}, {&(0x7f0000004ac0)=""/21, 0x15}, {&(0x7f0000004b00)=""/93, 0x5d}, {&(0x7f0000004b80)=""/229, 0xe5}, {&(0x7f0000004c80)=""/174, 0xae}, {&(0x7f0000004d40)=""/4096, 0x1000}, {&(0x7f0000005d40)=""/41, 0x29}, {&(0x7f0000005d80)=""/205, 0xcd}], 0x9, &(0x7f0000005f40)=""/218, 0xda}, 0x67}, {{&(0x7f0000006040)=@caif, 0x80, &(0x7f0000006740)=[{&(0x7f00000060c0)=""/221, 0xdd}, {&(0x7f00000061c0)=""/202, 0xca}, {&(0x7f00000062c0)=""/254, 0xfe}, {&(0x7f00000063c0)=""/249, 0xf9}, {&(0x7f00000064c0)=""/209, 0xd1}, {&(0x7f00000065c0)=""/116, 0x74}, {&(0x7f0000006640)=""/219, 0xdb}], 0x7, &(0x7f00000067c0)=""/75, 0x4b}, 0x1}], 0x2, 0x120, &(0x7f0000006900)={r2, r3+10000000})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000047c0)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff, {0x4}}, './file0\x00'})
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000004840), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r4, &(0x7f0000004940)={&(0x7f0000004800)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000004900)={&(0x7f0000004880)={0x80, r5, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_PEER_V6={0x14, 0x9, @loopback}, @FOU_ATTR_PEER_V6={0x14, 0x9, @private0}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @initdev={0xac, 0x1e, 0x0, 0x0}}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V6={0x14, 0x9, @private2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}]}, 0x80}, 0x1, 0x0, 0x0, 0x80}, 0x804)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000004780)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x6b, 0x4}, {0x2, 0xffff}}}}, 0x11)

[  799.594073] loop6: detected capacity change from 0 to 240
[  799.623577] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:37:53 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
read(r0, &(0x7f0000000040)=""/36, 0x24)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043b83791692d5020c8b000000"], 0xd)

15:37:53 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x0, 0x2, 0x18}, @l2cap_cid_le_signaling={{0x14}, @l2cap_ecred_conn_rsp={{0x18, 0x1, 0x10}, {0xfcdf, 0x200, 0x1000, 0x7, [0x4, 0x2, 0x9, 0x76]}}}}, 0x1d)

15:37:53 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{}, {0x0, 0x50, 0x7fff}}, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:37:53 executing program 5:
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80001)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000010000001800008059308edd58670e5d412a07ae0f58a9abbdbd1aa698964c709fbe813f", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="030000326bfd87d4173d7fa94bd2c9d973325fbc06ce9a50cf8beaf50fbf1daa205c23736cb8410c1d000000000000000964bc3a45f78feebf0300975dff91cae3a36efdca084936c3d4ffccc1d96ecd88ca917e525669f01a4503e0bdc35b3647358cce3af35f4055a953b637c28f73ad18eeef399937d216041d22105400"], 0x36)

15:37:53 executing program 1:
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:37:53 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:37:53 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}}}, 0x9)

[  799.875818] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  799.880227] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:38:04 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="740d978baa400ef219ca"], 0xb)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{0xc0}, {0x9, 0x6}}}}, 0x8)

15:38:04 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x7fff}}, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:38:04 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="02c8409900950d01000dd4a6a8a0a5f98b4993ccf82db82c4acc07e95417351151584a47717b3372e6e2bd97810b97e68666887e1b2b179d9f6c3a215ffae08c11c4205923131c9816478ac2d422741dfddccac6598cdbaa6e580c000500040007002001c102000600021f0400000007000f02040000010600062004003f0001000309080001803f000002680401b602000400471605254de3fcc22fde678769ecbcdf9cb17d9e19e7b9379ca1045aa7ba6ee3300fe710547d801b752db501e0b733a1a5094f55cf32fbfd3155004d477b1d9db7b421e99c490dc5389fe2179e5dc79516bd4174aaee6dffab51e717d1fa2ba79fb3a22c17f8a744d49013bfd24374dad61bfe178211601c56973e4dded6e68385b0df25f233c227da260970b29fb32554a9af8c4e53d6d6bec80020f8f6b435ee1b9b65ad1ff07bb73e78803bbe8ed7fda5376dbd8803a77d1c77a918990e"], 0x9e)

15:38:04 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x1c, 0x198, &(0x7f00000002c0)})

15:38:04 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="0e178010"], 0x4)

15:38:04 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1a}, "b0ca5f68270ac4a2ddb0b77c432223421e550e6cc1a1b968ee61"}, 0x1e)

15:38:04 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:38:04 executing program 1:
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  799.882305] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  810.516374] Bluetooth: hci3: unexpected event for opcode 0x0c5a
15:38:04 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x2f}, @l2cap_cid_signaling={{0x2b}, [@l2cap_move_chan_rsp={{0xf, 0x1, 0x4}, {0x7, 0x9}}, @l2cap_disconn_req={{0x6, 0x27, 0x4}, {0x1, 0xc51}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x9, 0x2}, {0x1}}, @l2cap_move_chan_cfm_rsp={{0x11, 0xd7, 0x2}, {0x5}}, @l2cap_move_chan_req={{0xe, 0x3, 0x3}, {0x3, 0x7f}}, @l2cap_move_chan_rsp={{0xf, 0x0, 0x4}, {0x1, 0xdc2c}}]}}, 0x34)

15:38:04 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0x28}, @l2cap_cid_signaling={{0x24}, [@l2cap_cmd_rej_unk={{0x1, 0x7, 0x2}, {0x7ff}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x48, 0x2}, {0x3}}, @l2cap_move_chan_rsp={{0xf, 0x20, 0x4}, {0x8000, 0xe8}}, @l2cap_conf_rsp={{0x5, 0x5, 0x6}, {0x8000, 0x4, 0x7f}}]}}, 0x2d)

15:38:04 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='&\b'], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x63}, "f6ce16c658a08fded20ca7281594f2291d0c97232352c4919c33ce55bc74a37dbbebed3767679bd2e2e282c1f9860c48af64822ebef9f2637fedebb4cc649369393b726e4f77c96e15e23edeca72dcaaec018f615561c43a0f194ddf0a65fff442d9af"}, 0x67)

15:38:04 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x7fff}}, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:38:04 executing program 1:
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:04 executing program 3:
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x7, 0xa}, {0x5, 0x3, 0x8, 0x2, 0x2}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

[  810.529572] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:04 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:38:04 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x0, 0x198, &(0x7f00000002c0)})

[  810.711091] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:38:04 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x42}, @l2cap_cid_signaling={{0x3e}, [@l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x0, 0xfff9}}, @l2cap_conn_req={{0x2, 0x1, 0x4}, {0x3, 0x81}}, @l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x2, 0x5ff}}, @l2cap_move_chan_req={{0xe, 0x1f, 0x3}, {0xa4, 0x3f}}, @l2cap_conf_rsp={{0x5, 0x54, 0x1b}, {0x800, 0xfff8, 0x8, [@l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x94, 0x0, 0x3, 0x80, 0x1f, 0x800}}]}}]}}, 0x47)

15:38:04 executing program 5:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0xfffffffffffffe5c}, "6783cb43238b7954385b2d9366741443da4ce01f8ceb2daff6cb883e14ae1d089db0ca9793f2bcaf73d5c81d70644cafa86084d1bf3e3347cdf89f4d6194ef4a9d647fd65d6b6bfd2d1bb87376339b9491d44b39db3a20b54d95d9994397015f40aea899b1b3feb95fcb245e12c9dab353b76a9726984d1ea502632f7d5d7871072e6d37f8e74b97cf8cd2ea"}, 0x90)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0x0, 0xb5}, "ed43c96b3e01b1a2e8fac7eca51146332f5c0653bebea61a954300a360afe4c5f643b534b11594618912fd19d9e4e9e2cd9519fac83b1249ea797dbaaeabf826016b1911a4784b7c406d6d413c242a351b81d17adbb1e848e91d903b788cad0031ce07e5f1deff767a87441cf1847322ec051095afb365eea7d937111ffb4661c409933a43139c9146bb438f9b62d6c6d3f27be706a99703037723ba95455196e1cff439e2e9a34cabe9b4860947d7f0fd14fb8d7e"}, 0xb9)

[  810.711740] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  810.752424] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:04 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  810.925831] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  810.926571] Bluetooth: hci4: SCO packet for unknown connection handle 0
15:38:16 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
openat(r0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x3)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x7)

15:38:16 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:38:16 executing program 6:
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:38:16 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x0, 0x198, &(0x7f00000002c0)})

15:38:16 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1e}, "2890b59fb06f9ab9b23b607cd8571e19a5f636a9701ae5d0dbcf52155417"}, 0x22)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xc9}, "072fa10f5ac0f51c0e6a9c3c671566476d954d2f366d00c4c5aa55133a041fab8eaf110c0a58454fe3544044ab4ef88dca0584f4dc0d712fc41f4391f7df0f8f4c2fb0679e4c6fac9e939b9dcc0aafa7840fe4eebfbe07e84e2322962abefcb06e73f7fe81aa2254b92aeaa87f1879d049fdd578e972da2acbd60ca0eb09f6fcd9e536a94bec8d4ace14e23f62dcbfd0df45823804e2dd6f5f75f8989ab9d6fabd2de9f75975a694ed11b478fc1478bc04e02019894bf5f928fb475e3cd9bb71130ee9d307d2a91506"}, 0xcd)

15:38:16 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xd1}, "091668ded84fc625deac1668ed522c063acdd81651f81a60a03032e917d31746ef12771cf0f5fbf1ef9dcaadd50b7072ccc25832907ab29b9aedefa42064cbe03f2824c8c0420a5a092bde8eb7572f9aa8d1b9a8241fd51c82b9cd2abe4aa29d5845d9cbe68f4f68096febe0465543798a003d0ea5784974c4cc3d34995e5f3ddac17b6e973173d4b7523ebd950125c7a2ab0c7f5b828b0d865c59f8aa31af90b6079040d64cba8e23a90244021bbcf18ce223493f56a944adde6d3a1e9b3d2ed7a9002b1ca23bdafdcc5625f20c2d223e"}, 0xd5)

15:38:16 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:16 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_phy_link_complete={{0x42, 0x3}, {0x1, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "9a1c892323b833c4df78706e4aeeabc154d0a5d0b7c1a5737a29e6957cd8a724cecac0084d4fba2677682a3e5b7406356eff8f48642bf7b46615069c278e5746b6eab71ef311041294336c76903a531678e9d2ab29711dfd494a8a1a51ed6658346b7630baec18b9d02197796e04a31be5f2f28880d00ec5f36a4ec2f26c4182c97663de6976842c873705e06a6b17e586605a538d4a30a52d5452dd8df2d79221f9427f36e26d21054e9da511b6ca1b3a9fa42f762d9ade22ced48304344f4075d14429375054a9f169089e996eb338c3058b08ba99a0aeac90f0b769d758d0b867e6a1630d529ed9237eb1ab9f6a926b82256631d99cd8542e8e0f5cf35602c7599b994d591a4b839074b74cd06f57f2c8974b20511c414ce20e94cb5878fdd1337f97b80c26e318e428ca9991c36d91a39ef9bc14753b20288b2c5a7c855b9c3062f8e0804cce01fc7b86390ef4d229d0be1a8285f58052ad7d0ddad5718504947fa9b352de81ac3fe44b2318f59a037f775140f2f78138bd95f4aea946fb0c7ab4f1673c90dff8ff7e1d48f5af5163cc6b5d606aaa9a426689f155aafd7c3181aaa67e57d05355219bd09047731db3a804a2499cddb7fbb6bc815136e7871fa7840f911c308975a648c189c76feda6af034df0dbd4e431b45cca9de6e63e443256bcf8e6f36e470d57291da0310ce9f5de094aed06c4eb64296ed03a5bec9b5f6ca1d3399f987df4323a9431890a0f800e57efc634599bec84adc831d3eca0264848c51ca560faad64dfccd716cd7b292935aded4588e4ec2c8d3506936b129a2aefcf89c354f3b67ab2891e5804933501ad72cb19edc1c2bf9706b7ae8feeb2f4e2d2b649d5f9c21cc7fc8597c556aa65366a59c659ab92d46124cb3cc364c387c5a0fb196fea63fcf069b5deb5fa9bc3191d5ff1f7f4ff9ca5ab9f3c663b1bea5e6f657d3eceaedc192ba9c17665032cd3179b54199ddf3becbef79fa7882ad9be8f6156add992302b86f452cd7a112f04e09fe123f3c3693a2eca4a3863098e6dc474085c1c3694c735b4cb6c9e9e85e407298c20c29aeae51cf43252052b7415ecb70f0b12880a3b249a55958c408fe2ce6d18c1675277366ee372fedc54a945a7446f25c3a48a1e1c7b6996f22b2f02e266ca52f1eb65ceb724a8ce3462cb8c42008c1eab639ed72c9f99ffee38015bc86c62178382c5d7a6df211f5d2fcf4f068d179c7d357a0c68760fa05786fe1533eef896b70857e720748268f9d6411e42913cde3dd35d6df2e838ce6703bd43d9163639977690576def117be55d94a399692df2f37085d6b49f716537fa356de465e6d0ec4bbcb6ef9d2fc60be4addf26f51d0059812b5f04b391a227007b19b186e38f6b6e87dfd5cdf05e482f029741707fda2372e1b130dd1bad05cf67eed76e0f4ac2a628ea713331fded4845043bd87ce1415e6a7b2c9011e6fb0acebdb1c96f0ac2cf0a5b710c22743d104f20fefef78d68af1300feded018ade0a199207c28a0da1f6f280402b9aec849e828e9d5d4125f4815826ee83091c4136b157948c47782d5d16e11878c345e5bd9d4946804e00bb5bc59092fea319f6c86bf153be6b28902e3423e3b62afc7a0cec431d94ff2441ce723bf3741fe92220bef0c881920cb6961927486544b6991f28ccd9c6a2aef12281975c5f3a5b1e70a066fb256efb5b3078c8d622f60182bdd07242e3bdf920813b93c86638570701b1838ec4fc9932ee24f2a4177f666aec61c14caf5cef2675ff095b482eafa0c481ff6336774d9bf178c516d4357c9ef2ed65455adddf89fbf549333a99701191b5ca090f11ac17d4b2972cb389a11d4c95e1f0876489cf2fb9050c4da9d856c152fc0e022ea51d2ea41ca491634223b4d650d29d845d76fe6a5ddd06e584d4d2def5175f697ac492d3177a13b36bd392857cc8854d7008d11f609671d1874ed3da842ac2a6b3283ec2b3d7b2ec78548b12e038561aa57132100bea8d155dbf6a3b12afb2c40dea9ea9e48670576605dae4def98a6c58369418e320d8543836aecbbf930b4eeacb5eacef997e451d481361194874fd42530bf70029d0387e6174011f61cc4f3e7e9f0342dbfef5c5bb18f5eaa75ca8c9df09cd538630fdef923f29f324a038d4482beccdfa63067478eb0e18924265ae45f96cc2cc3d27a52fe5d123c3a259a29b556aff1c3f9b57caef94152bd914b9becdd4fdc046e5f9b8ced7ae40297e2b724d2d15e402223cc880456a03fba455d32841b1fe6f71b048a2a25d41c739beb005958d80fcd5ca0925169c8ce5738f517c55ac1898837418cf7da203c9216a60ae883022bdc5a29c40e3ca7393a921b4684eb090d94dca826e1d2aa2c253bc9c63c25027856999ec31e8c87ff0e8b89f32b598779f9ca8acb732896b40f299b55d75316be41e49e5d3e8123fd10bfa3690ff4fee3c883bd5b404c4c7b3ad8d60972fdab654cca27b5db71eb450f080fcf0daf6b6fbd817f66a19be6c39695f6fe83105c8daf786fecb0c03c9d75f3a06d9c3492d34be24e52952094df14db0eecec232e5b23eba62f068140771ab8a33c6e92365548692697c7322ea18724797e3c089153fad40e61a80245dad08a4916156785e02b1c2f14a8fa8907b3940575bed688623dc00b32607f7b82f96c3aab54ed8b82a6cf75bceef2f9bae818b640403726f923990b0aea16e297842f09a29b3947ddc862c73ef4ce1cc9248b6505884f342042b617f68ceffb8371fdaab06b19f671d0a3e7cbb370027d96bad5b724a2fbc3afb703b22340b0eb8b0fb6ac4be0ba33d7b6d2db06812e4d69434390944c6f2cab4dcc6f8943d1ae2591ecf70931a57cba28c0ca66056d1786edb1fa6d561770e61edf2eb490338c891aff378cb51de2d033e25ca7a9f0f18b21a98b3b95cb76252063856329a7e4b4390ccd5ceec131e20a02e641fc9d046a02a293709c5125b2a31bb5f571a8f82e24151554746ca032f4f80101db4d4868140d08e3f50db64873aae0f6311faf6297f49b41ea995bdd8fbe69449cbaa11c2321905a46b08437237d6ffe41af8a05840593901d3b9458bf26f985cf187a793c53db73f979690095eacb95940dd70f81bee920a7352b3c4640421c610b6f1f5cfd04084428c4cd713539357b3f5ab68cd29a11e62b83faf043fa8d437c4301321a9e2f4e0c968d017ae017adba68e08489c77b9e5a03085374ae413370f7e9ee58281d0ca9fc1658ebdf56ee047ba20fe0dc53f5cf103b70ea52564a4442b6246fd68ba2745fc66e9021decba701b02f8ab87f397994fae27ba3d2b0a5e2bc8a437fcb07530dfb09c0dd582c42ad0d79d1b043dc0b0fa7310abc50dc353e8e24239825b0021b19a1e1a8c13e78c23c0981aa3d75c8599896c540008b11338b7184e0bf6f46bd4683bfc4ea8513d459c0608f23909cf9ee5dba45a12ce237af7e03419b217036696721cffbcaa9e805c3526942f9daa48530a993c61e9cc16b14f67cc0a90a73eb4879a1c297e405db590752f294c6cf93432e242b2e3528726ccc12d237e04f1d05fb2e106fda01720bd4b6d8762bd5f9553f6eae3477def4458a1216afbf9dba2049019d3db7e1f4949fc442137e7a9ffd249f4f596b9b3678c7057f4fb87ec73e230d930735d0526cd1bab745d64c15984997a20d191044f4bf1f05ef6625e2c65204e7a35eca74a8814db071840d35bcd426e3c543c89abe743f065a4df12e875fbe4d8368be588d5cb04e4392d24efcfe8851b22f04e4e694bd3f09ebed79fb1c296aa86fc56d973ee0cf80a128c8496901c0888a7ed6fc53d12b75b64e9c0912b0b64925115cc49457b607c2a22b616822aa491312fd12cb355e50af22183010a0c5e5ceff5960af37675904e703aab1be3e7c380129fdea6298a319fef211b22c65dbb83bac77005d300dcc390f43fe80fd29ea543dc6e747b051e02c6ae320d403bc0b875fb22fabb94cdbfbe4fb636563a9acd63ef299a8086bd84cebd537591b8eb322270812d8ebabd3b36f0b39b0500f4a37026d0b0108c4dc644d8f7961455d75f995cebc3bbe60f36e7857749338579a48b9ccd19e5a5a6d9b66219b2a14e841e6d87b9bc734d56a886218dab60992c61ee3c864e753c3a25940df1edd54f9b3e0336f9f14f7b99de6d0f59eeed90f8a2c50b1170ae8238e9d328827c22d033697f7a8ac96ad37845e7fa7c6638cec88b4357f5db908b823db440c092961230c501b7ebc09ab27aa47b9dd71112bd6195a70dd416fa7ad174b6ac36e9c44525192c1898d0ef3349c075cad565459481268b9b0b99c7ea04435a03013fa4aa711ef17902f2a408af6655c1476e6f39f7e779c552fef54c3bfc6435d9c25fd48af873046448b3ccf3a6b8f1af9628851b6268ff41be410cbfbf0b96b394a202b11bd43d623e3783499d5b98dfe2895bc3b6a3f20e0d3eb7dfdad8ec25812d1ef398fdc589014b2d8d40d998ac1ea848083775ea0811a17ed5432c785256dbd3f62188bb5831b2d290fb7f28976c0ea6d0af8d4f38ea4035dde7fac22fa869238d9fed5d1fec77b6d31c45906af0b8871cbd0566be7b2f0fa29b2e5df6513e6f5aae1429230acfd9b8a72d843955bdc9027f036b03cfc1297142442d506dbb99b9c87f2afbe10ef48d6df95d4c42f25ced0288e145ab883a98339116f5d0d9e7f596f2c4d086fa4414370960853bd445db90e02e3c68d7befac0e966db43bccc29fd7d74c8d964958abc270f51bdba23649d8851ba9dd2f56ce2c7c42465e3d408c639e8f514bf2dc040a34b8eb36730a804e832a1dd334586004b9d96201e4a0449a1d6fcb9a1fc679e1a8f228bcbc7dc677817500997f8a25c0e2d0e4dd7938a3ab8071786cc6eaa1c43d0035767d0877648596b68ce00a8d5d476bebbb1e60669fc7902e4d04f6cc57d621b632de2c8093cba6705821e90897e6f531c4f3c958a44cf1331c875b828bcbbf966fa5ad148ea9a67a836f9ff4ca52f620e95490715b5fd5c433b6af7de519e1c4e0eb44c7ec3809b9a6337ee60867bc97f2325b66c8d03aab07f0080803e0d8d2eaf926338fef8a071028c71d887ca032b4e150add58dbeec71b4253766ec077ee012e51c0fb518bb344461a41685df915f2df4c80b6212299c12cb5e2adad396a0a750a94613572bd0ec3711a53b47b236de84fa98dfb3555e5e2bbebd1930c055a16318e0f04c5f1f5edf8dbc3f451726046b05f6bec5013d68b9f6b4dadc336c2e305e329f9b568938c1db5a2f774b55a28ec5bb3aa9792ec07ae047ea4593807859caa6bfa86319ca01a45b1a2f34872217bc5ceb5bbb2331f6f7a122a7dfb5457741b644cd0c4a0adc8e4a10f02c54ae07c59f432cc2a8ad7f56e754c8b70a575e88454eed79c891952f2a0813685618c5429cbe36d1351465423f0e17c71f63fe2cbc34b8ed9c0219bbede246ebb9dfa40775211f3604acb23af5cb12fb0e450940e486c9bbfe08c9497a3bf3e3377baf6d0ebf7329aa7d1a4039ea4a0fb62efd1c5720bccbad4695056f9a37e0341f00c0d5941bc7d0112fa7a8ad8f05f7949793fc7ca541d04e0b3a542ace6c8c18403aef2c7ee3a87809a2fdb25b20ba5c4e448a1167a2309437e672f7213b71adbb93fdc2f0e749653dcc0f121aaebe6022dd49e6587dae87217e9a204c477821bdf4e7158b4283e044e34d4d42ebf005e88f3dd2ecf53aae56b6da72078559ede822c228bd3ad335aba0cc4a4667a95c266b4b36fab9a2b23bdc9e5240"}, 0x1004)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[  810.931390] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  822.637912] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  822.643659] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  822.652347] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:16 executing program 5:
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03000000c6937e1cd624a77dccf0691742f792faa2df3a49b73b3c81dd3e5e36ebecd2394d0939b6e8b881b5b92bfe121d3bd34fe410ac0d7c474c4dbef43fa9d9a276ee5b6204fa12f3d638500adf21313413f2a0b05003f2528e5c9b3eb58e0ab42ee07e028354d265287368df867df09c8865febea8af79e3626ac4a87646e159277ef4f84da39761584416ad862382e852107f5656db64a71c3ee68966cc14dec520a60b7dd84eb39447165ee9599899d3b19cc44b6a612ec08137880ee39544f0007000522601f0cb0f4809e7568c0f73a7561d36316ee095bce2cc2d697f60e76b7a6fc2b04b1fb8fd90eae8f688a9b72c813129ce19c7a80d9503851bc718587033adf3ec4e8ac05d9f096a07909603c155c6d74fc48508ca66e3991c8407cf01787ca4f557c24d5cf8c8b44c0d7ea6e2"], 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0xd0, 0xa}, {0x9, 0x81, 0x1, 0x81, 0x4}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xdd}, "5bdedde23ed5835f00b6ef686d36685e30daeed80b26f243479d0a1ad963cf2cd5657b5120969ae8251a03c736bd929f261c6201d94435ab3e816c0d13c7af5493d8c8701f0fac319389ed6778d50bac980b4eb60c2836f57107e6a5a97bc0977f6283862f402e3113a46512e3dc5d883e5c869586fe3ac3302993be2b94a41c2fda4e3013437e719e7a9f70192e1822034eeeac86e6ff15175b78829b833caa21f2b1146a7c5cbac2d6af21e72a79efabe95fc2a3d7c4b631ef9d2df0098d8efedd77089bca29998d427bee7f725a83d6c4fd9c7ea6cbcfa30e341719"}, 0xe1)

15:38:16 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x7f}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:38:16 executing program 6:
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:38:16 executing program 2:
fcntl$setsig(0xffffffffffffffff, 0xa, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)

15:38:16 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:16 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x5, 0xc9, 0x3}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xce}, "7b439ba518781a5d286323a8f5823c411195c6ed92cbc4bbb54e98e6476c22da5b528faf609c2cef972eb72448e044e747426d21bb6917f5f58571265ca8ae7f713550f008e7b328091c1f28dd43bb4eae2559a69c3a03b5fcf261c0468dc1e2c15602a755edc0d38077e20857c5518c435bbbbcfc3bb6dbda45de98cae0a2e9db3a9de53474aaa0626d0022926568f05c0ade4d02d32a5df4a40b91b6a573b48a4c1bc15d7f4673951005cf43959c093821e1a6f5b028791c9382c6e3e6c1fd2e3564bef73a97068063b8073581"}, 0xd2)

15:38:16 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2}}, './file0\x00'})
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000080)={0x68, 0x3, 0x5})
preadv(r0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/37, 0x25}, {&(0x7f0000000100)=""/164, 0xa4}], 0x2, 0x4, 0x10001)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

[  822.884906] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  822.886561] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  822.900181] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:17 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x2, 0x4}, {0x92f5, 0x3}}}}, 0x11)

15:38:17 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x47}, @l2cap_cid_signaling={{0x43}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x4c)

[  823.174928] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:29 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x47}, @l2cap_cid_signaling={{0x43}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x4c)

15:38:29 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9}}, 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xf1}, "71d5bedd6df493a0e4a4c9c2cde429b7782c2a43dad80c694a886bbd56917cdb82cb0051b17a05b484021cd09cc790e97b853843424e7262fd8e7e289ded9346a1a44b67fe923556453a9bd56490d56cf9ceb01a84feab8ada754111c4ad00cb2bf439eb1909609fb0eb6514551192a50ec12de8d53176f18e651823e6bb3370850ea7b88ce41583126884f01c0836f5553f9fabebf0b699619b74ddb402665fd2a6ae998c7cafa8c970f58f960d5fd1d11ae1bc458f4b62d7a07ac196375c8dd3aab96ea8a4e4e194c379a6d7a6d17f56753f4b187da4786d351be637d210b9463fa42d9e504ea629525ea9796f2859dd"}, 0xf5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x6, 0x4}, {0xccf3, 0x6217}}}}, 0x11)

15:38:29 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x1}}}, 0x4)

15:38:29 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:29 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x0, 0x198, &(0x7f00000002c0)})

15:38:29 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x22be38ac197048c7, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x74, 0x2c}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xd0}, "14f520332a72e846bbb2de5086cfb577d9cd65992c9376dede444f26fa87d255a2f653ae27fcb38d33138f06ddb0b777c457ec93bedf5adce9ad2fc26ba332bfbda1a0403e52faa67f67c7d4713b7b2d3326027e62c8b1ce97a0d8a2d224833743ee8af08726f3eb76681fbf3fffac1940e02a2edf440f63329230434a550a72ecfae94ccb7c796367e84a4a0161fbf826c2e0e2812c96c31cbed203281f90975dbce524d75737613d0b04e6149a0866376dba2a1629ca63171d22aa056bb37db31fc53ea194f0b4a503be94db1702b2"}, 0xd4)

15:38:29 executing program 6:
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:38:29 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2}}, './file0\x00'})
r1 = accept4$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=0xffb7, 0x800)
r2 = dup2(r1, 0xffffffffffffffff)
getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f00000000c0)={@remote, <r3=>0x0}, &(0x7f0000000100)=0x14)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@private1, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, 0x7, 0x80, 0x4, 0x0, 0x1, 0x80020000, r3})
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000300)={@private2={0xfc, 0x2, '\x00', 0x1}, @local, @loopback, 0x100, 0x3f, 0x3, 0x100, 0x710167c7, 0x40})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x401}}, './file0\x00'})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x7)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x2000002, 0x13, r5, 0x0)
syz_io_uring_complete(r6)
r7 = io_uring_setup(0x13f9, &(0x7f0000000140)={0x0, 0x80000003, 0x0, 0x1})
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0x15, 0x0, r8)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x9, &(0x7f0000000180), 0x1, 0x0, 0x1, {0x0, r8}}, 0x4)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0xe9d4c88cb5a3fe90, 0x0, @fd_index=0x9, 0x10000, 0x0, 0xb94, 0x6, 0x1, {0x0, r8}}, 0x5)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000080))
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000440)={'gretap0\x00', r3, 0x7, 0x8000, 0x1, 0x9, {{0x1f, 0x4, 0x2, 0x7, 0x7c, 0x68, 0x0, 0x2e, 0x2f, 0x0, @local, @remote, {[@noop, @ra={0x94, 0x4}, @generic={0x94, 0xe, "d883d6e05738e8d133ca8d17"}, @ssrr={0x89, 0x13, 0x86, [@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010102, @multicast1, @rand_addr=0x64010101]}, @rr={0x7, 0x7, 0x19, [@remote]}, @cipso={0x86, 0x30, 0xfffffffffffffffd, [{0x5, 0xc, "61fa8e0b7562cb60f4ce"}, {0x7, 0xc, "a205412efdc02688a3f2"}, {0x1, 0x12, "4c77ff0000000083a8abff283a7bc057"}]}, @rr={0x7, 0xb, 0x1, [@loopback, @local]}]}}}}})

[  835.129346] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:29 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:29 executing program 2:
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000040)="fcaa5149792f07507dcbcd27a031882619a1e62c391b81bc0b7baa82f67970e312efe4de2395286c35c476b0da49b5a2a1c7c99d712751de5926ffe93f45e0aeffd791ab287761c550902767", 0x4c)
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f00000000c0)="e92f39846512712e5750e3d5a356180314ac0b6254fb5188298360986dc63dfac046321a52b0ef9d4ffc09709c4d2d86c6915e1c52307041086ba9d86b83521cca060dd3310bf80114bb5e0494f430e67136dead3f78f1467e49b207c74680358b9ec31abcd9bfa8dbe91a3baa0b084f9b4be10135ce3b21a4734ef9650fa788f1f62c016e767f5f5400f4873ba2f61d268ae12655e1af2182c140386dda0e153a643ad30dbbd709d6c6f1cf5bcef97b7658e3e4b5b84cfcaa9eddfd0914699b", 0xc0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)

15:38:29 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x2, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x20, 0x4}, {0x1, 0x9e}}]}}, 0x11)

15:38:29 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
openat(r1, &(0x7f0000000200)='./file0\x00', 0x240002, 0x32)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x3f7, 0x400, 0x70bd29, 0x25dfdbfd, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="a4c165bb10b2d1aebeeea3d610546201f85eeb3d1f6fa73e67afdae5e30b1e3c2cfd7138e6477c1101890d1dbfa09230db98123a13bc54f15d0b79bcc542094e42642bfc71ffa199ded7af26872120564fbd340e643baa493049c15fd0921cf666bbeb46dad82ce36bf34473acbdae2dcf978e9fd9167a1dd21d3487ea21dc77be68c570"], 0x4)

15:38:29 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x47}, @l2cap_cid_signaling={{0x43}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x4c)

15:38:29 executing program 6:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[  835.384935] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:42 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x7)

15:38:42 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x0, &(0x7f00000002c0)})

15:38:42 executing program 6:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:38:42 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:42 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x7ff, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:38:42 executing program 3:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="34b4988e350ab90291da98bacd5cddfd3b1243226ad66c916a3f9c5abb4fce6fdf3f9c58fb6dabbc36371318198534f5e03556e765a6057ff62e7495966a9cf97a6fef5b008025a2cb0731c003456804cd33a02c9b07"], 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x3, 0x4}, {0x7, 0x7ff}}}}, 0x11)

15:38:42 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x80, 0xc8, 0x20}}}, 0x7)

15:38:42 executing program 5:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0xce40bceaee318627, 0x0, @fd_index=0x7, 0xb04, &(0x7f0000000000)="4c6ee8e9fe25e23a5f7a13628dc453547121241f133fe844e37b6ed1984a134402d6b5e03d29a6c5d2d913f78aced9e4d638ed5fdf51f853ca5497d48840bc9f45c2ce4e406b5ef29c76a601048ec864cc00be76b28938f424a3031af6c15e7488ab3cb2b68ad93169444337f7ca78b61e31dfeb7965dc8558b859c63da6c691548e00ac19703207f2933e6fe891ce5bbf9e8f73017be775526ee7df2d4ff3210724273fb53be4e8af60d8b4dd565061cb59c1728b53b23c335a4ad068cac1c4d6f919900c2d8c95fb3498bc3861e5bf876dd7724ac067795dfd75ebf5304f5e1d4fcad10be650b36b65720745fd230cc7ada3fc", 0xf4, 0x2}, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)

15:38:42 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:42 executing program 3:
ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x7)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "ab6f342f701c90ee"}}}, 0x11)

15:38:42 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x6, 0xc9, @none, 0x2, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:38:42 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_rsp={{0x18, 0x2, 0xe}, {0x1, 0x7fff, 0x2, 0xbb0, [0x1a65, 0x3, 0x2]}}}}, 0x1b)

15:38:42 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x200, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:38:42 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x16d}, @l2cap_cid_signaling={{0x169}, [@l2cap_create_chan_req={{0xc, 0x9, 0x5}, {0xbf39, 0x9, 0x81}}, @l2cap_info_req={{0xa, 0x81, 0x2}, {0x8edf}}, @l2cap_conf_req={{0x4, 0x80, 0x41}, {0x3, 0x7e, [@l2cap_conf_efs={0x6, 0x10, {0x81, 0x0, 0x9, 0x2, 0x6, 0x7}}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x2, 0x7, 0x5, 0x8, 0xffffffff}}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x1, 0xb1, 0x8000, 0x8001, 0x400}}, @l2cap_conf_flushto={0x2, 0x2, 0xfff}, @l2cap_conf_flushto={0x2, 0x2, 0x1f}, @l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_info_rsp={{0xb, 0x67, 0x69}, {0x1f, 0x7fff, "e7011d7da0d72fd2cfe26d4c0ffb066986e57aa882fcfd57bc50cb9e12f313d09cabe53ff44ba751e470a80080031b5aa78201ff0e92559e2072724cf7bf9b3a4a22bcc977592884325b43dcb2208726236ae2636dec9e2a0c0672ff41e4d77a951ffc5b52"}}, @l2cap_conn_req={{0x2, 0xfc, 0x4}, {0x3f, 0x2}}, @l2cap_info_rsp={{0xb, 0x83, 0x7f}, {0x2b, 0x9f9e, "5b1b821f62b14e2cb91a85f19d4ed19d52f04dbfc8aa3d3c258132129743a0d6dfb6b9bc492aa65b7fef39dccadddd278b6a3927189924fe48dbcb887538c84a44e7150a8d20369b1903918184973d1a697700d547a501ab9c28eea6380857eb0fc398e83f3e2371af6efc82b21bf10767a68502c2de72d2c3f07b"}}, @l2cap_move_chan_rsp={{0xf, 0x81, 0x4}, {0x0, 0x20}}, @l2cap_conf_req={{0x4, 0x9, 0xb}, {0x7fff, 0x6, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_info_req={{0xa, 0x1, 0x2}, {0x1}}]}}, 0x172)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000380)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x39}, {0x4, [{@any, 0x1f, 0x9, 0x80, "d5926c", 0x9}, {@none, 0xfd, 0x4, 0x81, "bf7ee8", 0x7983}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x4, 0x2, 0x9, "95cba4", 0x1ce6}, {@any, 0x40, 0x1, 0xfd, 'mih', 0x5}]}}}, 0x3c)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="03c900da18412b346b830eaf422427cd234776aa1111e98e65baebf1e205f5c067f42651c81c611c8cc2ae69cade4200ca5b3af260c514574d32f1062dce7499c033186374116438841602295e68beaafde760689321a6d12794a5b0f42ab0cf240cc533d70b6f5d1ddd75dfba3cae2df5764c59f653512d2bf769b99933872cba0c79adb104ceb2c10d1975fccbffd12eae92957ed06e39f3449376d044cc06ef55fb445c4bcd7a6d3d30b43f8a3057c2f4278f2799dd7b3d3a2f13eece653e2fc749e9046cc1d4f0bfd8ffe58a00"/222], 0xde)

15:38:42 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  848.362882] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:42 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x0, &(0x7f00000002c0)})

15:38:42 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:38:42 executing program 6:
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[  848.374977] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  848.545151] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  848.559563] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  848.560245] Bluetooth: Wrong link type (-22)
[  848.561410] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  848.561452] Bluetooth: hci4: link tx timeout
[  848.562407] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  848.562977] Bluetooth: Wrong link type (-22)
[  848.563477] Bluetooth: hci4: link tx timeout
[  848.563788] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
15:38:42 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x101, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

[  848.720354] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:55 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x0, &(0x7f00000002c0)})

15:38:55 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x30, &(0x7f0000000000)={0x0, {{0x2, 0x0, @broadcast}}}, 0x108)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)

15:38:55 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, 0x0)

15:38:55 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:38:55 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_device={{0x1, 0x4}, {0x2, 0x85e}}}, 0x7)

15:38:55 executing program 5:
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB], 0x4)

15:38:55 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "362352b868594e8497fbebd700e02204a065fb828c6d84daf00fbd78581e8441d87d3e8e1084bff2b7ac22fe754962c4fe91e9b71b1f59be694b3b6228a5ce16fa4789655563dfbc58485f815118fe7a49621ec2d13006d7101adc5060bbb02e15fc78eef4faf7f98ade7c29719794624d64b5e30a146292e039f090f2dc3e9fb370003b1c6c3b171b68073f2a7a650943a4f0dea83706941c34993eefe3473df20e64719418337387b3c350f7a92a54b3e4ffa1de5913d6bd8a9f0fa30b2b4ff2370b367e540fb38b0e77e50845341f195fca6c661283ec1c34275a79fad2319fea96d2dfc43f922958b47a30d4d811d05f2119ba8102cddff62bdc0ed1b40055e5c4a97ea042a04dde997deec79ca6b8dfa99ba5f31974998e0c5191cad5a2021fab90a0180f8c45d95fe9cfacf6728b8e77679d820e3daa92e708236c7ad684e7fa12c8fbd9b1882b96600070b6a5c29d7dfbf780ce2aa8f02dba190cc9f525dd8117735f15505fea2e8bbe02afc34a9c54c461e7b0d811e8bbe1e1391121089602bffc629360b15c16f102bd47a1649f7444e1a303d91fb744e8d8291a1bf8d317b54089c731130bdc0b18a048e327e6c9bd9063459597f4d757bc7afc7909a4b28e961d6b8ae816632d003957b7b4598ce03ddab248e3fc731c3ce6e7a0b4222ab9f7fce5cba1157f4f4189261452d215d94c246f2f92da4bf81c5575932e70ca6639ca7deeeb31669b10f03a2ad3771d8a593748762d7bebeb01b37f996212fb5e2ef7d62c869f70a0a61b50b1aff8a198e4474dff5b0957249ef662abadc7dae5c498ed2c11a462baffe7aa1dfc361b5fc601c78e07ed90d366c5edecc81455e6544504652594c72e9a3c106a5a205f0d84f83a06601d6387aa42438840882b644820d9678534e6312a43fe10b3f14e1ddf5621fdacecbe3e96d0d442e8ee04caa8c05f5b227e399500d7a4637d1796e8e54760d84bef5c3cc7c9cf5ee09fd5bdb7875ccf74131e49ee50dc49debf87bda2f9af4bc3d9a6560a3fd90a28b594a94d78f1cdb0ea3b9e96a1ef2a45a400d3f0fd9001003b546f3289c61822b743aaf28098f7e3562b43a247aa28782e12a8c04da13b798a410aa63b3f2c62dfae9cdf68ebd484a460f43136d299f92d7e6171b2e3f360aefaea9a794cef9c45ca805c24da77580f8388f97608330bcfe19466c666cc223d81718cb3e7ff02c0e099ff08a1156da06a7e9a036ba6cc72b0fbd96eba9ef432e558f970de138906b1002693857fdfc0063333a0b5ce17b8efc8e7565d83f96c3c0a9da41a82f8ad041619b807aa29434dbfae4c7597e066eafc4a76eb084b503953a2caccca40ff2e0a47fb97c0c27a7a1a3e768c19fb346336a468606eb730f4ff830072e5e0e17e841f365a61a7d9caa81452e03da99dfa764c50511184f4d314c8b1bce8fe5c5a415db82fa30cdc466d0f7a6cedffec74d40e37152febbbade7bd9ec1b3cc2bbda8c62bd78a51dcb84144fef3f486efc0eb7791b0ced0f8c19dda19d786bb23e7755e567e8509e0fd3c73c08e9fc2b21f17a5cc546c51a3089fde6e0a37a3d5361a5fe4b551fe88d89161c6debb771f4b39d0487ecf90588c6c321a9dceb8c7d0dff2af9a403e65d28c734a228e0b2b9f96477392e18837e4a52a964c6396f19db461d4836f285b273cf147c117b9130cca18e1470f97b916b3849c393eab354c3e414fdc119c127ed48fb23527eb9f0cb2038101f8dd2601245d82fecda12699ac577ecfe5a29e611e43811126d72efe5edb4134064d66186179e994c92cae67a237acac7390bd8ad4eb6d143aff94443f88be907b9369180d36ded94c8dd4aa2c5b6b078a430a049c389ae89f7354e95fa176769a63f732c3801d081caa1b980d64685e61b90b96583ec9431c2bbcf7d773ef587ec05d4f2fc539d9b156065d12973ec337c27de6aae788968365b67ef668001f2edb3f937fcda1f3419a25bc2aa2bc1d0374f14cbea204b396fc37294291d6a3fbee384f6d06c03abfd4d6acfcbb22eaebf10cc0de1b32c957327786037ac7a1a5aca9cdb3f0d947c4d899ac0cd2baf6b4b00238b1b7ef4205b05c3125acfbeed043816b78456ec6bf2d9ca032468801e1b8e45935c51350168591ee8003b402c851dfa8fec35d0309d3db451817e3eb5d4a9b25c6adef80742f16aab21922b4f8c3ca102c9fb83755392d9f8c3b207e53f50e835784c2f8d481f10a4e94bbd9beba3809879cab80c980f2d80996fbd71e742ea04615615bb2b9a491e45eb57ae2568d205f09fbb2417985fe5490a393655a07ca5eaa3227d99dcbda6b4aad6eaff27065a449a83c63af235e4422408a700a9480d77dc0957a305a1133bb538bedfb358e27d77a8b6eb9e3ad88980f5baddcec75c22e945ffc72f4ed51c90f8f3c8ef9ac9e4c25696d2d6992e5e730189f2e853a2e79cf94bee423d27d555189870d3c6e6acb54befacd813b23d5473c2c35160edec267fcd2eacc33e7a6d9698a199d8983cb1276e7072245505586242a24781b9a468574bc1ce0a55ef95ef28216604fa963e72d2caa7b55ec02f533500b429ea0dfd4df22f546e0a20e3d195b79f633e1da838f99fa1a9d61cd64a17b5c1c574c09add257f77f50b44aca0225848c8f1a30a92a87612147c8900b290ba0e1610bcc1e36b1d6bec58712201e27ce7315013d837eb5ad47f836d65137b1b9f70c9e3f3248afb79882ffba98dbee683d5701f486dc3f95c868759c19b444f9928dcdf11b96b72bb1bb2177f18d1c0a2b1b3afc0845b603cf0784908d4752b975a49327e3a9cf23ab5ffbe6065ef4dec10407cf6d102fe4a04d75397254fd785afa116e7eeaba32f7c4ccfa79432b648483149efc27d1a896c8ee0a91c45b96d97ba4b5956aa85e8d25c017f72bd1d3f12c0b748d494c56c8ed7818ef13a3844e120699a5ecde88dba002e8f0c677d276bbe30ea5930cbf9579272b0f1fd23fd22bf9f42a99152ae99ba016cf2cf25a051a1aaa0cb6a5333d97679735274cc0aa533d09b01e599e0cd360eb4404edd5b10d00c4047370df764a01a79173133552cb9ac3355700a6b7968df1af10f2eac37fa84abffbc9a190a119fb92b74f1c09846c634f3996e427acc72b16fc0bd119f297c9a35d0f3c29064bc40b56e824d58ac56c23e1e382dd3b5231fe3c3ac21f1aed3c634658f281f0813b707769895f9881c864e74089f5d309c8c56050330781d28bfaeda49ddf7f5ddc55261f17da47b2a9fef999c596e892fe99ce53544278c8ca1e029711f1730df0309659560e1fa5db094b2e70284643c9a27720dff3b8dd5a57a0ba60c4ff764a241cfb8de0557d4b0a787ed9f27d1f009599386fc855f70b6a11a1377039f1273bf9516b76a061a01ec9d386d99b90c68ab83ead0f53b62436dcc8d5f4f9d6561e950f307351edd5a32668b6c018583ec1edec0a6833a51d53cf521a441963f1932b6d0e411088561c17f349f244ebe4fdb73cdcac23b4168dd79ab72cef3dd355219cec3325beb5ff5533ce01b0186be232245c39d7c848ebd98e2a7b1312a469b0f631cebd59208413fef17581ab1a165fe0a6e0618d08a5a47c09f26a6f227c0959e3c1d572ed22b118555800f74e6972314b321443baefb5fc69cd1a781f45eb88c8f9d5a0ac73ee264371ec59134e24751b5a16ef12eb3830cebd9d80b51ea0ef7ada05275c4412d2b12491f9ef8d4f818011f5f47a72dc2014a2e187b1c4f02f12eb6d0b8c7613702f5d3051e8520ccd42978214eee96b1f9c7352b480d92d3d8dbf15ed5c111565a475f6e1c61c966786ec575f9369afe6fd2fe743685d932cbe366128d0b768fa3bb5e530321e858672295cba950dc14b30e15adc210c4a77e630e92d6534e776a78b8cdb82d743f74dfa34e9c2286f34a9180258a9def5677627d39afea0eb7f46c00805c2b45c9ab9b07707191b4eb58e928e7d3dd2657be92b4dc4dd413c89a3b6b996861e88db73d5589e164a32ee425ba3c402a4519607d6f881679cd237d9a51f4c765b7faea7e2e71104f3cce0a834f327ca8bb7add4b3dcdf54fa2cc225a1c66645166fd3f7fbad902249e8afb130816d4f15ad665bc8c39ff2740ca2b6fc34df217f1845728bb4372a8f0d2561a36a20817eac62dc623d5d1d3a17db48e2b61c57f7fa0d30469c6f44fccb752aa3ec4005e3182348db6aa26a0be789d97a4fe7d8029603f5142d6d93e259a06a75a60c6b2c6ff1fc138afcd95ee04825cc712067d94af78639e60e6442fdbc6ba061e3fa17e7736a9ee7098ce99126f4c271411a97cbffd0aaccf1eecdf206c46024fa98ed216bdbca39ce23300e97a7d37e727af40e42270de06451b5dcf3b593f38ceba8bb740e98940d9e6b7e00eff3740fa634c9add0de9e416d402bfdb3edb7c3b62652b07d643c079617f1bd5529e00e3d296b5e8e3641e584f97636b49011e9e34f6f5294cc6e9ab2d3623e08b127d0d6c146f999700b7e8ea771756fd17453240c07e03e472b60ab18b551964efc7e6fa5f3c7bdf3515049566ae699e6636c3af7e774e8356df9b456ce7c9abb9cdbce556598343dcfe415462bfb2bba0200acc931a9ef6320bae3a65388fd9ac68f5e77f9b2897f2779e6447e7cbb7781f2fa9516d8b69b27421f79a7a132628128ff907e6d5fc2fd7a723ccf8f56dc05da9fadc38a3532d29da857c72ebca99057191e7494943784cedbe57c3f7801b09f7ec46cf472113a4599382c837f426e76642e9f086f428257360da02719f24b1eee9b9c40d5a3799ce158c071bebbf2797813c10c61f46c5522e4cd804fe4a61de0a3a5558adcfa1e26c0821aec6e2697086b2be228ed6a85e4e5c1a59aac762a7528584dcf91f1731b61df4a1b8e1eebafa3baafc32559305477f95d858a75c6092753c87b9ad2a54a76189088604ca882aacadf7095c690429c067fad1c28ecf17cbbc060f8ddc25921e8e2f75f9a2380c40ea335a39b4a49f1cbb52b67bb470d0adad615c7dd45b3fe1fc65f7293d8eaf4a3471e530b6b3feaefd1451ea3870b18b3c649ca64678659c6a809a5c4dedc36b1b99e63a0657f01f732a362b5fc83881071a71f345d2cbc2da10cea221778c9bcf22e591f9e8796f59724e025698d4ba209a6574c0f41c83495ea8a3466b5b99b6ceaa295676ad45e84d2e2b68b679a7e9cd69ac38f86317c7453ce572112eee6cd626a404cd302b438ade0fb1240c3e0397bbcfa08f062e5b1980ebb1c5f3ed6282b6dd25eb4465f9238d252d51201543714ff2cf04745354f876598b3f07586e1febc7f579ec1accd2099492ff8f2fc5fabde307963a5db0f31d5ecffae377554316c776c69ca9757b46cb3be3088a54ceb61044663fe42620328e52bed01d298c96617269b1ee4b9acc2dfced0d2698c7c8c4cbfc20d67898de2f971dc70b0e80419af7aadb254f1630ca571a70ee0a01cbe1d840cd28af4cd69f113737d3b99f0cf981aa2aa39e9198ddd1dad8fa1728d559c3e172f3827f9a60825f90bb902cca4d2be4c11578a71f065d4137943d19fbd3f3dbe31021b2d6239cfa9dc2f13d45b689f750271f476046dd6e67ee358de9cb0d985ff86347a1c566041dfcb4f7cfd143116908afea4e42caab8fb7eabcca40ab4b774b81d4e2a4ccbe8d30eb52c80544fd514c585332e83785795ca10bdf9daa61821db993c4731519b23d5244c1664145e254a75bba7ff6128068545e622df92ce4915b2e6d2586262ea376871459158be5c5cc8"}, 0x1004)

15:38:55 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x0, 0x401}]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

[  861.533188] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:38:55 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x34}, "3b7273277e1e885920f0fb1e4279e85fdc8f9ea1783249b2de175896e1311648d0a5b0245a5af06d92a026c0594bc262f29914f8"}, 0x38)

15:38:55 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, 0x0)

15:38:55 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x6, 0xc9, @none, 0x2, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:38:55 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x23}, @l2cap_cid_signaling={{0x1f}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}]}}, 0x28)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:07 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x6, 0xc9, @none, 0x2, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:39:07 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, 0x0)

15:39:07 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, 0x0})

15:39:07 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x51}, @l2cap_cid_signaling={{0x4d}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x56)

15:39:07 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:39:07 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}}}, 0x9)

15:39:07 executing program 4:
writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000000)="421c8f5cc98d15a5b6ceeaee983111e1e1db089b96944c51fd2f2636b5b21544b7", 0x21}, {&(0x7f0000000040)="d887b65b88b1ff1e4e535061cd154b18c271985bac66c71250d6c0c698c1db2907017e459c2d143dadd202cc300c581812b9612f36ce410ac532e2343f23be3fb663a67ee35ebd58b94dd73209b9955ba2a47ddf991ce6a0a27111b1fd3a37707a97aa15a085e4abe4e972a6c90c55f94b257589d9", 0x75}, {&(0x7f00000000c0)="5468694d610c748916f98a0005b5b4656670e450f010da81518919538b4f96673d622c7bfe45aea9cd59897a385a72157b5d50e1471f547743d6e38477c45ea0fe2eb1b3b98194d92ddc4d8538a86a64b6224c689e36d99ef3abe32e852ddf64d922c8", 0x63}, {&(0x7f0000000140)="ab244a82ce066229635475fa5db851bc7f3537d8bfea92b57c2263ec627e594e45d233ed49b905bc5faedb029d7649fe6c65b83b8bde41b49e00f1e71db779f4b069fd7b1d5b3a7b36997cdc524c135884e891908e603f0e0984ee96d71c7baaba0a6d041d6dd5a7764fea654fa152c32f91caaa300f6ff6d23a93533ea6ca235b3f958bbd0bbcb7c9754115ff664d3c5267a9a190501ec57ff065e6b5177988586650d59765eead5e5ba72507268d9fcba68b3127ed3ad45f909479453fb98f86ddf246001dc16135154a9640c82bd8cbae2f01d4a6d1989b51e0cbda4df67936e502427ac8b0217d5a1eaafa56bd6d3808914b", 0xf4}, {&(0x7f0000000240)="03903e726c4fcdbcee0bee6478df11b1fe85742ee9e0c1e4590dccffe4bf1638b4c486299947731c661aa480ac9467eaf4de83a8a9d3855eeb1c8ee8e5d41c11671e4ae64474e308a2bdc9c2812804ce3006deca3e1abac3db9165176a9417c79cf3d14b55fe9568a3b44d76a736442f2afca1b60078b9f78446509fb9551a9dfcdd2c0100aa07abb93908198106b9c16f15218ee4b40cbc163c1db02de7697283c91a4c02dc972828665a6827e72d7e32032dc268b3e623d1a06a20b105cd3430b7238e8a5a47494cdf810a31af0a4cf7", 0xd1}, {&(0x7f0000000340)="6bac4ef84eea288170259939a701d8865b473e0363484546da16742cb5447f3a5372a35a4b72810b78cb53129385d1c288f85c6231f64f021c4b2f2e8669f7af56bd3fdd976f5d777dcc6a604865c2d65a65de079302da26895ef771aac940e4797b8e9271de5d7b63300c2b4994ddb1595c8c06f2c5496a356b0cc47cccd56d32ac1219e140b074a5afad31ad94df009348ceae6f00dce8e670f7402af068cca80e5052e8d9eb263592c9faac4d608e187ed1073c56793ee8735bd7fdaab92e9f77f406181ff143a460476d5f700608ac9b2d006d803a98ce8922e5a81d", 0xde}], 0x6)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f00000004c0))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYRESOCT=0x0, @ANYRES32, @ANYRES64=r0, @ANYBLOB="4542e80670e3c0127f0ddfb5cdb865e4d8f61992d0d2c07a6e15846037892b73319731b4c820ecb8fc5177674f80c3a7c8092e6529d1532fcb4e18bc02e7f9a1fd27a89bbf82c7a3902ecf43196be212fa3b41ed88603ee1a29c37f38386df542a0c48d093ebed4039bf5c20b4dac6", @ANYRESHEX=r0, @ANYRES32=r1], 0x7)
syz_emit_vhci(&(0x7f0000000500)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "1797bb", 0x1}}}, 0xd)

15:39:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x23}, @l2cap_cid_signaling={{0x1f}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}]}}, 0x28)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  873.480814] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:07 executing program 2:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="043b0affffffffffff00000000b3ec06ec53dd8c76c8aee923e262526f5ace0335bf6d7ce2c24ad7ff4e0c40ee92601bda2e353d29a3c8a5a81d4dfcce19e46e8070674e1cfa6e1765c602d1f61f81416ef9f9f168569f213a2a1740232cdc1acd4b9d9c58c9361ed6b93fe874d41f735b391df400c252a4efc6cd01d5203d42a9e26849ce21d853b77e4baa9ffc49a713ccc3"], 0xd)

15:39:07 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x51}, @l2cap_cid_signaling={{0x4d}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x56)

15:39:07 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x1c, 0x198, &(0x7f00000002c0)})

15:39:07 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x6, 0xc9, @none, 0x2, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:39:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x23}, @l2cap_cid_signaling={{0x1f}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}]}}, 0x28)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:07 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, 0x0})

15:39:07 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9}}, 0x4)

15:39:07 executing program 4:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semget$private(0x0, 0x3, 0x234)
r0 = semget$private(0x0, 0x3, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)=[0x2])
semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000040)=""/76)

[  873.680895] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:07 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, 0x0})

15:39:07 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:39:07 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0xa)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x1f, 0xc8, "a9b979fe3a90f3fa"}}}, 0xe)

15:39:07 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x51}, @l2cap_cid_signaling={{0x4d}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a, 0x16}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x56)

15:39:07 executing program 3:
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x88800)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r1, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x10000}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x28000010}, 0x4)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="235fb6336e45cfdcd72b271e1288da888780ba0c2a506ffbee2420f84bd231d4159ac08b1a2e0ade98be8474ad6c248c1a7e666f430929c6f417077f67086eb4ee30e2384458efd5bfb25ba6db630cfb008c21c2ad2decab6105a77ab1914973954430d5b6055809211d"], 0x4)

15:39:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0x0, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:08 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:39:08 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:39:08 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x1a}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:39:08 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none, 0x20000000}}}, 0xd)

[  873.926337] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  874.125082] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  875.645043] Bluetooth: hci3: command 0x0409 tx timeout
15:39:20 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0x0, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:20 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:39:20 executing program 3:
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000040))
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000140))
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f00000001c0))
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00'/15], 0x9)
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000100))
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000180))

15:39:20 executing program 2:
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="03c8004bf7f601931a97761c4d1d5a2850af52ee945d49633de4e2eac23a5c29f33dbaf78f1f0000000cf69817518a320a62aee1a083d2756ea3e07625ece0a85117a12848b12921dc443ff5b67a687acea38be172385c921f89b12cb9ae5b30f365782ce28497fc8df49f27c9da38deecba53ac5ecd733bedc3ac5a9687b050f5cb425beca4c796dc8f293c5028da8b872a4d7d0955cd7243e4cb1cd0c6fdd5b99538aa0e4af228b3e6db4cac0af14f3c578c832eca309ab15185390c7de8eeaba48a4c44e2ce0c477e21666bc3e0c28e274698480c83a90fc413ca7902bfac449c720a85e49acbeaa874656faca05847a51aa03436f34d9bf3eea3e24a7904f4247bce2b27e2095844303d51904c1b70af01774f0cfbbce31a9d70473a77bae3575204bb1eebd3323f33b429a12a4019dbf16d41ae49b84f54096fa6cde53a3dbfba7f97d622a94ae6cb98fa11def2ad1db255196af62528248317b4282b87b22b589f3c432237f3ae96fb7710201366f58fbdb4f6d813fc900f0bced80d4f05e3cc9edaa3c6c48866438795ecf69bcff845a45d3a04b5d3388d9d754a28e1f274c5e3a1a3f6aa72047e8c32886aec70da6e05310b1d6ae9e0c10e79a2b08a116682766025d8ce8f0031e61da145c2ca"], 0x4f)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c8001c0018003f00192014003f00090002006f0e06000000ff3abd7c50bace7d"], 0x21)

15:39:20 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_cfm={{0x10, 0x9, 0x4}, {0x4, 0x8}}, @l2cap_move_chan_rsp={{0xf, 0x81, 0x4}, {0xbc00}}]}}, 0x19)

15:39:20 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x3b}, @l2cap_cid_signaling={{0x37}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x40)

15:39:20 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="740d978baa400ef219ca"], 0xb)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{0xc0}, {0x9, 0x6}}}}, 0x8)

15:39:20 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x1c, 0x198, &(0x7f00000002c0)})

[  886.872210] Bluetooth: hci5: unexpected event for opcode 0x0c5a
[  886.888125] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:21 executing program 4:
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:39:21 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x6, 0xc9, @none, 0x2, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:39:21 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="740d978baa400ef219ca"], 0xb)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{0xc0}, {0x9, 0x6}}}}, 0x8)

15:39:21 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x3b}, @l2cap_cid_signaling={{0x37}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x40)

[  887.136137] Bluetooth: hci5: unexpected event for opcode 0x0c5a
[  887.152823] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:33 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0x0, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:33 executing program 5:
syz_emit_vhci(0x0, 0x0)

15:39:33 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x3b}, @l2cap_cid_signaling={{0x37}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x40)

15:39:33 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x49}, @l2cap_cid_signaling={{0x45}, [@l2cap_conf_rsp={{0x5, 0x3f, 0x1c}, {0x100, 0xff81, 0x5, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8, 0x3, 0x2, 0x1c98, 0x200}}]}}, @l2cap_move_chan_req={{0xe, 0x6, 0x3}, {0x9, 0x2}}, @l2cap_create_chan_req={{0xc, 0x3f, 0x5}, {0x2f06, 0x4d, 0x2}}, @l2cap_conf_rsp={{0x5, 0x4, 0x9}, {0x7, 0xff, 0x7ff, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_move_chan_cfm={{0x10, 0x1, 0x4}, {0x3, 0x4}}]}}, 0x4e)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@any, 0x3}}}, 0xa)

15:39:33 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="ee530afffeff352affb422d8e361bf867d84869025c8d059845b122e71d0194500000000007c260000000000"], 0xd)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0xc1, 0xc8, 0xc8, 0x1}}}, 0x8)

15:39:33 executing program 3:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="029dab4afffff3"], 0x4)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="cc2b5e66e52456579b57a022407b504c8f202a2393528f"], 0x6)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_role_change={{0x12, 0x8}, {0x96, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x84}}}, 0xb)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x7f, 0x8}, {0x18, 0x6, 0x101, 0xa8b0}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x41}, 0x2)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_req={{0x17, 0xe7, 0xe}, {0x1f5c, 0xdce, 0x4, 0x8, [0xd34, 0x400, 0x5]}}}}, 0x1b)

15:39:33 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x1c, 0x198, &(0x7f00000002c0)})

15:39:33 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="740d978baa400ef219ca"], 0xb)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{0xc0}, {0x9, 0x6}}}}, 0x8)

[  899.102898] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:33 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  899.131335] Bluetooth: hci5: unexpected event for opcode 0x0c5a
15:39:44 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:44 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{}, {0x1000, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:39:44 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x0, 0x198, &(0x7f00000002c0)})

15:39:44 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB='\b\x00|'], 0x7)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c8a00a000600050013250208ff01"], 0xf)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x77}, "ba1428f7aa6bd0e2e8b7c0f334c1f6162bd47a8cb054a48e629ae9a5946b554daa07c79e95bbec2971b49353222432ca9c96d593878e2790b795f2a508b1499c0e8dc3633654c377babfbea2e44b90c8d3f1e46756041c67b432e529fd955613731d62a2bbd8c8329cb31ec0582bfdc810f3ae97dd6f3b"}, 0x7b)

15:39:44 executing program 3:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r1, 0x200, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x5, 0x8}}}}, ["", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x90}, 0x20044804)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
sendmsg$ETHTOOL_MSG_WOL_SET(r2, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x180, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_WOL_SOPASS={0xc8, 0x3, "532d99cb074db2d84b7248c59724941627abf35860ee901b2cffbb7b0858136dc49f867e6e5b0ace0f4b058d4928178b79d1393003ca73cb640473d3fbc69bef526f3123f1bd2f6350e981ebb009b34d0c8596138bff6f90faff95a6054594deb0d1e6e6ce10723d15b86fb897d0c3cfbd490786786899716e7d2b17d8e6801c907ce0e4a11850b64760e5f02a13d7e968e83b18efc69167db90cf9fe854065a1597e74c37b0782111f2e8b99e8f49bb181bbd51e8773ab331c0d44332042e0e431ef1aa"}, @ETHTOOL_A_WOL_SOPASS={0xa1, 0x3, "35b4e099d33b56eb93648211a4b7f17eebc671cfd755f8301bef906426423fb498439a4ec78a83620c6151cb64f50301287ef7809795b9ed2100ecfff57f0d9ddb5cac81736bfa01e49f4d4f411cf71be70b6332c5affd24506d598ac5b07287e7e1f37657141fba52dac899d67d08caa32bb7559f42ba9472ce354beb9a239ea09802c07e1661b4ff3b6a0d151e209c6e465b93f45f1522eb306fe5ee"}]}, 0x180}, 0x1, 0x0, 0x0, 0x24000050}, 0x0)

15:39:44 executing program 2:
symlinkat(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000100)='./file0\x00')
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04ffffffff000000"], 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:39:44 executing program 5:
syz_emit_vhci(0x0, 0x0)

15:39:44 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="740d978baa400ef219ca"], 0xb)

15:39:44 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="b7ac0243ffffffffff00000000"], 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}, {@none}}}, 0x9)

15:39:44 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="740d978baa400ef219ca"], 0xb)

15:39:44 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0xed599fdd2e92a91}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x15}, @l2cap_cid_signaling={{0x11}, [@l2cap_create_chan_req={{0xc, 0x2, 0x5}, {0x9, 0x81, 0x4}}, @l2cap_disconn_rsp={{0x7, 0x7, 0x4}, {0xfb7c, 0x81}}]}}, 0x1a)

15:39:44 executing program 3:
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT, 0x4)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x3, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x3, 0x8}, {0x20, 0x8, 0x1ff, 0xffd5}}}}, 0x15)

15:39:44 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:44 executing program 5:
syz_emit_vhci(0x0, 0x0)

15:39:44 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{}, {0x0, 0xac1, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

[  910.744238] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  910.931299] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:45 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x0, 0x198, &(0x7f00000002c0)})

15:39:45 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2}, {0x81}}, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:39:45 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x12}, @l2cap_cid_signaling={{0xe}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x17)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:45 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x7d}, @l2cap_cid_signaling={{0x79}, [@l2cap_disconn_rsp={{0x7, 0x20, 0x4}, {0x7de, 0xf01}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0x9, 0x2}}, @l2cap_info_rsp={{0xb, 0x8f, 0x20}, {0x80, 0x6, "30bca2c8e6ae0379273f5a75dce00ef4820b5a0526763666ace6cd40"}}, @l2cap_disconn_req={{0x6, 0x1f, 0x4}, {0x9, 0xfff}}, @l2cap_conn_rsp={{0x3, 0x7, 0x8}, {0x1, 0x0, 0x8000, 0x462}}, @l2cap_disconn_req={{0x6, 0x8, 0x4}, {0x200, 0xb21}}, @l2cap_conn_req={{0x2, 0x5c, 0x4}, {0x4, 0x93}}, @l2cap_move_chan_req={{0xe, 0x40, 0x3}, {0x6}}, @l2cap_conf_req={{0x4, 0x1, 0x16}, {0x8, 0x0, [@l2cap_conf_efs={0x6, 0x10, {0x7, 0x1, 0x2, 0x8000, 0x6, 0x7fff}}]}}]}}, 0x82)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0xd}, @l2cap_cid_signaling={{0x9}, [@l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0x800, 0x8, 0x1}}]}}, 0x12)

[  911.134927] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:56 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x0, 0x198, &(0x7f00000002c0)})

15:39:56 executing program 7:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="740d978baa400ef219ca"], 0xb)

15:39:56 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x43}, @l2cap_cid_signaling={{0x3f}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x4}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x48)

15:39:56 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x49}, @l2cap_cid_signaling={{0x45}, [@l2cap_conf_rsp={{0x5, 0x3f, 0x1c}, {0x100, 0xff81, 0x5, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8, 0x3, 0x2, 0x1c98, 0x200}}]}}, @l2cap_move_chan_req={{0xe, 0x6, 0x3}, {0x9, 0x2}}, @l2cap_create_chan_req={{0xc, 0x3f, 0x5}, {0x2f06, 0x4d, 0x2}}, @l2cap_conf_rsp={{0x5, 0x4, 0x9}, {0x7, 0xff, 0x7ff, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_move_chan_cfm={{0x10, 0x1, 0x4}, {0x3, 0x4}}]}}, 0x4e)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@any, 0x3}}}, 0xa)

15:39:56 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0xc9, @none, 0x2, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:39:56 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x12}, @l2cap_cid_signaling={{0xe}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x17)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:56 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c8702c102810010006040400000407000b3f0410931903006cc12fec238aa4932558b80ff1f9f15716d66e21b0e4efc86b165e9f65a4b9929979462000d5ff84cb3b284b93eb1d944a2c9395fb71fc9186b18d6f4d8a565f281b69e83a416a02feb8e211b2dde32b480d90132a04dbdcf3c5f6f216d9f5d4c4e4936e2684af7c31bb0be1876039dc14bbb71ab482aa198c748d7e3607e554658f75d04f5a8ff732e4c8975aa4b048d33fd2634391f0598a1d65131ad0972837376d8745fd5b7a319415e3ac1ca087e1035a676c559deb0a1f93c3847676664bbbec7a51eca104862193a2140a41364129502843876259b4c1265783ed6cb25bf413a156561c84cba806746efb4ce454f22ee3e891e497fbe588c2ced10282b513a6f9a6717cf72c7a43d5408d8a327e63fae52f5fc6043ab46b3014f38fec8d493b3103259b548973ee8969852dc722a3e0787ab72c36a7e138189cccd9cf779aca312190b76e99fbfa1cd1941cec7738141bfc5bf883207b32af9f02756c5489e10a5b28c7e3fd6c46a91022626502e9db79e0ee402410b0b0d1fc9e73f84585ad1b954743eaa4fe69d4e8c708ceca1fbd7366fce121ffcf1e41ab4eab93920afbfd5e49fd23987d4ebf55a884e7d84eb9131d4f9493cbed74ca43f01d1ce60476ce5d5dac6b72d94ecf52133afad55683c6b35c66b9f6b3bc6f14b051b770a6417af3acb03aeac944b51d8b0b8d6dd800b180d0bc5d03c9c525af60874f32e5cd3e5b9df15ee8a23a42966c360f6bb63d5440351bbd7cd90b42bc71a83d4c40fa9b7a482ef5791b7e3c3f69bf27c6888ee92bd462bf54fe8f179ed5b6a3bd32fdadd9f922d1679eeeb7f76bacad9aabe359538d52e65abd869faff7edd5fc69320673133167a5d15f21770a18d40cb92d9b9cf4a10e03fe41462edc5d8bb1c5d80725691db0165f0e43bc1a32bd24d81ba98d92d8ca9b316eb65f3e2630e93308f8b5d1ffdfd9e1e0d01f8e79f4a1221d25023a25f0e88f7065994a7c48cb6cbde098ccccc54ed7cefc2a7dcd31d79d1f2a51077638e0ff5884d63868a0894a26d3204353999dbf4b1613c5f924f6430a850ce3053a584fdc5f86b4b443c4db6046aedc4beef119ad71424fe769528c4c3a93f988fc7e7c66bfb90dd282ca57308f41e23aa2de0f7c1f4dfea8ea669d683d23dda2e3b6a073022aac1c1b1bda2ae43f48592d675b72fe13eaba0a95eb15e63ebd901db7f060bd88faed61c141a489cbd0857e619e92c72c3a296b38f64e616539176c1b1101731507f7a51d48ea31c037482b81f188aacb5ba3802e913e53be529fc5914e78aa0f96e9aa58ee0a3d39450072c5964d3f4b7b2b9e69fe4e0553ad54205a0c9080d295fbce7d822c794dc91d235c2e388087fbb07e31a7e69ecfd9f0dd75ffa8ca9b9e7512b785b8b47294f21a374ad3414bde0732c047be8dd002645368bb00f664bf588b2ef14168cf0a069eb8a60f32070a9b8d927eef7d95437016dc66e3f0615f6bce6ec85aaa974065fad6cc4bb8d3f407a7d94e1ee3eba79c31559b7f90d09eb51991a8185be9d3178cadfb55908d363a89f31c8babb5fca55cf72c80215e9b3aecef63297183301b79c0f132f729bf0a5917ff95e5bfe68d02586de04f39d57776ab3392c8a9942f9188994e40ddd42fbd2eac30160523f79d291109278081ff61b22b3e174de123066380056f16bb4483553b485ecb8c2c5b2f4b35fd36385028079b04c1188514faf1ba2d088aeb690887aa1dc86defd720229e75675ce58661440aae0c07ed89063c834265e4ce5b99ebd32e46464b5e8e4ca5013380720ff066c83f735ecfe13e34488c2085deb3f9ad4c1743a3f4faee2d280ba87c835266f9505f87496208bfedaa630e6e2e91426b8df3acb20e7845f92e5121f13b9491f200213e263f403af0a1b29355c9c3ac5c9b2e253fef0e6fdc8a5bdb454179ff6453623a8700eb9776a59ec37146058d783c9dbd6a0b2c9af526b0ec04fc42d5b1488ed7c8fa886c11d48c2e4de1c0de131470b6a64b77e631fb9b79edf9f04b975891715f5f515ef89c0f1d113a8c954cc7127dd4ddffdaf7c43d8e6a031d05c4f9c4132e500a8df9c213623860a3891e56fd69fb30f1300cf32e430f8190875072dcde00b51a5912aa4940c30065b5f2825e6d5ea7b21a55b52e51fbce78b388f610688b47bd24249ae44cafac1179eeb4ce9320b3f03c4ac5c85fb581ac307cdac5640dc018571d66a893a42c02840ee0ee2e603a3f7ebe9675fface34149c824426641a429af8fcd709d00f96e55d9b08ef1408b92a9f6f1971752ae55f19e9e04fd2f468dc616ecbc62e5e0ce0b7e53d0f87df816c7fe59960023dc147356d3e635fdcf05026740df83e00ca41b23cf2b797e642bde0891655dcc02fb51862b705a8abdd824e1868c29af2783e3672304466d05bc498b78be6eb84c277cf8763995adf057bfcc2abb674e745d35055adf83fabc5263fad9114c38afd64fbdb11fa7fd2ac179c95b330b173f3fbf348289e202f753446b1cd1cac2c26118e13199ab4e82ad159b5b25440d3f52ceeed054dbf4b7a2ed705a971a8400d41815f376e61835aee2f678cd534a1f8934db99a23354e4e13af692cd05782b8e478ebdedf61be9407c0200fb5acd087d2d1cf66a89b2a03275549001f00f10e9d41d1923edc122c9c6f182111df506a7033eb5e1a7f22a34bbef219439e63847c85bdddb1a5a86b704716168042fb41f80014a7f99437615ff31b862d1bf759e961c450e52b8bf9e1b7fba24bb278faf58edb550af49992db5ae3d62d16b2926e737ca5d8c46589c32ee2a3c2fb5bed99fb99533a3a0d98a4ce67c16c06390490e7d9331a77d8229643887075e2df88eea632d68c5f27511f37565d42105078ad717c5f3e84153564be07b39e3054f57ade0f3ae6e894d5da5d9d9ea8f482b4517c8b3e4832cff449baf83bdcf7a288af26e135c72160a65bbd525bbddd5dba7daa6b878a3e96f3ef4e43fd39005dee081c9ec2a4b9dcd0496313052f62946bb05232d5ff5d06fc4570f39ddb09c208ad889ebac44a0b25e148bbae1c79ea23723dd031aee680a81522297b53966e9bc55a94a0c3b549a05769ae76114e770fde7a443b0c03d6c25a5cda15663ca2dca7746aa374fdd4b69940d17d277697c814df6f1b280f5d75f43a16b9f48b23a34a43b08c2db845d1f9a8b842a5f0bc9322f72a0cb3073a6dbf18dc500f6cd07ac6ddea90db00ba96131f59ee4d461294a1516d388f282cb9af379028f844888ebf1fa1c0b60edfd9ce2c49ee9f22f2ccc4f2419885b5ee00d29cf95403903a5604b71a737de3f7e633f75c1cff57f517747a48eba5a9dd8842f160930d31c159adb5c309a7a9b3cb3a910b609955266f7c1b3639779ce4be3a0f2567560367b14aad6780954ac725d34b1a75461b07039a0cbffd2c57a4f94558c590e2ce628d613bd80366ed3494578e5ef9c2e64f4304a12964027259516077796422e1c659e1ade0ecc626070e27a36ce916574b402e8916a97f971a7115b171e34c87d1180bf03d899a4aa2a924f6536a48680f903908216221d623c6291fcf48859132b493379f2390ea689a60daaf097c06c6b9ec9b2ecfcc670aac5e0ec1a590b64118137ca6783d18bb0814930dcd4faad6f7023bc58a852b88a2f8b0c00cd9eb009cb85e557bd2935e82df3a6e555a4ca4db4dedea34fb56168e39bc67d20fdee0e3bdb750d53add0aecbfa95ea2a36dba7ecb2a04f18dbcef187932449990ee5aa14d7b461d120c62bf0bd79dde6bd8b7c92dd5ebbfb3553f10d0cb86f77cf893a63a8b32871e9cfdf0a697a4737e3078e027dcb36241fdd113d29b7b880a20c4475f9373de2ddf52a2c4838c98c6b75d86ac1473d039cd224c7f2b4137f2e86fe8c8bd33daf38abd0bb9d15f9e6d36ab4355dc31dc601af2c7db4e61a6f0b6f3d4facda8e5277b867b2fc785e0870ca1112ee772ab2767bcc2f74ae005361ee36e3e473ea3cd911d93fd2f8be91c388e65e77297ce779a8ebf322b4cf248734e213ac2b7e342dafd825bb0f375fd968e2393e25b08830cf11dabab8a7dc23ab76ba9387eb545a5ec29ad93aab528126382351affd00d6786aa145fc246e72bec799e6ceabb006d96bd44b310e3bc93bb1fa38f03dbd2f01d354bf52b916ea63ecc7038495993ab4b63083ce8765f720018208366d830ec1540f2072ab1b53f8a1695fad65b1bf5c91bb4ee0c14ed2090406285dcfb6b028d8ca1e9fad2ac3e68a8341395091b00f2f59799908752f9ebf9f588ba6022988402648f72325cdfc40c7f3ddfa8c9a4bf4a462a48348d3ff9f8862431bb6780cce6e2992ba8d25d5682bf1fc448c13e75d4765434066c8159591c2687671c35a5b18f01e744f0be4ae81233456f02d870fd508a6614fc32191a33b3a59595956a480387396c24e9c9669116922af98917204b216b3315ebf2fba761e85ab4f67488e493f6d7f83b2c40523a386f393b7b692a870edb832ce8b86f9b3d121d11f1ce12fea553f76fd699109f6e04bffadecd30636df90ad66f3182ec6fba4a85ee03718caa6a7d34bfba39752f700ee8553055cdcf715891a54bd8d4ea40b9ce1f6fbe55309afc5417fb1e324e0977acf337d1ddbbb8a2ef07cdc199543fc856bb5407867e2fc3486e5a21d3c11e911d7ff6a02685281fd8fd20992a9a0902e072d5bffbd932a011a6aac891e5b1a242655187599bf9f25f8aca23917a7f31f2602fe402a732f00e15f37af4ffb79c26fecc7a27bf2b2fe438f7e3dc04a4fd700f1c40b66697f16c5d0bd20f02173c864c6e1d0e44e2415c654fe1b0ee280b8095b8417a08ddde3d53afce9eacd85feb1557e722eb358bc5dc39d44f59c458557409df11f9a6a9fab77777a1c68a1465854fff5db16d473a4ad41b6c40617aad816ce0c455c9019de3604f2e97fa281cb0957f1ab5192fb2ea9be3d708ca35270ac8c29ae8cf4155f93be5ed34bc97a0fa0bd94cb22b55fcc1aeb852e56eed3440ae57756ccf8485ef15030d8e8fd126fcea1077cec77966f3a9cd3a00a994e09f800ec0a9ec0050b512618b31c4cab8200cec45e6af8dbc176fb68d7fe1c69f72f591f9ef78e55d621856c58b6541de30c8c828264c4c1b1f08f9129e903eff20dac66fa0798b527cbcfa485b86e75a4fc328cff43640bb110c4628395a5bb9c636569322769db8dd3236d45a19d0ddedfc4b0099dd16af6bd98434f2d0decc6c7459de77ebe3c6adee7d29be6c9cc942d4843536f5d8c314fb3b2d375c1f7ead98c728b9e65700a0dbfaad8749fa81dddc8e5bf76ba4f4898ac237794cf09c95a53975f2bd544bf34cd62c464205a090354fd1767bfc3a1e68d7230f51ce896f1d0a8e90a99b3c95d23e2667a559cc017111b56e7795f3b7620172c7d905bf3a6e76bae24c0c39113d1eecba0f91fa20e55dde42028da59c8df75bcbeb82ea27de522ce0e30395b725920486f79ec9c744d35da29267ed2b23a1bb0543cbfd32385f3647e984aa6530dcca312fbdbee5d1015b87c042887315e794516e675a2fffbf01f29457ff3765d9ae2bd9db9cc11b5d9ff29d24d62872f0c3a1438c1c30fdc20ee23389db3ca2e6ce83fc8f07dd88d69c18f997c02cbe81ca71ceabdcabe5938aeadd285225def70a3d4463e25bdcca970c0b0b32bc40829cd8d592ca904a1f569729d5a908a448197f0fd93805f48cd824ab7e732085d78c3fe0ae9789ba6f4749781076b3b1960a9dbd13b753c95e7abbebd7e3d610a14e8073f04000300ff0307a40400030001040f04040002000100c571e1da07b1fb6bd478f7b82823840c9c64f16856a4cf9c5ea252e8f94fa359c095d143b8e38a85f464c9284ea4cd9b8da2608a6062c7f1e537f211de36332251f3387a02db892336dc982a8b41fee7766e6f2a660a88c951fe074407514d2288d0c5fee95a47a57ea5e3e948e3f50e38baeecb331f9cc9254ec8087249232e884a20b5ec5c8826410b7a73e3ce333648f04263e19f66d7c8b6b9e2f7be9385df2339b115a69cc9fb6c202b4f6b289dd66efa8b57a7dd6ecfba9f08fbbcde"], 0x1031)
syz_emit_vhci(&(0x7f0000001100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x91}, "3a0f9094095a5275e1d926a09fa61b5631f14ed05c03132acc2e3adc53dad9592306cf4ec064e65c9492688c515f7a4f910ee15ac7a32548a0afa11d36fad5bf274cb82d2829c85590c221eb33a0a2b12563a8cd1ea6409b9aade0cd51d6d52c15d3b846000261c2e1056038915494cd050e91f2461490622360afe58c12700a228aa730ed76e7a9b87537a5f7d17fba0a"}, 0x95)

15:39:56 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x1, 0xc8, 0x3ff}}}, 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6a}, "164f221f371dae51fd931d1a3271b5746c1c46b6e11bae892d923a105bc28bd0c30a81f63a0952745160b03504b6291e815e5a3880cbbfd58da92ffc694bb9731d0fba17760754adffc5ad83f3de8dd75d7996b94023808ad90fa78d03d72bda365f53c7fe594171c550"}, 0x6e)

[  922.067472] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:39:56 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x49}, @l2cap_cid_signaling={{0x45}, [@l2cap_conf_rsp={{0x5, 0x3f, 0x1c}, {0x100, 0xff81, 0x5, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8, 0x3, 0x2, 0x1c98, 0x200}}]}}, @l2cap_move_chan_req={{0xe, 0x6, 0x3}, {0x9, 0x2}}, @l2cap_create_chan_req={{0xc, 0x3f, 0x5}, {0x2f06, 0x4d, 0x2}}, @l2cap_conf_rsp={{0x5, 0x4, 0x9}, {0x7, 0xff, 0x7ff, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_move_chan_cfm={{0x10, 0x1, 0x4}, {0x3, 0x4}}]}}, 0x4e)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@any, 0x3}}}, 0xa)

15:39:56 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:39:56 executing program 4:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0xfe58, &(0x7f0000000100)={0x5f}, 0x0, 0x0, 0x0, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f00000001c0)={0xa, 0x36, 0x13, 0xd, 0x5, 0x50b0, 0x4, 0x7e})
ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000140)={0x25, 0x38, 0x16, 0x7, 0x2, 0x40, 0x4, 0xf0, 0xffffffffffffffff})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB=' i'], 0x7)

15:39:56 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{0xc0}, {0x9, 0x6}}}}, 0x8)

15:39:56 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x12}, @l2cap_cid_signaling={{0xe}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x17)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:39:56 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x43}, @l2cap_cid_signaling={{0x3f}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x4}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x48)

15:39:56 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04000000"], 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x92}, "971b68186b272b919f7a5ec287f2f839c823fd4ef29074ee424689312be301e4e68029c3c18d71d953de33e73711833b2dafa5c58d3d9bfdb01f901464a16194c3d17293d8f0cea46629e252aa64a14ac6b93a1c98416f6011dc27fa8592f86015298bd3c8ed659bd1dd8ff06fa5ea089e1a458f0bf66c99ac60403928314b2e36087064c1f3000ce48c08168fc4f80dd916"}, 0x96)

[  922.238602] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  922.247389] Bluetooth: hci5: unexpected event for opcode 0x0c5a
15:40:07 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x0, &(0x7f00000002c0)})

15:40:07 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043b0affffffffff5f00000020"], 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x9e}, "f357709e36f4b7e2c95efca009d2f3958ab64f2662ddcb851f3daa647aaf7774251d3c1d644086c65a3fe6e998a3417f64db1b18d708101e0c6e14f3fdd5bd13454b0b5d31f49a2b404fdc0a51980648dc15309e9d21d95bc8d0f7d65ec95987bd1585a9f99f4b8e781fca197d394bab29d5d2f2ae3e4cda06e35d6cac94baf43400eb2a887a11e316429e51c88d2fdcf7383c36a3f7d77c6dafa678f60f"}, 0xa2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xf3}, "08a1736c1494eae7c266b8f65cbd990369060006db2e4860d3c30b50463b38b557a72887e2c6319f25b245a88140492a3ca6485d9a995fa547d3bc7e58b3c2fad7d12eccf3cab84d0de41ecdd1dad41729ecc7c353771db6c09d3858c763be037a2b2c7fcd7d113ddd0f0e14bbadccfd0ce51e61b9f12b793db624a9250df824df95d309b785c86ec4bad658682141b03cc88a1f147c384fd2ded0455927411b269e12a3086df690d1964c50a3f8aa29f8d9a1e389f6fdef73f706709b883dd7612b1c68c275be3a4e34199387b1bc6092caaecf8984b77fc0ae57fd918a8e59237b63acaa3791225afacbeededc54cd8b75e0"}, 0xf7)

15:40:07 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:40:07 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0x49}, @l2cap_cid_signaling={{0x45}, [@l2cap_conf_rsp={{0x5, 0x3f, 0x1c}, {0x100, 0xff81, 0x5, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x8, 0x3, 0x2, 0x1c98, 0x200}}]}}, @l2cap_move_chan_req={{0xe, 0x6, 0x3}, {0x9, 0x2}}, @l2cap_create_chan_req={{0xc, 0x3f, 0x5}, {0x2f06, 0x4d, 0x2}}, @l2cap_conf_rsp={{0x5, 0x4, 0x9}, {0x7, 0xff, 0x7ff, [@l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_move_chan_cfm={{0x10, 0x1, 0x4}, {0x3, 0x4}}]}}, 0x4e)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@any, 0x3}}}, 0xa)

15:40:07 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x0, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:40:07 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x43}, @l2cap_cid_signaling={{0x3f}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x4}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x48)

15:40:07 executing program 7:
syz_emit_vhci(0x0, 0x0)

15:40:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x0, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:07 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x280400, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000080)=0x2)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRES64=r0], 0x7)

15:40:07 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xe8}, @l2cap_cid_signaling={{0xe4}, [@l2cap_cmd_rej_unk={{0x1, 0xbf, 0x2}, {0x7fff}}, @l2cap_conn_req={{0x2, 0x3, 0x4}, {0x3, 0x3}}, @l2cap_info_rsp={{0xb, 0x7f, 0x52}, {0x1000, 0x7ff, "4258a0d05d8ede07dc216b0bf37d37a260e4819615a53c727993ad04d4e64e547edeae02ce9cbbe428d97d02f07fae03d42aa5f2af731f16341ee7c3a049d37ba7c11bed06253e314c98c161903b"}}, @l2cap_create_chan_req={{0xc, 0x0, 0x5}, {0x401, 0x5, 0x1}}, @l2cap_info_rsp={{0xb, 0x4, 0x57}, {0x0, 0xfe3, "471ad2c5916914a7a4eb48b460ab4d44027c1d8d635732af58dbbbf916431a0003ed4ed65039a5dfdafec0158e5879714960a1112f89eaa25cc090dfbbc6118488631736c1afb8086885bd853a1bcbe82eecd3"}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x4, 0x8bde}}, @l2cap_conn_rsp={{0x3, 0x9, 0x8}, {0x5, 0x5, 0x8, 0x7ff}}, @l2cap_conn_req={{0x2, 0x8b, 0x4}, {0xb2c, 0x5}}]}}, 0xed)

15:40:07 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x1, 0xc8, 0x3ff}}}, 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6a}, "164f221f371dae51fd931d1a3271b5746c1c46b6e11bae892d923a105bc28bd0c30a81f63a0952745160b03504b6291e815e5a3880cbbfd58da92ffc694bb9731d0fba17760754adffc5ad83f3de8dd75d7996b94023808ad90fa78d03d72bda365f53c7fe594171c550"}, 0x6e)

15:40:07 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4c}, @l2cap_cid_signaling={{0x48}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0xd}, {0x0, 0x0, "13c409ca5998aabccf"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x51)

15:40:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x0, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:07 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x0, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:40:07 executing program 7:
syz_emit_vhci(0x0, 0x0)

[  933.590674] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:40:07 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x0, &(0x7f00000002c0)})

[  933.736591] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:40:07 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4c}, @l2cap_cid_signaling={{0x48}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0xd}, {0x0, 0x0, "13c409ca5998aabccf"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x51)

15:40:07 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x0, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:40:07 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x0, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:07 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT=r2, @ANYBLOB="de713f97b2537d739c0b0a6e5be9d3cb2d25d7778cf1ebe42a2b48966f7f9fbbe6d8cac60316ea43db765ac8ad83510e333f83148fee730801223a6cfe3d90e623d86a12c98ca5d73d590109fb7dd7bf340ed83b0c9ace9193c2efa9584433ecef8e7a8228b3216a85408fe7b55b305b7dc0ec812ba7489ed93ef99466aa88607ef2d71573794f653938dd62b56a46cc336aabe484e10f1a1fcc55b21255e4debd06a35548a508e171a03dcb5df24aec13293ed1498e85cf833702bcd85f815f37fa4aa1d55a9b723e752d0f1f3fd9a1d83af116d7891b2a1a57bfbc8b38add5d53a"], 0x7)

15:40:07 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x1, 0xc8, 0x3ff}}}, 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6a}, "164f221f371dae51fd931d1a3271b5746c1c46b6e11bae892d923a105bc28bd0c30a81f63a0952745160b03504b6291e815e5a3880cbbfd58da92ffc694bb9731d0fba17760754adffc5ad83f3de8dd75d7996b94023808ad90fa78d03d72bda365f53c7fe594171c550"}, 0x6e)

[  933.843627] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:40:19 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4c}, @l2cap_cid_signaling={{0x48}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0xd}, {0x0, 0x0, "13c409ca5998aabccf"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x51)

15:40:19 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:40:19 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xab}, "1ce5bda0474edb943d540bf489bc7ee1ae7b6eebe20eb037327b429523cf409cd133b0959278a66922976832c7fe7707b1f2b8b280e9aa725626ad10c8ab100ae27c76661786dcb1d89b7f65e0d16a8b269908e669537651748b9d7f61f26728e6702766db15dd5f62c03164f6812c631be786103ec278e439c4cd8b74a3b65f78a81c2e06ac9728a02e25da228ccf3ddede95f5385c2a580da5bd53a8cf4305055f7cbaf1b498169212dc"}, 0xaf)

15:40:19 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x0, &(0x7f00000002c0)})

15:40:19 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x0, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:19 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2, 0x0, 0x0, 0x0, 0x3, 0x9}}}, 0x14)

15:40:19 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x1, 0xc8, 0x3ff}}}, 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6a}, "164f221f371dae51fd931d1a3271b5746c1c46b6e11bae892d923a105bc28bd0c30a81f63a0952745160b03504b6291e815e5a3880cbbfd58da92ffc694bb9731d0fba17760754adffc5ad83f3de8dd75d7996b94023808ad90fa78d03d72bda365f53c7fe594171c550"}, 0x6e)

15:40:19 executing program 7:
syz_emit_vhci(0x0, 0x0)

15:40:19 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9}}}, 0x14)

15:40:19 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x0, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:40:19 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000000080), 0xffffffffffffffc0, 0x2001)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x739, 0xdb, 0x2, 0x99, 0x1b, "dfa23c511325e282"})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x5291, 0x0, 0x2, 0x15, 0x3f, 0xffe0}, 0x20)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)

15:40:19 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$CDROMVOLCTRL(r0, 0x530a, &(0x7f0000000000)={0x1, 0x40, 0x9, 0x20})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="01fd40cc452a80630000000000005e834bbc96e51bac000000000000"], 0x7)

15:40:19 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:40:19 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x51}, @l2cap_cid_signaling={{0x4d}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x12}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x56)

[  945.398120] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  945.621768] Bluetooth: hci5: unexpected event for opcode 0x0c5a
[  945.632230] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  949.630049] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  949.631482] Bluetooth: hci5: Injecting HCI hardware error event
[  949.632636] Bluetooth: hci5: hardware error 0x00
[  951.677119] Bluetooth: hci5: Opcode 0x c03 failed: -110
15:40:30 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:40:30 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x1}}}, 0xa)

15:40:30 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x0, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:30 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x2fb}, {0x3, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x3, 0x6, "ed5d0e", 0x6, 0xf8, "c65a58ebe46f7fcf7f54a47823d813e2924d1d695c2172559c46ee96e27c5b3245cece77fd44a8a6204d4ae3fb5a740e4aecb477a42509ec197b332f2a6a2c8c10cb89ae13bdb92c12307b1d5891cd3a9d278113cbeb5256587204be98de796670b79c68030bed17c07477b5efd4c6363b259756746cfd8a5a38fb5ff73e14037a6cfec71f6c3682995cf100a9381330b0a24cd35b013f4f35137d2d06d67113fa9f9244bcce0c66457c2b6a656fbe72f3fc06c61a2ac06f11e9cc8fad286e3450a9a5c59afc4a57b89439d338c8674d80cb781a8ee7846f62464120fc94d0167194557cb1379489877d8eaad890ecc1"}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x5}, 0x40, 0xff, "37b5df", 0x101, 0x7, "69ffa143902df79a884dc95b3b1d6294420d99a524d629fd1862aa9ed51634b0912a1fa76351f28db8051598b71594f009be486fe178a9e1bddbe073033506050d56c79c607abced91bd201b0bc8779ea23b5f6dee989a45b57a8cca353a7f204201875ae96f753d69a16f474e1b62c170778576483959b5a646125c58fa111c5a12ad8892900ebf914e4eebde3571e89534bc288f0e5fe443964a5784f92b9b57e6cd2909f240d5e204db42c74aa87b26e15b14b4fab0dec508d89a18f07409a73bfb175d43db4853116e1a73689a4d74626d1809f4c05832e6a0f7c0a146d11c285a958c2c7b527d47fe309c0882f5"}, {@none, 0x0, 0x80, "cd896c", 0x5, 0x0, "bb757579a145b37aab96687b5d0ba173bb3de15b3db7830b16c92dffd7a519d0340c047273a8a7e632c29e3aabf2c81bf597b0a7d302cda24a5f43828aab7e302edb7ef3c8da57eedf9371a70e663585b7ba9f346668bcb3bf35705588c9043e5bfc69345c2ab50dc67933679796f09be2b2035904e363ba03cc886a2a8c39b2a37ac22fb890d35c39a14136a775a72d13358effc5fc4d46a1376f456ea25147bb94604518d72c5671d8cc2183a3db1d1f6f182e66aea6e5740e1cb14c660a51730e470ee6271baf13ad6aa97b177a7b38df2b0394529defb4ac5d061d713c82971807802882199872bea0aef24e8445"}]}}}, 0x2fe)

15:40:30 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, 0x0})

15:40:30 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x0, 0x6}}}}, 0x8)

15:40:30 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x51}, @l2cap_cid_signaling={{0x4d}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x12}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x56)

15:40:30 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x0, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

[  956.895473] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:40:31 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x0, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:31 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x0, 0x0, 0x7c, 0x0, 0x3, 0x9}}}, 0x14)

15:40:31 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x0, 0x6}}}}, 0x8)

15:40:42 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x0, 0x6}}}}, 0x8)

15:40:42 executing program 4:
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='('], 0x7)

15:40:42 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, 0x0, 0x8, 0x0)

15:40:42 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x7, 0x4}, {0xff}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:40:42 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x51}, @l2cap_cid_signaling={{0x4d}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x12}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x56)

15:40:42 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, 0x0})

15:40:42 executing program 5:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semget$private(0x0, 0x3, 0x234)
r0 = semget$private(0x0, 0x3, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)=[0x2])
semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000040)=""/76)

15:40:42 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x0, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[  956.907047] Bluetooth: hci3: unexpected event 0x2f length: 763 > 260
[  968.647548] loop3: detected capacity change from 0 to 240
[  968.662494] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:40:42 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9}}}}, 0x8)

15:40:42 executing program 4:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$KDDISABIO(r0, 0x4b37)
pipe(&(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f00000000c0))

15:40:42 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x3)
ioctl$TCGETA(r0, 0x5405, &(0x7f0000000000))
socket$packet(0x11, 0x3, 0x300)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRESHEX=r1, @ANYRES16=r0, @ANYBLOB="786e4de7b4777ea8caaf8677469b28e3369b6bfb38d563f0d5c734e8a5fd475bc3c50b5adf776709a1ed08fb70fc1a6fe5a561c6f5"], 0xfffffffffffffdc8)
close(r0)

15:40:42 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, 0x0})

15:40:42 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x0, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:42 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x53}, @l2cap_cid_signaling={{0x4f}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x14}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x58)

15:40:42 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x2fb}, {0x3, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x3, 0x6, "ed5d0e", 0x6, 0xf8, "c65a58ebe46f7fcf7f54a47823d813e2924d1d695c2172559c46ee96e27c5b3245cece77fd44a8a6204d4ae3fb5a740e4aecb477a42509ec197b332f2a6a2c8c10cb89ae13bdb92c12307b1d5891cd3a9d278113cbeb5256587204be98de796670b79c68030bed17c07477b5efd4c6363b259756746cfd8a5a38fb5ff73e14037a6cfec71f6c3682995cf100a9381330b0a24cd35b013f4f35137d2d06d67113fa9f9244bcce0c66457c2b6a656fbe72f3fc06c61a2ac06f11e9cc8fad286e3450a9a5c59afc4a57b89439d338c8674d80cb781a8ee7846f62464120fc94d0167194557cb1379489877d8eaad890ecc1"}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x5}, 0x40, 0xff, "37b5df", 0x101, 0x7, "69ffa143902df79a884dc95b3b1d6294420d99a524d629fd1862aa9ed51634b0912a1fa76351f28db8051598b71594f009be486fe178a9e1bddbe073033506050d56c79c607abced91bd201b0bc8779ea23b5f6dee989a45b57a8cca353a7f204201875ae96f753d69a16f474e1b62c170778576483959b5a646125c58fa111c5a12ad8892900ebf914e4eebde3571e89534bc288f0e5fe443964a5784f92b9b57e6cd2909f240d5e204db42c74aa87b26e15b14b4fab0dec508d89a18f07409a73bfb175d43db4853116e1a73689a4d74626d1809f4c05832e6a0f7c0a146d11c285a958c2c7b527d47fe309c0882f5"}, {@none, 0x0, 0x80, "cd896c", 0x5, 0x0, "bb757579a145b37aab96687b5d0ba173bb3de15b3db7830b16c92dffd7a519d0340c047273a8a7e632c29e3aabf2c81bf597b0a7d302cda24a5f43828aab7e302edb7ef3c8da57eedf9371a70e663585b7ba9f346668bcb3bf35705588c9043e5bfc69345c2ab50dc67933679796f09be2b2035904e363ba03cc886a2a8c39b2a37ac22fb890d35c39a14136a775a72d13358effc5fc4d46a1376f456ea25147bb94604518d72c5671d8cc2183a3db1d1f6f182e66aea6e5740e1cb14c660a51730e470ee6271baf13ad6aa97b177a7b38df2b0394529defb4ac5d061d713c82971807802882199872bea0aef24e8445"}]}}}, 0x2fe)

15:40:42 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9}}}}, 0x8)

[  968.922011] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:40:54 executing program 5:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semget$private(0x0, 0x3, 0x234)
r0 = semget$private(0x0, 0x3, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)=[0x2])
semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000040)=""/76)

15:40:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x44, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x9, 0x10}}}}, [@NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x1}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x19}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x11, 0x13, [{0x9}, {0x24, 0x1}, {0x48}, {0x1}, {0x6c, 0x1}, {0x30, 0x1}, {0x30}, {0x30}, {0x24}, {0x3b, 0x1}, {0x6c}, {0x6, 0x1}, {0x16, 0x1}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x80)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)

15:40:54 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x53}, @l2cap_cid_signaling={{0x4f}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x14}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x58)

15:40:54 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x0, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:54 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x2fb}, {0x3, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x3, 0x6, "ed5d0e", 0x6, 0xf8, "c65a58ebe46f7fcf7f54a47823d813e2924d1d695c2172559c46ee96e27c5b3245cece77fd44a8a6204d4ae3fb5a740e4aecb477a42509ec197b332f2a6a2c8c10cb89ae13bdb92c12307b1d5891cd3a9d278113cbeb5256587204be98de796670b79c68030bed17c07477b5efd4c6363b259756746cfd8a5a38fb5ff73e14037a6cfec71f6c3682995cf100a9381330b0a24cd35b013f4f35137d2d06d67113fa9f9244bcce0c66457c2b6a656fbe72f3fc06c61a2ac06f11e9cc8fad286e3450a9a5c59afc4a57b89439d338c8674d80cb781a8ee7846f62464120fc94d0167194557cb1379489877d8eaad890ecc1"}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x5}, 0x40, 0xff, "37b5df", 0x101, 0x7, "69ffa143902df79a884dc95b3b1d6294420d99a524d629fd1862aa9ed51634b0912a1fa76351f28db8051598b71594f009be486fe178a9e1bddbe073033506050d56c79c607abced91bd201b0bc8779ea23b5f6dee989a45b57a8cca353a7f204201875ae96f753d69a16f474e1b62c170778576483959b5a646125c58fa111c5a12ad8892900ebf914e4eebde3571e89534bc288f0e5fe443964a5784f92b9b57e6cd2909f240d5e204db42c74aa87b26e15b14b4fab0dec508d89a18f07409a73bfb175d43db4853116e1a73689a4d74626d1809f4c05832e6a0f7c0a146d11c285a958c2c7b527d47fe309c0882f5"}, {@none, 0x0, 0x80, "cd896c", 0x5, 0x0, "bb757579a145b37aab96687b5d0ba173bb3de15b3db7830b16c92dffd7a519d0340c047273a8a7e632c29e3aabf2c81bf597b0a7d302cda24a5f43828aab7e302edb7ef3c8da57eedf9371a70e663585b7ba9f346668bcb3bf35705588c9043e5bfc69345c2ab50dc67933679796f09be2b2035904e363ba03cc886a2a8c39b2a37ac22fb890d35c39a14136a775a72d13358effc5fc4d46a1376f456ea25147bb94604518d72c5671d8cc2183a3db1d1f6f182e66aea6e5740e1cb14c660a51730e470ee6271baf13ad6aa97b177a7b38df2b0394529defb4ac5d061d713c82971807802882199872bea0aef24e8445"}]}}}, 0x2fe)

15:40:54 executing program 4:
io_setup(0x4, &(0x7f0000000040)=<r0=>0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000140)={0x33, 0x1, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x81}, @generic={0x9f}]}, 0x18)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
r4 = syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x4, 0x3, &(0x7f0000001500)=[{&(0x7f00000003c0)="16cfb561ea2fa7ce865964a85d51da8c258f3b9a5abbf79ff3cab6a841974bac41d840eca9b78a4a2fe86df702d4ac236f67858d3504eb07242bb4fd2977543968b57a3d55ed0356548f2c7fde1fba93e0a340d3e731d64b7b8cedf394f6682f87d14c7739bef15a1c0d894904da779857c68c2a5ad8cf284d818f45576b5175bed0fa430b0b91f9755bdb4164a9fa3265cd46608a1322d99721870f8f7e53c423a38b7d02c672ca9c1a81b0ed5b35e130f977bb539566105ccfec99ec19f78424505df0cbc57361f7af3fb65f6e10044e3034a450bc007a2715c328fc795485866452e24f3b14c988fbc6b9d792d23fee9e4c75c15d8d0f742ee731f85bde00ffadf47fc907ffacaac185662905d59816ecd038dbbf56bc64dfc32564ea9950ba76b3c1f9596f1851642347b5b6a4faf158c2c25aa81da6f8a24762e468c3066f6278319935faf8b3c875b978f252cdcdf5fdc5d5f97287ff289ff979389363a0f9ded79a01218773be6c2d412c2261fa61ee6a8a8ac5c6f7050794821d47b092fef72db199dfe02c1bdcdbdc2a0ec8421a4226258da9be16ab245b87325be1477e2f99e826e4e930cd4378ca84e4c308dc8c2c3464b54e751975320e56aa70e8f56df355610440823c3528e7a5b4bd18499580d2c5460d5632d58b0bfcfd7d6ff33f88f9ba63bc0bbc63f2f335de618297f680f5d2708f97c57228282e23dc33c394f277d2585e051b97d7192688524691e6bcccd30231147c22fef91eca8ac2128bf0b3f2b43bf7bfaeb8bee73de034ed0c0b8a47e2c52e95d133ffa3b2179eb15f0d5f085454ccdcf28ec26c8dbccaaf319db382c2e7c2bea3b8614f35689c8356e8f57cc8f9e064d0fc4b53c5b8f3db93399291a115522a66aec58cd9633a3a4d972115d5f5af64fd0a682f41b617188b2c319ca1030be01905533163767ebd57981429e3fd4e422b037b42c63c85885217cbbe7160761dc0d86f32b36c945453c6eb25bfd25bfe62790d86ef02377420c8cc248951c211828c94391a728d138da08b63bebb6831743934052e634ab553ca9c1b93fadd92ccf37046f901040d15f947689d0daa197660845e1053d6aa7fe787dee2b52ef2b484f011abada3a382b2813f34fae05432826d0a2218baf6b7dcacb36cdc51bbe8aa31126cc34587cf5c469e116bc1f54ea8c6d1e2a1b6ea27206bec17c982b40eeaeaa06d8c69be2ffaa5b22e6da84724cdbe36e84c546dbb32a74b392cd8a48935e6e4a3802fa69d8d9202a9f27a75721b656987cbbcfcfda73f3fbbce97f6c7e1722c35b119904925622c9454cb809992f8a5fe316c7c822d9186b0e325ed3ba43c0ea56635635fec19ec46e51ee34b01049194adcd82bfde50b0ebb7d86393e596543681012ea2d162ab05b66d9eed5eb7a3015d8ccf39b32e3422d4678d8cfc6b90e776e17a4f3bf08105c3c7210b9677550901de9139495dfdb612261f4c84b62fcff849449ed5488b1f64f2631b9c29a4cec4f738245577c84d8a2cb5df3d7e6a87920bfa7fb097106f7798b4aedbe01074ee5b3c07c42fb72da931341e77d6e9ae15654adc9ff2c44b1de41a8b271172f3b41e507bfbcea8e343e9ca461eeb88c0aa5ee05d6e245c8630eb875c481c23c4d86d3cb227d475c7d8884ba971be1781257d1b0a5cb0949488aa8985894effe8ff604a2dfca7251357126e39fbe22e0d9ab4c36477aa59809147f6e986f702c79842c99cf27eba0298108591108edef5cee81a19e0f325a59b1cd56dfb14d80b4e998c5bd46e03af109687a4408f1a1a801ae4684ddd123270169291073e31cc6cfe34911afa62e17be188f97ac92ac19d563257246e1dcf12118998590ba531066d690d6bfad2dde17674f0afd544175bd784d9afb93584b5bba0ef1443adcdd2475fc41ccc2a0a4d0a64a71f22d91279fc70354f2dccc4d7c2a794a2d5e73d84c0e431647dd5797910999f7b38bd1f9658a002fd3b03a2c4971c4cb3280ea07ba016bc09229038d7ebd4328e5b89e7095f3c98f9c5e6e189cdd6f46f43a1b93710a43b7549c75d173cb8746f29bc8c52be8f45d2afd592bb9e373bf732ca7a61076ff60bc2e3865935d12bd06a9b82f73fdf572ff428ac7d0e82a0f67a15aab1cae5c15920aff33d91e3b7df27498924dee2b1be0003577a9030199de58e4c86fc9c12f9d48ef5575d5236ce16e49802cf5d21aa074148005e2c8afe0c5dd88e201510a7d55ad4a875a46f2fae412632350f3b6f16ff884b8063d3a752d7a1a32b113807e4db0aeb43489c5ba42a23af4d979ab59dd1eed26e15fb1f742cdbf00a36b9934ce3dfebf60e2c4ad1a4df86c95fba7af09d396cdd2b35c920068116cf7cf579c5888dcf7a7759cb1eb0a0ac7520c653199208d18c99b0129ecf7742466701c7b0f38f12bdeb4ecb59f1b61e81ec432e3994e54232c8e086e11d70aaa2398b137a93187c86e556267ff374d94164de1b68491472e1921a48f42f73ef33f2062ca5bc0034c8b7f35f0efb3b27ccd54271edb4379ec6176d05df1049ea6f0cde58e3135a6ae9ca2cfccbf228004a6014bc53551f3d4d47d82ed0dd7cdacc6c4f9f6509d95885f03c19dc012bc0a93af604cd7bf5f07ee3a08307b98fc0bf91e3a973c60f1ed225a363c26c57bc88935f1519164b217dd44fdb8c719621e3dfb195177e4dd05a6790c44a36ca3122615b28b01cf6f1758e6837ef03ab4df0d6cab44ccd7eafe1cedb0a0d3762599ba82caeaf493e4970698b9d78ec83e80b3a3c927e24df123633b8d2ecb14974b37bb62e9474cb51ba518d24b296767703b351c103b30ef5dbd143194301b3c84aa436c6171d57b098d3997e34206f14effe6e01aca0200046142076d1db39d32ccbebcc128645cd0bbd273600c8324bcb084b8b394bcb74573b8697c16b620779b4de8e2e76cff9a224c15fc645543070406cd7a0d9ae550f791843ca53d4bcb9239c44c71186e7da26e7b72e86b2f6a66b9316b4c1b887d435c3c8cd91dd6da27150e4adca40a04fecc289f10ef354589a8d34a40f6ea973b4a366bf2473667e058ab8d65f7fabfce5659c2223c5ea473309308385c46c95e4be16781636e15c2b45e1b3d419ff13b4752de2afdb8e6ad3af1189b93581920cc530c79b9cd07fa6efd9646df64d2831532dfec7a153aa6c0e0312735fc160e69b5fc8921c3fd6bd2d415e3d1fec21109a641fc5178345401efc4fa4ecd228f19eb82fd5cce535b6518893b472ac99f626bf46491e7f3a2e939bc0a19803b85a888028b7e7b4380e3685201f8dfd3c38c168b43215044005c8592146f255def84b41523a1e96954e5cd420b44b90e82ac10c733e4308aec04f4101c8464f9fce85f6b26aad7ecce8dc81cbec607f9f413aa2d8167b4d7981ca33f70735296a7ce88e7b190e3eb46c57e089c34dbcf04ce374433cff3fd3cea4efc2b0b8049c39fe429d4de36f243d38d7ab7975424f3568c5cf08d7f67340d5b8a7c3f3eb24b617389a396c6421cae9c927d5dab356e1e851a25ebc80b0303c0758b13d51b5b8f69d64c8f9c4b50595be1f0964d450c81e8b6274df0d15a0727a0eddec01bafc1ba89c821eb22b71efcd458dee5c3cb48e16a4b2bdd81f7148d0ad72c7a8e052c913708fbdd1faf15d270f8bf25254467e3b179e2eeb6789cf3a382f1569ce8051056968fa60a977cbdf7679f78a2878768062c24f0e94034f087541b492a408a093e8ac1170d3998d61c74795510dc70585bee5b67886177416cc9660b8ba26d8fc0e3b1ef501580ff8aac701d74e2cdbaed4d04a7e7f2043f7ba38195c350890adc718f8b8636f126c004998932a83f02dc84f448adab854ec986401497812fe3557ad767a67c3248283e76343d8e73f08468e8dc4feaffe8ed8967e4e67f947a77615c53b853ae91267d75d3a361a5418c02ab340f8bf351843e475fab90edf97a299563c385b82254e27dc00b52f2afd5877108986db8279877b0e806901e456b140833c7e0e4bad3ea3c0efd93480c7db12e3673e09f46f9a6f4d5339f0a547cd34dd05a895ca2d77581b367a69e471ca81eb40a1c7731b84634b1f7cc730a6552ea784c4e68ce2bce7ed4e88cbc8e7dc062b4c9e66354d03604a4eac96482d3da599ee87bd9c953659939df07c8f8c2e24405ffacab2313f9c1ce0cf9a6e2ee9f366dfcddbf564ac05c80187f71503eb0b20a779b2b1133447993761b07aa39776ce1073b6391fd8f8e3a08bb2b5d64cd2faf0fc31f71c8ab811cebfc175bb2255cc4231568f875125526e9a4b6d8be3755599092929acc21fdcfa73345cf266a499d77e3096e192b927c53021d4af9f798fc97d0e1429e8421301b6cd67c537c4db325370a5aa4e612e6562515387b56dc1336dbb16a45f7bf475a8d0d2e590d4d7986dd4c81479ff449d1c577c08bbac41f3a61b10d90a6459d532951181f3e93417b29194b9a873bf88d30bddd5591307c6f60db73955848fcea151de39769ad8263dfb8e44d9f6b29f942ad15fcc6b90017856f7d5c44bc2621d4181f8f42985e9d6c6aa29aa37274558461ad0f03801fbe31ce36aa561986c0a288bfdaffc7bf4410714785aca99a6ff673638884def5527e8cd05b639b09dc663aec3126ac8fc490b2aa1e38b9060fb9a70498c6cd34c62754e49c06b8288772bf835a4dc2eb8091b962af55ab2077d64622542aa2f738fd31c2e4593039fd82e572b5c15f3f68da29097114c85ece8f6d6ae53c589dae151fe7d40cdb0965eaaf8ca9c7aa9466d57cd7d7bbcb52b8ffde892104315cf57a3ec0cf8eefafdacfbee1fa112e97a4f28405e01e7640f055c936af80372bbf2350a1b34b7f32889b8628e16dd5086d541baf5dd157469022219b94b5902162f326b29b42649ec8f3a719e94a971399742846e2edf813ccb02b24b7ae06926b14ae12f8cf656a30c88ec70ff97bcc6e16fffa05193b02037d20f6704db49195b765517d9a418453c479473de223c7613c47d035f49d6a11955f0dce852c9c3c7fb3d6a3e006b5ffa69c8593df24ca12758d9fa4f886d09808d2ee440c584a86bba2fcb718f9214b7f707f99b10baa32ac8f3f42728338e528d05a3fe5705ef2884be1b50221b45ad5eb2f8032007ba3070d950a3933b4be1cc36dc40f214b26f9703909c58b62960ecef4e37a91b94ffed847fc520b42a1f80aa8d9830db6688635129a114e81bdd6d21cb2ed435c62c97df597d631c5679dd3f17fcd710be41ebe51a70d28b1c39d508a98e22f26feaf746e428f8c465430c432d4bd59d1754a71c8fd388b4b4d2dd83a634aff71bb745038aa24b7e2aafea5e4684065eb3d399a95524e1625172160b8602dc018615e9bb2e0d8c44ad6f0ea761df6f24b5cd0a99414f22acf4e29b4ee5056d3ba08a7125e7a16546c3a61539b9923eee2fbe0bc27e5ce7f577310b8adee1bbb9c5af80338a950b36917bed3090478a66e28bf8cea92dd8c6faf20051170ec7544efb5325a2a6e18216e01da83e65d76c6a307eba9abc261bb376da01dab96eab1dce06c1f9eb4f5f348ec21131f8671dab671b1cca12c9bf8c5976ac07a38c27680819fb63752700d112b31b7590b7ae16182b1520262ef97b0072a7dc92a51d7e150f6961d626fd1a19226818eda3f24912d7033fd322f67061312be5403550ec3f95061d763798ba1066477caaa76ae950c2613841957408e211797423d48d34f48e8e876b994b65748bd057e004f331b880126f555778d4e8e1ad3c0a50a8bc", 0x1000, 0x10000}, {&(0x7f00000013c0)="95e7c9c56f94ecea6ca0b2ddf708534c938539504e04cf9fbdab14120c082d4a40738fb92ad5153c04970c2eae5073d910610eb3840179a608fb2df30479e050e2dd3969d78a1b4a39bd63a311407d80a977e531b17894c209790a22292f9c40a5be429f3d1617d7fdd133887d63162c95bcac42b30a47735a1044f3465711195e19ab5fa97c50edc7344c86916cae2fc5ac1e969872df87f17cb9b46279da48364ee7cfa6588d16189f05b98d505d0709719fc10837f1379756c95f884d15f10cbfc4151b9bd94f91bea8325f52752732317650df6d9681301bdf9b5eecede52228754b3492ce20daa8ff59f6b5853a7c355e7ad273", 0xf6, 0x19f1}, {&(0x7f00000014c0)="0ff812a868fd6414e14d50d58431567a3b1c78bc8b4b32eef642fe5c21b83daad90a3faf01d8694913d0f6", 0x2b, 0x2}], 0x1822084, &(0x7f0000001580)={[{@dioread_nolock}, {@discard}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@commit={'commit', 0x3d, 0xfffffffffffffff9}}], [{@euid_gt={'euid>', 0xffffffffffffffff}}, {@appraise_type}, {@smackfsdef={'smackfsdef', 0x3d, '{\''}}, {@hash}, {@euid_gt={'euid>', 0xee01}}, {@uid_lt={'uid<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x38}}, {@fowner_lt}, {@audit}, {@fsmagic={'fsmagic', 0x3d, 0x97}}]})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r5, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000280))
r6 = signalfd4(0xffffffffffffffff, &(0x7f0000001a80)={[0x800]}, 0x8, 0x800)
io_submit(r0, 0x5, &(0x7f0000001b00)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0xa96d, r1, &(0x7f0000000080)="af78e51df0889adb571e083e70e555a4b3687d9aab2c3516a3ae024dfa48a326becfb21c28185c06197d0aeb7bf79d97fb8644ee034e4744453d97ae9a39a58331872761d0d881e41873809d168ad3aa664899243e5d5b43455a6a12aa94255f5238cddc01", 0x65, 0x4, 0x0, 0x1, r3}, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x3, 0x3e, r4, &(0x7f00000016c0)="1369db2d09a74cccd70312f60203a25e428b38dfd016f0b4491107567ac32693d8128a5518c1de20183a6907dfb39f0c546169921f14a68b9e1463513d84a4f34bf434cf3230652842a7c22efff685c29751410e94d9ec608dfeba1b68b3a8dd893b7f265711cfa7a29522016c1c86b52c3e395e5e8a1eed0c104f2d6294a8936b315884e89095979ef7e5c3e3a6dc0d942638d8726404c9b61efcdecce3f666f7d07e", 0xa3, 0x6f}, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x6, 0xc180, 0xffffffffffffffff, &(0x7f00000017c0)="4a999be1fb46eba21b5a3cc9d36e40ca2f17b6158f32e9f0656bda8839233c9e3b6ff742969a912cf0a4defffccf42b160770dec6e8627f543bd35c36f96c6acd74dae620e6c5695738cb0456d919b24650b9b08b92fee74dcc57d1d112627fa1d9855afea312e04a449730ccd8d726c27977bc53be1602ad5613d5aa0df7e773e5005a4876f2123ae75cd6174f5c9c07c8ff50c76b518d81842562b395d541d0cf69ec1ab737c2aadd0266bc93be43a511363b7d75eb7c7c91447c53179280c2974c296c4604a26f12c6931719b04d00ff629741fc6134f3b722879ed3d1568d14ccfa2b9cc276fb227d024f924f845014b5940", 0xf4, 0x1, 0x0, 0x2}, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x6, 0x426, r5, &(0x7f0000001900)="90f1c8ab06f75c1b5e9c9a5b5270a54f42911034ff34195159eb9094578da893f0661079757cf27d57c9e01a8b9bd796a8437a27cb8f2724d216fa0a0e716d3d608eb309ec11d8094252c4dfea2f807fda31c36f9bb5073f5347a73a15d635c3e98c6fb1f5d6ce916aac8006b3e27a081f63dac044ff608f2231d6d504e8e7ab0cc25b7b48c4de6c3e52148490b18d5bcb3e24558dfc1a0f3dfb", 0x9a, 0x9, 0x0, 0x3}, &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x7, 0x7, 0xffffffffffffffff, &(0x7f0000001a00)="fc4fd415f657b335016f34b210ef9791979c8b594f4c78c396f28d8ada549ee689c8c90e6c8650f713bcbad9039cf9b9bd1fdff385d39c35438e00a379e414a50ecf70537186", 0x46, 0x1, 0x0, 0x1, r6}])
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:40:54 executing program 7:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9}}}}, 0x8)

15:40:54 executing program 6:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, 0x0, 0x8, 0x0)

[  980.771125] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  980.797739] loop6: detected capacity change from 0 to 240
15:40:54 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x53}, @l2cap_cid_signaling={{0x4f}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x14}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x58)

15:40:54 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x2fb}, {0x3, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x3, 0x6, "ed5d0e", 0x6, 0xf8, "c65a58ebe46f7fcf7f54a47823d813e2924d1d695c2172559c46ee96e27c5b3245cece77fd44a8a6204d4ae3fb5a740e4aecb477a42509ec197b332f2a6a2c8c10cb89ae13bdb92c12307b1d5891cd3a9d278113cbeb5256587204be98de796670b79c68030bed17c07477b5efd4c6363b259756746cfd8a5a38fb5ff73e14037a6cfec71f6c3682995cf100a9381330b0a24cd35b013f4f35137d2d06d67113fa9f9244bcce0c66457c2b6a656fbe72f3fc06c61a2ac06f11e9cc8fad286e3450a9a5c59afc4a57b89439d338c8674d80cb781a8ee7846f62464120fc94d0167194557cb1379489877d8eaad890ecc1"}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x5}, 0x40, 0xff, "37b5df", 0x101, 0x7, "69ffa143902df79a884dc95b3b1d6294420d99a524d629fd1862aa9ed51634b0912a1fa76351f28db8051598b71594f009be486fe178a9e1bddbe073033506050d56c79c607abced91bd201b0bc8779ea23b5f6dee989a45b57a8cca353a7f204201875ae96f753d69a16f474e1b62c170778576483959b5a646125c58fa111c5a12ad8892900ebf914e4eebde3571e89534bc288f0e5fe443964a5784f92b9b57e6cd2909f240d5e204db42c74aa87b26e15b14b4fab0dec508d89a18f07409a73bfb175d43db4853116e1a73689a4d74626d1809f4c05832e6a0f7c0a146d11c285a958c2c7b527d47fe309c0882f5"}, {@none, 0x0, 0x80, "cd896c", 0x5, 0x0, "bb757579a145b37aab96687b5d0ba173bb3de15b3db7830b16c92dffd7a519d0340c047273a8a7e632c29e3aabf2c81bf597b0a7d302cda24a5f43828aab7e302edb7ef3c8da57eedf9371a70e663585b7ba9f346668bcb3bf35705588c9043e5bfc69345c2ab50dc67933679796f09be2b2035904e363ba03cc886a2a8c39b2a37ac22fb890d35c39a14136a775a72d13358effc5fc4d46a1376f456ea25147bb94604518d72c5671d8cc2183a3db1d1f6f182e66aea6e5740e1cb14c660a51730e470ee6271baf13ad6aa97b177a7b38df2b0394529defb4ac5d061d713c82971807802882199872bea0aef24e8445"}]}}}, 0x2fe)

15:40:54 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:40:54 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x4}, {0x3, 0x8}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x1f)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:40:54 executing program 7:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="19000000f7032680b1e28aebf3e2b3d93911f23c56e3906a83109076d98826e34cec5f42bd23cb79bdb0deaec7b79e94e9fbe814d5115352e9b62e07b2cba983f6325b14b30aef525e978d62adf7b027565e56731ce4e2bdda6f739a17800256f432b0f8e4a2300b0d194aa9dbf8c2939bf7654d9c422fd4980beb27c5fa489cff96aac3f8b2e704fe24060dc390da597935d31670fa6478a281bf691211ab574e3459df8b47e188776be39df59854f345a4db7b400bb0da3b13b53a1dab5671a131e8c09715cf2bd1e879b64628c9b46b39ae28e887214348746e440c17f90351c02a7e80d4e8"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_PAGE_SCAN_TYPE={{0xf}, 0x1}}}, 0x7)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_conn_req={{0x17, 0xff, 0x12}, {0xa8, 0x3ff, 0x4, 0x5, [0xff64, 0xfff7, 0x200, 0x4, 0x8]}}}}, 0x1f)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x1, 0x0, 0x66}, @l2cap_cid_signaling={{0x62}, [@l2cap_disconn_req={{0x6, 0x6, 0x4}, {0x4, 0x3}}, @l2cap_conn_req={{0x2, 0x90, 0x4}, {0x1, 0x1}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x6, 0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x8, 0x2}, {0x2}}, @l2cap_move_chan_req={{0xe, 0x5, 0x3}, {0x7, 0xfb}}, @l2cap_disconn_req={{0x6, 0xf9, 0x4}, {0x6, 0x1000}}, @l2cap_info_rsp={{0xb, 0x1, 0x31}, {0x4, 0x40, "e0faa472eee220eced7c2a0cf06817f6be36d05667abc31630d2e940dca08a6e5612a561c1c6fe5db99b485a11"}}]}}, 0x6b)

15:40:54 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0x1}, {0x4, 0xb0d1, 0x0, 0x7, 0x6}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[  980.853017] loop4: detected capacity change from 0 to 256
[  980.923860] loop4: detected capacity change from 0 to 256
[  980.941243] Bluetooth: hci1: ISO packet too small
15:40:55 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0x1}, {0x4, 0xb0d1, 0x0, 0x7, 0x6}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[  980.971762] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  981.107018] Bluetooth: hci1: ISO packet too small
15:41:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x4}, {0x3, 0x8}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x1f)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:10 executing program 7:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="19000000f7032680b1e28aebf3e2b3d93911f23c56e3906a83109076d98826e34cec5f42bd23cb79bdb0deaec7b79e94e9fbe814d5115352e9b62e07b2cba983f6325b14b30aef525e978d62adf7b027565e56731ce4e2bdda6f739a17800256f432b0f8e4a2300b0d194aa9dbf8c2939bf7654d9c422fd4980beb27c5fa489cff96aac3f8b2e704fe24060dc390da597935d31670fa6478a281bf691211ab574e3459df8b47e188776be39df59854f345a4db7b400bb0da3b13b53a1dab5671a131e8c09715cf2bd1e879b64628c9b46b39ae28e887214348746e440c17f90351c02a7e80d4e8"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_PAGE_SCAN_TYPE={{0xf}, 0x1}}}, 0x7)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_conn_req={{0x17, 0xff, 0x12}, {0xa8, 0x3ff, 0x4, 0x5, [0xff64, 0xfff7, 0x200, 0x4, 0x8]}}}}, 0x1f)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x1, 0x0, 0x66}, @l2cap_cid_signaling={{0x62}, [@l2cap_disconn_req={{0x6, 0x6, 0x4}, {0x4, 0x3}}, @l2cap_conn_req={{0x2, 0x90, 0x4}, {0x1, 0x1}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x6, 0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x8, 0x2}, {0x2}}, @l2cap_move_chan_req={{0xe, 0x5, 0x3}, {0x7, 0xfb}}, @l2cap_disconn_req={{0x6, 0xf9, 0x4}, {0x6, 0x1000}}, @l2cap_info_rsp={{0xb, 0x1, 0x31}, {0x4, 0x40, "e0faa472eee220eced7c2a0cf06817f6be36d05667abc31630d2e940dca08a6e5612a561c1c6fe5db99b485a11"}}]}}, 0x6b)

15:41:10 executing program 5:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semget$private(0x0, 0x3, 0x234)
r0 = semget$private(0x0, 0x3, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)=[0x2])
semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000040)=""/76)

15:41:10 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0x1}, {0x4, 0xb0d1, 0x0, 0x7, 0x6}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:41:10 executing program 2:
write$binfmt_aout(0xffffffffffffffff, &(0x7f00000001c0)={{0x10b, 0xc7, 0x81, 0x38, 0x2db, 0x1, 0x18c, 0xfcc}, "c88b533c6191a99a265517deff5a8f9daa8428af4d1601c484f66f2d043fb17a44a3c1d64f2231d02099b2e1d669", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x94e)
syz_emit_vhci(&(0x7f0000000c00)=ANY=[@ANYBLOB="05040aaa049ee1eeb5166aaaaaaaaa1037d7c100e3670c9de2bdd1b896d969e4a9d6a993d7939750ff33826d0e90a97640b16a46a55103877711510a79c472b559a5d25fbfc58c760bfc256ecc44c0c8d88149f9a60a972f5382f83820caa69a6dd8901c8210bc0c0e7f7fd95682d8200403cd43b6c5beb59b35bd433f163e76fd4d900500a24799873bb2e0215bfdd23b7c85c5a4057c427a38ede0a966b58ffbd468f199b205e0af94b5d97064d6f6f418da797c74a438bda9a90e7551c3053841ad79"], 0xd)
syz_emit_vhci(&(0x7f0000000b40)=ANY=[@ANYBLOB="04360708aaaaaaaaaa127b8f406e7e49d30852af740a8ade7c613e7cfc40403249924ac272c5fd39811ab3edf169c300c0ac04a9d0c3b5115c0ef55eed0214648c53c8a6444e320898b0e367b6f46704ede7b51c535509cac49ba5d0792157f7190a9a958d4ea8c4b32dfcf20293bad41622efcb497b5799a271bdc1a8f65a22c12cb8a1e74d3014de34f4481f35c8b4e23169dc260bca2f80157ea500e5"], 0xa)
syz_emit_vhci(&(0x7f0000000180)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000d00)=ANY=[@ANYBLOB="02c850000306004b05000000000000"], 0xf)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x4}}}, 0xa)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x4e}, "9ae61575c033c950b3325f30ad5172f3be1a4649a8c43c0f31a5a31d37a1b8557ab9b504a84941e0ee67b1309fa020e4980ae51a8f728fd43156e067300390fda090c9116473d4a45cb205ed8b3f"}, 0x52)

15:41:10 executing program 4:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="1f088ce6f1f8c9098737178c6bb2733114e040fa42e3baf96e2fe43791206be27411beaff3b31462e3512cf677d888916067a483a7237c0b51347694a09212066c6f6a35000b87aaee4ad1e2c42d497c6de07c84fb558d448c7b2024728e7d4dda05b8aebc8b41b4ee7fa703f24789bc43d526c5061158f1a02c3974e5e43397738588923ce9d17a1d99a0f2d2b7649e4de71c2827"], 0x7)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x6, 0xc9, 0x4, 0x100, 0x3ff, 0xd0}}}, 0xe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_move_chan_req={{0xe, 0x7, 0x3}, {0x8000}}, @l2cap_create_chan_req={{0xc, 0xc1, 0x5}, {0x1c2, 0x1, 0x81}}]}}, 0x19)

15:41:10 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x54}, @l2cap_cid_signaling={{0x50}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x15}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x59)

15:41:10 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000400)="23001e000000efc49ebcd6603bbfb1086b1cd933f7638400b802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mknodat$loop(r0, &(0x7f00000029c0)='./file0\x00', 0x8, 0x0)

[  996.015715] Bluetooth: hci1: ISO packet too small
[  996.016631] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  996.030466] loop3: detected capacity change from 0 to 240
15:41:10 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x54}, @l2cap_cid_signaling={{0x50}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x15}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x59)

15:41:10 executing program 7:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="19000000f7032680b1e28aebf3e2b3d93911f23c56e3906a83109076d98826e34cec5f42bd23cb79bdb0deaec7b79e94e9fbe814d5115352e9b62e07b2cba983f6325b14b30aef525e978d62adf7b027565e56731ce4e2bdda6f739a17800256f432b0f8e4a2300b0d194aa9dbf8c2939bf7654d9c422fd4980beb27c5fa489cff96aac3f8b2e704fe24060dc390da597935d31670fa6478a281bf691211ab574e3459df8b47e188776be39df59854f345a4db7b400bb0da3b13b53a1dab5671a131e8c09715cf2bd1e879b64628c9b46b39ae28e887214348746e440c17f90351c02a7e80d4e8"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_PAGE_SCAN_TYPE={{0xf}, 0x1}}}, 0x7)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_conn_req={{0x17, 0xff, 0x12}, {0xa8, 0x3ff, 0x4, 0x5, [0xff64, 0xfff7, 0x200, 0x4, 0x8]}}}}, 0x1f)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x1, 0x0, 0x66}, @l2cap_cid_signaling={{0x62}, [@l2cap_disconn_req={{0x6, 0x6, 0x4}, {0x4, 0x3}}, @l2cap_conn_req={{0x2, 0x90, 0x4}, {0x1, 0x1}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x6, 0x7}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x8, 0x2}, {0x2}}, @l2cap_move_chan_req={{0xe, 0x5, 0x3}, {0x7, 0xfb}}, @l2cap_disconn_req={{0x6, 0xf9, 0x4}, {0x6, 0x1000}}, @l2cap_info_rsp={{0xb, 0x1, 0x31}, {0x4, 0x40, "e0faa472eee220eced7c2a0cf06817f6be36d05667abc31630d2e940dca08a6e5612a561c1c6fe5db99b485a11"}}]}}, 0x6b)

15:41:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x4}, {0x3, 0x8}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x1f)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:10 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0x1}, {0x4, 0xb0d1, 0x0, 0x7, 0x6}}}}, 0x17)

15:41:10 executing program 4:
r0 = syz_open_dev$vcsu(&(0x7f0000000200), 0x800, 0x210000)
r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x9, 0x580)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@private1, @in=@initdev}}, {{@in6=@loopback}}}, &(0x7f0000000380)=0xe8)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0x0, r2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000001c0), 0x2e8034, &(0x7f00000004c0)=ANY=[@ANYBLOB="740400000000000000656b22e49089", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',obj_user=,dont_appraise,fsmagic=0x00000000000000f3,subj_type=smackfstransmute,uid<', @ANYRESDEC=r2, @ANYBLOB=',subj_role=,\x00'])
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x0, 0xc8, 0x0, 0xffff, 0x5, 0x8040}}}, 0xe)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x36}, "5f8f5cd14280fb51b7e37535ac04128a3c25e23654530aece061f224629d8889e9edbbd20ce3a8d9ebcd43e135ecfaa6bbbd8c981a5b"}, 0x3a)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x93}, "dc21600bcf9cf2576f5185c53f3669e047a1c0835be4b0766250240c593a89f4368101739af77f07020338b480a255fb682ab3c2202096ec265aa81039d8a1fe31e6da1f4ebee418057d7ada30e15bdaf0a96b14eb9b337186f2775a39ce0639b3433e43ec415388b79a5fa508fc44ef6174fe5a03e147037bf313508db374dc260b6732062e11ca6a38ff4e5eb1ccb89c5564"}, 0x97)

[  996.078548] isofs_fill_super: bread failed, dev=loop3, iso_blknum=60, block=120
15:41:10 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04030b330600ffffddffffff00b5"], 0xe)

15:41:10 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fddbdf254500000008000300", @ANYRES32=0x0, @ANYBLOB="e27d62f68fc0164da58edd1ae70e4245906626ed99c4359ff27547f9a1e8e5132b25b64b8ba45c4e7b3411acea9b020438865bab22a6c7a0a5746b7aaea5db04c408dbbe218d51b61937e62c9bdb77ee4c0fceba7a528e89fc448218a5e63a0b1932a31ba8558dc995558059fe6ace4e786a5e8d"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x60000000)
openat(r0, &(0x7f0000000140)='./file1\x00', 0x636582, 0x18)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

[  996.134110] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:41:10 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x54}, @l2cap_cid_signaling={{0x50}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x2, 0x2}, {0x81}}, @l2cap_info_rsp={{0xb, 0x0, 0x15}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x59)

[  996.201165] Bluetooth: hci1: ISO packet too small
[  996.239007] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:41:10 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4f}, @l2cap_cid_signaling={{0x4b}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_info_rsp={{0xb, 0x0, 0x16}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x54)

[  996.291564] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:41:10 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

[  996.389624] Bluetooth: hci1: ISO packet too small
15:41:21 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)

15:41:21 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x7)

15:41:21 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 1)

15:41:21 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04030b330600ffffddffffff00b5"], 0xe)

15:41:21 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4f}, @l2cap_cid_signaling={{0x4b}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_info_rsp={{0xb, 0x0, 0x16}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x54)

15:41:21 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x23}, @l2cap_cid_signaling={{0x1f}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0xd}, {0x3, 0x8, "11d62639dc359e9956"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x28)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:21 executing program 5:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semget$private(0x0, 0x3, 0x234)
r0 = semget$private(0x0, 0x3, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)=[0x2])

15:41:21 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x1e}, @l2cap_cid_le_signaling={{0x1a}, @l2cap_ecred_conn_req={{0x17, 0x81, 0x16}, {0x2, 0x800, 0xfffb, 0x9, [0x77, 0x4, 0x8001, 0x800, 0x44a, 0xb80b, 0x2001]}}}}, 0x23)

[ 1007.232295] Bluetooth: hci1: ISO packet too small
[ 1007.242265] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1007.244545] FAULT_INJECTION: forcing a failure.
[ 1007.244545] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1007.246229] CPU: 1 PID: 7008 Comm: syz-executor.7 Not tainted 6.4.0-next-20230630 #1
[ 1007.247142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1007.248175] Call Trace:
[ 1007.248473]  <TASK>
[ 1007.248748]  dump_stack_lvl+0xc1/0xf0
[ 1007.249284]  should_fail_ex+0x4b4/0x5b0
[ 1007.249894]  _copy_from_user+0x30/0xf0
[ 1007.250362]  vt_ioctl+0x8cb/0x2ca0
[ 1007.250805]  ? __pfx_vt_ioctl+0x10/0x10
[ 1007.251270]  ? __lock_acquire+0xc3f/0x6340
[ 1007.251776]  ? ksys_write+0x122/0x250
[ 1007.252281]  ? find_held_lock+0x2c/0x110
[ 1007.252841]  ? __pfx___lock_acquire+0x10/0x10
[ 1007.253476]  ? ksys_write+0x20f/0x250
[ 1007.254014]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1007.254686]  ? __pfx_vt_ioctl+0x10/0x10
[ 1007.255160]  tty_ioctl+0x7a9/0x1760
[ 1007.255734]  ? __pfx_tty_ioctl+0x10/0x10
[ 1007.256228]  ? expand_files+0x5fb/0x8e0
[ 1007.256703]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1007.257596]  ? __pfx_lock_release+0x10/0x10
[ 1007.258191]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1007.258857]  ? selinux_file_ioctl+0xba/0x270
[ 1007.259507]  ? __pfx_tty_ioctl+0x10/0x10
[ 1007.260001]  __x64_sys_ioctl+0x1a4/0x210
[ 1007.260498]  do_syscall_64+0x3f/0x90
[ 1007.261074]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1007.261788] RIP: 0033:0x7f6db1800b19
[ 1007.262224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1007.264211] RSP: 002b:00007f6daed76188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1007.265067] RAX: ffffffffffffffda RBX: 00007f6db1913f60 RCX: 00007f6db1800b19
[ 1007.265883] RDX: 0000000020000080 RSI: 0000000000004b72 RDI: 0000000000000003
[ 1007.266701] RBP: 00007f6daed761d0 R08: 0000000000000000 R09: 0000000000000000
[ 1007.267511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1007.268312] R13: 00007fff2cb9322f R14: 00007f6daed76300 R15: 0000000000022000
[ 1007.269150]  </TASK>
15:41:21 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)

15:41:21 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e71a2fa9e09afa0c7baff0906"], 0x8)

15:41:21 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04030b330600ffffddffffff00b5"], 0xe)

15:41:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x3ff)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000080)={0x401, 0xffff, 0x8001})
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x7)

15:41:21 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4f}, @l2cap_cid_signaling={{0x4b}, [@l2cap_conn_rsp={{0x3, 0xeb, 0x8}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_info_rsp={{0xb, 0x0, 0x16}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x54)

15:41:21 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x23}, @l2cap_cid_signaling={{0x1f}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0xd}, {0x3, 0x8, "11d62639dc359e9956"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x28)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:21 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 2)

[ 1007.398428] Bluetooth: hci1: ISO packet too small
15:41:21 executing program 3:
ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000240)={0x3f, "9555cf713656dcace9fce900f3ec5d7debbfa397e3d84d8ef51653a91547f0fbca4357f378b703dd1635ce7decdc10bfdfeb034ba53ecb2c19203b3a608570ca3cb75321b93a8b0fa01d97da47782bc79ed6ba35bfc246cc25eadd2fa364d28345f735734b98a0273b6fd347cc3db2e160d3e877b0c154868dc22c7ac78d3f179820657722c3e20bbd396336a662b7d94851cf552060715945cc18c71e6044b5000a2e9801fc8d1f48efdfd68a154e9ff3c2c776556b28154c0122b19febc8d1201e77a755befbc21cd37f9be59d200402f84ef8d9c7f926e60b5aee7286918ebf5396fc4f48b2127a23218b640dada61f2b977579571cb27f5650dfe8c7c19955d055a34f410b11ed98e5d8c30e8bbf3bfa88f07740544d667e60802fbb93adad9a2a068641d013b29e24f81a919acf14a7ad0f27b3072e17ada2e1fbc3c0f0dcb60ba52bed16c027c5172ce444bb3975c1f904c7885f721d2921372835cc0a069dba985cee1ce6d6330acf7ac8d76471d9ca13b137b32b3f4ddaf7968697908341ab5d19b4c7d4fa340cfc4a57be178a1f5ff4185450f707c8740d7f7f5a17d881e051b2b22ead612f72d6cadd6303952395e03e6fed4741fbce6a001d3c8932be3fbecd721be45f10c43483c9ffb25ad1df215ede9682bdaa40d5c58b129eb166f022ddd141db51834dfd1612b224fdf6f4c5f9ca119dbe6e63132018fff4"})
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xdc, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xb00}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffffffe1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xdd3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK={0x80, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf198}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1ff}, @TIPC_NLA_CON_NODE={0x8}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x200}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3ff}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}]}]}, @TIPC_NLA_BEARER={0x4}]}, 0xdc}, 0x1, 0x0, 0x0, 0xc000}, 0x4000)
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000700)={&(0x7f0000000500)={0x1c8, r0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x62}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_BEARER={0x9c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @private=0xa010101}}, {0x14, 0x2, @in={0x2, 0x4e23, @local}}}}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'netdevsim0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x31}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffff3de}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x80}]}, @TIPC_NLA_LINK={0x64, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}]}]}, @TIPC_NLA_SOCK={0x40, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x95b7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7ff}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x8c0}, 0x4c8c0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0xf2, 0x0, @any, 0x2, 0x7, 0x81, 0x11e, 0x1}}}, 0x14)

15:41:21 executing program 4:
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x58}, "4d4f6c2043abe6be376adbab1294ca77b5acec27f899754f8ecfd4b553d1d50c6b1af9c5f88ca4de4e0179702f73be9a6a4fbab37d1fe183b7a66d80efaaa1ddf3399707e2bb9a7cabf6095598fc461473eb61f3f7fa35a5"}, 0x5c)

15:41:21 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08eea93086617cae8cd55768ec0e836947f538191bf571ca3011983838bf806d888d439d15b16658501ccf479f60a7c101f9e86c60c5d85312f549a29e64bde86d07dfa389b6d98805de112f17711946ee60585b527aea3a2022c089d0fefcd85ba1a3320248a0557e5c1171414462e4dbad2a10629a6e967716fc2c6b82dff0487546b082439eeeac53f4b5f787deced86a4ac9925c9af40b46e9"], 0x4)

15:41:21 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 3)

[ 1007.418788] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1007.517102] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1007.560060] Bluetooth: hci1: ISO packet too small
15:41:21 executing program 6:

[ 1007.609087] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:41:34 executing program 5:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semget$private(0x0, 0x3, 0x234)
r0 = semget$private(0x0, 0x3, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)

15:41:34 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 4)

15:41:34 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:41:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x23}, @l2cap_cid_signaling={{0x1f}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0xd}, {0x3, 0x8, "11d62639dc359e9956"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x28)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:34 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp={{}, {0x81}}, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:41:34 executing program 2:
r0 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000140)="11", 0x1, 0xfffffffffffffffc)
keyctl$unlink(0x9, r0, 0xfffffffffffffffc)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc1}, &(0x7f0000000180)={0x0, "44d12a8000d8dce52f5c0142cf908b94026fc8252055042cc09a25ab4b8cad001637fd7b8fb87d83c39b21cd64a59d6af3e9deff1a9223e2825fd3b7d4b9c88a", 0x35}, 0x48, 0xfffffffffffffff9)
r2 = add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f0000000300)={'fscrypt:', @desc4}, &(0x7f0000000340)={0x0, "f82a5ba671a3f4c740888b6561168345af4ffce898405c352a052c55114faebe0f64244ace8e5c4aedd9efd7b54e780efef2209c1afa3281b68a274f4c838062"}, 0x48, 0xffffffffffffffff)
keyctl$setperm(0x5, r2, 0x0)
r3 = add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f0000000300)={'fscrypt:', @desc4}, &(0x7f0000000340)={0x0, "f82a5ba671a3f4c740888b6561168345af4ffce898405c352a052c55114faebe0f64244ace8e5c4aedd9efd7b54e780efef2209c1afa3281b68a274f4c838062"}, 0x48, 0xffffffffffffffff)
keyctl$setperm(0x5, r3, 0x0)
add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000240)={'fscrypt:', @desc4}, &(0x7f00000003c0)={0x0, "9408bd16ab5cb1deafd16a8f1074152d9c791bdb47514c10ca21e3531004decae6ac88046c7bda6077f3502916834868d3db402a0cf65a51bbb0868104a17fc5", 0x37}, 0x48, r3)
keyctl$KEYCTL_MOVE(0x1e, r1, r2, 0xfffffffffffffffb, 0x0)

15:41:34 executing program 6:

15:41:34 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x13}, @l2cap_cid_signaling={{0x27}, [@l2cap_move_chan_req={{0xe, 0x6, 0x3}, {0x800, 0xbe}}, @l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x3, 0x1}}]}}, 0x18)

15:41:34 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYRESHEX=r0], 0x7)
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x3, 0xc8, 0xc9, 0xd8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="042ffd02aaaaaaaaaa110903ce34ee00009b9592c22353dfe7bac6d4cb4fd8d9feab54d61cb6827f00080dd9d824536ec10d2d368c20eb946261db02ed5102bddaa83e1a25e669e3707ce98e3f279d4c8608f0270a1f500a5b82777520d9932863908654f3f98433f4202e8a990a3d467254c4c1fdd914a3bb2759efa0472346555eec51b5efbaf43f66e6abaa513d29b0f8dcbdecd5448e843732119567b70001c507bcac95d4330196182ea6d6f2a60cf066882a998f4a7c75ab2e7d2f1ebd35b899ec1f5c86da92e2c52719ab56972fca6f4b800f5829b54ed00b8a845b5764c6d59c1637ad71b6f18ee6739e241756a34ac9c784add8fc976b2cb91f0554cf69aaaaaaaaaa105600741d09ff033f9db3c8f9f2e0ec21725be09c380ba9a1df8651528680625c5d6325640734d523f0584e8cea2d0f86512ee1b24184ad03dd2e8215ee09bc203da249e12f424ca3220884ea386f92fe8f4c2833ef4d82eaea9c698df2341cede810fb90b87e1bb34ba20c892b734f48b9c946eb21b9f3ca2a89ac8f630cc1d26c7dda415f14336e51bef1640398b63707485c0dd739e96f4aa2ff6bdf2ec7010d3d8a48171c809421bd93dceb6d129b5183944b855de4fa7f67fac2b77376550ab87934d4c8e29b834030487f5c604beca506812609c363f2deb91edd4f30eea7168627492b0a2ac6246fbf084c8893913a16fd72307769"], 0x200)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_channel_selected={{0x41, 0x1}, {0xc9}}}, 0x4)

15:41:34 executing program 6:

15:41:34 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{0x3, 0xeb}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:41:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x27}, @l2cap_cid_signaling={{0x23}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x11}, {0x3, 0x8, "11d62639dc359e9956524b1bca"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2c)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[ 1007.610412] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1020.154173] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1020.279900] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1020.336023] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[ 1020.370335] FAULT_INJECTION: forcing a failure.
[ 1020.370335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1020.371647] CPU: 0 PID: 7054 Comm: syz-executor.7 Not tainted 6.4.0-next-20230630 #1
[ 1020.371666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1020.371674] Call Trace:
[ 1020.371678]  <TASK>
[ 1020.371684]  dump_stack_lvl+0xc1/0xf0
[ 1020.371714]  should_fail_ex+0x4b4/0x5b0
[ 1020.371734]  _copy_to_user+0x30/0xc0
[ 1020.371753]  con_font_op+0x3ad/0xf40
[ 1020.371781]  ? __pfx_con_font_op+0x10/0x10
[ 1020.371818]  vt_ioctl+0x61f/0x2ca0
[ 1020.371836]  ? __pfx_vt_ioctl+0x10/0x10
[ 1020.371851]  ? __lock_acquire+0xc3f/0x6340
[ 1020.371880]  ? find_held_lock+0x2c/0x110
[ 1020.371904]  ? __pfx___lock_acquire+0x10/0x10
[ 1020.371922]  ? ksys_write+0x20f/0x250
[ 1020.371943]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1020.371969]  ? __pfx_vt_ioctl+0x10/0x10
[ 1020.371989]  tty_ioctl+0x7a9/0x1760
[ 1020.372016]  ? __pfx_tty_ioctl+0x10/0x10
[ 1020.372039]  ? expand_files+0x5fb/0x8e0
[ 1020.372061]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1020.372086]  ? __pfx_lock_release+0x10/0x10
[ 1020.372104]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1020.372137]  ? selinux_file_ioctl+0xba/0x270
[ 1020.372160]  ? __pfx_tty_ioctl+0x10/0x10
[ 1020.372185]  __x64_sys_ioctl+0x1a4/0x210
[ 1020.372210]  do_syscall_64+0x3f/0x90
[ 1020.372233]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1020.372261] RIP: 0033:0x7f6db1800b19
[ 1020.372272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1020.372288] RSP: 002b:00007f6daed76188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1020.372303] RAX: ffffffffffffffda RBX: 00007f6db1913f60 RCX: 00007f6db1800b19
[ 1020.372314] RDX: 0000000020000080 RSI: 0000000000004b72 RDI: 0000000000000003
[ 1020.372324] RBP: 00007f6daed761d0 R08: 0000000000000000 R09: 0000000000000000
[ 1020.372334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1020.372344] R13: 00007fff2cb9322f R14: 00007f6daed76300 R15: 0000000000022000
[ 1020.372367]  </TASK>
15:41:47 executing program 5:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semget$private(0x0, 0x3, 0x234)
semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)

15:41:47 executing program 3:
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="040e12df06e6155e8370b49f749473dc424b25ba6965dbb42a3f5b8d7e2829984517908a94549d09048d41d06f4f7c459e"], 0x8)
ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f0000000500)={{'\x00', 0x1}, {0x20}, 0x12c, 0x0, 0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)="ee5857db83c3103f3d58c823b32883e9cd5a458f83ddf1f83bacd6d68587444afa50a30a7ff8cb459bbd0a41dd7f64c02645a1b4a99b4e09a8fe2df66be44058df8066b7be0a6b591534852aeb294d200a90057ba948f94ae205b9254c91bfecb50bae8c82d09270e768430592cc152f7bb1a96b58276ea685abfbd7854097f5b0f80b025405e8e66dd9a16a671219805e230f7cd405c20a8b52b199b8260d4d459fa4a7e96a1f2cbb52cc4b929984732189ff73222d761df65f115020a2f0ca86a8966addf125ffdfad89adc9b7bf5ca1ab173ff5c2e293de3e00e196a09489cc8f0ae253a42412585c3df61722de9f6590d5f1c97d1fbf76eb35dc0d32d6d803d90c2257a29f71f69653dedd17f8b75faf8578f4c408423a5a093f2ba72223d5c51f14db9a139c68ea9e739d540e9d1ab283025d73a98624dc7939f1ffa25c70d97f7afefe7542007be1596e6ed405e4721788e546372398c9d98ed1f88ba0d148849d39722902ec701b3a4081678add07c1fd222afba6fe1848988c34dbef0d8db27c", 0x184, 0x0, &(0x7f00000005c0)={0x2, 0x193, {0x0, 0xc, 0x13d, "d14e164b7015f03c8ee05d7e378ab5d095471a9bee64dffd7a3407b92360c08a9909e9556db4d834e183ba3e8ef06d4e5901acda98bce3e65c4ae8394382a52e3da57baa36d6eba0811cd33e3fccff150107e9e2fde13cdedd02006d103cbd54208b86ad5db8ff69f45a223b050dfdadb7c81889f3456edd28b31d476bdb1fe50dd82583d7d8f1b2f7e76d7f3a87ea900fb67affd05e20dc71d42530a3bfd5d455e4f77bc1a6a0f5cdfa9aca7377023956f5bbeead1251f0be45a293421637891c9e6ab5d2ae72de8088ffcb8b4e422d9cf48b06cad96b86df4d4eea7d34e28e3e92904f8636631c87af8b0358cf02b0a061c95b8c6e0fb8af9ebdfbae58ef70ee7d8ef64700885ec1c3551e6ff3e3b12e5fe3e505a7cf8004259036e61ae504bf5a65e809e52a6a23dc920a22e64ac0a10c65156583c9db23c9ad14ee", 0x49, "9043bf049e75c57260f6038c490aca4822fc1ff99e8c2b28377b11bcc35e3b4e9b4bf586757c60ec8cb754e159fa16d7077a2a6b65aec347a0c284cc62da801240f5ed6f9663095a25"}, 0xf1, "f40135af415c183c28aeb6eca921b68e6f2af17ca8fb994bb7936b10dfbbbf953ba57e6a5ba7c32d529c2919e6d63476d60a796365b6b2152a26f73372e12617db554a654e3f84b88ebfef7d7db47d3c715b2fe2eef48705b94bb74a0ad523563eb3449b0282627a09f5470bbcf42b1a4bf3576cbf735e659b987b7f69da04b4920796d798a6054f0ea957f8bda0dc78b417b84de5dcc18320bb1e5dd3fa5a7e317501fb3771848834d30bfa7b61130c8c05e6ff9d42513630c7bd3b9e601e17b81162430c130d637e7a89aaa28092ccdb902216ec9fc49b91f034e009054f74c91c72e4b4425f5438c0cf85a01834d977"}, 0x290})

15:41:47 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x400, 0x42)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "ae6f2a", 0x2}}}, 0xd)

15:41:47 executing program 6:
syz_emit_vhci(0x0, 0x4)

15:41:47 executing program 2:
preadv2(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/19, 0x13}, {&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000000240)=""/153, 0x99}], 0x3, 0x7b, 0x81, 0x4)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000040)={0x6, 'syzkaller0\x00', {0xc96}, 0x2})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="fb2b150000020000000000000000000000000000c641972978c0270757e7f686b75882e4799c531ea3161a8776f5b9bf0c3824c7725453e1da84078776719b7d38b98a75fa8b76fdd91b1ddbe4fbd37ac81058fa476544e005f73a5f2deb86758e907846840eb017aadfb0bcf36b38fe3df6c5ed2393fd7affa8d3675252262748a0508b09eb8e345f2338ea28db7332ddb3c9ab67b718abc7a184eb949c422d9b7309a6921dd927560e723a5412bb6487ec5ba72c16817fb50cacf84c471a4fcad04c43aa00"], 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
r0 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000340))
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000380), 0x1d3140, 0x0)
syz_emit_vhci(&(0x7f0000000400)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "df9da717001feaea0b6c78236129650dd839d267e424a29465f3eba4a84c4c606cd11821cb4592cf47a00a13c3195073a6eb7e9f1c5b5ac67a6b7cc34ec5e802db8242780697287713ed6aaf69458075f8ed2aae777e0f4960426880ba6f419a463f3e888d0d471c01efb8b75333148e1b417dbbec126f26a5f06073a48b28d7d2f8a1022993e8e9afa03ca82060430dce71dd2048f17ae351b9c2aa80b0939ebb09ac719ca15d8c54071082b43de2f4b7b2e763493d157eaf5e807c4c69f3817105a59b1e613899b1d01e0fdc345420085ef21f2e3d959c9c4f284b81c9a32882d2ccf1c46d8c1845e4e097657ad474438c38d7cb6e36d0"}}}, 0x102)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000003c0), 0x400040, 0x0)
r4 = dup3(r1, 0xffffffffffffffff, 0x80000)
r5 = openat$cgroup_int(r4, &(0x7f0000000d80)='cpu.max\x00', 0x2, 0x0)
poll(&(0x7f0000000dc0)=[{0xffffffffffffffff, 0x4100}, {0xffffffffffffffff, 0x48}, {0xffffffffffffffff, 0x9050}, {r0, 0x4000}, {r1, 0x2200}, {r2, 0x244}, {r3, 0x100}, {r4, 0x2}, {r3, 0x1000}, {r0, 0x8028}, {r5, 0x2000}], 0xb, 0x6)
syz_emit_vhci(&(0x7f0000000540)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x80, 0x2}, {0x7b}}}}, 0xf)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:41:47 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x49}, @l2cap_cid_signaling={{0x45}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}}, @l2cap_info_rsp={{0xb, 0x0, 0x16}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x4e)

15:41:47 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x27}, @l2cap_cid_signaling={{0x23}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x11}, {0x3, 0x8, "11d62639dc359e9956524b1bca"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2c)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:47 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 5)

15:41:47 executing program 4:
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x7)

15:41:47 executing program 6:
syz_emit_vhci(0x0, 0x4)

15:41:47 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x27}, @l2cap_cid_signaling={{0x23}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x11}, {0x3, 0x8, "11d62639dc359e9956524b1bca"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2c)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:47 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_qos_setup_complete={{0xd, 0x14}, {0x40, 0xc3, {0x77, 0x4, 0x7, 0x0, 0xe8}}}}, 0x17)

15:41:47 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x49}, @l2cap_cid_signaling={{0x45}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}}, @l2cap_info_rsp={{0xb, 0x0, 0x16}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x4e)

[ 1020.434972] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[ 1033.291201] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1033.395160] FAULT_INJECTION: forcing a failure.
[ 1033.395160] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1033.399253] CPU: 0 PID: 7086 Comm: syz-executor.7 Not tainted 6.4.0-next-20230630 #1
[ 1033.400594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1033.402016] Call Trace:
[ 1033.402466]  <TASK>
[ 1033.402893]  dump_stack_lvl+0xc1/0xf0
[ 1033.403605]  should_fail_ex+0x4b4/0x5b0
[ 1033.404336]  __should_fail_alloc_page+0xe0/0x110
[ 1033.405190]  prepare_alloc_pages+0x178/0x500
[ 1033.406004]  __alloc_pages+0x149/0x480
[ 1033.406718]  ? __pfx___alloc_pages+0x10/0x10
[ 1033.407533]  ? lock_acquire+0x19a/0x4c0
[ 1033.408288]  ? __pfx_lock_release+0x10/0x10
[ 1033.409062]  vma_alloc_folio+0xe2/0x480
[ 1033.409784]  __handle_mm_fault+0xd6c/0x2980
[ 1033.410406]  ? __pfx_mt_find+0x10/0x10
[ 1033.411127]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1033.411988]  ? find_vma+0x111/0x1b0
[ 1033.412661]  ? __pfx_find_vma+0x10/0x10
[ 1033.413393]  handle_mm_fault+0x1af/0xba0
[ 1033.414118]  do_user_addr_fault+0x74f/0x1480
[ 1033.414948]  exc_page_fault+0x9c/0x1a0
[ 1033.415656]  asm_exc_page_fault+0x26/0x30
[ 1033.416385] RIP: 0010:rep_movs_alternative+0x6f/0xd0
[ 1033.417282] Code: 08 73 e8 eb c9 eb 14 e9 3f 74 03 00 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 4c 8b 06 4c 8b 4e 08 4c 8b 56 10 4c 8b 5e 18 <4c> 89 07 4c 89 4f 08 4c 89 57 10 4c 89 5f 18 4c 8b 46 20 4c 8b 4e
[ 1033.419694] RSP: 0018:ffff8880183efa50 EFLAGS: 00050202
[ 1033.420419] RAX: 0000000000000001 RBX: 0000000000002000 RCX: 00000000000012c0
[ 1033.421375] RDX: 0000000000000000 RSI: ffff888043c00d40 RDI: 0000000020001000
[ 1033.422347] RBP: 00000000200002c0 R08: 06060e0006060000 R09: 003c666606060606
[ 1033.423339] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888043c00000
[ 1033.424292] R13: 00000000200022c0 R14: 0000000000000000 R15: ffff888043c00000
[ 1033.425279]  _copy_to_user+0xaf/0xc0
[ 1033.425822]  con_font_op+0x3ad/0xf40
[ 1033.426382]  ? __pfx_con_font_op+0x10/0x10
[ 1033.427029]  vt_ioctl+0x61f/0x2ca0
[ 1033.427552]  ? __pfx_vt_ioctl+0x10/0x10
[ 1033.428117]  ? __lock_acquire+0xc3f/0x6340
[ 1033.428735]  ? find_held_lock+0x2c/0x110
[ 1033.429320]  ? __pfx___lock_acquire+0x10/0x10
[ 1033.430110]  ? ksys_write+0x20f/0x250
[ 1033.430657]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1033.431598]  ? __pfx_vt_ioctl+0x10/0x10
[ 1033.432172]  tty_ioctl+0x7a9/0x1760
[ 1033.432860]  ? __pfx_tty_ioctl+0x10/0x10
[ 1033.433466]  ? expand_files+0x5fb/0x8e0
[ 1033.434052]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1033.434910]  ? __pfx_lock_release+0x10/0x10
[ 1033.435528]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1033.436313]  ? selinux_file_ioctl+0xba/0x270
[ 1033.436958]  ? __pfx_tty_ioctl+0x10/0x10
[ 1033.437524]  __x64_sys_ioctl+0x1a4/0x210
[ 1033.438072]  do_syscall_64+0x3f/0x90
[ 1033.438628]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1033.439384] RIP: 0033:0x7f6db1800b19
[ 1033.439908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1033.442968] RSP: 002b:00007f6daed76188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1033.444004] RAX: ffffffffffffffda RBX: 00007f6db1913f60 RCX: 00007f6db1800b19
[ 1033.445005] RDX: 0000000020000080 RSI: 0000000000004b72 RDI: 0000000000000003
[ 1033.445984] RBP: 00007f6daed761d0 R08: 0000000000000000 R09: 0000000000000000
[ 1033.446982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1033.447982] R13: 00007fff2cb9322f R14: 00007f6daed76300 R15: 0000000000022000
[ 1033.448999]  </TASK>
15:41:47 executing program 6:
syz_emit_vhci(0x0, 0x4)

15:41:47 executing program 3:
ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000480)={'ip6gre0\x00', <r0=>0x0, 0x4, 0x1, 0xd7, 0x6, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x10, 0x20, 0xfb}})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000540)={{{@in=@remote, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{}, 0x0, @in=@initdev}}, &(0x7f0000000640)=0xe8)
syz_io_uring_setup(0x1e90, &(0x7f0000000a80)={0x0, 0xe064, 0x1, 0x2, 0x6f}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000b00)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000002240)=@IORING_OP_RECVMSG={0xa, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000002200)={0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000000b40)=""/18, 0x12}, {&(0x7f0000000dc0)=""/22, 0x16}, {&(0x7f0000000bc0)=""/145, 0x91}, {&(0x7f0000000c80)=""/82, 0x52}, {&(0x7f0000000d00)=""/148, 0x94}, {&(0x7f0000002440)=""/4108, 0x100c}, {&(0x7f0000001dc0)=""/249, 0xf9}, {&(0x7f0000001ec0)=""/188, 0xbc}, {&(0x7f0000001f80)=""/158, 0x9e}], 0x9, &(0x7f0000002100)=""/193, 0xc1}, 0x0, 0x2, 0x1, {0x2}}, 0x3)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000a00)=[{{&(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000080)="99a954e043a0e62b64", 0x9}, {&(0x7f00000000c0)="e9d964dbb9c7849ca8e3e8b48a01633142005858c2ebbf78ab0083623498b438bdb89b1cfd820ecd3ab3a08de2de6df14d560769eb181465619166f763e358fe31bb697ae3c49ab23c2ba2a9b41bc2dde351494dc7db634edfac83120bbb67ce8c1f341269b25ea6a9c1a21f3b94e0f0ffa8cee15c2bc3e860de470c98cba94b5f2ae316272e2dd5fb0c24a773156d1050197401d8ac001af96786b5b205d30e72fb29ad32c794fc65d0052a41266e1bc39bc2f04460ec5e571e36f269c0d7432e03a5bb8815715061062e7d4cc44b4f78ad118559a12b373adae7cd0b1439b79430f5eae5b7fc75e48a9f3e6fde", 0xee}, {&(0x7f00000001c0)="b586f7af60bf7e325690ee8f91a80782a8da8a58f6eef391f7eb1c3852c7158204c69319c60cd8c2017fe9689c3cc3b922ae1482012b8b78c0018a4c179596741b420c696f275d98057d4d142f4adec09f5b45adeca0f4b75150ab9af6256e36bad707", 0x63}, {&(0x7f0000000240)="49241aac2aa980a6102011ee3dd8cda53dba668bd161f5399cb11b5ec7a3b8399409c54952aa3fecaff2af482faab7b831f8198ee6c9947a023acf1860a51e752d5e59cde7fd918560f30248d3e5beb1a8e9796bac45e8ebedf476bb84121bd17926cff4e2bd4c485566843ccf555ac570273241009f7eae7e9e1158c7eee2af6a687d735eeabfd2128c4abe004ad43a74a6377b895e", 0x96}, {&(0x7f0000000300)="7ec3e833d33e9d39ae333ca3969e01c8e9c309b20303b28f405ba3dee11e7d4c58056f2075093fbf", 0x28}], 0x5, &(0x7f0000000680)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x200}}, @ip_ttl={{0x14, 0x0, 0x2, 0xdde}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x5}}, @ip_retopts={{0x70, 0x0, 0x7, {[@cipso={0x86, 0x3b, 0x2, [{0x0, 0xf, "3bef8feda17a33a389ee63f240"}, {0x5, 0xc, "a8f4ee02cde3949e7db5"}, {0x1, 0xc, "503d3dc8c069152ef654"}, {0x7, 0xe, "48a9522b3118303a05fa1834"}]}, @rr={0x7, 0x23, 0x81, [@dev={0xac, 0x14, 0x14, 0x28}, @remote, @empty, @remote, @broadcast, @local, @loopback, @broadcast]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @dev={0xac, 0x14, 0x14, 0x44}, @private=0xa010101}}}, @ip_retopts={{0xe0, 0x0, 0x7, {[@cipso={0x86, 0x42, 0x0, [{0x0, 0xb, "7e1b0fa839e2b8a89f"}, {0x1, 0x2}, {0x5, 0xa, "1fa559c36400ebdc"}, {0x6, 0x6, "37bc6713"}, {0x0, 0xd, "40abf637d269d06a0cbf8e"}, {0x5, 0x12, "c814d7ffaba2119758a1cb710f1e79c5"}]}, @timestamp_prespec={0x44, 0x1c, 0x7d, 0x3, 0x9, [{@broadcast, 0x5}, {@empty}, {@loopback, 0x3ff}]}, @noop, @timestamp_prespec={0x44, 0x54, 0x51, 0x3, 0x8, [{@multicast2, 0x5}, {@rand_addr=0x64010100, 0x3}, {@private=0xa010102, 0x7}, {@local, 0x56}, {@multicast1, 0x8001}, {@dev={0xac, 0x14, 0x14, 0x43}, 0x9}, {@broadcast, 0xfffffff8}, {@empty, 0xbf}, {@remote, 0x3}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}]}, @timestamp={0x44, 0x1c, 0x42, 0x0, 0xd, [0x8000, 0x2, 0x2, 0x200, 0x3, 0x8]}]}}}], 0x1f0}}, {{&(0x7f0000000880)={0x2, 0x4e21, @broadcast}, 0x10, &(0x7f0000000940)=[{&(0x7f00000008c0)="aec9e8548d836217e9d2c3ee81e277aac9e3da0a2a9c3ff6671208121f0954a99d269fca74cd2f66672abbd49322e99a7fb1c2a04be59428db438ff913ee3b90b3118c45545f7311ba37e47e7e2ddfcc81562ec8edcb4873e9c97b51cdfed963fb27", 0x62}], 0x1, &(0x7f0000000980)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x7f}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7f}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}], 0x48}}], 0x2, 0x20000010)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="526bbe0a63fae9c93abd41e0cdf22d38e50363f3f8471d2ac02e0eb8085a5a55ae3b7522ecfdb0f77bc94237565be182e529b9ca9291c94f43214a57684cd73927d6575da729ed277a76edcb5aea4a7a89ed3e55d249738d0fd67c4593a8e63d15fcdbd8b59731d965f7717c502d32746bc11ac164cc62b80b4168a1beb089fd7080e03d1eca9a04a299bcb928e80bf9"], 0x8)
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000002400)={&(0x7f0000002280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000023c0)={&(0x7f00000022c0)={0xcc, 0x13, 0x100, 0x70bd29, 0x25dfdbfc, {0x1, 0x2c, 0x9, 0x1, {0x4e23, 0x4e24, [0x3d, 0xe6, 0xd8d9, 0xec], [0x724, 0x5, 0xd, 0x1], 0x0, [0x6, 0x3]}, 0x0, 0x5}, [@INET_DIAG_REQ_BYTECODE={0x7d, 0x1, "04c9278e3ab579bb5c14cf50860b8c6ca7fe430ddb36b2f1bc62deaf0e3275f3250729a28bb3a6a2e473b81e525a6f50df770c91465cce8b96e9cd5c479ab2e80b62931849507789f6875df80a989f895fc9b622ec214b840b952f51c6d1ee1fbc4c6683e59b6f7cb29182be5f205f867dc52fa7ca2c2ac379"}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4008045}, 0x40000)

15:41:47 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write(r0, &(0x7f0000000140)="aae2e2b9dbde1a4c82fac5887ade2f4ca20ebc6c8adde5cbda5089304fa8bc9c9efbe58904f38d84f1c8bc3148715db6df711f3134469f2b7faf431936925caeafc7c17fb4e1c55b29e1cfe9e23da4", 0x4f)
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000000000))
read(r0, &(0x7f0000000080)=""/167, 0xa7)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES64], 0x7)

[ 1033.580351] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1035.261021] Bluetooth: hci3: command 0x0409 tx timeout
[ 1037.308981] Bluetooth: hci3: command 0x0409 tx timeout
15:41:58 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8, 0x8b}}}, 0x8)

15:41:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x29}, @l2cap_cid_signaling={{0x25}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x13}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2e)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:58 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 6)

15:41:58 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x34}, "f7d6e2a74b5c3bf14ecbe96da83a88f48fa18b96a0af0511dc8674594c9f05a2f62199182d31bb5658b7282cae63db93a52ab90f"}, 0x38)

15:41:58 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x49}, @l2cap_cid_signaling={{0x45}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}}, @l2cap_info_rsp={{0xb, 0x0, 0x16}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{0x5, 0x0, 0xa}, {0x0, 0x0, 0x0, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x0, 0x6}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}}]}}, 0x4e)

15:41:58 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x4)

15:41:58 executing program 3:
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:41:58 executing program 5:
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000000)=""/3)
semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)

15:41:58 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x90, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x2, 0x73}}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x800}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x143}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x15}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x795b}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x6}]}, 0x90}, 0x1, 0x0, 0x0, 0x20000010}, 0x8800)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:41:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x29}, @l2cap_cid_signaling={{0x25}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x13}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2e)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:41:58 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x4)

15:41:58 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{}, {0x2, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:41:58 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:41:58 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x70}, "8425c84dc00ceecb7de8a7402d79a399d98541769e1decfe7b20264bb9afb28e708507eb7e5d1073da2cf5fd1094cb770bc74a15b773b831eb0d33e51b2ab87bf3f9aa2924e3b580c1bbf068f250d2b1498f4ce5af4363328b8d7057d5e6929ab444ce02cdda0177e96a10b9f227d7fa"}, 0x74)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0xb}, @l2cap_cid_signaling={{0x7}, [@l2cap_move_chan_req={{0xe, 0x66, 0x3}, {0x8, 0x2}}]}}, 0x10)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_rsp={{0x18, 0x30, 0xe}, {0x1, 0xc99, 0x9, 0x7ff, [0x7, 0x5a4d, 0x3]}}}}, 0x1b)

[ 1044.557044] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1044.628279] FAULT_INJECTION: forcing a failure.
[ 1044.628279] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1044.629077] CPU: 1 PID: 7127 Comm: syz-executor.7 Not tainted 6.4.0-next-20230630 #1
[ 1044.629597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1044.630138] Call Trace:
[ 1044.630317]  <TASK>
[ 1044.630475]  dump_stack_lvl+0xc1/0xf0
[ 1044.630757]  should_fail_ex+0x4b4/0x5b0
[ 1044.631049]  __should_fail_alloc_page+0xe0/0x110
[ 1044.631390]  prepare_alloc_pages+0x178/0x500
[ 1044.631706]  __alloc_pages+0x149/0x480
[ 1044.631982]  ? __pfx___alloc_pages+0x10/0x10
[ 1044.632288]  ? lock_acquire+0x19a/0x4c0
[ 1044.632573]  ? __pfx_lock_release+0x10/0x10
[ 1044.632871]  vma_alloc_folio+0xe2/0x480
[ 1044.633148]  __handle_mm_fault+0xd6c/0x2980
[ 1044.633439]  ? __pfx_mt_find+0x10/0x10
[ 1044.633706]  ? lock_acquire+0x19a/0x4c0
[ 1044.633985]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1044.634316]  ? find_vma+0x111/0x1b0
[ 1044.634577]  ? __pfx_find_vma+0x10/0x10
[ 1044.634864]  handle_mm_fault+0x1af/0xba0
[ 1044.635156]  do_user_addr_fault+0x74f/0x1480
[ 1044.635471]  exc_page_fault+0x9c/0x1a0
[ 1044.635747]  asm_exc_page_fault+0x26/0x30
[ 1044.636029] RIP: 0010:rep_movs_alternative+0x6f/0xd0
[ 1044.636390] Code: 08 73 e8 eb c9 eb 14 e9 3f 74 03 00 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 4c 8b 06 4c 8b 4e 08 4c 8b 56 10 4c 8b 5e 18 <4c> 89 07 4c 89 4f 08 4c 89 57 10 4c 89 5f 18 4c 8b 46 20 4c 8b 4e
[ 1044.637678] RSP: 0018:ffff888040967a50 EFLAGS: 00050202
[ 1044.638071] RAX: 0000000000000001 RBX: 0000000000002000 RCX: 00000000000002c0
[ 1044.638591] RDX: 0000000000000000 RSI: ffff888043c01d40 RDI: 0000000020002000
[ 1044.639125] RBP: 00000000200002c0 R08: 6cc6c6c66c380000 R09: 00000000ee6c6c6c
[ 1044.639625] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888043c00000
[ 1044.640118] R13: 00000000200022c0 R14: 0000000000000000 R15: ffff888043c00000
[ 1044.640625]  _copy_to_user+0xaf/0xc0
[ 1044.640897]  con_font_op+0x3ad/0xf40
[ 1044.641177]  ? __pfx_con_font_op+0x10/0x10
[ 1044.641510]  vt_ioctl+0x61f/0x2ca0
[ 1044.641773]  ? __pfx_vt_ioctl+0x10/0x10
[ 1044.642056]  ? __lock_acquire+0xc3f/0x6340
[ 1044.642368]  ? find_held_lock+0x2c/0x110
[ 1044.642670]  ? __pfx___lock_acquire+0x10/0x10
[ 1044.643005]  ? ksys_write+0x20f/0x250
[ 1044.643281]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1044.643654]  ? __pfx_vt_ioctl+0x10/0x10
[ 1044.643949]  tty_ioctl+0x7a9/0x1760
[ 1044.644231]  ? __pfx_tty_ioctl+0x10/0x10
[ 1044.644534]  ? expand_files+0x5fb/0x8e0
[ 1044.644829]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1044.645267]  ? __pfx_lock_release+0x10/0x10
[ 1044.645578]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1044.645971]  ? selinux_file_ioctl+0xba/0x270
[ 1044.646298]  ? __pfx_tty_ioctl+0x10/0x10
[ 1044.646602]  __x64_sys_ioctl+0x1a4/0x210
[ 1044.646902]  do_syscall_64+0x3f/0x90
[ 1044.647191]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1044.647571] RIP: 0033:0x7f6db1800b19
[ 1044.647841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1044.649084] RSP: 002b:00007f6daed76188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1044.649611] RAX: ffffffffffffffda RBX: 00007f6db1913f60 RCX: 00007f6db1800b19
[ 1044.650098] RDX: 0000000020000080 RSI: 0000000000004b72 RDI: 0000000000000003
[ 1044.650603] RBP: 00007f6daed761d0 R08: 0000000000000000 R09: 0000000000000000
[ 1044.651119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1044.651618] R13: 00007fff2cb9322f R14: 00007f6daed76300 R15: 0000000000022000
[ 1044.652126]  </TASK>
15:41:58 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 7)

[ 1044.777287] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1044.929849] FAULT_INJECTION: forcing a failure.
[ 1044.929849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1044.930767] CPU: 0 PID: 7148 Comm: syz-executor.7 Not tainted 6.4.0-next-20230630 #1
[ 1044.931326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1044.931890] Call Trace:
[ 1044.932075]  <TASK>
[ 1044.932240]  dump_stack_lvl+0xc1/0xf0
[ 1044.932534]  should_fail_ex+0x4b4/0x5b0
[ 1044.932829]  _copy_to_user+0x30/0xc0
[ 1044.933112]  vt_ioctl+0x649/0x2ca0
[ 1044.933381]  ? __pfx_vt_ioctl+0x10/0x10
[ 1044.933661]  ? __lock_acquire+0xc3f/0x6340
[ 1044.933987]  ? find_held_lock+0x2c/0x110
[ 1044.934279]  ? __pfx___lock_acquire+0x10/0x10
[ 1044.934610]  ? ksys_write+0x20f/0x250
[ 1044.934895]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1044.935287]  ? __pfx_vt_ioctl+0x10/0x10
[ 1044.935584]  tty_ioctl+0x7a9/0x1760
[ 1044.935864]  ? __pfx_tty_ioctl+0x10/0x10
[ 1044.936168]  ? expand_files+0x5fb/0x8e0
[ 1044.936461]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1044.936909]  ? __pfx_lock_release+0x10/0x10
[ 1044.937222]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1044.937596]  ? selinux_file_ioctl+0xba/0x270
[ 1044.937920]  ? __pfx_tty_ioctl+0x10/0x10
[ 1044.938231]  __x64_sys_ioctl+0x1a4/0x210
[ 1044.938535]  do_syscall_64+0x3f/0x90
[ 1044.938818]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1044.939213] RIP: 0033:0x7f6db1800b19
[ 1044.939485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1044.940735] RSP: 002b:00007f6daed76188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1044.941267] RAX: ffffffffffffffda RBX: 00007f6db1913f60 RCX: 00007f6db1800b19
[ 1044.941766] RDX: 0000000020000080 RSI: 0000000000004b72 RDI: 0000000000000003
[ 1044.942264] RBP: 00007f6daed761d0 R08: 0000000000000000 R09: 0000000000000000
[ 1044.942774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1044.943306] R13: 00007fff2cb9322f R14: 00007f6daed76300 R15: 0000000000022000
[ 1044.943820]  </TASK>
15:42:10 executing program 5:
semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)

15:42:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x29}, @l2cap_cid_signaling={{0x25}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x13}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2e)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:10 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x4)

15:42:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)}) (fail_nth: 8)

15:42:10 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:42:10 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0xc}, {0x0, 0x0, @any, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x3, 0x1}, @l2cap_cid_le_signaling={{0x16}, @l2cap_disconn_rsp={{0x7, 0x2}, {0x40, 0xfffd}}}}, 0x1f)

15:42:10 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{}, {0x0, 0xa41b, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:42:10 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="8600579b9349abd90fb452d55a0cf8970000007d1d055f82ce1ec52baa589fd36d461a69060dedcd6dbf65b521165e36cedf5dc913053fbfe4dadabc42967bfcdb4a4a0a4b37d108fccbf76792b8aee9e0c9227d74398db8cb5e88a7cf518fd097010200000000000000b666fdb2faf46d86d2aad42ac967f20cbb18a2924d69b7ed7555f56719e09f54687b"], 0x8)

15:42:11 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2a}, @l2cap_cid_signaling={{0x26}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x14}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e01"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2f)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:11 executing program 3:
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x3, 0x6d}, @l2cap_cid_signaling={{0x69}, [@l2cap_conf_req={{0x4, 0x0, 0x49}, {0x7f, 0x2e, [@l2cap_conf_ews={0x7, 0x2, 0x101}, @l2cap_conf_ews={0x7, 0x2, 0x5}, @l2cap_conf_flushto={0x2, 0x2, 0x6}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x40, 0x0, 0x4, 0xfffffff7, 0x7, 0x2}}, @l2cap_conf_efs={0x6, 0x10, {0x4, 0x0, 0x100, 0x4, 0xfffffbae, 0x5}}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x81, 0xce, 0x4, 0x0, 0x3}}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_disconn_req={{0x6, 0x3f, 0x4}, {0xff, 0x3}}, @l2cap_create_chan_rsp={{0xd, 0xf8, 0x8}, {0x100, 0x2, 0x200, 0x400}}, @l2cap_move_chan_cfm={{0x10, 0x8e, 0x4}, {0x4, 0x7}}]}}, 0x72)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@none, "e280b93d42872d76695a2d813f308098", 0x4}}}, 0x1a)

15:42:11 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{}, {0x0, 0x0, 0x886, 0x3ff}}, @l2cap_move_chan_cfm_rsp, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:42:11 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_rsp={{0x7, 0x9, 0x4}, {0x8c5f, 0x800}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xac}, "10bff411278b6f3ae170f8c652d6e4eda64427b100c7287f373d08877a7a9667d4724798f3737d9fa4afc286ffc161d9d9c889f861191a936fadbb4077342c908967fc2a34344ebbf40765190e0869bbdf21cac2911fe0cd550cd6fefc8490bcc5e575edbb897e8a1e685afb254b936a2b04ee52a447d8f2611e044716ba6fdac25340dbcbe6911705ce176fb3921460774e52de8c9bbc3629e9caacc173171306cead52f8d288240070ba31"}, 0xb0)

15:42:11 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:42:11 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x7)

[ 1056.958435] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1057.097440] FAULT_INJECTION: forcing a failure.
[ 1057.097440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1057.099329] CPU: 0 PID: 7160 Comm: syz-executor.7 Not tainted 6.4.0-next-20230630 #1
[ 1057.100309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1057.101278] Call Trace:
[ 1057.101600]  <TASK>
[ 1057.101891]  dump_stack_lvl+0xc1/0xf0
[ 1057.102385]  should_fail_ex+0x4b4/0x5b0
[ 1057.102897]  _copy_to_user+0x30/0xc0
[ 1057.103384]  simple_read_from_buffer+0xd0/0x170
[ 1057.103962]  proc_fail_nth_read+0x1a2/0x240
[ 1057.104502]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1057.105099]  ? security_file_permission+0xb5/0xe0
[ 1057.105720]  vfs_read+0x1de/0x8f0
[ 1057.106175]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1057.106786]  ? __pfx_vfs_read+0x10/0x10
[ 1057.107287]  ? __fget_files+0x267/0x480
[ 1057.107822]  ksys_read+0x122/0x250
[ 1057.108282]  ? __pfx_ksys_read+0x10/0x10
[ 1057.108801]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 1057.109475]  do_syscall_64+0x3f/0x90
[ 1057.109967]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1057.110635] RIP: 0033:0x7f6db17b369c
[ 1057.111096] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1057.113239] RSP: 002b:00007f6daed76170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1057.114150] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6db17b369c
[ 1057.115022] RDX: 000000000000000f RSI: 00007f6daed761e0 RDI: 0000000000000004
[ 1057.115897] RBP: 00007f6daed761d0 R08: 0000000000000000 R09: 0000000000000000
[ 1057.116765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1057.117640] R13: 00007fff2cb9322f R14: 00007f6daed76300 R15: 0000000000022000
[ 1057.118535]  </TASK>
15:42:11 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:11 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2a}, @l2cap_cid_signaling={{0x26}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x14}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e01"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2f)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[ 1057.284335] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:42:22 executing program 5:
semtimedop(0x0, 0x0, 0x0, 0x0)

15:42:22 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xff}, "e01087a2478841f03983d1bc9ae69151b0c79e74534fc7bc6d4b2d2e5d2eb219915e0d19746aa0ec0c17758323e635c4df61c1e6c82c710e515656d061e06d291be5145dac793e0bdb4a6ab2653350cc749dcbe34d5a673e2809fd6e16863dacea151dbf5295e0cc1c40a153be20e6421a6300eff0b47377ea8e140d96cdd66b18deb7e98e873da41c9e8bd22a24aefe5e21be5100e0f1423b390344a692ef14a92eb40ea4cfcd0942776a6b9e35c02bf6cfe9ee8540101301687facead39fd0f4e6eb37f144ba2086f73fc95a002a18292a46016e553218338f409b5af491cfd8bc6e827c72e6ab5d303daf4c513bd4e016d8499d154ffe0ef9b0f84f7cd3"}, 0x103)

15:42:22 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x2, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:22 executing program 3:
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x12}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x3}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa3}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xffff}]}, 0x34}, 0x1, 0x0, 0x0, 0x40840}, 0x20000000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:42:22 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:42:22 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp={{}, {0x0, 0x0, 0x0, 0x3ff}}, @l2cap_move_chan_cfm_rsp, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:42:22 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_move_chan_rsp={{0xf, 0x0, 0x4}, {0x8, 0xb387}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x7, 0xc9, 0x3}}}, 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x41}, "36eb811ded897aa8d943bcf1fe6da6f9a6f8fe30c4c3832bced35dab57f2aa0a7f6b18e9baaf567f0b994d7e6969ffd67bf5958a1dfadca5348c3f650948803126"}, 0x45)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x3, 0x46}, @l2cap_cid_signaling={{0x42}, [@l2cap_conn_req={{0x2, 0x4, 0x4}, {0xdc, 0x1000}}, @l2cap_move_chan_req={{0xe, 0x0, 0x3}, {0x6, 0x6}}, @l2cap_move_chan_rsp={{0xf, 0xff, 0x4}, {0xffff, 0x1}}, @l2cap_conn_rsp={{0x3, 0xc1, 0x8}, {0x7, 0x0, 0x30, 0x8}}, @l2cap_disconn_rsp={{0x7, 0x1, 0x4}, {0x2, 0x3}}, @l2cap_conn_req={{0x2, 0x7, 0x4}, {0x2d9, 0x80}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x4620, 0xe5}}, @l2cap_disconn_req={{0x6, 0x87, 0x4}, {0x7fff, 0xc0d0}}]}}, 0x4b)

15:42:23 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2a}, @l2cap_cid_signaling={{0x26}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x14}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e01"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2f)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[ 1068.946652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1068.953742] Bluetooth: hci3: ACL packet for unknown connection handle 0
[ 1068.955101] Bluetooth: hci3: ACL packet for unknown connection handle 0
15:42:23 executing program 5:
semtimedop(0x0, 0x0, 0x0, 0x0)

15:42:23 executing program 3:
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x2, 0x6d}, @l2cap_cid_signaling={{0x69}, [@l2cap_conf_req={{0x4, 0x34, 0x25}, {0x80, 0xcb8f, [@l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x22, 0x2, 0xfff7, 0x3, 0x7, 0xc18}}, @l2cap_conf_flushto={0x2, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x7ff}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0x9, 0x2}}, @l2cap_conf_req={{0x4, 0x5, 0x2c}, {0x8, 0x0, [@l2cap_conf_efs={0x6, 0x10, {0x28, 0x3, 0xade, 0x4, 0x4, 0x7}}, @l2cap_conf_rfc={0x4, 0x9, {0x1, 0x7f, 0x8, 0x3f, 0x400, 0x7}}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x0, 0x21, 0x20, 0x9079, 0x3}}]}}, @l2cap_disconn_req={{0x6, 0x1, 0x4}, {0x9, 0xffff}}]}}, 0x72)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x0, 0xc9, 0x2}}}, 0x8)

15:42:23 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {}, @l2cap_cid_signaling={{}, [@l2cap_conn_rsp, @l2cap_move_chan_cfm_rsp, @l2cap_info_rsp={{}, {0x0, 0x0, "13c409ca5998aabccf7d0c47de3fab06cf5f"}}, @l2cap_conf_rsp={{}, {0x0, 0x0, 0x0, [@l2cap_conf_ews]}}, @l2cap_conf_rsp, @l2cap_cmd_rej_unk, @l2cap_move_chan_req]}}, 0x4)

15:42:23 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:42:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b2f, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:23 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2a)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:23 executing program 2:
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000080))
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000000)={0x0, @remote, @local}, 0xc)
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000000c0))
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:42:23 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000040)={0x8001, 0x100, 0x800, 0x200, 0x8, 0x20})
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0x7)

[ 1069.176496] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:42:23 executing program 3:
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x1}, 0x7)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}}}, 0xa)

15:42:23 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8, 0x8b}}}, 0x8)

15:42:23 executing program 5:
semtimedop(0x0, 0x0, 0x0, 0x0)

15:42:23 executing program 2:
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000000)={{}, 0x9, 0x0, 0x9})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="432c11000000ffffffffff9d020000f200000400"], 0x14)

15:42:23 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2a)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

[ 1069.213792] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:42:34 executing program 5:
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)

15:42:34 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d9c3539f9ffa3433af5baac60933003000000de4d4d2557232abb0b921d179eea5ca1f46aa275864b96a41a647ac2582b8a2d98e4ab59478474c9a67b56a5908e4e61ceceb2524da46fea08ee"], 0x4)

15:42:34 executing program 2:
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000010c0)={'sit0\x00', 0x0, 0x2f, 0x0, 0x2f, 0xee10, 0x0, @dev={0xfe, 0x80, '\x00', 0x23}, @private2, 0x7, 0x20, 0xffffff01, 0x5}})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1000}, "a4ca4415455612094659217a7e335902a815518ec50d1dd273a4966a61bfd50269c7a93e26168bb6668013a1b5e8f77e09099feaa3db3e47a5706651c2f787a80675e61e509a9625d0b547c411bacdb381a012d23908bb6a905d57d78ad5525c4d68ddfc90625aaadee12629629e3ca93d7c100a0459273ad164a6940e828b3cba98773a17b7d7cf286a6ec90e9eea058960ce1cdcadad53fdfadb7352861ebe282abef8d3ad582856194c3386017557a30ff200ce1a8e3df8eb42d6ba3752c1289d9cee70bffd2a1c3cea1cef0ae4a649cfcad50d60417352a1c3d8d6b7426a7c0a2cfd650717d0727d45fe85912dcf84c4117fce9a72de8c904e038d3b25e28926e18ecc357a4e66f6497b0a2107b711fa9aa5f5b3802dee5bb6cdf4bc3f354d13c7b6c215d9926f3f87e3c5c9fdfe0b6735bfc563c375cb8440663796b513bfab5d5e0a8a1d58aba65f5605366e71371a827deb2706ae04889fd54c4e5fea510d723df7e7061a8b4eae57b87c178d9651ac838e807704d992efcaf92fa77e20a7e8ae40c5841e0aba522bd41f958ca53944620eb788cbb514a15f0ec8be70fdc829291c07c5d67d44fc49c9849f514d68c619ed647c30e5c49cc8a66dadd287e1be3e510aee6e53d034dfeb093561bbd895eb6a44c21b057b1f8418a2effd9c734a587e184781dfeb31f6b6b91485965dd80b3e1eaa9e07458cf721ffa8a2054e6841445fd1ea094f45b6a9fd6bf0f6539730d0c5ad5f67cc66b24a85654c3423fd3ae688f49a4e7fa92c1e25b678a5b0923e7ce1c0b8631b765255270295e02e071d18119146aa5ba7db9f0d0866712a915d14798f52ba5e830f506bf1133c7c30c7d4fd314c0725021e09a55107ffa29c374a15ba7abe22b910168d7f81543f8fd29a1a36dd84ec34a4b3f0aeb188c0918c8a7e0c298e710c15235cc89c028b5795fca4dc5981fcd9b31adc7b40110f9a6231d8715533d51b871e1ce1ecb92b64567b470f5a110ceefe66e316ea4f98ebc3987944bfd3fa6543627746eff93212ada24113eb8574452d2202a7785d6a8f26052b6b447cba5f847dd4783cb05455abb8974701b7537913f896564bb1f74e365bd29dc9d54c25ffedfbbe938e924108f0cdf0c99b51e856bd2e2caf1cfef80b9b28fb463b12587fe460903383d2aef74693b13336a819fbe383f68659f2add6b88aef1ed6f85f3417c5f0928d53b85d928fc8f64803da8d305823030ed621267b542b20a8bef3f7da48db9f1bc7595e4d24a72aba46067eda148b8be88afe54365e900262c4526c3a68036d5ce61e9c17a8d6b8d0eec7124b92ceffb7840942bd0352e1e121d2250179c6cd4d834c914a38f2fda4e22cd40335a9773e66aef3d7f34be8ed01d7e72e0d62379138472c881c974f7a26253a62f804eb293e9420642b0dc80027d353f6e173a4418793ac2ecb01e988780329091c25c5a4766e421035c72cc5541c1f80a669de2c7036a0414941f19a0a2c1109235d7a6b247dab4cb3e9f645bbd600f8ad2cc92266577624e2a9da326d080e39f8e626905bddec16f131b978c3a03bfb8c25fbd4c233f2368a75f96d1baf083182b6e7e5258489233fef2fc2afb6241396a457260c1108ae6fee799f51eb111d91c1804fad05d63f0edc0a4530985ca5dca96cb9f0a81766c8a43a5d0aa0f27a43cf7598ee433316a6fb911653fe187e3da60a7be74cdd40ee4f5a07e43fdbcb5281c66fe9bb97a605b3b1205df3436182b6feb6cd39490d0dd1d0d521a58ad8ddbeebf723c4d1ab954626c0873b49972a94067780d391c441848ec5d9daee2f712184b4dbeac5849f2135bfa4ff2145ea09dff109ccea8a1f90d938b35283029790b9761834ce19860915eb004d8e89501357ac7ed120ed609f6e6a8ae8f9029f268a34b28d5da29027259491f286e2b134967be60696835df2e90df1d699d251d8d7f323f98fc4d4534b45931b9d04f0154479262d755713098a81aa0573534045c1561e17ac30a9b52a8bf8d0cf72adc44452fda54c69f14113b25f2c7cdf9c63035e67c760a256e67a33bc3eb7b76ad55dc9504bd6c3df9c4394f0e12f70a140b4e19d0dc7316b0ef718fadb1a24a6f19c8dc94709bb4e2f6df727dbcd57ed0e9f88b52270a79e0f3394288de0f3dc4b1bd116c0db7a824d1615889a87db652a4c8b81c39094172365af97ffdc68f63e6f08016d34fd769dc518eb780357ef614846a0fda3ddd5087ddb0f9b819164ce22f1be45bceab1d5833b113ab0878d3c3c95419f364bfa289f963edededa76436711c85ebb28a37aaf9e98bbfba30877d90dea2917cb4b8ab73d2a10573f3b30054829c33ad806c6ee5571a425c0616a8168f6d2792840094e4557aafd207f096827ad953b8fda84e798940609c859d454a030eabb3d9babbad6529a2709059738c69259feeb174f5496e2c470396d52ba824ed96e16b20f5ff34b15f4c515f966c0f2a6bc3720e5ae49030cf8abe627414a939f87189858759d908381aa015ac79030cc89384cd86c3d351a0723c352e3091549d7827513646a13a118c4816fa633d85e047fe4712a49ee73cb2feabcae58c498143ab028bd230b2eda850ded181580e90ab1aea6dd9e819a745e504fc546b590f05231d7960b775bd1db1c94b4bd69d36478d089ee79702c0e50fcfbf842fc8de35b49d939549db901e6ade868e3d9d4b3365b25c36b90ad13eecff4a71e7cf7ddc0e21bb2eea2002d75d4b917ff3a17c0d9c7af73d92e51ad9d46093d1bb40a37ccb60019798a1ae9bbfdf0503ba7c66e192f85b9abaceb6c79e1dd8b5bbf211ed23e6294e7b27fc8604fb2cbe1afc331821f3d9009f8be68350ad64f85d89fd766ec4a71a619d37fa66f2b793ff0df09795aab0bd4c90d631d0e05b92f57916edf1ec70b297cecd172f8201b3355ec0db61fb9a8544b4212ba0436514441a08f708ddc89252508987221864a77a0ce5462691e20e5ffd986c793ad75cd38f091a9c1e13a052c618e50a96c21db06910a729f48ec1fa5fe37370568203581fa677b9b353886794c95048f6b03f9b0318b59f80ef124cca110f048f52e08e07db1893fd900d307123f78bdf1e6656339e28e966657c4285387bbb1114e589f7062ba026645b1b80d2b24e1ae1b067a7033db46659eb13486bef133d6fd3a64be92baa4e7c3e3bc042ba8a9e625b41ffafa25982db7068bd7402acbd01ac2b429eb718b6e83e8b4f5dfe83e72fefd1b142eb1ead4e205ad239bd87ac4cbaa29ac1ca52414825e6ef11669b546cb4b89567c862f725deeedec263fc5b3a36a0dc402bfc57eacf36a400828b46bf744eafdd7af553c258d311db37e9a62d1dd1728e6ecbbdebcb069808388215b3da599c128dd812e1f701f348551a28c753625de14808604b200c0bdc2b9a7ab9cf89385794cecc57f27fa447b7fc13dc3c891c46b3c81b631fd53a6261edd600aaef2eb2f5f2f1c78826d7b708fc882389cf5548b14662c71ce1ffa2ea44f66cfb82b03e83344f1e0b6dec65d281fd9f117935dcb7cb57fb93c6a356c6bd99bbad70e17f5eee067525391d0f3fa9c5105a2acfdbbdc404a1b5a06b94d15e3e3d054d97403b321ff47b139619326f27c8eb30852e0e4b1034d6d2096df99c9caff727098c54c2addc02f4ada6af74640a28b6da728bbe9c4590f6eb64d75f19095532d3e4621fc5688a4b2d27512fe04f1d0e3c164c3fac7e23f60b1c323aa13a1c1bd20a14198c6b386bdcc9e918ddb8b953708a147a48d579c5cf1a77d71bec0cb22329533392e59fd43d378c7f0f8f0dd9823f6072876eba43092b79d060bb56496e527d45aa19b31d6da6ebacb532d439f8494f0416a22a4e3fbcc1afbe95e3e2d00c72b5c534c16cc5632330c6f9b50b3937e84687c77590373caec9323d2a1481eb6c48ba7a486dd7b26b46008a49a54c0a134c7e13a5a66d048b0ec83b668db8f8b5143980e44ae8d74ff26323b6fc53c2f061a66b0ffbe658674d40d8208233b2e264a4fb482f3de881270c605633103526933eec17d33758213de6cf5c28567ccc1e8a1cae5e7aee119460c52497d19b0d28f7f3f3c9a91bbb485fd010ce411724e97dccd8f63fc8a3ee776becb6ddac5c6551b252177d33653d8582614ebb38fd1ba027b458883316c311528ce8f25f15ab2e622c33e4bfb2c33e73cdada6fd24c434e041dc2e41151ffd7e9cd8c7dd2e2b3165205b15a628f1608f9c705c862161e61da42d9684d6ea77120841d42804d2f0e530dd48f0fd9dfa8682ed62ddf6b4ae8a4719e7ff28c2a57eb6466b35b387abda4f72c049a03156bb796868420d0514063a8d5d7601033241facbd67a3f17eb4662e3fdc32c465f5eb6772ae6f73f7fa1c8fc51c8da54dc5251665eeb8e4a5048c1fb8604961ae2a9d137b26f232d18642524d26701f65e30fa2bf40440d0b04fbd09e34c3c4fc17612cbe80ccd1d1d731789e2db7ad3113b0095fc4f62452e54aee2642955309e6e92e643326f0a3154a6ffbe1cb7c947be393bc146e78951412e9fbd6f823fdc668550cd546eeb13a8bd496b35dfa3024b7209b3e33cd13268d64ce8607bc65a199a7ed2dbe6ba9669c10d14fecef6aa19e30cfa70f07a376fd373381e6bf2c683c42b6b276ba7c880c96e04d5700d2cf860051cc3408e2358dd404561cf898e0bb824a8d88b5da16ee7bd19abf655642ae561a1a74613b73e547a4a2f15bf991634dac84930044cacb338471103f3400469efbf132d8f06f532002900921c920666d351cb2448b4a8a699bde15aa6a52c5f2d41c5bb9140be0a82295d65ca21b4ceb324b9187a61a48aa5e1333eaf738862669ee87e63881d7f0de24a28cbab31bd4458deb417307683dccae5406190e491a32b69d59de64927de57ef5aae98a3d68fb88d557195ff9f998dcf03f2f4f10e56ebda7d66ef07626655168e3f732309c320e8dcba9e0b5f06158c4ee32236d0781b3f31486ce8814e307a3c44791b589e35e78c9091fbb86ba65ed18d45536cc68a80d28a09e4b4ae1dc7a8ae70faa617024187856e6524fb815a71bd081ad48ff1c6f3ccc2d1ba0d5332ad56e4f09b41e7d3093c316b5beb0f11099cd1915808f2dd2c20e98d8a0c3944bf0e89c2f1dcbda5c7dc194e0f29ff51c3379b484cc2190542d023041b76d36e22a1521e94b76f4edacfa77b4b67f83a60980c1c80a52d53c103c0c48888690d798e0e29ff9d5d8627ee154109d0c6ccaf051e0c980c3fd7191450027209d160f0330b722c54124e96fdf21b7e0a4559e5a8ef82cfca93f96e15b1530982e5ca1ec56907ccf663b8e79ae9f6915541dfe99f7a83c8f602832e0b1f4cedb33f7abcdd41b52d13aa7a49729d03e84f5af84383f2b25729d52d70ddd1c09b75db388eade3caa43a1ae96be632c73e2fd3fd6aaae9f2f46a0a4f12c9ee44b21d5bfd10dbd6a299b75be8819a2693dedf0c22395770d80d95b2d84d409c14de93f96b03d01095ccc3205e74f4b1a2eb9ee1a941dc06e9d81e9ffe33eb24e69e448bbeeb5143536ce5aaa462f44f1ab13522d9c396cc3780466eb562920dfbe585871de9f9be40f748fe5d581db0840cdf997d00b9926809bea08b153ee3474132d158e9310b84dff9d7642fddbd069c3ffb3c07a55f5aaf6e19cdefd7abfc9da767ab14076dae35e473bc73dfba4bf8eac62479824ddb7e5bded22c6fa858f4739f6a9b94c127c811d4b6aa6e819319b8988fdc5db1e358588d80183fcbc4e2402eb596ec27d94"}, 0x1004)

15:42:34 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b30, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:34 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8, 0x8b}}}, 0x8)

15:42:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x25}, @l2cap_cid_signaling={{0x21}, [@l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x2a)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:34 executing program 3:
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x0, '\x00', [{0x0, 0xffffffff, 0x7f, 0x5, 0x800}, {0x1, 0x400, 0x4, 0x8, 0x9, 0x7}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000340)=""/201, &(0x7f0000000000)=0xc9)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04022b03aa8aaaaaaa1111092097af18fd03ffffffffffff0600c04f5a6c4000000000000000e05501cb1f720700"], 0x2e)

15:42:34 executing program 4:
timer_create(0x0, &(0x7f0000000000)={0x0, 0x2037, 0x2}, &(0x7f0000000040))
timer_create(0x0, 0x0, &(0x7f0000000240)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000140)={0x0, <r1=>0x0})
timer_settime(r0, 0x0, &(0x7f00000001c0)={{}, {0x0, r1+60000000}}, 0x0)
timer_create(0x6, &(0x7f0000000100)={0x0, 0x3a, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000180)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000200)={{}, {0x0, 0x3938700}}, &(0x7f00000000c0))
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="045343a05fc308accdbdef394069498d7c13923ed1c0ec00f003fbc4c051f4e8ae268d313f95914cac1ea6"], 0x7)

[ 1069.273293] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1080.817769] Bluetooth: hci1: ISO packet too small
15:42:34 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@none, "02773a", 0x1}}}, 0xd)

15:42:34 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:42:34 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b31, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:34 executing program 5:
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)

15:42:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:46 executing program 5:
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)

15:42:46 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
bind$802154_dgram(r0, &(0x7f0000000000), 0x14)

15:42:46 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b32, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:46 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8, 0x8b}}}, 0x8)

15:42:46 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$AUDIT_SIGNAL_INFO(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x42800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f2, 0x2, 0x70bd29, 0x25dfdbff, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8c4}, 0x1)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:42:46 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:42:46 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="042c11000000ffffffffffff96810000193fd60200000000000000"], 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:42:46 executing program 5:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:42:46 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:42:46 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:42:46 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:42:46 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:46 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b33, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:46 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x8c, 0xc9, @none}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfff2}, "485d1c8432023ee53634844b034a442c461f83fb277ac4d68dbe206c031b0b229cb403e6fb9916933f7f8eddb0a60f39cfb2998b2e7cfee377a97147e0a4b39df279a045e766ef793d60915405059d6f44fe35394949b7be88558ec333a418efa6f632ff1a76196e9c8a870e208fdb2f09a42567821f84fbab52f401fcdf26af73d07accc6964c9f34b60fe0d5aafd7ba5bbd7188dc13d7b77730bfe92b4617962506b13531c5cb06fb2972f151f6f2673e1ccfd9329605ef3f573e3897c9a4d81436a127918094fd3c4056b87db8cbfdd05f9a60cb5167d97a489b1f4ff486c971df762482645492d4b598538c051b36fcff7ff5e3c7e63df19d521e735d830da04951b49991342a70c40f869b73387ceb93bbc1f1711b3741c0a06260c8a1225deef8f944efb5fc19570735a38901f50b24297f7b4e71530b5c18bb88010d339827314e02326f4c513886fc2a06d8d136c2be1bcc24a4ec17827ce4fa9c52b1ba745cd5e27019d7c767755bdb93460299ca0eb4c2df39a8be8f42df639c177b991a1eb43a1550983845377fdb92e4bb15e2ae88f432a6d9aa760004dacc09e0ff2ae90527ce3577bc1f910ae6c063aacc87339f03258be059d21333c69f41ca00d8fd02fbe9a0aad5dc782cbb4f9bb4215cad53aa7af6d87a6bc935f4c23940e0ab47e39448bdbf2d7d311a08b63580200c2748fb3f653ef30c394a93e5e72ae5fa6b63620b9b54fa900e87e47c75a775707a0a4c011aac43e8a5a373f55a1d137c4e876d07cb055d6c4ef20d9b58d756a66a7375c9247d5081be25b295fa4289afb49df8c3957a5225906b9d508e7cc1b6049af1f6547df955d61e4f116b6ea2ff15ee3faa7808346c42a1894d50b4b9fa26d4823fe8e5b9ce27a70c9dbd1152d839c8562c032191ac5a5d406739129531dcf684185ccb3f5cb331cb15620c452a4124f7ebd68cd2bfb6506ea1c059d442cf8d9093b6bad0a842db5c75cac31dfc88db009a1f4488cab42c31799fdc0c67511efb3b9465da15ec362f2636d8cbce1916c8746e3239786913d5cc8c850e622413f77bf034ffdd665c50105c6a86d131591ec636505865fd9b31965d1537a5d3adf967eadaac38c8a641894499de26a81b8ad0fe56ec9aa1236c4ff33a7cbded19d8c4e1454de88b9ee68464dab6dcdaece7da6c0932f8d53a3acddce731f9a59865ef019717b44413c9105e3eb6236aae3c3620c53208dc7191879e47026eb1075f5ad1c9c8e4cea36a3a7fbe93b2f36bc4383bf23cc103db201e82b8357c47a506d78f1e8dba67d25e4d9ad149d67fef38f364ae03c658ed48a3f698def3360d499cd7fe1f4fa4b0fcb1638ace3128b1fdaa6b7e1245f42e6ea288549d2ca14baa3a42ddd3dbaa27c858f538f61b1b8b344bd3dcab0195c7c903d15cbb7a570d597f4e08b8497d43dfdfbd7bbff7675be22cf3bc5490e85d1cc3cb28f1ca70348e9aa690326ba9b43a73506dee24a8cf87aa12c0a7246573e5ed4d65f68b8a428671a978b2b5c095f59590e3d5b491815296840eb28f0284452c1484d6ee25d61c4d095f156c33792011f8b2d19d6d17a40143fc27163c28803ec7d3bf303da6af56e264bde7ac5076eba4a1c350e61e1f1a503f2617d6cc4ec311d6650e266934f8b59c73faf6b6711a511c67fa1a3078ac41e1441e15f522ecba5c874e6171d58d615df3d9d4a7fea412a987e4d175b7c1a51c5a51f13e0e5d762d74e505aae1e690254c49fd00cc1bb3db2cd6f50777bd6bd47a2e28ea8ef16b9a6ac3119fa3810713296e4360ed3b1016770c9f4ef92ffc10c87ea9dbe5903991be7f8507ffa8e7c454a76c44c2e796e9157a9580de9ddf3f5af697db3dca5f6cc53f43a40b1c0fecd6836a849a2cb619341fa242c6e4b3e2e12bc99662722aaf4609d8890d52db83dc28db52949196ab66084734ac52ad51c51307651f7d372058b53b568f8edbe034ffbc8db1c4d8a60a574bc8879daddeff5f0b08907a16115fb06acee2f05fae17b1a6cd50b39dd8a34feb1e43a0f1e885593521844e0193060d82702f7a3359958821ef15811b708fe1fc9db80652a356d04b662f9cfb151848fc30c0999b6df129056b688e0c19d06850c9e32dd8dce650252d2f5ec3f957748bfbdef6cbe99ee200872819c2b560eaa24a83183f0ad9724b8c04d3c3ef19ad19e8ebd12e0b607d3f969d592af7c2e73182b26b270a1a58d5cae74b3c3405c6c64fbb116bb30af51e502433035577d0ca87efeef8bafe7c5b23986b7971838b2cfbb204fd7c2c5e6f99762fedda96bd55cab5f11f2014c485f8166fca8865e64cc5cf42e2dfcd7ed731e86fdb1554f174b2f0924f73149a73a26b0f3acf2184a9c23a21065084cff4f0ae215dfbd5f131cd6576ff122d1a35fbe9753864b6d926075b4d001744c8c255437cf0e3306315267163766a6fd1a0b22ddd54caa0bd989be49a6b009b0320c251d43ece75fe570b4b20c8c185d7f5442e8a54611806d195c298ba5cc7dd069647806b3be361b4f49810e80007b4e73363e2764a03c26c87d7f46622e4ae2a4a30177d5bc3fb22c1ba80ed786d51ab3de403769fecc882236942907354076991d6ab16690aface3dfd16f5e5d133ef9d419fcd7e1899707e08f6f2121931dd386ea881f08e22ca261bbe25b5eac63a5539afb1ac5a2bb555639db573d7710948dfbd48d0030b672b63ae724dc6654a050c47cca054a8958fdf008f26067f2f0ddf21186eeec3d760b6fe13f78c4e666772c8c0a405ae7a3f2030fadb4b087cda9d70109e7cfe0dc269f8aed52a5c3dd1d28aad49986bc994b54d53ab5a2c5f6276f6736f21ec76102982696a6f961bc13c67f59e7ed0cd4a0baadee0733c9545f7bc5307b103151546b4814fa5fd0e9ae44913713975e1d47edb7a7d883993fcb48f53063bf050149e2a97cd03300459d72b3c8594c02be36b45feeea162cd13bbf02d47084d927541321f76c3792488f0aa947ded96f6ad34c90084d7e1bb07b714552e58cae3f3863801cb9464cde21c22979bad980ba5f749b986331a6cc7be54a774838bae67b09a97cfdcad4bf0941be14e96c94b123cdf518d42d4b57e480f9d44712f20856ec7bb7d9261a2b7795892abea0bbf9975a46a3045ebe7ec87509367516b6920304f611f9fc0f0933a58088684c9b3cd055cd87c43f18e1641bd90024b1d2eca36f4c06845cddeca71a1c5a4e3dbbeb0413fe2ee3a6496b9f28a63cb8fb0ae32b0fabcfbfaa9387ebb302109d0d70a606246dbd60878425207d52c43e45e9c5337f535ea4f38ebb1da195a03b3d48c44bf093b22c023f2562e15f9a283fbcb7714240774b696b6ebae0061355de9e3551e0b9ed753da1f6c095bd687df929b9ebe1cd90849bf152eea3d6e58f0c552bbe7fc6ae669beaefdf9897e6b86c069b636e4b226e7de5850cb24f4944d15bf07ba410debd7364f129bba74fc4954f7483932b532b12272071e057da5edf19d397c50e9c4bf7f9a016ffb4910ceb421db479b6a55067041119c38fced8316b0dccdf5b34890a909c04073280b91ebe5276b779a9ed19e069a5e1e5df4bae09d0dcac62ac6d764dbadeb9a10a478cb4c65be65276f3c90dc1972c32e696a09ffde73bbd5f7f47773c5fedbde9df7de997469111c0622365a24dcb52eb4bfadf351a08ba09006aeab52b85d788bf039f4b5d71863aac8ebf53ece13b468835135c711e3147ab15becaea7f1081248630f2a199f4b34d46264f3a52cdd1ffdb1670a6a288a5131ddbbd9be4d33aa5950d9e0e68fc96e167e188629361f032bb2b3c4fc25c35389b4f20440e87c0ce1ef8af049c9c7c164fbcf3fcd302852834ff22c0139c78d147c3a291b6333d670c1e523718e2c8e398d51a623f796e6b8da6a191501219d6f6337ff7633bd8079318e616755c58fe5dc999dec21c1ced4ecfe21f6ccf4ed73871c4e99eb62df23db65fbd58643cd287a2c44f68e360ab02854b20a28a57d5b148d536a162a8fc4d33a201de4cb65c8f50aae2df7625357bbab9ec1318d5ff7a05c9bd27cb769c1ee783a5660e3e65dd5691d048df26c67aeea45f5ba06ae1f6f95e7c931df44293183f6c1cedf0f13e9daa7eec8fae8e942d37160f56553bd26b47cd8d160b17e9a14af0fa002d99a2d9f85f31850e77ee59588ea21b2999218d436ac22e8a30ef729c7f903aa89fa30909014a22dc9f6c534a8fbe8a12b9b8467d89ba3b7f7f51edeb048da42014c399b246689cc249bc37ddd2fdc64864cd88b5b3fa2532db7128090fdd728197bb7b403247ad7fa96284938b265419cc624ff2548612e0b23dc253754bbffb61fe59e2a54179140c0c114e25ccf5b033cc27b9c403f9f04bed2039c5d647dabfd9c26199c6703bd9685bff815d12d6c0ec2b55b215602f43f4cd307165bd06efe0e4aaaba3071625a5eec42f07137cb4b398354a715226b27a404a8ab2d19334eeb7918aaf79b495e190ff7a297c6d38697afc973bd66f2b772b74c827cfb979a074b9121f786206f61ebb53aa0301988458047e36b944121739b6ca15dcc8b758747925a508b6bf434be3bab0d7e5bd5d6ef48912cb4663cf5ef5e38471d858df0880cf568b3b5b96c2948e8c33b83eef80359719a24158575b4646ce93a8b04556eb4815eb58ed06ae78cc6c13ab1de6dcc04fba077b9da212893028a36b6988564bc6570c3a14b260836712c3904224a1ea99d97fe0202b5e48670794d84809e78af83e72657df28fb28ad8ef1ed1f358bac5d49f77cff14f7175ddb5113389860a18ce314d7d13d7ed9d41b4943e60a5cd4961d1f954dc05ac1c9343e6035778e79d2ed1fd2938c661ec1409a7447cc3ee32ed577602c88392ddc7e0d8fc88135ddc0e600cebe5311788e0fdcf337e6a32e0de961580ee79c42262e869dfee15294c5d5d7fbe01bb99126a80bebfb1b7f10d439a4b4ad882b800a8a1c9235a07ece119c05adb900675053adaacaac426d50de661a324fce0b28f8fbacd5a17e8e0661c281a2fb1b0eae862f82dca3d88c0ad769f1b4760a22e080614b24f27f0dd0a7297a6e8f1eca247bb3a5c23af05df0602d68b8c029d64110b32d754dcd7e753359cc99d580831452d50f8a5d0be9b841e704ed7a6fb9f8ffc5a86d94d338b01725448da5385da98caf78274827cdb902aafe38b40674c385c3c159397434b0fc275dd05652b2a78124377b32b103ceb971e1deb4a728b3733eec88007dd5db5a22930de5dc805eff09da1c528dec6723c3da400b916a37d45e7edaf172915d6e8f5bbbb6fb2a9cb35de9d1c7723609b9f8410faff4b454be3fdb4ac774242a087f72f2cdbd7fde17d16d9329e579f28b788ecd20704cf9dd4f3534d1f7e39f58648689943b8345d92905251b31c661720603a3169687affc52aaf863fb7ae65b52d5f5e92445ddfe0ecd110bd1b7af0d6b9fa7646e7d026b893933c2b2fd535923d31214e962cf145c471c7d5116e01f677f420f99e4f00d9d6003efbbb07b16f765e54851fc80ba3a7776db60d834509eef2ebecdcb5023b36600acace42329c64c495ebc4ce5ffced7f393582dc248ea3960964ae92320cea8c809ab5097b5dfc9c0f7bfcfc632752c0bbd9c1a232541af8222dcf3ee3a501d12b4c32f694a38abbb8d7a6b3e432da264d55e57376a7e14997c01bcf3c0f1ce2f5945ec18e6d9dad48c060375a558b423070657430f7fdfaf8b06db5c4c256126246fb33ad89c373d1041f8cb09ba327d2b7515f178b9bc8"}, 0x1004)

15:42:46 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0x3f}, {0x8000, 0xa, [{0xc8, 0x69d6, 0x8}, {0xc9, 0x5, 0x1}, {0xc8, 0x1ff, 0xa10a}, {0xc9, 0x6, 0x3}, {0xc8, 0x9, 0x85}, {0xc9, 0x4, 0x5}, {0xc9, 0x2, 0x2}, {0xc9, 0xc5}, {0xc9, 0xffff, 0x2}, {0xc8, 0xfffb, 0xf4}]}}}, 0x42)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x51}, "099ef4c786793b7148e0dedb36212036d52471c0fa8f34af2e10c8245146f629dc0b1ae001d67b350f38358a81447da8992ade65613f03f713d3e7afbf886ea3fc6446cf58649bc03cb3e20ce52eb30fe5"}, 0x55)

15:42:46 executing program 5:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:42:58 executing program 5:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:42:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:58 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0500000056ebf7c136b042fe4848d6a311d4709d460b59ced747ba1449f28869ce34f3bbb7237c15136ab1bafd34cc6ecb5607d6e40af970d110d77fd5fd5530608b1ae15c06eefd04814eba8d"], 0x4)

15:42:58 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b34, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:42:58 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041e606790520f17"], 0x8)

15:42:58 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00'], 0x7)

15:42:58 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:42:58 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_ext_features={{0x23, 0xd}, {0xa2, 0xc8, 0x7, 0xb7, "3d5863013dbb9735"}}}, 0x10)

15:42:58 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b35, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[ 1104.040439] Bluetooth: hci1: ISO packet too small
15:42:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x60002, 0xe4)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x7ff}}, './file0\x00'})
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f00000003c0)={{'\x00', 0x2}, {0x9}, 0x40, 0x0, 0x0, &(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)="086709da277553a728c320438715fc1f24df1021476dbd90a0f536", 0x1b, 0x0, &(0x7f0000001180)=ANY=[@ANYBLOB="020000007f010000010000000c93000000e18086cf0d06d14a58ac8a89f7bb4b986b491d0b490ecd1a175928dc57c0b55da662631b3b400c6d70eb2dc42de8a79dd29788533ffccc27470d47573708bdd31075e418e765c7770848859a1e87324f5ee3343061a37fd04be92f2d520fde2dc21b5adcae83b7d2b41b9c029c8f4c59c0fe54b35cd69cf6c404ffcea6e6365eb84dfe65d2a515cc99eb6342110e4ce34ddba8df000000f575211eacb0e95003559308baf166b4b9d884eeafd6261dcba9b6dc04f1d4853fe5df67823b493f5d60401b9e039b166d7f1ecc89b5783a8d6196cd9582438b1846e7a99e49005961d3262fa0351ce21b73a9cc047888e2285c0ba33f3b323f22ea5b5f84071d00c0ed84dbfda081a3406dc583da828d4b5e551ea0cb0c076ac30f4ca754499a04f4b7afbfbd09d9e40bb0ff6f11524a0a27ff9902a7338e686e36a111faa7e59cd39b8ccfacbdd5a9256f43ce2857df1853d8fae32c57d9ad462655e4a6f6ce5a7ebe8da4e92565a0c718afc749e327ddc0c5a2ef182ebdaa000000b7655b778f6e06bb1cfcf46425266bae35b48260cd56e2aec0cda5b4bd40ccae0ed940390a9f2f14883163d1c609ca0fb966221f23e8ca9c375a14b2cb1d7e5fb66b351e4362a3dab7b4b742412937877da1769ce5694b40831cec2ebd8c4bcce50947dc315b491ef80d44257c95d384ee18305489a20600000000000000867cdb5c61714bcd493b994b42e9f72f648775cd514f95c716af3ffc92c0167f86db1b719fe1521527713c132336db36dde3b5eb2b5db489ef550a72fc00"/596], 0x235})
getpriority(0x1, 0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0xff, 0x1, 0x5, 0x3, 0x0, 0x8001, 0x8100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x101, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x880, 0x5, 0x49, 0x8, 0x7, 0x0, 0x7, 0x0, 0x401, 0x0, 0x10001}, 0x0, 0x9, 0xffffffffffffffff, 0x2)
newfstatat(0xffffffffffffff9c, &(0x7f0000000c80)='./file0\x00', &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x100)
r3 = getgid()
r4 = getgid()
r5 = getgid()
setresgid(r3, r4, r5)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r7, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000280))
r8 = inotify_init1(0x800)
r9 = getpgid(0xffffffffffffffff)
fstat(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000005c0)="009e75d5b95a40cf79", 0x9}, {&(0x7f0000000ac0)="db5c57630600b32930438bd1efb1c200d9fb977aeb5fbfbc960458179ee0d5e91a20061779b3f5215ecfdb52e533da958d7b8c3f2b0814df0d79d3f0", 0x3c}, {&(0x7f0000000b00)="980062bbbf2e1b82110c34a851b82bfc54b23e35f887223fefc8df17e8bca3f6", 0x20}, {&(0x7f0000000b40)="ef389d5973944ccd7c4aa629819e9147230100633cd1f9a3e4843e2d0ec2e7c91ac90a624349b40a281d6160f253416a56dcaaa52d78aa5b2cd36de6c8ea169740091259df6a294fe290609553ee1e795e5c2f3b43340e589b238c78c9c5ec8b790fc92e9667088a745c275b07554a1958854e5fcacf422268048c93f91db5d757d6ea9e30091923877ab86bb0e89853c666b555c41282b60d2c", 0x9a}], 0x4, &(0x7f0000000dc0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r4}}}, @rights={{0x2c, 0x1, 0x1, [r6, r1, r7, r0, r8, r1, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r9, r10, 0xee01}}}], 0xc8, 0x4080}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_mount_image$tmpfs(&(0x7f0000000440), &(0x7f0000000480)='./file0/file0\x00', 0x1000, 0x9, &(0x7f0000000940)=[{&(0x7f00000004c0)="860c279df2128f08742a1d8736903157e4980fa304c1b2acad161a7b664a1aa530530f06a204e6ba7a69fc65df7e907f026e2fee89a6172ad6c2f46f736de22f09f0253be8931d6b0453346afd30182750893cbc56ae58ef947cb7652236d57dc1cab7055f9f81d04289cda5a694251722c6d328266263e714970127ac4adf044f514d76f8a8c90a766e8f79a135326a87d221dff2ef3378b30bf59e00d37e42a5766b8b50829f3c69eb938f3160987ef4ab1e436a950162ee376215b5806aa071e81dad0b4d", 0xc6, 0x100000000}, {&(0x7f0000000f00)="eefbff518e3b2bd1385a85a7ee98aa7fffd5c8b75de7897ed2e209e7dcb6e3b2cff306463acd6db0202c6006318f1e5ca8ae86af7ecc76e2dab9f2432b9036f16b0e95fc198534cd7a0be3280d8b60e752675bcd64b6f680ca447b0251178517132244342e89aa63", 0x68, 0x5}, {&(0x7f0000000600)="d11a0f1f8b28c85eb29fd0b42bb190b065194b556911dee2093b5456ff017720ab23e9e7828d88a6", 0x28, 0x101}, {&(0x7f0000000640)="a28acc323cf29bcafe9509c64f1e3247af5c5ca921eb91dcecb51063f2458ea94e97bdbcd30f9d7fb3e15b65f722868687716729efcb38d34c0933e24056d7e8e09bd97b246d51625b3a2f62e72d2013", 0x50, 0x3}, {&(0x7f00000006c0)="21f86fd990f23a279c5152618a927aa4a618a9cf58379964fd9a637aebcdea09bd18942ea7e5ef08d03a", 0x2a, 0x1000}, {&(0x7f0000000700)="2b37bd4bb822a52bb224589b8ee21741289b0fec27dcd9325f4c358801a272cc4d3a104f44f0262c5f3d3f3ad9b8ff4a4e58f3c76434b4402c256ee78cc095d1e84953a7b54428556aab43c031405cbf45d3debfde6a134347a608ca3ffb97091cf5aece7dde22a596224f1b26bf3b979d74141307f5e1e3", 0x78, 0x8000}, {&(0x7f0000000780)="8f771b8b35e876064365a67817a55af67b111c676ee1fb9f46a1504f1951ba0660f9b95b3ee84a297ed25396799b24813cb70dc32be2f1b8072627038cfcd8af5262f0c445d2f765224aeaf3", 0x4c, 0x100000001}, {&(0x7f0000000800)="30bf182c0b8bb5c2319b739a439ee83eb7cdb8aba437aaf8b61f4cd43ef114cefa0042f97c4cec78ec061dd5be10c5cac5aa700fd1f40397736f60bf5429500c560f29e23d7fec171ed3", 0x4a, 0x4}, {&(0x7f0000000880)="3e559622b34acb5a772bedbbe191cdbeccd2f462575c9f8c2770b0bcdadcfc36dced77047337dd0d0bc991135e3e24d4a2f7a0dead4704613cb1350657726872b1d7f7bace0fd2de7e01337677013e57f799759aa4c4a8f8e19699310a79c32235035a3e87bed6ba9e8202a23aee817e0086c80e0002efe90600"/132, 0x84, 0x3ff}], 0x20, &(0x7f0000001080)=ANY=[@ANYBLOB="687567653d77697468696e5f73697a652c7d69643dd1cb653f3e8e94abf481acd7f3c4a97a9ad6052aa858ce88698201e895d8c00be48fba5d4a87fe9ab766fb15a23aefaab44b99611c580ee08b8f61013953004a1c6c1563d93d639b7f4e417e4f02322e7e1e02b9f609ea7110883f2c417df2e15eab1268b6502311fdc27cc23564d5e96e28bcb016ba32cc604338f7955b0b", @ANYRESHEX=0x0, @ANYBLOB=',fsmagic=0x0000000000000004,measure,appraise_type=imasig,fsmagic=0x0000000000000005,\x00'])

15:42:58 executing program 3:
semctl$GETPID(0x0, 0x0, 0xb, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {<r0=>0xffffffffffffffff}}, './file0\x00'})
semctl$GETVAL(0x0, 0x3, 0xc, &(0x7f0000000080)=""/72)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'veth1_to_batadv\x00'})

15:42:58 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="05"], 0x4)

15:42:58 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:42:58 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x23}, "332a84f366ac1f08d9b143eb4b2905f1ae01919a87be8b47882183bbf6a4a61f001c32"}, 0x27)

15:42:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:42:58 executing program 5:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

[ 1104.243246] loop2: detected capacity change from 0 to 264192
[ 1104.247567] Bluetooth: hci1: ISO packet too small
15:43:10 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:43:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b36, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:10 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0)
copy_file_range(r0, &(0x7f00000000c0)=0x3000000000000, r1, &(0x7f0000000180)=0x7fff, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2, 0xff}}}, 0x14)

15:43:10 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:43:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:10 executing program 3:
exit(0x3f)
restart_syscall()
exit(0x9)
restart_syscall()

15:43:10 executing program 5:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:43:10 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8, 0x8b}}}, 0x8)

15:43:10 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xa4}, "229bc8a251a04eb4ce43998e825139bb2c3ed194c977b1664172f7f86553c01a445b02291220d3922390edc13d58ef34cca4838f00f67d27bf9e5cc3e4269cfade9b6a34de07eac5b00cf8db3d55aaecd7057e7be0533b77d792090126aeb28b41187512db93ce6916515eb54be817d20c3f2d0bcc2cd3b4bbbf314e1220139ef5a4020bbce94c25c71589831a9b89b0136b625671f5f7428b50aae06f02a62ba683b8dc"}, 0xa8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0xae}, @l2cap_cid_signaling={{0xaa}, [@l2cap_create_chan_req={{0xc, 0x6, 0x5}, {0x0, 0x2, 0x30}}, @l2cap_disconn_rsp={{0x7, 0x40, 0x4}, {0x1, 0x9}}, @l2cap_cmd_rej_unk={{0x1, 0xbf, 0x2}, {0x40}}, @l2cap_disconn_rsp={{0x7, 0xd8, 0x4}, {0x3, 0x4}}, @l2cap_conf_req={{0x4, 0x9, 0x19}, {0x52a, 0x7, [@l2cap_conf_efs={0x6, 0x10, {0x7, 0x1, 0x6f, 0x5, 0x2, 0x7}}, @l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x20}, {0x6, 0x5, 0x2, [@l2cap_conf_mtu={0x1, 0x2, 0xfff7}, @l2cap_conf_flushto={0x2, 0x2, 0x1000}, @l2cap_conf_efs={0x6, 0x10, {0xf9, 0x2, 0x80, 0x1000000, 0x1, 0xe8e}}]}}, @l2cap_create_chan_rsp={{0xd, 0x8, 0x8}, {0x200, 0x81, 0x2, 0xf580}}, @l2cap_move_chan_cfm={{0x10, 0x9, 0x4}, {0xcb50, 0x8}}, @l2cap_move_chan_req={{0xe, 0x9, 0x3}, {0xfff, 0x2}}, @l2cap_info_rsp={{0xb, 0x8, 0x2b}, {0x614, 0x0, "7cf6de6b4168f254ff9b0ad6f1727f8e7ca942827059dedcfb59570d2192eee0d9baa18eb6e523"}}]}}, 0xb3)

15:43:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b37, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:10 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:43:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:10 executing program 5:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:43:10 executing program 0:
syz_emit_vhci(0x0, 0x0)

15:43:10 executing program 2:
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100800)
sendmsg$AUDIT_TTY_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f8, 0x200, 0x70bd2b, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x200480d0}, 0x1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:43:10 executing program 6:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB], 0x4)

15:43:11 executing program 0:
syz_emit_vhci(0x0, 0x0)

15:43:11 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:23 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
dup(r0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESHEX=r0], 0xd)

15:43:23 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="5b1dcd79480408"], 0x7)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x1, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_rsp={{0x7, 0x1, 0x4}, {0x5bc, 0x1f}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:43:23 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000000)=0x80000000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:43:23 executing program 5:
semtimedop(0x0, 0x0, 0x0, 0x0)

15:43:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b3a, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:23 executing program 0:
syz_emit_vhci(0x0, 0x0)

15:43:23 executing program 6:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:43:23 executing program 5:
semtimedop(0x0, 0x0, 0x0, 0x0)

15:43:23 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@none, "6afd5fcfa18ff66b"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xa6}, "0a8fecad6028a0d3d4dab8dc0711b383fe4f0e588176eee6e87827ff9c702921ac167af8bb03723e37e3968308db59ed37a6eb44753e365f3fe9fd4695b5fa55f89b0fb7ffc29927833873de3830041d44dbf90a5795c4e5a136159776dfb302677903fd3f0723c90bf09feae7d39a922267c004d69d842cc9d031e2e34a509658fef41a5e19f95ad4745e8bec1dad842d4dbc287b81e00010294843a43db8abfac0f95d6343"}, 0xaa)

15:43:36 executing program 5:
semtimedop(0x0, 0x0, 0x0, 0x0)

15:43:36 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:36 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc8, 0x8b}}}, 0x8)

15:43:36 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0408a0b74937f35ee4ce081a3e403ea68a9325c4c12edaf16da32948bec287b228acb99394e6f4627994e3c3c0c8b676ffe45a83e477af528150cfcb224064"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:43:36 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b3b, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:36 executing program 6:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:43:36 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
pidfd_getfd(0xffffffffffffffff, r0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_ext_features={{0x23, 0xd}, {0x9, 0xc9, 0x5, 0x7, "411b3a6fb744612a"}}}, 0x10)

15:43:36 executing program 2:
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x6c, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "968292b6637bfcede6d7e470bc279df8954580402815a065bf"}}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xd7}, 0x80)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="bad0b02e8c267229913b30e6d565a2b8b8ba75c244ad39461105903c914e2ea110090184bae0da700bc61eb6727c4a68d9872423d1c9f98eb5a47238fe043634f3096efab319478f8e88f65f93b9bfdb51a86cc5b020e998efc7c99a8c52d76c658a5912a651a5e5d8c2e58063bb2cc796adfa1b13be9e99eb0e4f7668c2be0f2f3e47dd64531c6a69f5e98a08ea5cc70f163f6d293be8dcd7dabefd7842f19c763c5085dbf4e6a6b28e47617b3741b7a2311636ad4321be2fe579ce1608eab8064891f07c08b35adbbfb6a60729b78fcc5ced018627", @ANYRES64=r1], 0xb2)

15:43:36 executing program 6:
semtimedop(0x0, &(0x7f0000000000)=[{}], 0x1, 0x0)

15:43:36 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b3c, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:36 executing program 5:
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)

15:43:36 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc8, 0x8b}}}, 0x8)

15:43:36 executing program 4:
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000000040)={0x0, 0x44, 0xd0}, &(0x7f0000000080)={'enc=', 'raw', ' hash=', {'sha3-224-ce\x00'}}, &(0x7f0000000100)="1d9fd4751f10f51ede08b191130015150392f5e4bdc66040c68a4cb3cc14a2449b835fc84e20c2b8e8236bdf79cd9037d4e5cd3bb36a2c56610c72a83fdfa39c5cf7e378", &(0x7f0000000180)=""/208)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:43:36 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:36 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc8, 0x8b}}}, 0x8)

15:43:36 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = dup(r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r10=>r1, {0xffff8000, 0x3}}, './file0\x00'})
ioctl$sock_inet6_udp_SIOCOUTQ(r10, 0x5411, &(0x7f0000000180))
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x8, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x6de}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, r9}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x35e}]}, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x40001)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:43:36 executing program 5:
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)

15:43:36 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b3d, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:36 executing program 2:
write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)={0x13, 0x65, 0xffff, 0x3f, 0x6, '9P2000'}, 0x13)

15:43:47 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0x16}, @l2cap_cid_signaling={{0x12}, [@l2cap_cmd_rej_unk={{0x1, 0x6, 0x2}}, @l2cap_create_chan_rsp={{0xd, 0x1, 0x8}, {0x100, 0x40, 0x81, 0x3}}]}}, 0x1b)

15:43:47 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc8, 0x8b}}}, 0x8)

15:43:47 executing program 5:
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)

15:43:47 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:43:47 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:47 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc8, 0x8b}}}, 0x8)

15:43:47 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b44, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:47 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(r2, &(0x7f0000000140)=""/175, 0xaf)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16, @ANYRESDEC=r0, @ANYRESDEC, @ANYRES64, @ANYRESDEC=r1], 0x8)

15:43:47 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0x0, 0x8b}}}, 0x8)

15:43:47 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x400, 0x42)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "ae6f2a", 0x2}}}, 0xd)

15:43:47 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:47 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc8, 0x8b}}}, 0x8)

15:43:47 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b45, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:47 executing program 4:
accept4(0xffffffffffffffff, &(0x7f0000000180)=@rc, &(0x7f00000000c0)=0x80, 0x1a37c6b53f0c1a99)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000100)=0xfff, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:43:47 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES32=r0], 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:43:48 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0x0, 0x8b}}}, 0x8)

[ 1156.029072] Bluetooth: hci4: command 0x0409 tx timeout
15:43:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:58 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0x0, 0x8b}}}, 0x8)

15:43:58 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000001380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001340)={&(0x7f0000001200)={0x140, 0x0, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x0, 0x3}, {0x1}, {0x7, 0x5}, {0x3f}, {0x5, 0x4}], "4375f0d01b722d81"}}, @NL80211_ATTR_QOS_MAP={0x20, 0xc7, {[{0x0, 0x7}, {0x1}, {0x31, 0x5}, {0x9, 0x4}, {0xc0, 0x2}, {0xb3, 0x1}, {0x3}, {0x5, 0x3}, {0x9, 0x5}, {0xf8}], "7cb24eea43b0e6e5"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x81}, {0x0, 0x6}, {0x80, 0x5}, {0x1, 0x7}, {0x3f, 0x4}, {0x9, 0x3}, {0xed, 0x1}, {0x9, 0x5}, {0xcd, 0x6}, {0x0, 0x7}, {0x4d, 0x6}, {0x7, 0x1}, {0x6, 0x3}, {0x3, 0x7}, {0x3f, 0x2}, {0x9, 0x4}, {0x1, 0x1}, {0x1, 0x7}, {0x4, 0x7}, {0xc0, 0x3}], "ff60838afdda2402"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x33, 0x5}, {0x5, 0x4}, {0x0, 0x1}, {0x3}, {0x40, 0x7}, {0x0, 0x3}, {0x3c, 0x6}, {0x9, 0x7}, {0x4, 0x5}, {0x9}, {0x7}, {0x6, 0x2}, {0x1, 0x7}, {0x40, 0x5}, {0xff, 0x3}, {0x40, 0x4}, {0x1, 0x5}, {0x0, 0x5}, {0x3}, {0x80, 0x2}], "b498c154c5143c12"}}, @NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x81, 0x6}, {0x1f, 0x6}, {0x9, 0x3}, {0x80, 0x6}, {0x91, 0x6}, {0x7}], "8ceae588ec60885a"}}, @NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x2, 0x7}, {0x6, 0x5}, {0xd6, 0x5}, {0x4, 0x4}, {0x2, 0x4}, {0x7f, 0x6}, {0x7, 0x4}, {0x7f, 0x5}, {0x8, 0x2}, {0x4, 0x5}, {0x9, 0x7}], "f662e20b19abef74"}}, @NL80211_ATTR_QOS_MAP={0x10, 0xc7, {[{0x1f, 0x4}, {0x7f, 0x6}], "664898596dc4ded1"}}, @NL80211_ATTR_QOS_MAP={0xe, 0xc7, {[{0x12, 0x7}], "76816c4d67bb847d"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x66, 0x3}, {0x1}, {0x2, 0x3}, {0x22, 0x5}, {0x3, 0x5}, {0x4, 0x4}, {0x1, 0x6}, {0x3f, 0x7}, {0x1, 0x1}, {0x0, 0x5}, {0x8, 0x5}, {0x5}, {0x9, 0x5}], "1238487a96cf93fd"}}]}, 0x140}, 0x1, 0x0, 0x0, 0x15}, 0x20004890)
timer_create(0x5, &(0x7f0000000000)={0x0, 0x15, 0x1, @thr={&(0x7f0000000080)="1a9e8dcbca433ebec9edddc61e7699175b344fa4958dea3cde2ce2361503d667abb8df8faaf329efb0d8e93020da647797d0e53b9f47736b9f158f4c3514f3770b33d403b8f0edaa190e2a706f50ece2137d61c4eb489830803ca5510b6fa19f0b94f1594d191fadd811952b1449c750be59d526b7f8326e442db233b57884393ed7d615e939389d3cb1cd07ce2e00d8d8134b2e8f605301b9eb4348c8c310747da45043adf1fb47252542f7203f31c3feee278619474bb26e2a2e529a773024e208780d9bff19457cbe7e94517a5a981cbc9d33abb35740dbbd560075e6fe2a8f2bd926", &(0x7f0000000180)="12155e15edcd18bfa309697f60827702ede6248200ba33b47674b2867ca0d30e55457094fc6aa8bac0494754f6053fb3775ff3c1ada70185a0f28966d7fc7656a0f067bc86ac5bc5b73f97e63f7b9bbb6ab342d3d9bc40bb5cc7ac27b39a0e155cafc56b0a8de77fd9f336057fbea333b924bed2fdb6e32e1b63b0614ef967824996b8c27f9be4e2df9d705c73f1bdd249154d40c705ea36ec374accb72afc493cc33ca426d0edd7379febbe9b3829b5ce83ee1ad47a7f1177db4916888a7fb5ccfaab45054b7e35cd22fffea8ff7c3f7e3cbcb884cfef8b2d67e50867bf21031dd051422310f33c19ec992a56da9f01fbbee0e9b467ccdd4840cbf1c1a301b49ff4dd9b9568bc717933622994362298f82bb7a91341699576a412774201220b9776918641d9477e5a7cdf9b116d408ac505ad9be9f2a91795f539700d95d9bf03fcfb715d04c71b2ae5fb54b074a51483ab37f572c972183e854956a7015ab002333c3eaec6da16439f965a838fba0a761e9c3aa18ae8cc9a778002cfc3fd62fda70184f07450fb8a50b355f7dbe3a3607679efd882724b8d977dff06671bad8222fe7d61a26961cdbc1d856cfe9d68e8515389da3ac464e36a73ef768c26d4cedcad5e8925676225f53c0d01d122b036089ffd5175ed1d416113594cc21e29178fd1e8cdce963f4a863d0bc05ff190484a8284f89c952d7bf0c2af1490133d3ead8ce8b8e267a4b55b8cfa8122f6036e8a372563587930ee1d84a5d785316abe1e6daeca52732d9464cb9890894cd57ac2a4e421b80a6c6162f4ec3611868606838442ec634c413352936c1cc1ec199bc152fbe74402f2aa56be22cd2389b72ae1c124c38b881621a805a9d81e03489727b53cf8e17b518bf62613fb569d0f4fe6b399a54944a815e1cc77080f7675c2f069af2bf2faf0ed13b68a516d318494c832ff9b3348298b257ebc7ba2238560c5f5d83aa15dc62879e4d11f7a14fa17aebc5d16c1ba9d581a70f3ae1ac0e0f88caeab156d5483c5d5568b0669536c47eecb1f993657ccbbb1bd874a0994683e64d099edb70483779453f536bca92d5485efa955e574cccc66af5ee83d45e1c02dc8616238f3df7ffe71148400d7c3fd1ad03c71e28e4652ed1c2da553c4afa67bd7f27db9dea095796d3357b28d6aa5cb05c8f415f52458fb8d4bc7d6138244e76d38a9b8419582fe43550f1d768b0d795ce864a3b57c260d7f5258efbc82e3e18bd4662d20feba331f48aafb2a9bbe29aef6164060d5cd6a9138813ce06315fd829c8b4f60da9e4f51d90ce1cf7a71bd62c7b3f30d24d5e96766fff782b430cbbda5c80e4c87afd47c26bed55225b89c03a39f15b8a166bfd36760da848a19b3e95ee7ff8d5415d91c40b6ab7dbd87fa109f206569ded3792b4d66ea0cb4e3c0dda4a20b82e56438b1c4ee65b7178a3de2313c5618d240951abff4d425917fa70ec9e31a4a57373f5526ea0e1214bd6d8b5286ca9a18d4bc0c73e6a7b10ecb9d1821b25effcfa8664768efc37cdc3f7863a4c014f92827d3842e924942d5b42850fd64894270141aaaa1dbdb135130d1d0251b105df7f00ef8c4770620e516459fc041ddd4a49aaab257d8895a7aa051905526d95bb56386ccb0d1f7d0a55e620dcfae21acc138c157c84a08c2e7e6993f6e00d891942d32bc6d9bf9fb6a3cc4b9490bb6e6b87b930b348988afac96f1ef813050246d2fb47d5445c21eea4d6ed9fc851a6644978dd2cebefeead471cc4d8ea72ca8a336e151254f2d213faef0a93c911a5557f28a047dbb976ea17d16c079d7ea350d0ae3f52c6612eb17dc80151dd3991d414c24663a3a08cf3c3f3b05258b9eb8a371a8320340aaee0aa06c19a1bfda4d5fee2b4713dc3a14f8fd97bcb158092bba8066ee9172842cbb411012505bc59871bc7ac8baeb3c77965aa4d1a6e3d8560ed6c47992df21bcd37ff832335d0ef0ddf661237dc54fc91effe78210a2cf242791b6d857aa9d3900f577430e0f047af02ed0b924625f617670632b02e4a34504bcc60c1e9e5d8a06ce54d2e827416d14927088cc8b118509e399ac1dedc1320cc5fbe56324460a928e22c555ae514fdfa14ffc284f705edc13fb64ef3ce5f033ae29c5540a9e61ffd1f369d9de080746f287ba5d061ea892fd11b75d2f9f3f2a4059f003753d4c9e6c3bbb88872472e4e28609b402b937a4b4e024b4328c3b83011f8cc715be92e8f0289aec2419f2cd7c8ee8e9afbe687605b10c390729b921d91a78aefde9eff7b8da3b5ebddaef8ff3322bddf7299cb6f823414ea77497d807d73abc8f10cdf63d696eb5c02e2f8e4e2cea63a1f1357a410b4ab9fdf827c49a02d50a24765d95bb1709346ea29fcc8ed81fc81b27797879581b0323092ca1c4b3fe4c6da434169ec1618f8c26145a1f6767e8f9b1afbad89f7aedf984385d228b35ffd2acf69c4e8259eefbc265ccb77852beed7ec0aae31e77ec2f0906b2666effce202015bc3f21cb1310e9a729f505f10f5ccc854899106269b16f9d3479aef555570189e456b65ac3141658babe4c8e7a8b24eae3905cbcecd9ac92a29960db4f7620a385138ddcaacf99d0d210d4ee4ac5ff9304b43db74119ccbc28aecdb33816d0fe1766aeee9e535c80ababdd9734456c8a6c0e79541349f3e8fa73e85e92efe34178370e4115e8c4b5e3fc6e1275c55e4c0d32428ef95378d1a13680302b0e90fcd6e75bac0a944a5816f0e115b244396e5a2c77c9613e995d20327c6a914c47e2ba898ba976c8bb7ae91c8c6ee988e53b8fbb70674467e335ea1e98fa4709b6852eb30bd2d8fce9612ebf4608fa4f9bcaf683d093fcbd1fe9f7838fd0fc5b277fb622262d87f0a9fa35832092612d819685206a23afb755ed64ef0224906de7d3549c6cf989ab1f842fa5017a8167dc0a6d7d03d4488447221db5a4b0b3c096b7780555b26b3e298b33f195882bbfd5fdb781777d198fbfcd7ffbd628f9e826ff64f71d16954a2113afb0682bb956bf63fb281e0c1e3e9387c0059be00c72920bf7a7c902db37bbd7ca817c9d604b2788f5585bc274a22348b7038835273457463c35cc2fb31346454d2f1f6adfe977060187f494b3334e6b31306890139c3430273568d6873c2d2950525e5962bae8fedbdecbda50ea609382c15749fdfa56dc79f9292527729771831708fc9b383f31c739fdc4cfd023aefb3195512d71ad30850e8c04019f5deb78d0a257ec24d4a0f80f3e2a50901d4abfe8826cff066298354781fab0d6cbaf0dcb57eb1d411ca1acf31659f20de47da6bbda014c2d5d7858f0d7f2d00aea14da9607629e3281419a977d42e17545dbf2a1f164a84bd4923dd84c8b8d0237e9c285ede584c66e6f99755a87c805e8558d5da6be82bbe0a3bab283e12134964d460d94166c315c769b5363b6db87c95e702a5ccb1481efac9b833505910d73f6588bf2d3fb26c75cfa7aed0e4980cf6ff41be35780b0e78f6db07693e810b4f9170ec89dd67f27a03ea08a7c1f7a24279c39b0f04945fc6136e91fe0c315a04490f0d3cc0e5b46630ebb882378a04339a80447340a2c35151822e608591a283a9edd47479566df085dfdd7ee439bfc7d1ef43a34a433078f2984b8b4f30c0b07674b566cf5e541f253a5aec562930cb6cea5c59ef5d3c74b55b7c5ef55dc6e133dedc4d550e8f854fc2983d3b0eff4e1976a6604bdc5b13863c1c405338b6f7b5f123453912ae25ab2a7fcfb42e3f09bd8c5a97d526b9ac30b056ee332e88917fa8ed828265fc54e20bd87cc666857b403eabd48d602e8d47cf106cef50413fd5006b2888ae97ea72d13004e9551daf2f22fb4ecbc22252b54189182596a947e1f5d479dad4013e3b78bbc94d17c9875ffb2efd40f688a1e4808a265b3db52eea819d6113c70cef2ba91ac9483e75d57471926fa0066a18399dbeb3b36bfe69168c76e261e8232369d0db7993ca786596a076d5ae4ca97073ec6d35f2a70c44dcf7c4e9def8d32e26df45f099f549f8dc8be9453664cc1baeb7dcad638f90590cdd7a161d734048e84537b95bf798a6a44d23ef246fe197e62892e85720ddb6cb13ac253289265aa47a1ec159550d52f63e17f3459f4c217a133a2add20e93fd662fb0c6bf6f0d46b7225e60f1176630d3d58f255684d71e3ef7b057d6517c314b0b4c5b7a5843836bf933e7433be0059f416a5bd45f7bbb80799e8e50cc3a9d78df1438b22a91bea1ae9f5a8841bf21dcc61cc9588ee3cd953b6dddc868c9de8294c85b066bdf2672acbf7eed7d39c31805e5ea932b1d6975ef973da1f6ddb6e33aec2121c7c29cfd86e934bc062edaad4c1eefd705119fe613a09fa9f0a19d6833a543da0b6ad6a7c842f2da4e986187806d97e3ebef68cc8dd4221e4098307d9c8aa2aeacb0d07673a043767c32ad95140bac8d0c4a1db06a5bd5afe8b329478c1ad4582606777b3a7771206f8af960ec6e67862f228e2f0056df21a0583d7aba4d74199be616bc4ff90440dfc461a22ccea59a86ba62fd7d11b43d5f2aa31e97aae00d4ed8d348c2cb6046cb32139bb20f0a212b90a74430ff6672b3b63f17d394fc86b6b92e637d75e17140681263215d67a44cee9dc40f91d2421159baafb4ee42281edc048b1c07d4461f1ccdc840dc9f5eee405b17787bb583017b8acacb8d70d412d34a7c763d2d8f7ce9cfe59726a84346f316b58f09439f50854e38f4e9cc2febe9c92ba2a7711c4265a04f5708b4ac6429b3df4a2ef6cd2d3d417a5d91a907b1dda9fa782158097c98df49a4968b08503049ab62afd7025c0d9b74043b292ec042e72a6804977c35411e31b4e7ff9ef02d453d4f99a2e2e5bc5976af8a5df4b91290828e0af633c12e21fb0f0eb3c1da55d293862531fe466f9138448ea6da9f153eb57912d12ec8ca6f765c89f0de27cc3a5d76473e6d2137e44d5e05389d86d6d849304594b748e31a219607eef048ce5a61062a48ef043dcf4213e81dd6b193a5bf237082e9a9422c8f3fda44c6003d1bfc3b74de25c25167d8149c56f8a171ac554b60bff164061bcb352661cf50ce53c41b048efac91a61affad0d8d3d40594c454e992855f71621454bd415a13b87e04998070d9e520e83418b20e208b8b9c5f9fc91c7307f15546604825d5251b539891b6c34ee7327b1a35c5b753cbed2ed095976bdd3037bbe793f3122f3f6029fbca08ae881dd2a951d6f8c10a09c7d50d7f4273f17a4643d9e3466d48e321df1e57b12836cbf1acbd86b2bc6071abcc4534ca9cae31f304a644f01cb224bcc6a9114ec1b9e2f111fb9131e217e59e4874d4e767adf71b98d1bbc58b67bf1405d89f1067350f855dd46e0b2189d75f8aaa5b0a6b27b366e0fb11b983a390149022d1d8ade2144c60c43a20e7939ed485ddc79cbaa958d6ed19e71fbd828849b6dc54b1d373a7a41eee6031ac18887e32d03afc76ce62dc7d830d617425c172caa456272ca4de1a20160396e6603717449b0c6dc68ff6b2e82811b810fc60e6a214da544c1def91bb20d4d01d37a86f97c9d6be454037b7181340de09fe46e1a2bddad836bb637e6fafd15f23fd19088bcba23c24f0edbe2200598aa42634bca6203c7510a12ebbc1a16b8c4e1e258c1c5840afbba5cfab3a505411bb0d90bb562ef50bccf9bccc6808e16e1edcf50be62eaea9cbf7fb0123c6e290d0d3442adb980e77c94c695091475b18b9457a4f9693e29644296331816de221cdfcdfa9f311d08d08b197459f2489b79322b9cfca09"}}, &(0x7f0000001180))
syz_emit_vhci(&(0x7f00000011c0)=ANY=[@ANYBLOB="042c11ad649ef24da95b29ffd931fb240609dce13c244b1e1fbc43580200000000000000"], 0x14)

15:43:58 executing program 6:

15:43:58 executing program 5:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x400, 0x42)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "ae6f2a", 0x2}}}, 0xd)

15:43:58 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b46, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:58 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:43:58 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x2c}, @l2cap_cid_signaling={{0x28}, [@l2cap_disconn_req={{0x6, 0x4, 0x4}, {0x8, 0x2}}, @l2cap_move_chan_cfm={{0x10, 0x8, 0x4}, {0x5678, 0x101}}, @l2cap_create_chan_req={{0xc, 0x0, 0x5}, {0x1, 0xfe7, 0x81}}, @l2cap_create_chan_req={{0xc, 0x2, 0x5}, {0x1, 0xff, 0x1}}, @l2cap_cmd_rej_unk={{0x1, 0x3f, 0x2}, {0x100}}]}}, 0x31)

15:43:58 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
shmat(0x0, &(0x7f0000ff0000/0x3000)=nil, 0x4000)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
r1 = fork()
wait4(r1, &(0x7f0000000240), 0x0, 0x0)
tgkill(r1, r1, 0x6)
getegid()
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000a80), &(0x7f0000000ac0)=0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
r2 = fork()
wait4(0xffffffffffffffff, &(0x7f0000000040), 0x81000008, 0x0)
wait4(r2, &(0x7f0000000240), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:43:58 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0x21}, {0x3ff, 0x5, [{0xc9, 0x5, 0x1}, {0x1, 0x4, 0x655}, {0xc8, 0x80, 0x14}, {0xc8, 0xffff, 0xed}, {0xc8, 0x0, 0x7ff}]}}}, 0x24)

15:43:58 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0x0, 0x8b}}}, 0x8)

15:43:58 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b47, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:43:58 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:43:58 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:43:58 executing program 2:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=0x0], 0x14)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="03c80040116a454b5bfd6dd35b343230522310a5218ac4946e1490a4b1bf3d18f6dbf88e6d8e44ff885d6c34562f90a320c5967d6f167a2539977c104a0f5b5e7d6451172ddd32720aec6795963c4502aaa710166c51f65e87b6e9c1552162589c3c516f2ac159405654821d"], 0x44)

15:43:58 executing program 6:

[ 1166.781067] Bluetooth: hci4: command 0x0409 tx timeout
15:44:11 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0x0, 0x8b}}}, 0x8)

15:44:11 executing program 6:

15:44:11 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b48, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:11 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e05005a0c1906"], 0x8)

15:44:11 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1000}, "6830cfd95dd6453f8f5769ceac19832e2e67c783eecee0da9498586e9a85e530c3e8f01b8875bb9a48f7032c2c4e24724a6ea5ebdf78843a68428284f40001f64c5535ce1d3f33983f1af81043d8c120d75fb3bf8489acec0aebd001aa3a9744ef48664872c58f90106cb32eb40f3fe8369c07058d62f429f21e67e94e72c46ae939b606fdeca8d7f61fa11f5ca238ec1ffa1e5dc9c6f92dd2385288146aefb3ac52e93f35a14bf2c63dd50c0883c4073af5e6ccb76533b250c143b2e9b51b62b3ac97e7035dec9fb746d07158e11996699585bd919759d85a9f19ea19c53c1fe6b95ee9d7199c934405cb3fb0a3ae9555d964bf5c33c4cb6fe00cd97b1d0a5cae925fe33016d1d0d30a955506562719181286153c5dd9a5f986882ff48409a75c9acf8d534ce9b9bafa6c5bbcdbce8da648e19b876e071faf62f970d8b5e75a3c4a2b746ac8625ddc3867d45577b92d337f52955befacf3cbb6a665cd47979fccbfc38b3c7c122c998911e3d254ebf70de16e2fe155d0100f24df184f15daf9618ca048d13263dbb4d6412213d1541428510e5ddf2867e4fe2630c7bd20d7639231f3beff1894237f3f324d0de3d8cbcc8c092a519fe6964dc3aba8673db5f4595e058cee4229c7206551e863a9f333598fa4255592a1ec2715b205d68772bdb62e2cd0382b852d0850312a3429209a9d4a0b7533d74677f8c97a78ef08460008c1b3e0e939c3283aa8912ecd3d312f51b1fb801ff1f6f842b7001e753fad98e045f0b888464a413b90c3ce319e2c19bdc8ecc6ebdb02d27b101ccfb4581820fcd10a3bdcddc2893df9d7e8d2fefaff49f73d9f330353f25c62aabfce2a00215e0358b06ba02f3b4b3585527f5175c6079342b2591c56a6c4f2f7ab68b785aedffdfdf7a59df0180813500c677487246806787fc1556dcb1d375a352215c8a1695e202c9c13c0a6fef636739f7f40afc245f17748ac049f0e4f40dc87a427c81433d57cefe030f70301f25fb7a726ec91616493eee26b1ce6884ea05a2813dd6d0f95a111fd6a970cc9340fa80e7392b7d48bf596315857655ad8469424ddcded878a40177ec90cb4cdd683fcb30f81f5ef8d6a451cec13e97e5b7be4e9a0e5dbe899ffdd0c90ae3f132958008fd5162d66038150e21ea4e0557adc946dbd12d31bb1c3e0886e47d7464fcc7362ee6ef96191666fa0a9316a49d25305dd5aa992a9da6eb604d426fdf1b7b015f6441833e418940d454628c2d46479d788f8d261d72096fe42d611a0314eb38637452cf7c1998465acbca07a018429c14ecfc46f937ae34824b34903840bb0addc42fb21bcf37c1c49068c5da45b04bb371e0d6f86d02df35ad89e281f321331729b35a98262b6d2bff13f1be319417592a1877831aa35c552bd20f227ab6271af3c3c2f7c6c74c978e268bd3d90f22f807105c3aa938a0d2a55d79697a7e6296cf0aa5af7b1dce0fe1517d05f763ec0b1a868e0fa7b7bad6fe30c783b66bf24d71cf9747f0dee917ef9b8c4f219ffe0724c8b455a363badd50f26f5127faf06b5085a5dde91e59a2600661151bf3fd5b962f72fad417aa032c8e3dafb77a091370dac5b8e29fa5fadfd16defe102defc38e255e249da1da578681b985a2951803a1b69b4d9d0c7101145221bc01020c9f5842fd01fc75622835f99952e95727bc4e18bbad32ade69b1710abae44dadbadfda0fe796c5f1c4b8551c1e3f7da5531fe26a0b1382a4a4a019d901fca9bcab7207b33a67a0854c3d8f9536cef81b6fcb70a8df1b16b8b321ddb574d5ccd783950a69a50a809878a1fe05ff4b12f717030344bb422dc3612c96327d7732e8a513404dd2f73a1bc10f51918c2bf2ee6e79d39ca448e695e188cc995c7dbc0e738b589080a211eecfc160581f901c10e54040460d050cc6c052d7581cd5813d3e382f5e1e81ea9646433b534e8d4bbf3e43b58e6bc1886968c46b26135775b89321de894f48d0706f05b3c2a075710bcc4dabc8b61a5ed83f9fc66d633613603d51674d24d107e95df49eb9971897465fb0d52a38e686b150c5a9f426ca6ef358265e0c2961be9b1bac21402635e5ad01fc63184170e7aa463744725255dcf634d045ffdc147376c205ca1cedfd351d310e3173ccc2bdfb4106353fad896b0d085c1269d07d4fa8f3f7c216063fe0aa9bb3572628dccc4538e167d85bbf86d67907d9fba1be216370fb1f28359eaa5a02686de8740e64660ae5011fc320434c0886e166b747954bc1c397ff0402a4c6f2374e405757feb97ce65d44212eb31428059c8aff45b5ef7c1ddc30c28b38180c38edced93c4fea77a7b0415ab26956d9c4d1b526138c5f57998bfedc7f59b33a52b9268a2e21f8600a81f2e4307378209501f16c19d53c39320f17856e268eb0c3074536432aba596465a3d58b15f2ec8f23cffe408089ddeef349bba0c3826422ec06fec907b96afd1a01312914e1d5f44255521b9e8d22ae52dcdc7bb75d304049fac9bceb93880727d5ecfe1dff12b52e11839418e07ea0afda6e430bd6c1e9e7dd4d0b5ba96a74f27cfa43ddab8a75b33ebcfece910d8dfd7607d954d9e65b61e51f3452c6138ac42124ef5b55cc0a2b98501493a0939a7a47decb3bb317792fc081ddf0586d9f890cc4d0da286c0ca0e34ae7e0675b7aec4c8f4415da172b4a47cd1d19270c125049a80563ed3b5c76b0c6134810f9d9394c6d5d90d7c0bd6175fe1cb97de81432e86c888dcd3e92f349c89c1ce1b9c052a192f05168b860db1f0668e0958f008a1bfd169b64b6d02125c710d9610d84b7b421214a4436920d9f9176b9f94e490516a1216966a442bc3b5fcf3976cf2ebfba86a224d13f71bcf86fb0f3ce2ce91bc602ffdbe4be979d6ecbd196499816c0befe84446daff7df67080a4579a628a4d6a4dd36540d2ff6013f0b9677558bb518a2efe0ef97fd9e04bf949904c842005fdbe4cf99ba3c4b3e0992ab24dbdda7a21e59fc8c53fd7de86b1e1fd4b6d8da27c139c8340f39e2f04dc186f4403fb58f3cb58b75ebb322c9c0073d1958c34347fc061a9ed1f116fc05fe808a122b4a85e8425f66559934facf3a7952f5fae90c6cb0a9995eb21418cd93587b41701346eb115f80048cd35aa1b75599d8171483c04614796e54fbca54bc486cb36b415c97353e979d94aefa52070b5108cdd612669a781409185733a32dc61192da37e195fae4a3b96d69365981b799714121a3fb0a2a55763173191234ed3d003c00a124397e9ca7c5dcc3a1e69befadfdcaa64a047720fcd3c7dda798942368a9625077685faa86f936e4da46b501646f8cf641b7c1c6d3ea42f0204e21bbb31b1edcdb8331ffd9f42714fae526333c03b384a03c591f41821f017c840e9e7556b3386add109a2df707200b997ae16942acafd30a5115fbaef1efc88ea83aa746395b1150d000ea43d6263068c49414d65c6f7543981b707131950f52eb1ced6032b7c7a863c1128e72a5f6bdebc61aca7cd827c549bb9ca5702e42922eb104b45393c7e6202b94b8acc8d77dd3547f13b4e9520b2269e41455750daa17f52a420a436ff76248c16a9e45406cabbe35c5b2a46a23c82336bca721d266737169d3f2b4944c62e2c64150898202da7c3d9a47fdb7bf9e356cc8eb93e48b57997465b1fbc78448adb2fa6369445181d26c7dc01381d0def3ed333486b403bd8420142a13987698f14890e2b2b1241c5ea4cee121ccb767f0977752f2f6812ebe59fcc2a208e4aa090720e9171bc1fdb4b71a3d5805a1312dca2408363b9200d06d2e6b5f9fc3f9f90389a3a1845193607ca7a6153fe0ea9a3d3581dfb8eb8d9061bc786ac961dffc18ee69acb32f3791f5c78803f19fec72faf57eb0677db23bf5c059a99da33b256ebf7f30357fbb7774580c5fa9e274f22cbbb4a2b757f7f58fb9a99d3bb1617803290f24bf76fd0de0134e76f40990c0fae5835be898e7ed2e491c9db5c9a3dcb00a1758e928004b988e67b30aa8c5d137b20bb545da6f9de78ee6ef32e6572bca1bb34daaefdc50675a7828864f9851c61a2e16871a6314aca45f661e7674985146799e086bad3ec541b8151dc2cc0f32bbb9f4f7ae511c8aa560055b3b441fb6644b04e98270dcbc14a30cb6700596dccefe90bfaff5566e297aa4c0554bb816f108d27ce093753fea14ad17518addd34689d3efb61d468b9b84719871d0c48e644a7cc4df1eb9a4153128971271117e37ffd620b1bdacf8a8fff2d1123a0a69f2258a49e25f2b7e92702cb3feb936c460af37ceddaa52cdbdb32da089e35f45f2d1f50b7bfc1ccbdc291ed0d3dcd1e944ce1e879a93ea7e22db161f67caa34f7d8b7a19d45f02a79b2134530f753082203859eb07d9050fec123f992ad46a99d47ae323293eeeb19c6848fa55504b402f90c0e7b2e50692619dd82ff89869cc645f7e8332d898ea5f48c989e6a9bb4508784bf47bed1702c7f65c6170a5925083453bf7d21a9ea6d2a327c4e960b0e8a2082f80312bf5326e106a910f2dc881302842e2318261c42e3d0c859f5928fb4b77bce63a64c38969fdbd13b052c36eb6093b080c14c2156cbd51290072683bd15730fdf39d68b666c74a0d311b8842675f0ba81e6664c726010594023ff42e6238511c5ab2bc59d9f20fe0bde7ccc078023399624e170a63c2f30e9b141084c7d29ad0891c5dc94446e280a0cff5c042e1713dbf3c89a20626ccb5fbdab5a8ce2df2f7dc0054d30144bee79e34e3fff1506dc9968f4d6d0c4bcc121e2cf1164e87324b1b1ebea85b39a40a5bdd53744f544047e4b0c519e0d891e1b0b9934f4fb048076b1ff6d206fd0e833db359c56c51516404c775956a7af1053751ed445c388b166770021d9dc1e60e1c153accabefa31f6c91834faa96a6ba3950f3d2bf56bf6d55562f0623945b830a27aa7f64d9802883693a05418f1b7fefcf958f18baf0d969189f777572189c6d2038dc86e630c37ec0498d59737dba12d7e84740f80ebb9d74c48e41dad16aefca46e53734b541bfcff2a66e8709617b8bcb034a5bf1e9b6b8d9b29ee55b64ef5f9274df34a779ef42b0630a6cedf501c24e2dc0290222eb6c3532a1f907dee00644b7de4877e546f78ee7432e08bda0d50944af391f4b63f94cfb1029fc46056d62f3f83382ae3727da9ac17a0a77d73db698325ddbdadbcf2ef7f4f6f7f9ac640900dac9da1c667dc791f33b501e086e3579fdb63c593d09c761b79a142be991ebb1cf4f5ba44546219e85d6bc3b6e67556a6d6cd765f46333f4dd82b69f42931d58322dd9e235fe408e5eed1e322cb57cb2e7b0de0c15aa7bf20badf09c15721018c454b2c2f3f7cf722aad37020d1e08dae4a66661ef63f2b79dc4147ce7eb59286f83ea303dff48f2cb5e6070c418b5926cf42affb683595ca42baac9c43eea711c8553fe0e88ce466fe00e6be7579b73dc10329b0757f9272a447a1f108a14a57ccbc1109940336b43b79d1a1ee434a6f02f64c298034168e9531eb6956d957156d2d271898af3b0be1338875a15f22ad683141bca84f11ed1a3fabb37dd0e0979a38b8b176571252ec1acf3d4620cc72ecdb1a62cbb40c8e6b212ee42ec6e36da5b7fd2d88a76d3ad73bc2248eaa83a48f19a76b303ee8cc829d11818b1dba4beada4bc16c98d14dd7f646758d5e26d188a3545023cd0478b5d705be5867ad9144914d2c38b3fd67d0cb327edf2c67c514f6b1a32f6156d4400bb531737eaa4ca97b5c2f372b3ad4e347e4ddddbce188f2ef"}, 0x1004)

15:44:11 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:11 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x42, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:44:11 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES32=r0, @ANYRESOCT=r2, @ANYRESHEX, @ANYRES64=r2], 0xffffffffffffff5a)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:44:12 executing program 6:
syz_emit_vhci(0x0, 0x0)

15:44:12 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0x0, 0x8b}}}, 0x8)

15:44:12 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:12 executing program 2:
pwritev2(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000080)="cbe58f098aaebcf9b8a8959ce033c0d6ebd169df043b8787c7b8c1034125a0ce3a15b50d5429aa80e8cf708d1559d7b876e955dde753615227cd465d96bebb57124929ab9bfeff2c48a426070efcd48cc992a533d9296198817e6fc9ad16f8e0cf35e7af7fb8bbfa90c8d85face327bd666f74c98132e26a09cfa1929db0f96a2f8adaba293f6ef6fb3b34c310d6fe9a6e3cc258596fd99c9b19fabde907ddb9fc1ae9d9eb006d2a1b855df5a0df28a88808b45b1821bc56910db51d6bd26e296abb2c9cec372db6b78ca1af0789f50925", 0xd1}, {&(0x7f0000000180)="cf77081389cb9c9b485bbbcf3a0606494ab43f04c19ba7ca2480191fdaa362767912ff4d3c0d0eb2400365901372dd6fb5459a5590e2015217fdb59e92258d4f2a458dc5bb10c99728257eed052b4e6101ae0ff7a799984eb18c8c06ed3154e087306af14e678502140e977bbb55dde40a9d39685e68599f8365006a537a7fbf76deb8abc98b93ce18d652136cb11f8a9ad72a4856f6f726066f19219144b5792224ff5deb986922b779a039c6fb72", 0xaf}, {}, {&(0x7f0000000240)="f712eb01a0a74694b0bff0", 0xb}], 0x4, 0x2, 0x401, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:44:12 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="041c0502c7fffffe789dbfa083e71ea3c62d717e437ef06dea98c419a3ca871ede985fbf0010d872f373541a11be35061e32d2f8e2917c8768903e6d904ecdf55afbb87e5b4604c33522224587d55f72b14436b4c53bf8cef9a9200160f6bb3260bcf1b00bb19bac720afc7213da0000000800"/125], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x2, 0x8}, {0x318, 0x0, 0x0, 0x24}}}}, 0x15)

15:44:12 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x3, 0xb}, @l2cap_cid_signaling={{0x7}, [@l2cap_move_chan_req={{0xe, 0x3, 0x3}, {0x7fff, 0x2}}]}}, 0x10)

15:44:12 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b49, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:12 executing program 6:
syz_emit_vhci(0x0, 0x0)

15:44:22 executing program 5:

15:44:22 executing program 6:
syz_emit_vhci(0x0, 0x0)

15:44:22 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x77)

15:44:22 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:22 executing program 4:
mlockall(0x4)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYRES32=0x0, @ANYRESOCT, @ANYRES16=0x0, @ANYRESOCT=r0, @ANYRESHEX=r0, @ANYRESDEC=r0, @ANYRES16=r0, @ANYBLOB="b5d7fa8defa6f8e452121583b774b61bb88227b69eaa96973c7aeb9c21040d2db2fef664cddc73834446250d688cac150584f2bfe85674d34f61c3eae9e68c1492e7eba1b031618365806a4c2e1781f5447e2bb5f4fcbe5421ad0425a52fbf7dce", @ANYBLOB="5967bbf474d9e55b8003d18869b5b1bc73e23efd7dd671493f79d06fa0bab50d6e92f3dfd600dfd7392af089da554d00d8515c2c4b4bfd8e7fe8ac690e584d9d80c1074c03472a4c8f4983b3865948c30f5ea4b247dab0d82a8760be5e6a750e3a8dea09e4aaa3721ae2eb66ee378e61355a016e920b35d6812fa5fd5b07957988425a0a5adbb4656e13bdc38551124bbb62b5806ef8ebb23cb041f9235495dfe4c0e9d067c7e3e429889f2bdc90a947d2b6048827aa1de3e843043091052b06e1e7d2f471877c4778e4bb54413522fabae9612560466e53ceccefa2fbe4ae046733191b114df8dc60f064d7cf"], 0x7)

15:44:22 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0x1, 0x2, 0x2, 0x27}, @l2cap_cid_signaling={{0x23}, [@l2cap_conn_req={{0x2, 0xff, 0x4}, {0xacc8, 0x91c8}}, @l2cap_create_chan_req={{0xc, 0x0, 0x5}, {0x1f, 0x100, 0xff}}, @l2cap_create_chan_rsp={{0xd, 0x1, 0x8}, {0x0, 0xaa, 0x3, 0x4}}, @l2cap_cmd_rej_unk={{0x1, 0x5b, 0x2}, {0x449}}]}}, 0x2c)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_req={{0x6, 0x2, 0x4}, {0x3, 0x8}}]}}, 0x11)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x48}, @l2cap_cid_signaling={{0x44}, [@l2cap_info_req={{0xa, 0x7, 0x2}, {0x3ad}}, @l2cap_move_chan_cfm={{0x10, 0x1, 0x4}, {0x9, 0x9}}, @l2cap_conf_req={{0x4, 0x40, 0x18}, {0x7, 0x9, [@l2cap_conf_ews={0x7, 0x2, 0xfffd}, @l2cap_conf_mtu={0x1, 0x2, 0x7fff}, @l2cap_conf_mtu={0x1, 0x2, 0x4}, @l2cap_conf_flushto={0x2, 0x2, 0x3}, @l2cap_conf_flushto={0x2, 0x2, 0x401}]}}, @l2cap_create_chan_rsp={{0xd, 0x4, 0x8}, {0xffff, 0xfff7, 0x7, 0x6}}, @l2cap_move_chan_rsp={{0xf, 0x2, 0x4}, {0x9}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7d, 0x2}, {0x1}}]}}, 0x4d)

15:44:22 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b4a, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:22 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_role_change={{0x12, 0x8}, {0x22, @none, 0x9}}}, 0xb)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "54a9aabcf8b990bd5b5bef48ebb8fe86592389ac0acdb9583bc528c5d224e081062633633207545d55e9b38200d0e2b6f80221b5f87e50cec7e1fa906e465b3469cb338ac2dc1366f09978994f5597d0a9635b1b47af2ffa061fa5c3434ee431d55e271d91717e234431ef84f76dd6e24259413eb8e36d96a2555580a6995378e8d607f2f211750dd22d191421d32bb6985138d865b422937aa802bf0d9a8ae037858c190c5636977fd75875467a5fd1e53cc4b47be28d999bd5a1b4b8b55cdddf646af096101e5291db7947d19c32143768dafde1c9f1dd32ad4ffaf793821df650987fc5b269333893d2d519068a9966abc5d9ae2a868b26da3a0ebef34fb15e3a8d130bed6c0001e4f838476d3bdbf1d80eaa274b330f7cd139a8f3b444915471f9dbc0777fd9e2d59d520e281bd8a80d964d85c34c09d7770db2dfec694bd8af7bc1eebf7ac379459ea545793d6e206b6cdad0568dd3573a58e8f2afa7ac5c81e26042f9b71cf86a594826558b5d4e41b15f3c0717e81e0b372f9dd5052c20cf94591f12e1cd5e5059920c3a7181fb782eb47c7e47e546fd857370bdba7e3bb5fe79cb9d63e8c9644fb58a45b2ff00785c017d47c17c8695a4aac6cbc71832fb4c1f1a5d29cacd5e25a9fb7b7fc812632d11aa77475e34784596e7e6857cc31bc46900ac95ca68e9a85fba3a2fbf4d548eb4b056e7f5d76dd58c994322a2dc0107cdc2e44fe31adb45b35d8c1f7317e9408abf800f9234ae60038859528cb8381a4576772fb719ea04111a47136c045549a619a44d10fca8f8fc440e401512f4b5d3a1bb0a9f137b44b29a0c488fca543fadd812db541e7824ae78c7ca9217ca2864946114e82e478243a1f13600d0e52eec2dfb52f2e120302c6d06d6928381a5e36791656dd2d18d38ff7f8bfe2e41848dd870e0a9ae58e1c7d8676fdb4c2f03f09190e5387ebe96d4c8088d63e296d14529fa9769076e2893036e76875e2795ee73fb6b06ad76199c179cad0a727339040388f4cc1f23dfcc434ef4689f19561f221f841a8b4d8d676a129c1ecdfbf42a1e223f0f736ba8b6f9441b6744da6d9a0be6ee66cd2fe31b07f91408dfa0b682b04f7deab8bb90fd68ba6affd881dad69bddd2a06daef5329fbb6d8af59235fb0f6854616568e5fba59c6409bd9dd50f5882d886a4cf7d1203cfa7a6c0d8ce63fe284731794e8902a6eabda6c957684a9a4512dc3816b06b1bb4a3bb6a26754fb0c87091ba67ef76f8e5828b71cac0ee64add534c87f733e5589df7ea019cf2aa7b49a3ce4e0846d2469cb64adaa03734d53345aee4dfe264116d69046b809d3471e633d72d6a789846fb4e9e5c4f7133ee01690d461b74ee88ecbc5c90f86d2f68be48a11e4a5b7711dc8cdd906cd5916e455521d78b5eb07b5d0f0e0cecdd29e6a04ca1711c0fd242491d7d3cb74bfc7810b0974c32033fbab441bdfa1dceae2cc6375fc71daa9e6cf1147032bc0d0e0da1a4b49de658b79e8837d620593844ee33c0719b344dd18253731a6b9fc36a8a432bd4a0dc89f36d45bb25e4b5285664078aff3795b1755257284a7c7a690484d0b610cbe01e78fc55ed59009e228caaad7478a991939c56e405bf4856becc7df7f8a7bbf7809bd0b5286e0bb70d993b2bed1ddc07bb74d959ef17355ed71e6b153aeb729921f796cf895b9ec58db8528a752d212fb77ee0ba8ed5b6e1d9e355b079184f51a487aba7085ce13b1250f90d3f8b0048e2555be214f476ef3ee635bf8b75c9f1ca536fd1bf70e5e94a5caf68e04abfe408e5376901c1fe3bf5f6283a38289aee58905b287736ea4109eb95feb13789c5624a17233a243748f50e64dd310eb160df24694d984bb3d2fc359d4a6396e28aba9da6d502397b824b6a3d2fdc755a61baef0b443042d9ae31b58e8b4a628f3c4c2e3513ca08ccbe55d6c55a745dfd79462106a2d51245e4a56e0c637c41d9dbc6aa2fac536576ae07e059d4a45f580cbb9f433f835ee29817b541c41e4f361ba1ea621150f24b6cbc95c6b3862a15bd27f86f53b5eca41b8ec992de2cdfc412b38093713c1ed2137f2209804df68837e172b91c71313d0bece66a5edc2f9746b122dfc45e14f8f0215d2e4c59c772343e3ae353dc16916989aa2fe97dd97e00d410e0162c9a111d2e1f8fe507c52aa2581a42906d6d529b7067dc5c1155930376af9ba9b6d3765b84f7ed0efbf752feb3eb36d37fdb2ca4786dccad8e5f590cd7f0f0e61b38a889745a8af26c3b22314b25eaa5e31f1658bc320a79d14d815a340d2818c17d0a259ab9c64f1286a4826bf6e276d1b4169b6c82ad0caa4b6b9807b3122b1317de52f2a30fa1181a3822936532577273ceaee2e6141a463f9395de4de2c649fefea5f291f87d98cf2bb00f1f202d3735a763c3209d41a2cdcfc7228a4f979e32670d20139a58fef8bfd29bafe680ca3cbd049019df8df8f7882bc44856becbb997fbd85ade5306981727d291e7f83269dbf6996c791b6a25cf3db90784c27b01657877e4bf5ac4f062aff86ae06971bb6f9ed570a9f50238f4e21138d4d176245f2c7ec628457450b7379b225693f6a81e98ac7df51c89fc4035441fdd4bd7e6ba5b8aae1d48234851236037d2b0570111f2d613c36b3d2c2f3b16829efc77d15b0c4ed47c32a27c3be9fa9f25af5fabbe040130a887769c5c06dc832a2cab090d1ba9c16fde0b5bac4abc70f0aa66c6eaca888fed7347fa94e2c04a4a3480ee061a191015e09f90914e84e9822319139d305b811d32e017fb67ee3432ea2603f40d4a987b119fa03715f8292d24a9e4171c6b3c77169ad8c4868cbb4c39f630dab4f4f9ee73ed510443bb1777ea1dbe51afa12a1eeca23ca3c90244b348ea7dd6889c50100f357fd2f726286b4abf1f2cf4320ac2ec2a991316309bec1c8853dedec0ef00f7fb9a60e654ca455602b3304c12d92504650b97786a6af6b4a8efa83fe5daca5ed40c307e603773a952694043f5aa878b2191592544405dff5a782e30126608db3067ce774569130c69da6cdb741b308d98458fa2898638ec72d5f742fbee3f947ec99b1ff20366a9f7c7ad7579667eee2d6458743bbd571be31f505f25037259be7a3be018baf02d539746b24c1399e73e20fad54bacf24390133927ea21d02fb984aa676ec0bb14ae4caf508fe795155cfb484ec91a54403c783719bf7aed8f20c30b67ebbf02cebdb4efcd9b091424b370f6e281adedc1d90c545431a997b7abcdfca2d83261fa7e91e1a9a93991c2ccf546f58175bff98d161c4d07cc53b1d4ea6baec6272ca65935587ef8906d09ef83b6252ebb89111f9aaf0896e13c3b9c7c337a0a5263291e74e6419c6ee62474a339e985e4f9eeaab7d1c838b5055c8b9441419024b9cfbaca1703b0bc6b1b043549efb02a3a9920b906dba1ac60b4ee5f8d1ad4e01a3f94816ea3b0f10ab990befeef2fcf4f3e80b223382386be92268e87b8ac0e7dbe2cf5123672f87ebf85dda55262a7a767febea38586b8564c636a0ae564715c51ff5e274a6892a946cc158b86fa88fd561dab684921efc5a060f945f4bfc9c4cb072742cf99acfe2589c5b5cbb235f383bcb3cef8eda0f9b3c554cf7bcc13c0f6e5764cbfe54edc77dfa725eae71b2c980e629f2c32144b2163041b4f2eaeaa59dda43287897ee2fe9aa970f85a126112e733ea4d78d7145a5af3c7714ca6a5a6cf614a5022b5ddde68304535becd9b5da6f50d7291bc7e1ba457aa6001e13fa90dd7ac03c2fb913fe59eba71ed7c4132239998d7e2b1a456a5651baeb9f5704d4c510519b4d6a0c5c085c7e775cb94c32f4cc1547e8b4feeb5c13d6f16a3689197d0f628d2ab11d0337fa3cc090a0dc8365b35249c7bc3af174454fabb85b401425b8a17a0c745fe81e31c946bad6ddf27e69123289827181057258d8a5122e52dcb20d1af90cdf314c96d71b216e5a7da578667c30c06bc9fb5a5de76a253472af3660b1c779827d4b03a1b28ce67611a2eae26d1b57e95fc7a1e84bb922fcad4adc32f13d729982cab42d45982eee6d214bde202670e13c196016ca76cd11ec7d6f185569d0bd7cb51d6591f2a688eb323c57bf9ca6d899c64d32d6820b809ef989ea6bc337f3b10eb5d2be5b1eabccf2a24a3d026bd762a514d70990a229a778c0881785fbb93ea5b9a3a5a33168fe7fb699bfae1023d41f3ffd239e8f4a338058e6db354afc491ffbac3540092135979992edde807ad6474c143f0b2d9c8824d5ee5e10786d7d451340514f61ed4ca49373bc4017c245e0efde17485dcf250969a52142341c7d71f36554cd98fb3a740f344685e32f471ac8219802fc502acec9df95041cb8c9a451808861e1a4205ce78fcc372c40b91ef95ae8c751056bf316906b98b0c3aab8801191da8f84d663ce6e50ed9879a9162a002ae1e4df60e14d4479f008c97d97751c3929af08dc296dfdf364040c13c9acda26ce0115df4ffe3bacad6423d30b24fca3894b8b67c8ec4d0caf764e24f2c3a8bda801bc850f1b1ae22c315481f9b49a782fa2d19ce61d981688caa1687a1dcd6d10fe9d5f1225b8c41d8cf6a7d8739be9fc5469ba84588201a2170442c3c6fbca483b99feaf58d6c2a7f17fd4c1ee6beb031f4fd522b1531a7855e2c4ce00fee0a95436b35cf52fc0264d73caa15f673ad0948fc3f21eb08dd64120789147e5cf8b56b27949d69d5ef8a3e667415788b139df80b5dd2112a7523e0d2d0ef3fc38e3a2f5cad8fe619b4097155eeae74014bea44484d4064919ee0a31c91d1158b6a409e2618871e9685dccc9c540ee4621993c6285d948ca75395bd2c4d7f55d865e5e21b713891ec56de78257166a5f660d4413b7c9326b560397c4eb75f46fb6c685f8d544fadd8a7f49f919d9200840ec966fddd1ee3c40530d6d6de20f7f1046418e4e0bfe7201e646475686e0afc01498e9d09c6ae5556bf525bdf50a491ef47df263436fc3453996c913f7968457e8f4088ca1fa95d82d7e5324e899f8fb8e2cc6c795abc8d8163294887d72a6a2111252b569f6b5ded04a21930a9f8306c91bc8101cd9fae6d7d28a40733d7c26d8ac8c4912dcc47bdf73792eb3559694ded568a48bcc7f221fbfbc53404f454c9ad1ee995e4cbba2b303dcf54ec9ff89718eca4ded79288b4e0a88a3bd8265254f9f435770bcb86e4b8d13e38e6187491ee966314eb8dece91f1247616587dbf67037e7e9fa25655f1ada1a051705327b812b007ce599d0407c7427d6b868649464b5c5ca4b24aca22f8f20f44d94bea25ccf7502b15672c491c8a05e3fe49a8bf4e1eb8bb09f2d705f359100360067dc2297738ced71692b98ec931e1f1aed36980e5ba4f907b73bc88bbbbd69f532d59a57918a7bbddc20a81ff4cd98312289e5fc9ace42dc251a3b89a0fa64be0b6a0ae7265da22bad26ac7f2fa06a688805a33d54c689eda9dfddc154d066f07c56272ab3ba2e99e6b6c5e473b1c1e4199b42eaa8b56dee6f87802848b533e2fefa0d0854a8e8e0ce1ef27ce7d55b504cf1d0152bd6b9e07fecc6f8319eba252f17c02188d2d0e1bb01232f4553a1713c0289e9f4352615f310d9f1e336a129161615dce577d013e97ec060c8b87928512ccfc97840d17738c0e39915f8ec33d2a5328ace5cd8d1aa897ebbe33fe8afbe4268751d099f58ba0881be162fa4084a806e0063141dace5fbf874a707a63c714c2d5e1406a3a2e1a2a7d7a3e2651a77558625529b52c1bfbbcb5a194dcdfe040c3c8824a06"}, 0x1004)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x40, 0xc8, @none, 0x0, 0x2, 0x5, 0x3ff, 0x2a3, 0x7}}}, 0x14)

[ 1188.496172] Bluetooth: hci0: ACL packet for unknown connection handle 1
[ 1188.499683] Bluetooth: hci0: ACL packet for unknown connection handle 1
15:44:22 executing program 0:
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x40000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:44:22 executing program 5:

15:44:22 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0x0, 0x8b}}}, 0x8)

15:44:22 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x0, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:22 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x4c, 0x0, 0x8, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x8001, 0x19}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="b520ffae78c7"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "1272667bb866d12379a7e435b3c0e3f7"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004000}, 0x20008080)
recvmmsg(0xffffffffffffffff, &(0x7f0000000580)=[{{&(0x7f0000000000)=@isdn, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/32, 0x20}], 0x1, &(0x7f0000000100)=""/164, 0xa4}, 0x5}, {{&(0x7f00000001c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000240)=""/118, 0x76}, {&(0x7f00000002c0)=""/101, 0x65}, {&(0x7f0000000340)=""/214, 0xd6}], 0x3, &(0x7f0000000480)=""/228, 0xe4}, 0x1}], 0x2, 0x3, 0x0)

15:44:22 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f00000002c0)={0x2, {0x2, 0x8001, 0xfff8, 0x0, 0x21, 0x1}})
ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000400))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
unlinkat(r2, &(0x7f00000001c0)='./file1\x00', 0x200)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r2)
sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f00000004c0)={0xac, r3, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @private=0xa010100}}]}, @IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_DEST={0x6c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x40}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7fff}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@rand_addr=0x64010101}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x100440d0}, 0xc1)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="34000000010401040000000000000d9567b2c435fe4bdcf920759618ab1900000d0000050c000440008a0001060006400002000005080100030000000883034000008001"], 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x800)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="d5ee40436c151acf040900000000ff04000000ff966684dfd156aff75667c82a9d084c2b69f289fb248c60a8abd0acf29691432a10d2847ff0c9f25e82b05f2b324ff62da338a3f29bc9fc5a55871bf7a0964a85fe35a3c19796dc4ee2f4e98dc9967f1da185fc6635abce4d9585d319ce8cb8a08977c41d92ad92f7ba78ffecab845fa5d49830c00d60289ce1cd8a7f2772dcaf9a083e35e26cfae5c4ac9bedc0b4befadb00f73df4afc5e66d27c9050cba18ae606e10454d59"], 0x14)

15:44:22 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b4b, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:22 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000011c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x103c}, "81b9e399c2019e90e1e53e8d0ab63a4cd894e966f4354e01d7d59768333089e5799808f6e8a8d2aa297cc5def2cc44e05dbdf932378bf0650f946007c46dd2aa75d606d0675a299083c73ced74ba96d4d448c479eb2282de6215f9e541bf4a1c7a334e5e05225e9c959fd5a7b95287a59e517d2424f4bdf751e10e7c2faa5811906951f5cdff23fc7364f4225af942ad6e1df368a9f013aa1420248c164440e25f7d10275e4768b024f5ffba0fcc27441413d7ea7b60cc7b5dee4a898b12c2bdfdd4d4ed140673e53837a36f0e393d4fe2954b1d19db13c35e721ca8b3b689d8423e210764e724f61ec978ad4d8812da06c6055e7a0270a9975793e4fb19a490037cb3ef4669cd4e707137467b72bb3275ce742ef4d1252e5a04000000d12138e511be73f34b7fdfe84f06fd2921ede7931b0a8e2f11189ca6890f4c184f4ccc52c4a0694f7729df9553ddc5c8f7173932e34dbc7169bc2622a7c399da231269b7ee39b19da06b0ef217c2d0266428837fbed41c80d7215402b53336768a76b7b4c7a35d7117e86f6bf2b845bf78ebd517f33ea0e98701bb93647da723b4444816ddae393622e415e536dd92c4e703127b3d153a9a49a05744d18bfeacd686b7d868cf03c48e8925ebae41643855d075096b7a29f32e9193d52b009786b4c6737056cdb4b47c764f2c96482bc69b5b1d87443c2201c23c4e0635de60268e35f298d630193219006e8f4a1374e25477b052777050275405f0eee3e704c36286e59f3a3e5dd765fe4a74a14fa2189ccc1d2980bbf9ebd983c8df7358418e08ba3be6b90959da4b9001fab52000ffd72998f3157c10bd10fa9d0c6135cd4f146febfda0552de6eca143e38a7ff600b04aa11c87b5bcc453814ad0c7942603ba6bd474adf9dae8617df803cbf97cb3922361ab1dc3a5fb12178483cf51f262ba891991db57995cb900462bdf1c1f510f037d46ca9c1b5cf9e636f61a784551337b2408568cf3f78285da07fa2a700f916660de5a604829172a05f8ca4d5a91c862359164bf76a5c8268b6f51235f70077dba9b976b9a696a73614406f0ed2d4dd3490570c0ac7aff945e5dd9d39f86a5d09f8b37eba1b86c969f905ab90fd329a45a459e95892b3b1863630a8b9aba4d3ac924c041a245fb5b1c14ec4e9d2b2b77d2e42ede35fc5b821b1f7257545a3299bdb799a84fc3a899007332fb9b723b0a9f67674470e1e23e55c39a61919f704d55fdbc14487966cb8992ea87a917ed98ddbd2616e4cddcef27d4df13ad764f87bd98151748521241124be091c273cacc109878b2962ae9b73c4b9c025544f8d9350fb739392c47682c1575234007ca8cf53ac7c7f35eedaf42837a93833c1ae61df27e4de8eb2a51efcfc7ea30ebacb3fe0be0f1f1cdbf3feae9fa667e541dfb49cf2ad2bd6a7572710fd61078133f9ef5998ade0bc14de3e847741af9f7b0d106e30ac1b732d0059cc3b304abb2d573853a03257f0d9e3d0cf4571ad90a0560dfcf4a006cca90f23fc4999d15b112534905a28a45faab365236156bc10d60e34364824a6251f24d742c601d0fa91547114ffdca116533e73a66fce9fbbb444ba2002a00504a75cce8f0eaeb5d16d7b76cc5e7d32c38aa9e25f42556ec8f3b1aebad77b1402be28da046e40bc15d782001bd51a4ce9b2c21a2b6308b6e76a26ef294e2143bc76be0119a9d63bf6bc00997450a55459a6115b840856121e15cf873e1db0aaa7ddee4aff3cd1caf0bf1d7ab7073c91eaf805054aa3a9c5fdee5869c5f88d8f4bdc73cf27c0d5c119b17c2f75ce6ae568dbb68d42b98efa2536ad9faae99d009ebdd6c35f74af260c394cb2effc940b7d2ab1556d03fd70d013fc96b07bfde2c79380f4c9d5bb8f9346a4d89f6fa50f83618eb830726ce2e797089f8112b2df9961e0aa759b3d0065979fb4cadd7e38e6942e07ac1ffaa238069c1c111e35b27eb39d26edf379b7432a7e6030e96ca91aa04849f11954430fbab60e3a7dd4a3637c34459722fee7badd1dd5fe70993c62c7980b8cbbdb6f0ef3cae1c5d406dc440f2807cd44fed43081ff2329a2ee2886ec307534ca53dca26af31ea7a835f18dffcf3b4298eda5eddf5a571daad659d950587fb9d8babd9d621d6a5885f9b9dfec32ec6a431f83474f52ed8afa19b24d54e89b0bc4962a00a754dd2ae9520da9ef5e87e4a4fd8f76de06013c2758c2ff79b20efaf8bcd2e7baab1bead4cb12be1239be51ebb70c2b9b53dd44cf8b1abecb822f84704d90c162fb41db4c9b8ba6ea88afb59189fe26d18652282ef37ef467a07511b74adc7b72b7fdf566e8f155f6edea42dc6aa5cf8f4effbc5366368c62945c6c5fa10a67a9386b64e0e0295229c434839aeabf5434ff56586312245e16d167a6fddf1fcdb901442e1326ce5b87aeeac18e9cd5f05374efd192752d3f7282de778bd4ba88854c1f25d9b7e2dfd3aabf83d370254a1de1cf7d14db097c27e22e7d9807a6a99f7e152e88bed908022a5cddfa94d0951f62294f62d2d36ca1f65e4f62fa06fd6e3e8c2bbc4dd6290b55f244e1f08ce61130d92dc04dbbb3bb3ae2903ab70b954655441efcc200a0ddb4b14bdcb3ad92053552132766b61ac32774520ba1a4ea840529c5d24ed6e7228ab9f06a3157524d826110362204576d67db69349baf24c471214bc53f922cdb3afff9c0dd5705b83597ea99763dca0d575e3227df34511c81d7db09e0738ae0d204b6f08dd2465cd480790b42bb964ec146f2e3fe44a75d7ddc11ac4c0d52799f4b0abc30c4dc9c7f960e0754f3d0cca960d1e14327e506e58d088272c283181d9bd8d8168feff02c1c3d41c83e75b07d79417c8fb273b7757c95c7b521a0a01db718b96993d46ff127fd464f16e294a9c3934e472a88ec81682f09d4c4b269708abc98bea2e7e93fe87163b1dbbb72f67d7b7de0a4daff9d62fef546ab60f95d6e89f68a510faf6f8de80ce146925daf91c7718ef8f44d618023df848c2bcfcd968e8684420eb71aad5a7233dbe3b5e54c7056c4028d3ac5ad48a4883f0bdeda25f8a6a3c501a0d4107cb5bc208855c59e46a54c78e62d897abf06c4e5095c3cebde7fb890974c5e5d147695875e1380979640eea4a3ccbefcbf7c7a372336b3e30e4db079b76f4b63430aada2044063d217756200541b9c2be9743de156652905b072fbbad12d625a6df8bbc4ec575ca136c3877ac4df56747f47208c4d6b850ba38fbc8600a94f9aef45a58f69e7494fc2ca72737e996573214f77f8dfafc50bb731e6fcb4986d29045e3ccdf8c0c9a8bd0d4c7d3df39da1641573149a44504000000dde5ebd9b563b691ed72f6061d8aef0bae04de898abff04b1788c5732c99d3c61b5bd9781b202788f137a633f80487da82df7971e98758727526948d28ee49a1ab5390cb0801602bc5435ca3702e737d37bc6f3afda1799e84a370ceb575f4d0dddbc1794163d461fd70aee29bd7e93467aece4c5eee9cc21f0136924fdfab1ef0ea7025e36adb3db94c631ed0735fcb570c9b9409b522264c03bbc7a1b07e61fa207feadc36b3d9fa74cc753054d544e6c46a5ce5c1391b495ddc7996fcf8fb20b0c6526ae1b186565339ae9512d5fdbc9d88a489a959b766a6c0656df4bca2f66544b32d64512929fedd695421439a4a98fdcb5f901ec74ccadf8ece5e5fed58af2fe7106e2d0a5359841b9c5aa83a0df8f0ecb427ee4d2b2ab8f6199c5f53fd1d2e2925c4f3d4bec0178e89af89711266827081c7e9b2721fb53a327f1bc3f73d96a8d9c13e377cc3d58e6357de9e0c616326a2f1a1c9d0d53e539c4eaf4191a0e14a341919928d14e746e7b7b3ed19a097bd52a94c3da51d5c1f8c717e0d7225e92ca125f3090347d4e3ec246af4a2e0a75ec842f545790a67705fd73fba8e5f91f8eeee1f76eeda66945f4da0ebaf4bb542b99a1dae6304e9925b029b3e9d5ca5a2655f254805949aa86961f4c09f92e332909bc58c8df2c92e64ca427fd7dce28ee2aa21b0d76ce779282b8b20800bcc9744896b80e5d610b48efb00cf57995d739673fc573ef918d5f61653564fbd05a16a57e136ce2a11d4d6d455709b188de99aa8814643c99e4cf34644868ae6b4855b3abc7362b8bd6749fdcdf93d5cec5401c7abb692fe2c50c40353e296d77771bf1a197080210867da2212bb84f73b188959838f3bc7dc5bdd8b5a5e4670296c092465301a538714dfbb7ece49f219b3dd79313d744c515424144b01eceb97d3b4f998692f98d4fdd236c6154733acb060286eba89d6aed89fd3557677fd9a8f99688ca4195fa81b0a531e7ec670c4f6a68dfb1a1f11e68469443602ed6ba80491022244493c26ea881580e4aa10b7c79d6bd87fd9f01099a1c495998b7371ec4304d16db49333882aa78d8641fff6a9cdf76266f5b14c4008643fe793c1f64334d08e46b41b72aed1ef127306160f6f831bdd378908d8a7e6abd2110e23bc1693f45fe8ec042f0c41d0e83aebcf9ae1eaad63e5713f2212888d9818913b284ce41f8ff880728cfaae24f0ab91c6be88dfed256cca053ca5c1835d1fb374e3ef4077a6aeb9f3bef6f73cde577b75994e31fdf823f131e111c4692c9035cb639a7bc72ca35d2a8683d33fd7433f83947094f331152c05263854b0d5d277aa594ea102f23e90c7294a264e15e7165947cea9b3fa1ab801a590d3be41371f5e2e16a0f3cba1377b3173f6e751a928d798492a850c258b1e20130ef20922c5526e7f0a92b1528940607071e07f24f91d6b5fda637ac0471a2892d6cb933cd1f742af43eaa6c56ade43a742a4a3dc4339645ca2591893da4fc3dc0fc5afb105ea48a00a48a76b2a53363d71292ba9eef1b19ec1b4a53754d47d5838cdf16846b766df6a562d48bc82f3b10d895cefb1eeaebebfe176cdf199478311017a4069976729dfc123f396dbd9137a17f3f837405e7e97c1beea785840b13c3bc3693e2ffbf489ed705adcae992a0e91626aed21206462267dbfa18a7a4b8627226e1ab6f4538bad63b136356c005a666b59c9b2c3e2a725912d066c2207d581ad5c5740c551f20ee3156e4016854b518d8a2a38120c90d13040ed89d0558742e83d95bfaa4c43c3ee3cbd5f1bf24ad50750557103cfa8784c3a293718ff44c656f62193ad05c76708941ff03632e6f4495aad95ede83d3e05c6d75163adec79a79048eb3ef65ec59d61cf013a4bf18faa5ac1bcb2e60be3c8805b3aecd80107c3b71c5fddf5a3932159ca885da800c55332683c6033d6ccbc22fa09c3fc154d70f0b1a832e28f4d272be963481972237481567806ea44bdf9acfc6e83c0bf4c29021bf457f172f7aaabeea86482812576af39d910e5a1edd3e29afec022b8a6a9f3a5166e0584f11ffe312e85286f77d2b434d93ed340b0192eb673da2e84b7861fcdada2035a4ed34a21c4621a44b4d828d1f08ff74eeb31d5474f51daee78e2c2568ed38dd4bc758e6a730ca3955e8528c029303e3f74d91b42e3976fa31fa77ffbaec0a5d19ab7dc0252813f4e59ad6d4f696256b8c282c096c58009f1282b69b9dcac8edb08df3d4208c459953d23cf68e035687b6bea287ff015413efab26fac303cbc78bd3651c1bcab5db8802bbcd587bfb8591e536974f31b337393022529aaeca41e7d9227013eb006a0b929b32a1604d53ba7e1027bad4058df21d4796c9f181133ec29230032abf4eaeaf5af099087544577afbe602b2b3ac518384ca362759f55071e1758cce518e4bf460d83e07a5f6b51e2d0e476f335b4527c1618e5bf93cab8cc9fdeb47dbbeca3250f50afe4f2d60f787131be9167ca63c8bd49245a57c0fbb504ad15bb00000000000000"}, 0x1040)

15:44:22 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x0, 0xc8, @any, 0x0, 0xff}}}, 0xe)

15:44:34 executing program 5:

15:44:34 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xa}, @hci_rp_le_read_buffer_size_v2={{0x1}, {0x40, 0x1, 0x20, 0x6, 0x5}}}}, 0xd)
syz_emit_vhci(0xfffffffffffffffe, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x55}, "e6bab35d69aac91da097be915ce63d182a1ac5a194f4c63ec9b3f3e2d511a0783d9d98c90e1db1addd7c67f4ae18fa58ccf0c3f8a6ac36b6cca0ab90873f907830336dcb6ac8ee5df4e7be201906c4948824570f2a"}, 0x59)

15:44:34 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0x0, 0x8b}}}, 0x8)

15:44:34 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:44:34 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x7)

15:44:34 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b4c, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:34 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xcb}, "6e4301e323984a31e4c88db6354ded92b1925672e018052f1fc51a7fad6dcf6a0a7d14757e5489be2a0e3fff4b4e2391595d965a3ca5bb0910bd18215d632eaa16139af3e5c1fa288256e13f50e38460efb65b75bf948d66874d8a6027ac79f8d5987c4b767005f4510d2eb0a329646ce032b23a444805fe1dc0757e3feab45b8c04f9289759dcd3769ce579d85397a8ef1ddd5b54ef455e58e8bc9b525659bba11ee89a44bb9f9be7ddc33f03c2339a1bfb16250cd6d180f7921f9bd49ef762357dac16f207cf3e985c7d"}, 0xcf)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:44:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x0, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:34 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x81}, 0x2)

15:44:34 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x0, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:34 executing program 3:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e0500ddff00c3fe0d9b51929de5929602eec8a45993df87662d8c1f009eb866448e49f3a4a1fc52cadabb073cab2f925f23b00e73d96c6612df76d7a758ecb9e149b4867e6b9067cad866af95ca95db493179ea20df499c88a8eb20a8f7cef91a0c3e2fc6a3e5d1e902c53798d9fb98e2b4302e18b87d35946e4dcbcaeabff8b6441b3c829234ee8f413cb80c947d50f29cd2c3e145bd71d0b00209a74682f4408a4618e8392219f978ee61fc0bbcb21ff320a7310adb644a5fd171c1eae27e39e729e79461d5"], 0x8)

15:44:34 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r2 = syz_io_uring_complete(0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = dup(r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r5, r5, 0x80000)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r8, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000280))
ioctl$FITRIM(r8, 0xc0185879, &(0x7f0000000400)={0x20000000009, 0x4000000e3, 0x5})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="8d349d09", @ANYRES16=r6, @ANYBLOB="1c0e25bd7000fbdbdf256f0000000500d600080000000500d600000000000a00060008021100000100000a00060008021100000000000a000600ffffffffffff0000"], 0x48}, 0x1, 0x0, 0x0, 0x6000c000}, 0x10)

15:44:34 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0x0, 0x8b}}}, 0x8)

15:44:34 executing program 5:
syz_emit_vhci(0x0, 0x0)

15:44:34 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b4d, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:34 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="ff00"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:44:45 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x39}, "e472f7f7c2e7dffce13fc5f09bbf55b1c2c80e9750ed575d66065f18c556ec486c34d1d291d42db475db1572807efbfb0cf755a089f3ea06d2"}, 0x3d)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x72}, "4a1b347fc9fbcf4c0ff09916b38d48176174776cf68988ac30cf2b81cbee83de0bdfdd8b0562926ca0848c26f9966781ccc1f67f1330a43de2fd4b1dd308cd8521b46643e9994ba80f2722ef862cb50f5cfef98b829f39ac841e8f2ff38a417fc72a3af1d8c1104551882c868ec0273ebb9d"}, 0x76)

15:44:45 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:44:45 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000002d00)=ANY=[@ANYBLOB="810793b7bc8a1d76090de3b5b31bf458f9645aaf7567c44b241fb3883dbb92c2455b5cc645fa3e46d1164c24ca21091f292252f1042a1ef7168901818398ac130a79ebfbcb88ac9a399e6444d411a6141b4f4981c76b57c44aa572036b3a1ee453828a4ee5ddcbaac05ed51ee250833b479cd68acb75a31e346f4312b52b5f74e9313daa6c31ffa25691e2b8438c3d9b7a2c964a55f806184b4206e981727e73d1154866a21e965e2ecfb7bd2dd8977d4ec338f676358889f653fe5df92e520246f7f2b306bd79083307045f1f14b8d037ebf3d132b0967be348c33b49e70b842813afc10bd69a5192faf01607262327796f830770fde6a1f5b8d2119166dba7e62a33b02a438005911e36e11f9bdf22aa9ef98cdcc21e0ab41337d45aa93c396dca3ed9027f58bf4f4b4f541e1b935b2fe98ce06b891251c17fa7b3d53d1945d44b46fe44180285022aa72f42bde4db6816538f0c2a76bfc20491afdf7cfe99947ae91349266a7a40d8005c5f8e4852aa16a1af3cdc5e3d316bd6f6906b9f55c949492f2be9022c769832af682ad5520ba9970335e327ba72daf003d90b911c0a912039acb588c1c929d0cc378677a4d4a9868e034b04a3b47536872c92b539b1c9d656c64c3fb5bd26c92e16b8cb6f4a3b8fb2c895b29d112e09cf15a09f264861aca077889b34657c9048bd67680982bb18e0d492a13f638b7012b94f30045868f964224b69fdab84deb04ace108040c3f7bf7f14c7245f46e30af507d33a1e9adcd8b6c10d1c2b26b9626acd7bb0d0f2bf57050d66a451754c64134c540ea965e33670c1f94c8e76e48fd9adc7292a429bdc74d760ea63254e21076a9c65e2fbcd0f192aa180cda6b945cbd4d5f7feee2a5f7a0d718f99f4613e18f2518ead07dce7aa7a2230537e8fa017998bc9771c3b4e5949e019b57819b547153ddfcbf7a5638be27d6159d61ec5148020ac6c5413e8a40379d2663c2c3c07556bcb265ff86b6ccff5c5018a9319d8b0cdfcd68854a2cb696b742501397f59762cb4a087e6fce4c738092ff4e64d5b533c1953deab02987da0e7776b6511bb3bdb391eca22baff6af0cf0e1b489eea51cc7ec7905f7099abd46050aae1d8df9cd156783276fe7df81dfb2c63a6021eaed70b26116b0f884d3cf064ee62034a7652a4c380b3cb2e9f5ef89f418c548b3774cd7e2c6c54345662ef04618875f6b454ad535df2c520f4ddf1099a066ebce68c4604db87a9d138345593047a13ee070d43c13cc82dded3ccc1dae8497f5aac4d80773ae74871bdcbe4affa3265de30de5f15be1b7f665ccfe3435da75c732cf0a6f61e87b18d02a14065ea86fe42131ab42756675c0e0f7ebaab67988cca4fa716e1c80e3448cb0c2730d8812485780597461fb77f8ccd95e20c57b1a1aa2fc8385e378b1cdf0b82aae320f7c059ed6f47ab741758b7203f6a1047379c9832dfb0e3a5592506030ea54545a37530a08b7e489ee625bdd96092871ad8f890ab0c1b9207e53e942f962e293533bba3bed51f6cd2b2e2972481a16df4371f6bb27fd45fdb61875dcfdfc284105446a3bb3ccc3678918f9f9e540e73e312d244073595704b1d71dae7193c38eca4fc759021abe0e1b33d6bde555f7c4d67e5e16ab7de358194cd3a44771e37274d5dccaebbf7e55b71580a6b095a5a948a0b12a55a09a2b09b8f57c6463308917eafc61092d2a1c42ea0dc2f836ee61e2f51d2180a18a352b5e269809e17af0ca6b07f1cde551ebdafb8af6afb5fa6c07899be10417db4816e11c96de74a5a260df8b7e80f9430039a16fe5d6cdb8101e60c41799adc9bbe5cbc5c31f3a6a63d843ff203fd060fdb11c5f5fcc80f2fd95f7b25fe9d61069d41b18e284d8594c099326fbc60aca37904c905cd38c52310828f0fdfd829fd18d54b60380bf80cd306f25a47eb9d9f819660f24d9eeeddcdae3f98703a045c95e82b3a74ffa4b955bbf26f155eaec7e74a9b6af7e345a0deefc3aa4c9c48bc4cf03c8aa7cfba4edf50b15b330e7b5ee84cc26d993d175fc47bd895407c392452afa6ae6c5a0ebbe20a81c06753ad679476bb8435b850cd0fff3a95525696ad286dffd91085167361321e59df5bcc556b7f93b536417900f88c005ccd9d5590060621757b4faa5ad82557ca9d70563cd001d46d98512aa802828025a88e05b3b7b52819a09dd2c50800281f5b2ec132031a6bcbdaec9e0d3ec94f8f991adece1e1059900124f9e7b0fde4f32b96e381bd1dce7f240a5add4562446137f5bee42e95e3d588781be61ad1db7c7e27839d15718c6ca0a21c40446f9e253af7cf42f8a79c6400f2e4338142dfe023ee83a243baa6049b0786bf914e4b9d7b31f1b5ad26deca01260c7bd3999282806c091b6f2e88600c493caf85febc63da086e57bf70aa914c5bc127b40a1e94d10db2b2b5e14e44027bcef1cdb54e89f6fcc4f9850651a39d71f03c720b75cbb7fd37776166d9dd2e700264db46138811bd904de939bad82d5479a04e5658af18c482b0015e108c7fd5aa3fe5e338fc24a61207d85f589bb3cb59bc26b14990b77a2fc9e15891589c0f84f0f559d2402a73d114e8e584eb69f29baab3ef496b6def389c7ed7bfc48b60caba604abbf535a94b65efcee63b666f6581ea3e192c70cc25c27f4594414263f91dcc271255165bc241fad1cebe5f464859c58462a2224006aa53bd9c992d1022bd93fc68de7d85f420e4f449ce52209b4759c3bd08fe28d46aba772cac02c7491cfe63a9725aa96a22f0bb8fc06c05560fb57759034f77a7f0ee2063f7303a398fd6f3a28fced569479be11cc243a73423acbf2464e7a4c4ab4320714886e312cf2b36b6c167ffba83689ef181ade9bee1b48da147978c1c799aaba7531544b43d1c27eb992b51e8d55fa70d7de68d918d4967a39f4fd20ea77d93e48e54049969bb61479ce74e285837e031a1ddb283e52313b2b29bf6c83d937b9abb2de3f39437b44c1608c37f3fa39f4d3a1336bba3dfb81458658be51b66c43b7f8d901767046b64c2ba767fdc77a85e35de1428011df5466d83d88dc65c659da9aafd5387231413fcbd010e24baad4d9ebd26f8d3bb77f094746106b23db3746ed9adfee1a99d24f5fdbc0d03009d4cb4241ead64edd9df2799dd477f937c272f6388469b7f549c94fa1eba9f978a8463ea146ebad2b6d3c67d5278ac0241e5b7c9ca67c671f75da095d85a71d122ea726e935fe668beb8362e711b2ab2f1fefecae99843e071f17b4f06e4dce9443cf3aed76c69483abbbca6dd049eb7aeec10f9b47f5f4298f09a9b14cc93aece37820045400c74312cfe9a1fc68abf10be6011df165e2b369cc3702c44b2774d54c80fa68441ea906464da8b73819db32bcc10bd75a08617b438ff7792bd7abf60ef4be64c3d194dfc1b3ce93f61340801fa4463051d5bef3571e155ec75abe051079b45a807766c7f81ebf69e8cfc7a71d9fe87e0591d776c253dbfc6f68023efdadd3e2ee91fc3c995c1227f8d4894de8f171d3b7a8b002ff6825c1e4251613b8775abe20b1fe1f7bfd401c90e5c3424b1740dd201b73a94514b71725da14c0f38d86511c0892f005cc96a4314e8feceed39b8af5d49123012e098930be541b16b0321f84ebb3a7440f3f6f6d2fc4c3b6c2ee866435cebc98a9210259f7fd3702fb72dd82b1f67fcd83e5fbf10b41f17be6512146c432af394fe54a22f28b0916b4acfc1cbeccc7e33508ca5de5d1ea06a0cc4e3a069d62a8fb6c361d328aa31125aa14abf072ab7040b0d1e10515e4db4f3e450089e60e9e36a6542774166a9deadc84829310ea1d167aa9280f1469b7eea8edae0bcc28388446b35412c49b58410ba2bc01131d0d1b123db2dbabca27c6bf5a632548385840b41fef636a6cabda4401f586fd26db3ce10227ba7ee0ae585c932061f33ddb4c1e32683bbaad2e1d76de08e79a7cf09b25224af1015bae9e5d646bb5eae25fd18d66d43b135b2f30be71c9d372939caf0271826880d7114f449bc78a258ce6e5fae958d5d80b026819da238fa30b147dc0abd28e0658b3afa1ff44a237c0892b098d091329e928551c4f97d2bfb612105197f552027ae5c55e213a13cdd47cd3934698e229a124f41792d2bdb2592d06dba62188114ba2ac7d9008d57f8c45218d7a1ccdf89e04df934f1c43acb5f830331ef018800c7bbbec426735fcdd212fdab5c0acd450eab246ed0c57020265e13b8ecd2f55716c542865ab2d8c66ad04944e156ed1baced63b833bf80519fc26d4ba233fe37a00e20aa5e7b48a4434f08bb86ce5bf8f5a62b2dd1a9729fb5c9aa5f7022fe2c83d169b8c6fe06e6cd0dc97948a4d3fff0982814c0667e2744e71f9863b5d890c4c9114761a79d6620bc270e696a88c394e7c0d655dc599918a37028bcf2c181322434549e59738f82fdb94f685e74f09d639f0cdf7d7923d8d1fdf4acb98f018ccc3d0022438f5b0e42ba98246497d292b27d4e30cfdbb11d3bc4300665db5e074137a8bd8a17a4af25e09259e1ecf24472589f051ff454d003b2d8e755ecf64746600da134ef2d5f5dd8a56017b2196c128b808f123fde01239ea289ba286eaf1b6f080f399b9ab0dd21748b147d266a70678c4562dc8fcb75de685433b53bcfa0d2b3c1d2206a350a27b0c2e49aa8164dd669d38f8aea76aaf99b3b7715f777e035050e8e6cf527f934e0a19c6bb3b1948b9478d82fd6b87e30a4a70360767b5b8ece4614ea04ab4f281e8e995ca24e690a30a0d0790b19efcd4a89115893a819b1f3dc7510374ed98696ac789d94620a9214e218014298354fddfe78742fd9833ae5c73d2c9f21f1a76a375eee42f498b35a9e596cc926fe69d2bfad7108e686fc3ac6d328a91f7de95abd64e68b8488dedae1b7bbc8ec8c2f9eba3946772d3f924ce9299cfce6819b836a19f47e7c980b598acc30514e657758fb803f6176c1f49f21ccf087ab3b580831ac543abef1959c34ea5e2e6b1d97838d0d293850314a68199d5aa1e2e34c7f3534bc9689c9d4c378fb9d7fee383b16b14ae56264d511fddc335d5cfc745656a509bd23a29b4f05ca7faf93533ab121b396f48179f31ae646519e9aa601c312fb951e0d64df14c18ec66689c7199bcb518dd1fcb16f1369ace875bc5a22aa5318e50a4e39d347829c4f14c501f939f7b8aaa52165cbc25813e8fecf4f62af9881d27865c70197fa4b4665708640890b2010efb30c05df15013bc08d854e0dd33d487006f0a75d5116206c404c8fa5a64c7fe518b0b8dd7c3455463dc5a5db98fd2f29e4dbcc4b71c9634d75cde375483cfa1b814aba992d9d1a283e9308fd9cbc9252d113f310256efd7d0dc36f6b5e6d0c0a5b7bf69952264b8f0e534cb0f06579006daba8d050870ef12aa594bc33d5212b03dce9d776f86728fddcc6dd9b2e63645274ef55a1101c115e809b16e010cd776c3f11a45e3f66195f7075af3d3530bc5ef2e07f5f4823e0690f85691745b0d0eead3692d593ae319b94eec95db0ec35e74a87d8e6f836d2eb6754bde5cb2ddc812e6fd9551108453bbf36d9da93245e56b5f1603b3042bfb64e8007579ce248f4c155cfde0f354b11c0ae5e18a57cb23e1c16367fe57b46da7c539897e596db181fa19a39c62758bb1ad326521fe914472242cdbf943697df721582da10715e036716b212aff6026e67754eada62b3c1019fe1437870ae34e3dfddbbd492e9b3958102ed6f896a79d8bacca29c253988fe35ad07b0ae1147b9b83ea6b2a", @ANYRES64], 0xfffffc73)

15:44:45 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc8}}}, 0x8)

15:44:45 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:45 executing program 3:
sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x108, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_LINK={0xcc, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xec3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1a8}]}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}]}]}, 0x108}, 0x1, 0x0, 0x0, 0x18}, 0x47976cf2753dde)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:44:45 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b4e, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:45 executing program 5:
syz_emit_vhci(0x0, 0x0)

15:44:45 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:46 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$DVD_READ_STRUCT(r0, 0x5390, &(0x7f0000000080)=@disckey={0x2, 0x3, "72d9029d425ec45283437fc6a7f076f4aae1e03b7ff3514034822841d4b7b660f83ebcf4287c409d37d54d2d32677530b66433c4273eac4dedd72a60edea75fbe4d93facf6a3a699125e44a38f945aee2f773111060e975ddbcb63643149426f3b717c39d9897279f3514a479fb9c0e6d5bf1dec010c9bdb72e43ded4e718e8131eaec89a7c72c992778953b2441186bd0e02878e4124b881a529e4a5779415e70ecdc69931bcb6cb3d10bb6ab68307c1939ff95020eaaab018b6c04b3e4e6163fae5f82384a0a2c907fd86acceba784dcc662969b57178bee35fdc2748364cb495712fbea72b7f1e23d656f4b964b3302e19df43578086671a4b64ea8a4ff5daef61e1a6b22752194396e59dcb6f3d7fd7de7cba5a5f7b212e16966f25d71cdbe63986db0914e2c7e409211645383cc31bd0b1bddf910c89fb1710a723745145888cf0908e76e986e5987b68c381d1764f474012ee43cd68c979c5ba31bd76b648067d71ab63541638bfe47417168eddcc1cefa221467cf2115a0e48912a03989e03294218a537ee46f4eab0450004ac0b899f370eec0d26653bda40453f0b089d7e16bb2277e2a547343e4b8389cd45c1c484e8d55455d780d78be96259d805a131bd1abde05d254e8e9c795126a7d5a0a67324b109ac7336b4602895d3fbf510fe40a5c541686104eef8ec7c093e7ce76c62888db96413d9364e8ee2f6ada093a23e3f80b532633be535e7f66a1b56601e2877011a0a4ace65f9a264508c14dcccaa8bd018e26c5399433142f6490156a73df54e9868ff92e7d70b997984cc7047b5f52951a180d8a17a18ccda85515b63145f013ca6350c1cf8e4a8c678ff16692b660f236bf1a0c5d434c1910824d44bbe6cb6cf769c38ccdd3fff8d1602c99b6f67663b19fa46f43d24bff42579dbda45ad3cdd840550ecf3b967a4be423ff6490971688d231abf74d395f421f27bbe8e87949845af5b8d7752dfba8d845d85621d800ce38aec2541878570b723f78ff1ddd47ba77b691d5383923949b6847930efa77aac240c8a76b43a2c90fa07988c91da7dd31d9ae984608091e04d3abe0594354484a12484910501fab831409d025f2a2b655b29fc20742667de063c6831ad27a3e302384512b85cdc9e487af6265ffd58d7c5bc2fc08b679fbaee828665e520bda69cc5e9dc80704cb9a2e65f9b1d85bfc8cbcc4d8bf458c2b564b34d09c6866355f9cbe1aac443d63650dd832375b57a449a1837250a1bee7cfe6e6b16c771a9875aa569d312783c5021e37b593ef872b5150167ab50a90139adf6cc7ad424165469adcc45c74b391afd997019274d3ed146acd069a6911caa6a08e92039eaf8be8e6f40019e696e8859913d279363fcff04e4ea7de2a19909553720d20a730c59ee7043cda88396e5454023a03fcba4a1015fe6dabbf335253e682e53af09bd132a41d93517fa4dd7a211cfa6daf88b1c0588b07df35ed9f06962fdb7c04f7750b3d9c67581aade4d8ebcaf8cf2a6c42729b6a86da89c48d1bf46cbabfba165c9eca4a50c4c84a60ca24ae50ee3ae94c17fc30478cf771dfd5d55148f1bc2b812f4a10225826e64291582dbc41ae080ae145fc5941f14dffb031d880f038e97e698236b7867f054efd395ac50556fda991a428c756c8bfcf8c07999707290aa039db68b70783b2e6295110b2b8c10ca5b608696b0ee8db4382166b4e6185ab930720c71153b4799418eb5b745e6f96194f74b3c7ff12b8f6141f500949dde8df745f9221f3dd6d702d53f7cce0ee7f711aadb740d354d41e9153b992d11a858d7bbb0d4ba70a01537a0ecf6a5f8475f6c6ea7c92c14c277d2352773ed36e7dc16083aca47f364160df7f964cb8c3bf6f2b9c13d4a07caf494d1f7ed9f247d52e823b42d6c97d52d42e957c36d7669847354d639158cde74f34760508944283335f60454097aba3f5f3dea6763a94738134cf0d1865bea3c7a557db478ebced382e659628df0fbb328660943e7fc5c666da2c7f3f6eff7bb33725a0b91811306775f041f0cf5b935afdf2014b6f6226965cfeb428fc93ae09315e21ad1a1ef66b42752316b04c4b40515a48a2a9b929f4358b9317b2119c487bfe9cc8ec79080cc3a612e5ef82d7bb144cd5e4f9d008392f8ada472b84f1084f9a1aa50e2254c60bf77213b587e683f729554b06a50799f749c2a7b4b9d5a7f309a1d2090e105eddbbea96795735ad173624f174123d6e10af2b8bce99c7d6b3518cb6f4e9895d5630d9ee5ddaea039e4f5982d5ad91e64480a9ee96fdd0a6bbb07ab7277338caec52e0b410fdab6170507172b71df4448beb672576854baa8b22b9227b32097ebed037653213a27bb27050aa72fafe5fd399eb71b2a49cd626f31a53f895216430257d4307b96046d8e5768ef3025e4863a637cde8403a692f4e3af3079be456e06d210c4ee3d540625f1a625b2229d7b13ecf6407fd4bfc7229db38db933893776b431a97b7609982d5c4a21eea229ab0eb6e69adae5263c3aee3dd0e037042149842e1cbde6a1b59604cd3671bc70bcf756381fc90ca68996378b7d1b1390fbabf5a165c2e4eed934f7dff429f2860d39082eaa8324e4acd67406dce5cf1b2cda2d01f693c09f429ab1d6da5745aa40b0e71ac4231f87c5757e12b9c5a3a0da251cc50f897514ab48a1ad93c9c69feb469e5a201387aceb3e88e44e135df54c7388fe65cb7e52a29216f72e53aa1351bd2a5d7e1e15def9b314942f14729819a1670b5ef0578cb6ca329f1b990dd57b193b6d510ef0895bcddee0ad17735bda8a9e7cf798c362d47d5c575877b1c1926ee8586caf2aa7b983da7a81e495a583d4866ae73c32fd25d06675afea2f912bff6aab21a136b97bf"})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@none}}}, 0x9)

15:44:46 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b52, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:46 executing program 0:
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="03c800a3fc590a09dbe1fcc4507c1180506f4408cbef74290acc850cd64f8bc9e2ac7f152b72cbc2eefe54f781d4053907f9d9d43b6aa401ab22cb11dc79cd4ec0a1cb156f06f619c419eba6c8ac0457ef38d73cc5d51804cc9d64d94a493ed5304e6e1eed5b9b16725ce3cf606db28feafac63c4ea6aab9ceacec2d5fe519de740000000092d76691946b3e24682131103c15479e93a98b8e1bc69f04014bc6354b41a54d14a89a8cd5ffffc221468aec52fff31a13e25c1ee850f9f497d7c68e12070ef4cf4fb117d5293a6e966935f32d7b0975aedfa49d0bb79b56c0c1d304b90d481fd155cc3ebb187fa632e966e48ee2c95c1d4cf19090db56c0815be16f28f6e0e19a9d890d3263bbf2da16c33cfa9fc4df13509ec0b7a94c82448cc75cb49bdce6586ca9c3336c00da08048ada1cc2"], 0xa7)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:44:46 executing program 5:
syz_emit_vhci(0x0, 0x0)

15:44:46 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r2 = syz_io_uring_complete(0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = dup(r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r5, r5, 0x80000)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r8, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000280))
ioctl$FITRIM(r8, 0xc0185879, &(0x7f0000000400)={0x20000000009, 0x4000000e3, 0x5})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="8d349d09", @ANYRES16=r6, @ANYBLOB="1c0e25bd7000fbdbdf256f0000000500d600080000000500d600000000000a00060008021100000100000a00060008021100000000000a000600ffffffffffff0000"], 0x48}, 0x1, 0x0, 0x0, 0x6000c000}, 0x10)

15:44:46 executing program 3:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e05005a0c0906cde9037903342178b56bb126405f951ba12345a216ca7dd66c8baa77a439ea41abc4d0b5b6fd6448cb2d13f93d0360749b71ea4dfd5513790b4a8fe21c424a1e64a77ae1d6b201504dadf79c333d78eff9ac2a8b68ac89f1fc000000000000000000"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@none, 0xff, 0xfd, 0x3}}}, 0xc)

15:44:46 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xd8, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6c7e29aa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x87}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x91e}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x800}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6e86}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x5}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x4}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xce}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x35}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x1f}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4008000}, 0x8010)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:44:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x7f}}}, 0x4)

15:44:59 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, r1, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3ff, 0x36}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="04067b138390c34766d77ef61da91c0502c8000000"], 0x8)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r2, {0x4ff}}, './file1\x00'})

15:44:59 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r2 = syz_io_uring_complete(0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = dup(r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r5, r5, 0x80000)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r8, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000280))
ioctl$FITRIM(r8, 0xc0185879, &(0x7f0000000400)={0x20000000009, 0x4000000e3, 0x5})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="8d349d09", @ANYRES16=r6, @ANYBLOB="1c0e25bd7000fbdbdf256f0000000500d600080000000500d600000000000a00060008021100000100000a00060008021100000000000a000600ffffffffffff0000"], 0x48}, 0x1, 0x0, 0x0, 0x6000c000}, 0x10)

15:44:59 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x12c}, @l2cap_cid_signaling={{0x128}, [@l2cap_move_chan_req={{0xe, 0x8, 0x3}, {0x0, 0x1}}, @l2cap_move_chan_rsp={{0xf, 0x20, 0x4}, {0x6, 0x7fff}}, @l2cap_disconn_rsp={{0x7, 0x80, 0x4}, {0x7f, 0x40}}, @l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0x1, 0x2, 0xfff8, 0x5}}, @l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x1, 0x800}}, @l2cap_info_rsp={{0xb, 0x3, 0xf0}, {0x26, 0x7f, "b59ed17fb67cc30e6da43d32d88474d2c0ddb6859161829761380a2c60e6b073975b856cde1f13d2b981eeb982a15a94a7b357261add0044951699b28c9977f2a00b39f1cbdab2209e34d1f0ce1b09f091e2bc3fec72c5b8339a9162f6b326b226608140ef0b4e3b7d681a0dadfe8e42670fe37383a4ba61c4547685458eee816139f417fe6dc2a47a4fc667b3b61aabb83b246157e39331423634e625e8126fc5cf91918231d01b48f69db52224dbc4525388a452c290b190ef98071e71afaec28cfba41a27a95fa970b053131645ff6f868cef77b527bca866ceb02111d6f339b586f02c3269d5cc40534f"}}, @l2cap_create_chan_req={{0xc, 0x7, 0x5}, {0xdd, 0x6, 0x4}}]}}, 0x131)

15:44:59 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xfa}, "53403499cd40c9c03f7579e89c797a0e67f15d860980f28b13cd48d11bc3e2052270faa66f9a4ed60c28f877c9eb2f186a794aabeb07e576716d7fed6396a24c3a3ed795213da8eafca45a44598f44502c8ffa3a659b7d22263428b4f0a5ada3e8d1a3f4325664f9810ace3f4453555d24e84dfa46ba9fff5ff936e59105d8d903561fa3ef03f3c45d80238e997bb6d8635c6e98f765f4c002b2cce5fb3ef4b31fef832e6e02440506b3bfab347be65b5065f15bc9aa9247c6d3bb5078e52d50a627c5bbc1a910cf5d54c536c15001f740a791fadbea5d53b79a6d6e5dece8e81aa31da82ef129ba1852109956c6785a60f020062a383c39b26b"}, 0xfe)

15:44:59 executing program 4:
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={@dev={0xfe, 0x80, '\x00', 0x1}, 0x3e})
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0000c950ffcd9ba871e78fc951f5babf688f9e1bce9c0500000001210219731b96c7d8f1854afb346bf7de5bd55ce50c700d2af505e8df6c44e5c6842af2db8aa637c67b26e207579c63e4c0450b8b50fd166b1b6888c18829224e6f9b61c52aea8beba7c433d76f1258e6aa1fbc4c7503787eaa3580acb28259ab3d3b458f334831c8dc1a8a82332bac322e5e71060c627db9"], 0x7)

15:44:59 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0x0, 0x8b}}}, 0x8)

15:44:59 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b62, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:59 executing program 5:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}}}, 0x8)

15:44:59 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)
fallocate(r5, 0x0, 0x0, 0x6)
ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000080)={0xb3e1, 0x7f, 0xfffd, 0x0, 0x10, "4d42a9d148601775"})

15:44:59 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b63, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:44:59 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x1, 0x5, 0x0, 0x0, 0x0, 0x10}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xc5}, "7effaa379e91b701ee248a7a3b61d60e224bb94afc93dd69891a35384750579211194543459e1be0b5a98e1ddade686ec48891fa9eafd236549be55cd7754e2320bfe3b112797f5a3daf1aaab97f89b5db0f769dbadc17b747570509dafffe1eb6ff914e531d64749a0bb2aff1b07b56b058bbd294d155a0c310adcdd73c89a8914880b3f94646a85f48d17192d4132d998918b84499237ed7b612a305d7a10333ab483d5220204f7a2a90d0c0ce94fd9e040a5fbf96c097edcef00f338f3449ff4e8a0360"}, 0xc9)

15:44:59 executing program 3:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x6}}, './file0\x00'})
sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x0, 0x17}}}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1f}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x10}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x68}, 0x1, 0x0, 0x0, 0x2c048040}, 0x4000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:44:59 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(0x0, 0x0)

[ 1225.054712] Bluetooth: hci0: unexpected event 0x06 length: 5 > 3
15:45:10 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2a}, "c270ca09c3643d2ac700633d1528b02ea7394e41cc481b46d44fe6cf823ddacef717dad6bef4a018ea67"}, 0x2e)

15:45:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b64, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r2 = syz_io_uring_complete(0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = dup(r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r5, r5, 0x80000)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r8, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000280))
ioctl$FITRIM(r8, 0xc0185879, &(0x7f0000000400)={0x20000000009, 0x4000000e3, 0x5})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="8d349d09", @ANYRES16=r6, @ANYBLOB="1c0e25bd7000fbdbdf256f0000000500d600080000000500d600000000000a00060008021100000100000a00060008021100000000000a000600ffffffffffff0000"], 0x48}, 0x1, 0x0, 0x0, 0x6000c000}, 0x10)

15:45:10 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:45:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(0x0, 0x0)

15:45:10 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2, 0x3, 0x0, 0x0, 0x4}}}, 0x14)

15:45:10 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e05005ac7c506"], 0x8)

15:45:10 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)
fallocate(r5, 0x0, 0x0, 0x6)
ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000080)={0xb3e1, 0x7f, 0xfffd, 0x0, 0x10, "4d42a9d148601775"})

15:45:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b65, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:10 executing program 3:
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000080)="acf39f1e759259dafcdd64147dd03b146d409b392a21f3a31b7c7b7e7bc8f85aa58e953aa3e2dd009a9092d7f459e3877871047da49c33d8992c190a7e28499626e3c91f07a08c7f6d82a00aa153af79c3fd956e99681ebc663bbfa87d6879b3e2e2a368b8d34b3ab50937b7dbcdf4864611e297e754e5a6b51b76828579ad75909d1712d0701b56807323bddd0d383c6f44520964787f015e075ff40e4f739d465bd80478c66120ef366b75c7ba4ff9dbe7b426d0ec9c9a27b21202acd127deaf466e59f638212eee9727a1ab4533253c90641377a25d1617350a2d22ecfc504e7ffc00f9569afd1d7d1a188d3cf572cdc992f1ffd421c35fb25f4d5cda9e639de200ccdbfc24b7c327baa258b6ea47c49086d061acc73f00e5efd4da4c61cc979e10b68120bea9c63f5840d0ce519dad681e47cb927be51f0c40409a815487a1a01a6326144d87ecaf72187a05b4380ddc0b85c76e6e3da07f59944357da9fa5f6666b3bdabb6ec4ed8fc273bc87bc61a66254f6381143afec702e187daf663e0704461008e296f65f2f5b7b1dbd4650e1e8813f289df5f632de8e3010fba12791095f0c72434e53a1bf4ba510e23388d83ace577b305f93ae9b6fc04e64ebf84617b90b059916babd83eedea2ab4832b4a93a371ae00fdddab45723622315f4ae93a3884da07ec598adfd1a53553816803f417360c22f0fff9d221060fdff26b00368f4e76f3b5f6fbf243a49be0a1fd63a051c1a1ca0d674411d193d0607e61fd48f9c15cd49237ae17b4feaabd67a5c1aff3672913d359b658452cf1876753ca39df209ac9f55eb07e1ebe620c9c5c900c8c27624be27e24fecde6072612cacfa801820496b1a0493d6647e6c47e0412f908c2e7dd7ea3f6b0a8b6c172c4af7e10637d339abd341c36588fb0428d84285a8e244e07bc30f69ae83c4b3e42a1900f021cca70b78963d7fe1df89bf9ebd00a3c72a2eaa8a134a3db41fc3c4152c41f2a1a2b6e668ca65773cb4d5abfddbdefe0df0ab4f31314008688c183ce649c779ab52716183009791655b9e925a46b8f81c084efe85258cbc4d8df19b93ef85b807d580b1657a7564dd6059d9e6dad7d354918296ee71716bf561276e508d2f303d3e490b37fe15ec624c6242974a324c31fa2be57f2da703684c3bfa55765c1355d070afba50b3f3c14842e63f082ea37214cc0c52b43864bb8a49beabc696dbc5e72ee7e6e285a7a2c9a736f1b37d5b2ddf60495009d86e23c64b03e5f1f8b1b04bd7431742803cd9dc09c495683eac99b2b959b713825ee7dd83a6c8f3a6abbd30cbcd2b3528e3b438fdc1c1359fc85e9009488ad12b80d6bc7e2fb504283b7d8399f29719d5bef93bdb256b7780372bb3e566d2d9f97ef4ec1b14b30121ef06f087a2ae618cbb2526d2691dcecb07a249486793618ec7a160fdc62463a6c46a5f57a2a0447131cd2fc17a74cebedc343834145f01e936b3414b521ffd93e2d9eea83c5471604f0da1aa5923f9c8664b1e4e26e5eb56394f856257f12beebb9ad179f17d2d2bc256bd85527b95b7cf7318ff7fae5772c353be4769974370238be14f2b7b11d973ad7a956894e5cbb3f5e287055c27ff9ee4a8d08e56c6421a71fa2983c431852858cf9cc55f00f02e2342890cdf7dc7d20cf1527e01380530b545520e44bef46e4407a64970c8bb6822e1eff3b07a2107442699296dbcb6b7e9a7fb234c1ea78fff42035e70e595b56afb5a84320224602a1168251d4c7db80b655eb9a7953f827af914f35638a90434e76c4ab218101080d90bfd831ebfedd34a55c0fed0e06fa62b1f9b8424066def9809e1b5eb82255091f3d6a6b6c1607fea1e9ddec57926ea89ed482efdfba1d3843dda6d957ac8db26dd90a2ea7374b9bc7fd1267d7dbb95ee18bc9ea9230ac4e8d0fe160ae9785048591941004dbfa5f4ca65f924bc4f23ad972d446e17c5b50d783d9dec7cced5d4e9e5f6c31509f13eedbf03721462eb47eb68d9891374149ce0a9b16b35ee7594c9f23cbb1346ff94f1435c9270881b4fd8928630dc77448251a4c27c23b0f88dc6511006a4814f51c9d5d53521c4d0eb5d8addeb18e39749f14c2d258ccb564b46e95069964600413e72c7b23ffd3c34d5fd8d5cf8176ac4be15cd2af4265ffea0dce7fce4673400b4977fdbfcc4487d9acc3222e71d7ddc92df912951b72c255ad5a0ad5f83f0888ba1fb8ba97b612bb65f4e27eeec136550f077d8446e12069da0494fed02915a27ec3cf9509fefae90fb5f6ef116be01231332b4451e1b92b43c20446e8d6a1c8b7143883cb6a711c2cee7ffdd81f7d9082a67e35a70916fffb72bd851f0b45d49ccaefe3c8a707f2d0cdfbe2a60273f65d3aa59ab63e84e9fdd93c845ad458e8e5ed7dc2d8cabfbe64487f38b875ffe139f9bcf56c34762b86fd6f754675994adcdb69cf0d02b8df65b37dbba9a64d75626fcd5d4066da17ab3511f0589dec1cdb57eb34ee59af210a5e94097ba88894e1def8e854bef8fb2d736938dae5cbcd302d4c298382e064711a5a265074824f36511a1e240eae1a70888e9dad0c57900dffe39b951fa2f84cbba3562c97f4b0cbea420ebd48dc951d4abccdffa51711ef886b65abe6726faf4d9f35421e9fea4d9044c09d079faab13191e5bc46013c122e41224ec4a3b2e396126b25d2674fd405cc5ad8c479be86885a85f5c6c1677e7efe00945fa7eb72db527792475f137b76229c618b14d10d0f75333e31da7118b5028144151010b3e86b7d20996168ca568c0557ed405142745d4b3307c29640cc4581e7971df90fcddedbd0974d1d14bb9326ac5a41473ec1f4ce4abd9529659981138c04e5909543c64931a26be6b7e20b3a1c37963e54c61fd87964f79cdabb05f17a19ac7213907120bd130ae61967ff77290c6f45857184924b55812f9c89b3266b32c476c84f3a1cc721ab6c52e058a040f9c4018d434517c630bbdbdd371e31e280963c7de30a3e349bf1086eb237adcbabc0803e1f1bd5a88219e9524b40111524e14c7de36003cd9a1f3f2534b36ca5011a410cee6c0aaa3e5b215f9cb06410fb8fefa368f739572c1bd07eec0334e1c4b971e017da2290b7e9cdd73b0b2c8b6c74148703fe869f1e541bb433f954730d3063e2b82f5453d252188d02da477fd8f96d4fc262255ab0a8553ccf01ec9b0e97196bcd52ede7167be9e8049f6bddb44d22153ab49ad0ceb3e2541b34474210eed369c1c8111d9a8b41c425b4e3f4dbe5fa86c40ed84e6956219697b06235e035337f7315c7a6466de7b17326fc79d1ebd508f33d2e4888cae38f69e6f38d454a7fbbda3f92aaa34e76b43e2536f9e02ade50215cc0c04ed5adbad62f62e0db7bc3afd72bd51400692125baebbb30bc00419a88456c4a3ad1404a6c69742fc34f51c4fc711d10152a2d3f08d0587c47f9570ca04488a29eef271b919b7dbced80ad3a6036e6ee7e3e0b68da41af2b643468cf8f5d1c413092376e2c0ba8342b07255628f9badca04a7639f566481916c013f9f5235526cb22361e496db31bf9878fe59a5857fc2c1816c43acf963c42ea19f4ce44f5354629f7500a9100e6f2855a318a6de2dcbb4fcc97669c885c622192bbd53ef8aa7f035598403b0cd1453d387ed41f31d0110fa6fddc29a80953e945014e5ee66ee363729354a9d346cb292aa6fdc187dbdda2308d007d630872d5dfb372237145069a0668cf68317e902e7f947ff9c635b7ebb068c0c7997c9d5d9f542107d8f82ee67299252204c7a00185b31f2a80c1db5a6dd9fd92c4a6e44a07910f19484ebb818d1d87b91142405986aa41c80ac96e7acc6e29d38dfe431a0e80449e6b82df76accd90881d4afbf46277db54f5ae5b29f472ae4d10cd15677518b63cb744fbef7fbafd620b493357dd02560fcd8381ec81d2debd7eaeabe93ae8ecd3af8417fc86f2c77fb15af5c4da21cef0d5bd1f1401326b372c6d6b071c5e20110cf130c6f40090bb0f958cd6045aeb2982cb0c8780686297aad5caa27cfae10979e288664c65ffc8c4a6906d5512543c460cdadd4b8722b0878793fd4e555b98a2569fcff64bb157cf73e7463fa17b93311bc0485e2c1db36d0d649ab533a348483f8bd9825819330d89b1c0dd0279e8ae2f6606a7f5b011abe6a3850a88f03d63199ccee9c7b0f12019f153f5e1d091b3fb8d2245bb32beb3016d1ea9a7f71288599f1c35929d9cb4597a06c9e5ac29b27bec00ac57a94bc8c95b3d8eeacd47af307fab6450ec126ce40c772c7199d34cdc7f191e888b45de53429a648d56eeb26c62b8f8137e5c7a6c3f49139b2fc3c22db213556144769b158f5e84598eeb32164f46723d3e136b5774906d4557daedbd4ba6f0f966d8d41665a0c0097e30404dfd42a5c9c615a3a46d4a98174348f5960aaf2a772585f50780aa52135749619c36c23d562833a77a1cee2ed8c34e755d965c675cd849a421a58a0204e0643db01f25e0ae572a84b23a9d098942e528593f32c75e81b13c516306c22b6160479182d8a9fc9f9368771fce2c085a781940bbcd4bfa4523f992efd117780551e6ca85838b0523643d533fecb329a1cd4830454f74f66a371951b7096aeaed8521e1526e99c179be0378dad0f0ae155e098a9aed8551f3b0c9412e14183b8ad211f86dfc36a6319c881eacd934a64551a810d73f1721f6fc5abd763dd968399b46a1a45ee0f5f961b18709e1d65fbe84999d3043c9207a5ed080bee9a913721f2fe99cbb51ee5b7222077e32b326093bb3d23a7f15848744c44f8da83374faf2cd1d929191f1f6e6e0facc6adc21143cf680a047f4988d44910271294c5ee9c04fa6148a6d0817e7df30f7a9d4ed2e733f4a479f9e533601f05f64b787ea92bcd7a0bf7b98b7174657dcceb8292657b76d227ede6fdcbd171afc645e2387a0fccea910b2090d4204a7e0e91f72830b466db702e3bfa8b8907191ede5205661e9fcd419c7978e2977b0db12841bd4d39ba487e7fa5459e32594b6fdd569e0eb8867964974a5464313cabaa52405f8dd4ecdaf2aa3b76954f4adf52d56813bb8cdbb472d0cd1b4bebb45c4c440138581fc0732a240b68a31c23b0cc498dca3975db51948a494a542d732ed07eb6b32f6befbaef2bb33dd3439c56491d2b00a14bb98268b329283d0f1a0f398a1336348bd107f30f7f2e668920c605950c45b1c464345d7227532abf89c0592de7e9439d78d8b5d1583c3e0fbfe34d1c7b3431d6ec12c8cfd695478e9b66da9fccedb239852d24fe9f2ce4d1c5de88710db706fc94393f4ac248800548137ea9326e6c6265a5505781ee156e6264d6aeb1462f749067cdcf39216c34d42bc2ef77e734b8a433c06d116194f65d923d1e4af7d352b3d375081f6e3ed4b9ca48529edb458f4c92363857eea6a4cb6aa8bbc9c0b4ab4095322a5a8dadd8247dde1e07022f9010df096a2033bebc80d0cce2f2b010aa3dd59914c122038453b05edb536f1f1a0d84ff6cdf698660c2861011016f61508b759ab39516579cc58623dd689056bccdc7f65a26489702bbf273162097cfe8f5eb4de11edfc582a2906523fa072efa5e383899052ef918c895aff4bf1e0b369b11a36af03df3603037c7794fdbc8ed1310b9ba281e0a93d293405ed71b9cdf0a5e563e1dbe9a53e072a536341efad6649e3dbe934b1dca167026126e210b705cc6eef627036c926272df73fc832e626835e1c6b46c828c39ca763b6e20130133af2a7af983d6f974297ebfb0b073")
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_qos_setup_complete={{}, {0x3, 0xc9, {0x6, 0x80, 0x6, 0x3, 0x9}}}}, 0x17)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000001080)={0x88c, 0x2, 0x80000001, 0x1, 0x7, "49e61efa3f630fca0f711ec9847a6ddf24bcc3"})

15:45:10 executing program 2:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x204000, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {<r2=>0xffffffffffffffff}}, './file0\x00'})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x100440, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}, {@posixacl}, {@msize={'msize', 0x3d, 0xf94b}}, {@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@noextend}, {@access_client}, {@privport}, {@fscache}], [{@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_gt={'euid>', 0xee00}}, {@fowner_gt={'fowner>', r2}}, {@audit}]}})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:45:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(0x0, 0x0)

15:45:10 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\a)'], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x90}, "111c4e64dd08e230cfb0728d73052577d3793f449fd8f67d5fa8ca85f64ff12166b41a27f74322a36f5c82d7b2f15f76b3b5771a168d1968ba1d57011aaf8040f6fefdfc7fafd5e28ee762901c4d75c9c0b44e4f3d759e48aefa415b90edc2ef546a9dfa8ee53eccc600a5ae377e3071280798803465eaeb2a95c12b9e9bb7fed6c5c98ca04ade3fd14d2246a9af0016"}, 0x94)

15:45:10 executing program 0:
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x50, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0600050000000000"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:45:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4bfa, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r4, r4, 0x80000)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r7, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000280))
ioctl$FITRIM(r7, 0xc0185879, &(0x7f0000000400)={0x20000000009, 0x4000000e3, 0x5})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000440), 0xffffffffffffffff)

15:45:10 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="261c0502c80000004b8cad4d523dc3301e22e7a150d21ae177bd990e8d149cc24adcdacb3f793b1281f768fc7c5098048a0758c5b8861c90c26b75b3f16a47e12dcb"], 0x8)

15:45:10 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)
fallocate(r5, 0x0, 0x0, 0x6)
ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000080)={0xb3e1, 0x7f, 0xfffd, 0x0, 0x10, "4d42a9d148601775"})

15:45:10 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}}}, 0x4)

15:45:10 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "852c39dda8f1da4595d33938c88183915584c3a30c1160adee0ca6477601f99dce800b555c28bc8d5f836cb7fca26b315d4d6c47c454bbb1"}, 0x3c)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x19}, @l2cap_cid_signaling={{0x10}, [@l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x3, 0x21}}, @l2cap_info_rsp={{0xb, 0x7, 0x4}, {0xfff, 0x1000, "eb61a15d443e03f3a158cfab2a2ae1a7471c9e3a16fc1288f4d7f82cbc18bf70e09f5d6c25cc1465262ad8857ceefb354bcb1760debd9f44abd0f82d87c3ea862fd41d5b435c0c023cd9f6dda825035b4347e33a56c1897bc37b260f029358fbb87d014b4c5b26b80d0f584e46e305fc4daac2350879a20aefe8655af565e2192f278cf42c9f142861ee81eced1092"}}]}}, 0x19)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xab}, "87a487569a2d762718df84a5f4ffffeb989448f6fca5313ce27bac968cafc1cf891c818d897181daadbd686339b077054e537c7d2d42266aa79f8df1fa59ecdb1049436c9bf2e9007731827ed6da7b9081d345886b676247ee59c78857fdd5aabf4c1d995a5c92d8ecb95f4dd3f5643121b61b16a893223622c3c0682a334f9c339dbd7564296600a01d8dcd92b682458f5f6efe59587615c402d22bdc14afc6004822f654ac3d88a8d7c5"}, 0xaf)

15:45:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4bfb, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[ 1225.115393] Bluetooth: hci0: unexpected event 0x06 length: 5 > 3
[ 1236.970645] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:45:23 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)
fallocate(r5, 0x0, 0x0, 0x6)
ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000080)={0xb3e1, 0x7f, 0xfffd, 0x0, 0x10, "4d42a9d148601775"})

15:45:23 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x2d736b3cd64e96be)

15:45:23 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041c0502c8007400"], 0x8)

15:45:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5409, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:23 executing program 3:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0600000000000000ddad67789f8a7378e508e081ac4d755e1c73a9d102e250d92533aa4fcf78743fb4df79793bd4ce73e5fdb44f6684edc2f56cfdd3a30dc945375e483e51a5194a2a68cb1a6c0ad91c0432cee1060314b35f93c4ef0f5ec632da7285964dea4e612317"], 0x8)

15:45:23 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}}}, 0x4)

15:45:23 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='d\b'], 0x7)

15:45:23 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r4, r4, 0x80000)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r7, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000280))
ioctl$FITRIM(r7, 0xc0185879, &(0x7f0000000400)={0x20000000009, 0x4000000e3, 0x5})

15:45:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
r2 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TCGETA(r2, 0x5405, &(0x7f0000000000))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES32=r1, @ANYBLOB="8c174a0611fcdaec399d53dd3142dcf4402374d6e6ce6347568d15e02af7bc3e1cb4bc855034e25c07e506ea7bfd8e6a3c1d86d805495173c5719f80a01710a31c809b1e39e270bf060202c8989336b8552de60e4aa8a963778307f708899ddbf617b9fff486517e81e0889c79a6e6e58fef0c8f9a1639cae0bb6ff5fd4db5decf7ae09d056c8494dcdf9576668c20176dff308ddc88b0ff80ec14e318d38981dd8575a78b90d846a986f03c55578579021ec4bf547ec2356378895264e3580a5cf6272bd872c2dd370680beb703a15f76d3189e13395e543ad69e4743b471ec51f5a0ca7f1925e7baaaa49f0e71515be15552"], 0x14)
socketpair(0x17, 0xa, 0x80000001, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fsetxattr$trusted_overlay_origin(r3, &(0x7f0000000180), &(0x7f00000001c0), 0x2, 0x1)

15:45:23 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0402050000"], 0x8)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03c900be2c5b695d3abd0541a5c27beb638660001f6bd9d69305ade8e2233824b536e814e1ae227b1de79038108b4137ee2b6d1ce2f74b34f4639473520a8a1e33a9fd3d9c455356bc0d05ec56ca9f5fa9cb55b113eb7894b64854deca836cd4b1b0042196d3addaf914d2be4e5190ecb17534b3044238777148b6fafc1d23d522051d1f83694810b5537a249bd49b610081c9c315dfd5cbb71c2eeeb3a370fb9eb1ef9533f0dea20e89cdd4bbc000db7583671e1aba0b774c5e032ba5df2a005ba1aabeff48c2f615523658e5cbafebfad6d192c0d0a260ccf2c487852a25d7de5bfc32d292fdf84546c5edee5d1334419edffefad927fd94f4998b9b2f72f41abb20c1c3cbef26c72751e23361ef64bb994f347435dc4582b77eb7dc41ee809c63245b6040a28db92518300c33100cab3f4f0298b604bd78bb1a9db1eedcfea111b6c5c66e284f55dcbbfaa68fa7bc5bee1f9c4934f443f4c4fc"], 0xc2)

15:45:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x540b, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:35 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@any, 0x3, 0x80, 0x3, "008000", 0x7ff, 0x2}]}}}, 0x13)

15:45:35 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x2, 0x2b}, @l2cap_cid_signaling={{0x27}, [@l2cap_cmd_rej_unk={{0x1, 0xb6, 0x2}, {0x8}}, @l2cap_info_rsp={{0xb, 0x4, 0x15}, {0x3, 0x8, "11d62639dc359e9956524b1bca5b7e014f"}}, @l2cap_conn_req={{0x2, 0x0, 0x4}, {0xffff, 0x8}}]}}, 0x30)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1}, @l2cap_cid_le_signaling={{}, @l2cap_disconn_req={{0x6, 0x1f}, {0x7, 0x9}}}}, 0x61)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}}}, 0x4)

15:45:35 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)
fallocate(r5, 0x0, 0x0, 0x6)

15:45:35 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r4, r4, 0x80000)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r7, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000280))

15:45:35 executing program 3:
pipe2(&(0x7f0000000000), 0x800)
socket$inet6(0xa, 0x1, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
write$P9_RMKNOD(r0, &(0x7f0000000040)={0x14, 0x13, 0x2, {0x1, 0x3, 0x4}}, 0x14)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'sit0\x00', <r2=>0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@remote, @in6=@local, 0x4e22, 0x5, 0x4e22, 0x0, 0x2, 0x80, 0xe0, 0x0, r2, 0xee01}, {0x0, 0x8000, 0x3, 0x0, 0x7fffffff, 0x6, 0xffffffff00000001, 0x3}, {0x7fffffff, 0x67e, 0x6, 0x8}, 0x1f, 0x6e6bb0, 0x0, 0x1, 0x3, 0x1}, {{@in6=@remote, 0x4d6}, 0x0, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x3503, 0x0, 0x3, 0x91, 0x40, 0x3, 0x588f8534}}, 0xe8)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e05005a0c090641b1dbe5352ba7813f46f95c1976d213139150bed03f6dd7ca1bf53429084fb8c2a31c48c6143e587503b1f845e71e7338ee6d107bb2879a695109036088da8c1536ac47144465daee5fddf4d6781f5337139f15e67a98d6dba4d79f091248f2a8907f735f0400000000000000482bf73f1d31045264e8b4b57cfdc0369a0123f42a000d4a67076ca479137ef09f9cb76402009fa579ec9a8a74216d0379706f0d7e527c3b9a7b7b64d643ca08921978ef55528c3ca30a6b595b3efb0d9ef7800c62d38a120cc934951da648edfcaf46c91b4230ed1feafc2102525b00a94496f327ad8e6ee9b26ea00b0d71909f0ce45da17cce99932ecabda097fe17a47d4eed2d521d4ee877f69c86c1987f41723ea1c630d7474dbc74f5b2"], 0x8)

15:45:35 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xa9}, "597313a19c4b4b013c1efc0843b0e83308ce248cbed6fb01dfac151d199b44ae7d20a043b171207e335ae8195ae65e193aed508375dd7ad49b3e1d6aaf6055826c5d79d736ed547637bcacc76eeb86e998a9fc0f21dc7183854b21cb9ed19c17c1dc8872837e744f197737fcc45efab4f235deed64cf6ec267323da2a8d95dfca0a930301c01441d47bfcb55309907b9f74aa157d23c84215487cc72002858df4f8b5db7da67946743"}, 0xad)

15:45:35 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@none}}}, 0x9)

15:45:35 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x540c, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:35 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x6, 0x2, 0x7, 0x100, 0x4}}}}, 0x17)

15:45:35 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0xfdef, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa7700c24d06a70800453b40ac4ecc81"], 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_keypress_notify={{0x3c, 0x7}, {@none, 0x2}}}, 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x8, 0xc8}}}, 0x5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xd6a87bd473a539d4, 0x3, 0x1, 0x22}, @l2cap_cid_le_signaling={{0x1e}, @l2cap_ecred_conn_rsp={{0x18, 0x5, 0x1a}, {0x4, 0x7fff, 0x4, 0x7, [0x49f, 0x9, 0x8001, 0x200, 0x231, 0x9, 0x81, 0xc3, 0x1ea7]}}}}, 0x27)

15:45:35 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x6}}, './file0\x00'})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x800, 0x30)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x8, 0xc8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1, 0x1}}}, 0xe)

15:45:35 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x540d, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:35 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0402050000"], 0x8)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03c900be2c5b695d3abd0541a5c27beb638660001f6bd9d69305ade8e2233824b536e814e1ae227b1de79038108b4137ee2b6d1ce2f74b34f4639473520a8a1e33a9fd3d9c455356bc0d05ec56ca9f5fa9cb55b113eb7894b64854deca836cd4b1b0042196d3addaf914d2be4e5190ecb17534b3044238777148b6fafc1d23d522051d1f83694810b5537a249bd49b610081c9c315dfd5cbb71c2eeeb3a370fb9eb1ef9533f0dea20e89cdd4bbc000db7583671e1aba0b774c5e032ba5df2a005ba1aabeff48c2f615523658e5cbafebfad6d192c0d0a260ccf2c487852a25d7de5bfc32d292fdf84546c5edee5d1334419edffefad927fd94f4998b9b2f72f41abb20c1c3cbef26c72751e23361ef64bb994f347435dc4582b77eb7dc41ee809c63245b6040a28db92518300c33100cab3f4f0298b604bd78bb1a9db1eedcfea111b6c5c66e284f55dcbbfaa68fa7bc5bee1f9c4934f443f4c4fc"], 0xc2)

15:45:35 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1300050, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@cache_loose}, {@mmap}], [{@dont_hash}, {@fsuuid={'fsuuid', 0x3d, {[0x65, 0x37, 0x38, 0x36, 0x62, 0x33, 0x32, 0x61], 0x2d, [0x64, 0x34, 0x37, 0x37], 0x2d, [0x30, 0x38, 0x31, 0x62], 0x2d, [0x35, 0x30, 0x31, 0x63], 0x2d, [0x38, 0x35, 0x36, 0x61, 0x32, 0x32, 0x33, 0x61]}}}, {@pcr={'pcr', 0x3d, 0x2c}}, {@dont_hash}]}})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, '?\rQ', 0x1}}}, 0xd)
openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x200100, 0x5)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)

15:45:35 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x36}, "112b192263ff79c122388e5a6fd7c9a2fb32f6605ed069801eea4346987e0aeaafaa966181910e9a28fc78564cbaa151a9380f4fe155"}, 0x3a)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="04221f02aaaaaaaac012060103f797f3050000aaaaaaaaaa1201050890e8290101065936047191d60a04b191ff8f968252ed2b396b0f27f161689b4ef8a671520d3fc0967f359d7b67d6a87dbf6becf735ca6df9f624598d"], 0x22)

15:45:35 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r4, r4, 0x80000)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r7, &(0x7f0000000c40)=""/164, 0xa4)

[ 1236.981777] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1261.980137] Bluetooth: hci0: ACL packet for unknown connection handle 2516
[ 1262.007432] Bluetooth: hci0: ACL packet for unknown connection handle 2516
15:45:48 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r4, r4, 0x80000)
syz_open_dev$tty20(0xc, 0x4, 0x1)

15:45:48 executing program 4:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="928fad79ab0b4308fd4312885254685f84a5464bd30e647e4236ad0ce7956aed3c0b4e776794bd5042e3742d490ab12bb0a7355c26fa512422e23fec4a2db0184e5c13175b104bec6fc200ffa6295e619be441b40dee0566c2d0dc495b671dd9674092b0a13c327cfd8eb9eb56cd4ff4ccb2ef048eab6843895c11ceccaff9496bdb8236444f9d973330f10204e6c9ad0ae84a7567f6d1e98bd0d3a45b52e70e2d00fc1ca32efc7c65bb1b9e0cd6a16441c0015698288c18cb16f8"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:45:48 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_phy_link_complete={{0x42, 0x3}, {0x20, 0xc9, 0x81}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x21}, @l2cap_cid_signaling={{0x1d}, [@l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x8, 0x4}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7f, 0x2}, {0x874}}, @l2cap_move_chan_req={{0xe, 0xa0, 0x3}, {0xffff, 0x5}}, @l2cap_conn_req={{0x2, 0x20, 0x4}, {0xc17c, 0x7399}}]}}, 0x26)

15:45:48 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x1}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x70}, "c2a93840fe409afd28dc640bedd79c39114b7e57edec134ef14941d39833be99788407ba3eb7a26e9473b76be552e05e303fc6479be62b401f8db9e85bd69f9610b8ebbdd57440348b98b1c4e0dc218fa81a919a44a36a0672c83ea6a47cd74d6217befd6cbe7ac2914ed6cff1aafcf1"}, 0x74)

15:45:48 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0402050000"], 0x8)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03c900be2c5b695d3abd0541a5c27beb638660001f6bd9d69305ade8e2233824b536e814e1ae227b1de79038108b4137ee2b6d1ce2f74b34f4639473520a8a1e33a9fd3d9c455356bc0d05ec56ca9f5fa9cb55b113eb7894b64854deca836cd4b1b0042196d3addaf914d2be4e5190ecb17534b3044238777148b6fafc1d23d522051d1f83694810b5537a249bd49b610081c9c315dfd5cbb71c2eeeb3a370fb9eb1ef9533f0dea20e89cdd4bbc000db7583671e1aba0b774c5e032ba5df2a005ba1aabeff48c2f615523658e5cbafebfad6d192c0d0a260ccf2c487852a25d7de5bfc32d292fdf84546c5edee5d1334419edffefad927fd94f4998b9b2f72f41abb20c1c3cbef26c72751e23361ef64bb994f347435dc4582b77eb7dc41ee809c63245b6040a28db92518300c33100cab3f4f0298b604bd78bb1a9db1eedcfea111b6c5c66e284f55dcbbfaa68fa7bc5bee1f9c4934f443f4c4fc"], 0xc2)

15:45:48 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x540e, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:48 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)

15:45:48 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041c05022fdb0008"], 0x8)

15:45:48 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="03c8009371e137e81c7e3611f30b68a6f9de0fce26572f78aa5874fab3525349c51a8c1597cc49f1415d3539b09f4d9dd87f22f227961551baf3fb83f3c1224287b40bd2bd292c5763d2d3361c427eaaae2b48a6e982676594dab8b0d6478d502334dc78f2eba524909b00654196108357369b02fb73999e4e60bb04df37d49fded02ebf6fa73282c4974a7e2921"], 0x97)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xaa}, "38fcc4cab10e676a5280ce3f3af135626c22c294b6789bf29d76e45461819c379beb31a16d2413f6b5ab8dc80030e0a037fc0f9205a57e58a5caf7374f868a469970347973534155315bf861aee1a8a7ba17de3fd23527a7e8b414b7e1f59ff2c9031d65a8b205abb9d20b14804aa64c0426b923862aa863699320b81ba158e5f27baa9dcca4527d84da98eb3dd7938dbbedca06072ee135f90ff9529de344ab4e1f870d83df42c8dd89"}, 0xae)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x2b}, {0x3, [{@none, 0x1f, 0x8, 0x2, "1c7c54", 0x6}, {@none, 0x2, 0x1f, 0x1, "5da83c", 0x7c}, {@any, 0x81, 0x1, 0x7f, "f42123", 0x8000}]}}}, 0x2e)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@any, "ee8366eabf5a5f44"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000400)=@HCI_EVENT_PKT={0x4, @hci_ev_user_confirm_req={{0x33, 0xa}, {@none, 0x8}}}, 0xd)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040c00023f000104000000"], 0xb)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c8406c016801010005ff4100262c0002ff00061008000700730000004000000002000000020206000409022009c201010000010106102a0308008306000002000000050000000102030002020c00057f3100ff7f0100010407020010050101020200800702ff0705010106100105a7a4020000000900000002000000050100020207000b40d20040001de4881a29d5e62e387047d742a30d453ff27c17881d9103f6bb9575194708724e01c7d8f45bd1125d9f8c75913be87691c66d94a84728f98712d46210ed5e0e2b4692cec6cddf99a7477efb6c95bf3a062c8093a53f3131f7deaaf196fa7fc3c29dc68f9c49d137861fc8e24025e00497da4944b8417dee675a3d7cd61642435da2785351261076c2a601b350cd8720d8a69103bcc667ec2e94a1a730e553bad7d00c355d21f79f0eb65d34b2bebc6b3c7a0600000000000000d005d5adfda6536d36d3e537da72c838e3756edb1927067f0400ff034003001f04000000030006040400110704"], 0x171)

15:45:48 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0402050000"], 0x8)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03c900be2c5b695d3abd0541a5c27beb638660001f6bd9d69305ade8e2233824b536e814e1ae227b1de79038108b4137ee2b6d1ce2f74b34f4639473520a8a1e33a9fd3d9c455356bc0d05ec56ca9f5fa9cb55b113eb7894b64854deca836cd4b1b0042196d3addaf914d2be4e5190ecb17534b3044238777148b6fafc1d23d522051d1f83694810b5537a249bd49b610081c9c315dfd5cbb71c2eeeb3a370fb9eb1ef9533f0dea20e89cdd4bbc000db7583671e1aba0b774c5e032ba5df2a005ba1aabeff48c2f615523658e5cbafebfad6d192c0d0a260ccf2c487852a25d7de5bfc32d292fdf84546c5edee5d1334419edffefad927fd94f4998b9b2f72f41abb20c1c3cbef26c72751e23361ef64bb994f347435dc4582b77eb7dc41ee809c63245b6040a28db92518300c33100cab3f4f0298b604bd78bb1a9db1eedcfea111b6c5c66e284f55dcbbfaa68fa7bc5bee1f9c4934f443f4c4fc"], 0xc2)

15:45:48 executing program 3:
pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0xffffffffffffffff)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x400002, 0x0)
openat(r0, &(0x7f00000001c0)='./file0\x00', 0x10002, 0x142)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000080)=""/142, &(0x7f0000000140)=0x8e)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000200)={{0x6, 0x8}, {0x1f, 0x2a}, 0x3, 0x2, 0x81})
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="f30e05005b0c0906a479108179f49b5d53b93e66a28a79f1d4068548000000000000000000"], 0x8)

15:45:48 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x540f, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:45:48 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@any, 0x5, 0x7f, 0x80}}}, 0xc)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x39}, {0x4, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x3f, 0xda, "c840b3", 0x4, 0x1}, {@none, 0x9, 0x9, "b95f75", 0x3, 0x3}, {@any, 0x40, 0x2, 'f$M', 0x4, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x81, 0x40, "bfb61d", 0xfffe, 0x7}]}}}, 0x3c)

15:45:48 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "8790437b3a9ea5b614cb07eb5e2375f0c2775c7fa2f180eb00d755211d5be645bdbe74d453ba0c83aa951a7815f0a9643ba8433c5430bcf75c530da6d4a7e01f926442af8acafce30405d579fc8ca004b7689d2e67ce15f15292a92f8ab54c492ba978f673ae7b2b073db63f6848270fabb53608b4626f220b93a94ac502b98e5f5bb9dea1f4cda3b8f97f1cdc85118d7889a1f18d7b27b416b883e9b33d746f40393ca2155a74680455a998d60931b5c7caa2c44466254222f887e47001fa690a5844d12aa2892ff79f4b986a598a98cc728c1d39295769f137285e226042d489e593d3d7a23501691c734adf5532bdf50722818b229c14657437f2c3a83c2597f3b1190556ffb2b3f57ea5c993a4079452fe3d725ef7482b05c657309d002c1e78fb81c102ecfdb4dd078726ee538db610cc03063ab6bd65c4f6e4d463054b5e9ce5f2a1165accb9926539bff70bdf9853877a3de439d4ada60007705deb706e37868871ae6694fb3d4254c5ec37dd58c6d1756fcafa36cd59e6ef4eb72a7c2080d6a6f0090f8908e19761f0db727c38979bb71f3cf1f5801d046cf379be23d9f6e18fdea1ca19fd588b1b1c71d6ecf348f47b59b8c908dbbcc18febb66861f48d113eab70a745cfdce0e2bb0f980a21f6151a456ad714c7a8642b758ce832b25d0cd1c0a42fc93130deccdafaada5eb47e200925265c6503feb65f4db46f1192ca6c08a5f4f6b94f107d940ed502af8d8352a7293c406f5e2ff25bf4d4f3b0611c48198e72926e046ae2d71c3063196e847c876693404ff6de652b432525c1fa0191cb2ef66bfe530963db85eacca3ce1220654d86279a2e29d8cf1cf55936fdccec118e39b4e9fb5915f2be54eade8cbb72979f19a676b515e5fafac31f59ccc9a242f7c4ea4cce7d1fcdff81c652563bd2bd6ac016cdc15886b08d0fa04e17a4625811b1ff6fa559600f9947e758b7624495df3921caba78716d169bb02966b3f672ad5e4d04592fb2ad812c614162b96c6a11a92b2d87926a5e5749df765dad4b70e120e8f0e47c441b0861960bc544f9a4ce8584682b519920a4f69eede28e9f85a06ba691cf9d8c16e25910ebbbcf1eb26afa172631bd677da3a565b833ca960cdfbc2bca6407b697f49e51bae922efeaaef501b5e09a5d08db4978f162abb1f6bab6b9d2172b7c6a7e7f048644122a53f4f03cb331d225ae6f48344bdedfb285d548b166e2087662096d6e9e56d19411f102bc653650cc2fc2b126c26e34c782b66ef4f4572d9854d0339e70568cfa05fe639b468c3cca65fe5447b010b565f413178bafe414e476314b0935768f4840abbefcd9cfb5d075ee505edad12fe96f7c4878e5aedfb4d03084714c867e1ae32250cb1292c814ae2028fe695edd287cfb1a49a946fda168157f0d58f0192f4f300088eac12b3b8ba6faaf3579ee42d3b1602559e0ed13604e03c5c36d2a342b0240f9625de89c478d787869ccdfb9c5bcdf4714e44fe9187734577519957eecba41089640a6bf0f5677c9879ba64efa2d9b9824b3dd580cb3a5982d7f92a4e71d072bbdd0cd7aca1eed809740a02ac048ebb98bc3bf66347371f7c1cf3176dbb225a80f86d4647b46fd2dcfaa9eeb22849360c0d02937e86035da8546eacc2e25f6beebc2bc48eb7a06058881f858290c5a51fe4ff0084040cb0815c2412ab37a4aa1b9c9cce4016b8a71f6f26290d67a5098f822e5a88ecac93edb8643b7888912bf3dfb94dabfa34fde3e0638c102a81cad999fb286143fe68b54a5219a933d01d81b01cdbe3e77c5cd14fd527140f13f703e44313ad4c39e435697ce74121cd33adfd2624a29fbfe3d2c8753acd1894f45528210861d63eeb9eb132939db7ed80cdea74eae305256bab5226516501d9331fd0294b1c770fc839edc854b0d8fa1f3b3764cfdfcf342938abc0f185542b3a8fb5b5ce46d233fd93c665f5285ca5001eb393b3d19e9e92a2b8c554e4697edf00c073d7c5909a8a806f29a798a278649515b2d320331d9374d2108d176e4dfc8c6173f16c75a7e8c49aabc4c4d19390d83d075ae77988506d6e574d6fffc2ba183b2402eed7eda28d8d8967491d936c5df58ff057b4ff18b9d105dd66de77e07065b93e9baf331c034cb003ecf66435339c65a1884788796ac0a1b15adaac8b1cc3ff633ef79710b439445a31cfffe093fe424a7192512692476813de05a85c8d9bf87428abe6d3ac39a9246df324461e81aa6cea636624808b83b9634e5b88143dc58b6c3bf6fafaade41a45660967e03284e1068b210220d7d1f590c7da50be49089bd3c00b905f0b4e03a2a963c1606d3e7a461e59b99960c10150f651174f63b1243a45e416e43b0fb41f887a08430a2c64cd2d0d32043bd4184a725bfab0d2eb329e5b8da06a6dfd5effe8e008d999391f935b4db15cce9c57c8528c2b4d13336aa21e98046c6186c508925a43b286826bb65ea9ca9d377c3c909254a07a5f880d775a12a86d277dc8bfc649659c9c2a47f53b0f8ca522d13293b19b841a329deaa695f709d68ed24ce9ff85c728b8913f7af79fb780db6352c1d7d98e63c159ca371d253fdff782e19c6f309c3c47e8a46e5ca9cab40fc6b94fefbdfedf1aaa0cb0e9cc1b6ed3a42ced346cdc383018a872e897c84ad0d4f82a585d0d4c2345322e3f70566c9dbe12175efb874de46eab3a93a3de59d5461c1b379eb9ea8275a050840af76acbf45eb83e761e01c34d942a5fb08f680a8c75b6f8bc9ad96d5649dbddf64720cc9084f04491973215a1cb02d284c54c2a5f82b32b226fbe8f6780f1c658e177c2c4c5b46e53abdfe0c6050940b13abd32b56b2f87715a04265e48fc51e92a3ac6df14de08f7eab62d32a94195ee867a7eb595360cc2d6c7108d97bc9d23d32750e79504274274c1218c85632ee665772edb424cabb99e034dbb801768992d440a43ac7055433684f2b2b07f3636df10e4d4e9bf1350a101f5858353a279ad166413b2b0b424f09a45bb3354386336db0f84ff0799bf89a0379457a00af84c018f2a06c82939f10b8e6eb7c58066039ed5b09d18bfba8923465997562167501802fab40f407ebd3b95ee6003b7a98b83ee8457ad14c68a5bc74eb9cf215aaa3d4d25d1dcc0609ccc5e4f5cd5fcdf171ef2c2204cca944fe13ab0758b0e63e4d19b2e022c17ed82dcfc09ad9e4b80f14239c314bb0585a20f9105014aed569676cde7d5f4aa8fb565318a2c750a83ed650edf29863a03a7bca160d104ce3658f378ddb57d16159c6f002f21f20a4e80a2c3a8b0e891539087f58c2ea3fb3353c7fef3e4d4a6ef6c2586b972dec0323764c046d33ec5f5bd960c00290b91dea4078dac94af0979ed3d2c3d7bbf622f1ed0e796a7644b383e22382f62c94c4139c4ae5c6eff8c61e84132770e4e40c1792764e2ecdda1b89cb36459a6d5ebbf45fa20b64c0d495cf6d00ceac8f400eb1c5fdebc49a3cc3e5dd7e5a19f4ad0d2185e281b728b19f1febb746fc1a267e9a57b12464f2a3acdadc012907e9c46534cb4dd04d97f4852e23450e5ea092fecbcba18b8493acad0d704529c5a32a842ebbd36987c53322487665c262f60fa7dbfa003429dceb0446823bb7a65096c51a4baf693cf6d18d235bc5e6c62a38994828353fb91e09f86d32cd68021e84bebc64266895c1e3b3c33704efb956f5536f0867d69236b4601f39283ceb5c3c7eb6cfe43d525dc36afabebc9b541bff9175923bd22e2a072df40fdcbc3f919e236566eb77d9bcea7c0fa60afbd9391afb1b967a0f0a81ab82a6535fdb28e77e86d06836a11534121d83c8f6515d8dd0ccacf29cf0a76605dea5eec56903d6a6dad018072906cfdc7bdd9a39219f5d7ad06ae28e328220c4ba391364fcb10cb9bb3eb35a6180e79642bd93b2fc955fe0249f122647a1d993ad176288ee73c0c717f04bfb4ccc78ab8870b6cf3b3a011dc33c5d9428d469119bd804eb416f650bba5ba0cc5d51f5d2e4d10c672185062e9836f967c17df9a0268b4706dd4f870076d651db15527a8cd2263d036841e6c683c2dff067b4561a4de4bc4764f4582c5ebacbd6d525dcdfbfb66241cb044c047b5517add6c5c60dfde6c4d4b9aba10f5510bd200729ff9b50e4e412decb6046762d81a1767652c223747efecde618fc40279b75b84c54e09244febef6f914fa91fd1c7c93e4f1837df6f49908f206abbb1d25dd663b980da4a288a29d14fa0998b7de91719f5b83606df11d2f5e24219e7ca5c845127af6d34e4c3ad5e19508d14db501792f6b03201df3e94d59f41be474312d9b18866f530a2821256db3df78ddfe27bfd6f94c9155ff10e92fd70e4f492eef5b41960821778f4be76b85d3a6021cc5315ff5a2bdb0d2257f0b496b636374d9b569628ede59c055658dd275cc4277dd5fa8ff279a526b66c91b7c7af53fa649883ce77852c44a8eaa6b04000848cb0000a200d12631e229f82b9b011eb6f470dadd97533159acab9ad3e44a477d45fcd91523f80893b25c14fd401f02ea53ea37386a16955a896ea824db7c5b488f6207ff00b50fcb6d3baa433593a151d149cef1a86c8e3ca38ffd24e198115d48f80b9032b5f1b48f34e23ea32d6f0fa3566b2e89c7830668fcf668692f4d24f6a4d2d6bdfd9d369e1763cd502bd949746616ad418896e9045536cb2ab0b8e71121c4f12e550531cf81350c049ebf80d5273e8fb3651a2b8f10b046aab76921c761617c06503134ec8c0ce4253112595c7e5628e638604173cecadefb7e0a8589cc8b8f0d0f9630d2aec93644fa76083dc499d85487a85121a690da393fb752d3cf1de14e734057bf9bee0f66be6ba9152851f684f5a222a913befe5a3338182ec5eed48dcdde786089fb11d45b10a9585b5f43a2061e35972aadfbb3d3e1d2eabbae8d52b7fb51a1ee6300513a37271f6487e4ceb06b620d383fe657a0e8b90fb81f950fa64343015d2bae2446b8de7d50120b3b93aae5c75e004275295af0a119dcbdf0ad4c020536e30f54a956d8aabef127c740429bf5851078c7f218f5b6184b1830bf7f8b821d474d66e5ddeeb4776d6cfed3079de46ca62f15ad569e1256b68a0313d31b48be7ee46839341efa1c73dc62e99e7d7fc27da1fcf67ed75ad59dc12c0646542ab118beeadfe24ba314e501ee6019be62081c8d05bdc8643ffdab9324e5dd97721ac677e87878d6322f00b3e96ffadfa3970773e31cc0787e4678579932a68458182f0859bd96bce1d43f51535c17aecdc607dd97a09d9886a8045e6b3c58899c60361a76b903881c62e885f5a57c45d04c4977005982f227101688c5f4f25d9bf563dae76667dd39ea85b6e830fffffe9c310fe87bb3fecb467545f334275d41ec4b50517803aedad85236c48607c570bd6bbe8bafe1e63ab2adf1dcc71bbfc79fd8460c6943fa3f8509e374beec231b8f3238d5883316d6b0179012f09796c2c69b595c84bcf9e48d854051962a4c183f16d803a56e2ac3dce331da00103c94d38fddcdd64fe33d6172ef49c2ff5aa9618c437fa3b7037d78060366f3a1e94f9714211bb54ead8b6e7d5f084f116cb82251713f51aa403793ab17041aa4d76ba08b2ca505662cf6d46f6e9ff9842a4312f71a76644310896d633c60f98cfa5d96fc4cc81db8db6d208068d6139d8a203d3a6f4a2e0bd7473a4436f9460d2be1ce5bb0357c02a81a79169b7e78179b614af3be0e2f7e86a328cf0374c6b95079e9be155b09151c5a2a9a174c1169be77efd80f24435aee6a7"}, 0x1004)

15:45:48 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)
dup3(r4, r4, 0x80000)

15:45:48 executing program 2:
prctl$PR_SVE_GET_VL(0x33, 0x1db91)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:45:48 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="04299895220b8a87e357168567000000ceab1c60828dce8fe0718afebac7283e64197f9428311b3d159d11dc51243c6084e423857f0b5ea34aa7897a589f5ddd4e408c9999dab7ea2e9309d3ce938534a32fbe344c7bf3fcef152cd149029e58bb526d43c80b1499c9d38b71d139aa58c1f90a03b889d6194eb6e4896a9e89911ec2c98c766c418308705338ec9fa275f6f49670ad63e7ea7db92b1bd3dc6d3cd282c3ce961d069f2146cb3d61f2109474decc0cace17428f6cac15d24dc"], 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x11}, @l2cap_cid_signaling={{0xd}, [@l2cap_cmd_rej_unk={{0x1, 0x80, 0x2}}, @l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0xccc, 0x4}}]}}, 0x16)

15:46:01 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
io_uring_enter(r0, 0x6b20, 0x39b, 0x2, &(0x7f0000000000)={[0x8]}, 0x8)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000040))
io_setup(0x10000, &(0x7f00000000c0)=<r1=>0x0)
r2 = signalfd(r0, &(0x7f0000000280)={[0x9]}, 0x8)
ioctl$BTRFS_IOC_GET_FEATURES(r2, 0x80189439, &(0x7f00000002c0))
io_cancel(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x9, r0, &(0x7f0000000140)="85ee8133f47508998e2cd554b796f44f94bd2be0261d2541ba0aedfa86c46f8546cf4e9443828cf4f0b1b46b451afd1f869e855f034a62de50c6a49c6a4637e5d0dd9411a623a08cfa0028b0df8862cfdfcea47b4285fba9a018aa7eb6b5cad548226d80a128cfb33ab0286aadefa7a7aa39d4e314ed19305d0fc10d2c76a23bc89beddd65de775b40b094d01965ceea9014aa54fc6601d057", 0x99, 0x40000000, 0x0, 0x3}, &(0x7f0000000240))

15:46:01 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0c1cfb01c8000000"], 0x8)

15:46:01 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)

15:46:01 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5410, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:01 executing program 3:
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000280)={'gretap0\x00', <r0=>0x0, 0x20, 0x700, 0x3, 0x2, {{0x7, 0x4, 0x0, 0x3b, 0x1c, 0x68, 0x0, 0x9, 0x2f, 0x0, @rand_addr=0x64010102, @multicast2, {[@noop, @ra={0x94, 0x4, 0x1}, @noop]}}}}})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x46, 0x0, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', <r3=>0x0})
sendmmsg$inet6(r1, &(0x7f00000006c0)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000"/32, @ANYRES32=r3], 0x28}}], 0x1, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'sit0\x00', <r6=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000500)={&(0x7f0000000300)={0x1d0, 0x0, 0x2, 0x70bd28, 0x25dfdbff, {}, [{{0x8, 0x1, r0}, {0x134, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}]}}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x4004}, 0x40800)

15:46:01 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})

15:46:01 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0xfdef, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa7700c24d06a70800453b40ac4ecc81"], 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_keypress_notify={{0x3c, 0x7}, {@none, 0x2}}}, 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_phy_link_complete={{0x40, 0x2}, {0x8, 0xc8}}}, 0x5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xd6a87bd473a539d4, 0x3, 0x1, 0x22}, @l2cap_cid_le_signaling={{0x1e}, @l2cap_ecred_conn_rsp={{0x18, 0x5, 0x1a}, {0x4, 0x7fff, 0x4, 0x7, [0x49f, 0x9, 0x8001, 0x200, 0x231, 0x9, 0x81, 0xc3, 0x1ea7]}}}}, 0x27)

15:46:01 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:01 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c89010000c0095ac12020800070082090100050083be0d9941a692bd3130ea8542c1865af0925599c62f929b2dad9c9de660df4f5deef4c4ecf4b015d2b827031460e11f39dde3e5df2500f33017ffe57e7d3ae0e38ab07e969e9936b8122cc6b2afc1cd013b7636c440c9bf8b4823fc69cfb9e894b7542acf214db085c2fddb1d4369f1bff6c57d47c257404827d6529dfb8b1f68f746b10229ee601fd722136847a744"], 0x15)

15:46:02 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5412, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:02 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)
fallocate(r5, 0x0, 0x0, 0x6)

15:46:02 executing program 3:
socket$inet6(0xa, 0x5, 0xa93f)
r0 = add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)={0x3, 0x0, @c}, 0x29, 0xfffffffffffffffb)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
keyctl$chown(0x4, r0, r1, 0xee01)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)

15:46:02 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x401, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="b680f591376d404d1b75af6adff8587919b5afe15a3146f427a9da76e0d08d94ce03b364d0c36b2f17679111d8564c8661a574af25d4e5df03c16ed35f88d0da2353c530359d19dd9779435b217f0ebb99e84bb53ffc71e9c776bb45d0e26ee3d27dbfe0f2f2cf", 0x67, 0x7fff}], 0x80, &(0x7f0000000180)={[{@noacl}, {@orlov}], [{@appraise}, {@subj_user={'subj_user', 0x3d, '#&*[&'}}]})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="042c11000000ffffff000000000000"], 0x14)

15:46:02 executing program 4:
lremovexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@random={'security.', '\x00\xdf&P\xc9\xf7\xc6\xc0\xb6\xb6\xe1\xc2\xb4W7)\xc8`\x1f#/\x05\xf5=L\x9d\a*\x88L\xbc\x95\xe2\xab\xfd\xd5\xa3\n\xf2s\xfb\x8d\x89\xea\xc1\xa8\x87\xf7\x83\xf0w\xfe\xc7\xbbrfq\xbas\x8a|\xac'})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)

15:46:02 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
dup(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:02 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "45edfb30bd24dfb2"}}}, 0x11)

[ 1288.140147] loop2: detected capacity change from 0 to 127
[ 1288.155225] ext2: Unknown parameter 'noacl'
[ 1288.165687] loop2: detected capacity change from 0 to 127
[ 1288.165872] ext2: Unknown parameter 'noacl'
15:46:02 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
fremovexattr(r0, &(0x7f0000000080)=@random={'trusted.', ')\xfb{}.^\x8d(\\\x00'})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0xc1}, 0x2)

15:46:13 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:46:13 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5413, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:13 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})
r5 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x404042, 0x8)
fallocate(r5, 0x0, 0x0, 0x6)

15:46:13 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="042c11000000ffffe3f806000000ff4009a49d2ca6000001d27f00"], 0xb)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x15}, "f5cd75cb23d5510808a0a4490a4cc4ac6b65bd4121"}, 0x19)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:46:13 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:46:13 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9400500"], 0xf)

15:46:13 executing program 3:
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000000))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="df8eb0d8e2da23df"], 0x8)

15:46:13 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
dup(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:13 executing program 4:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="042526c79b5b4696712af38370c59fbc36fe64022c0b999c4d1d9569a626849f2a25dbf2c9ad604ccdac8db8556aa2eff37ea55304b60e62f83fed60bf325548d205bf60e47f3cc9d250722887f17045181197d5ee193f93041f04309ea0ba34e2a91886200ea9b5784b4b"], 0x7)

15:46:13 executing program 0:
syz_emit_vhci(&(0x7f00000001c0)=@HCI_SCODATA_PKT={0x3, {0xc9}, "2315582874e55f5c15ad47e0afada8bcd25068dedfa636ef87a7de6091b095683af472cb9680becc1a11b410bcee2ee93a1c221004b3efebe7781d080b544779c33ff6444326bedb882084525c780d10403e08cd29db37a3ba9a64c8ad36fda1fc3d80609ca71f520c9f1c42c810d09ff7b4ee1e52f6cafc55ee8cc37589774b144a9f9aefce2520e1c2ad1164094652d6f1091cb24724d6a5e320057c1c184e8007d4b800e061024a6a8cff08aed5bbab7d06d03862c26fc206ccd86935334f594bdb2165e82140c2d63e8f2f6ab45bd9f7bb1feafd580186b719cd052369f603ba26ec7242690d40ffae2756f26473e0c6c2c23cc1e6d1d073b9dfd3f0ee7357e1598b89922937c467"}, 0x10)

15:46:13 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0200"/20], 0x14)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0x116}, @l2cap_cid_signaling={{0x112}, [@l2cap_disconn_req={{0x6, 0xf, 0x4}, {0x2, 0xc41}}, @l2cap_conf_req={{0x4, 0x4e, 0x16}, {0x6, 0x3, [@l2cap_conf_efs={0x6, 0x10, {0x5, 0x2, 0x200, 0x10001, 0x910, 0x1}}]}}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}}, @l2cap_info_rsp={{0xb, 0x80, 0x86}, {0x7086, 0x3, "f84e4012fa0282e148696cda77857deac6f9bd1ef14cd956b0dab71e207bae7f2b183c07e72ee5e169db7815b45a2edb8adae3f42d01900c7b252392aeab82c5bf37f4883ff5c376722c22779fda0c788a0b25d4e937b44a2cd7bfc7d9b80a246324d703b7ff8764789205eb5544a905a47efda0177d1cc27b19e0b8a2556db9cd97"}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}, {0x4}}, @l2cap_move_chan_cfm={{0x10, 0x1f, 0x4}, {0x5, 0xbe}}, @l2cap_conf_req={{0x4, 0xc8, 0x4e}, {0x0, 0x5c8, [@l2cap_conf_ews={0x7, 0x2, 0x8090}, @l2cap_conf_efs={0x6, 0x10, {0x7, 0x0, 0x101, 0x56e2, 0x6}}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x0, 0xaf, 0x8ad, 0x5, 0x5}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x3da6}, @l2cap_conf_ews={0x7, 0x2, 0x1c}, @l2cap_conf_ews={0x7, 0x2, 0x1ff}, @l2cap_conf_mtu={0x1, 0x2, 0x3}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x2, 0x1, 0x4, 0x3, 0x220e}}, @l2cap_conf_flushto={0x2, 0x2, 0x6}]}}]}}, 0x11b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0x1, 0x47}, "f2da4ec7084d2a1e26c156c8a8b0f38df5100b6fb6f7ee3945ea0771fe53139788e71fd366b9af9fcfe20490f45929bb377a5a54a7ba58e8c7321af49d616d44f401172ed4a328"}, 0x4b)

15:46:13 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
read(r0, &(0x7f0000000080)=""/229, 0xe5)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:46:13 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5414, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:13 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
dup(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:13 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="00000700f6ff0000"], 0x8)

15:46:13 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5415, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:27 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0x1, 0xe7}, "83782293adecd8f5d7d068d5e8ec497d29f1a92c375c3d9b18db0fea756de242493ac2a393d3d26ba5fdb1042f2f3d1837f7eb2eb6a94a12bcc57eb9006ad33acb54df3406d150ff2ac73832840d1067739538b2dbf00a1d8f7464955b264b1f45b5b1b27fed21547ba9c137db17b3abd439216569bfe45b67fa6f44f44793ee0d4a959d9cf30a791518df3e5485f156f6fd6404c283df6b0bc9724cc420129c8fa7c1cb55679c674472632dd115b03c9cbb02814a3403cef5779e2bb3112a668d33374b4b766827f2c1005310989f444720073670c67a7456719863e5333435cbc12fc51ae1de"}, 0xeb)

15:46:27 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x56f5, 0xfff9, 0x5, 0x4, 0x10}})
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xfffffffffffffd9e)

15:46:27 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:27 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "45edfb30bd24dfb2"}}}, 0x11)

15:46:27 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x29}, "c27ff99eff9a2681b70500000080368dcdb6c509545e2af1c88c5dd1ef0db2f78d932d574bd110dc6f"}, 0x2d)

15:46:27 executing program 0:
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x8}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4044085}, 0x20040000)

15:46:27 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:46:27 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5416, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:27 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="100e0508400c090626b623f17c4812c0f9ef45ac38f0c60223670e2282ee60bf04bcdd9d2b767980bed96236dcf980e4b260bfa9d69e180df7327f12d774f7ddd7517cb5d48e4a32b20f2d91b9e12a6e46ff419440840fc66a201d0d5cb9e1e04fa770f683533febc8863032650dc13500000000321d8100bb009b80723d7224ea7c131fe721cc57cf1e3100000000008dbb685f4e471ef3711fe1d2b62923f6a8e201184e9b56aed7e16a97a88a47b99e1e3257c04029ff3950280408e72dc433eb9cafb6b942890d833c5cec1bc2815cd3fd77c3e2fe"], 0x8)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x8, 0x4}, {0x1171, 0xff91}}}}, 0x11)

15:46:27 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "45edfb30bd24dfb2"}}}, 0x11)

15:46:27 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="04f7432f460502c80000009c6d5b3ed3d274d9f93402d08c64b25830b92905c4b6f26790791c60addfe1c3d549480f59162df9bb94fe4645546a891a1069ee0e462e1477db276d07c1e3f67631"], 0x8)

15:46:27 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5418, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:27 executing program 2:
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000040), &(0x7f00000000c0))
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x2b}, {0x3, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7f, 0x6, 0x5, "e25277", 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x5f, 0x2, "ab0448", 0x7}, {@none, 0x1f, 0x7, 0x0, "2b25ad", 0x9c}]}}}, 0x2e)

15:46:27 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:27 executing program 1:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "45edfb30bd24dfb2"}}}, 0x11)

15:46:27 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYRES16])
setxattr$incfs_metadata(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)="6395390f60895273021d9e6326dfaaacd8655ce84323c6241d7486e60b67508e58c5bf372d311d331b52fe607a92cd7ecc02b1aa0505cd0879fb83320046e8a8d8fe29b351ba9e802e02b02cea1b4120894ff0aaba2174dfef98c9febe32f905641cbc1c5a1625ee7be6ccf81d2a384f45c2bd270fa9a13b9ac7d292565417d102573236df3a0b3f32e7826c4df2323865", 0x91, 0x1)

15:46:40 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:46:40 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_changed={{0x2d, 0x9}, {0x1f, 0xc9, 0x0, 0x87, 0x6649, 0x1}}}, 0xc)

15:46:40 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})

15:46:40 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xff}, "d33b0933297ca0a67666578ed57d36a7e469b3730fbaed711462c1854d61fc0118177d078482e4f235a8866777c2e2b68bff318a50787edf6cbf1eab322ca53084bd360e42bb9043a837902bc892a7c704c1b78f779e1b78ec07874d6d6476e45e108849489080d16aef68e79b6fda25bb420e3aec3db26cf162eccfdfca6e859b2907589534eeb7885de2ab0cc9dffa3d92ed035ba9ea59b166ffd950267c108391e1ba16c0b146b1ae31ca24f43c64587fe37a5d44c85aa62e7d7f924f419882e8348e91ba9b68cd36051f4b04547e045dae1d7bd4c901531899b7ec149c6ca1f59e91ecaa3944bb32e2a3d0c54b9222898dee3ffc1911b9fe68b0ca4e68"}, 0x103)

15:46:40 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="041c0502c800d6d04b8633e452126cacc8e65c58800000"], 0x8)

15:46:40 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x541b, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:40 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:40 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYRESDEC=r1, @ANYRES32, @ANYRESDEC=r1], 0x0)

15:46:40 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x5, 0xc8, 0x4}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x2}, "e7c0"}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x40, 0xc8, 0x8}}}, 0x7)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x11}, {0x4, [{0xc8, 0x2}, {0xc8}, {0xc9, 0xcd}, {0xc8, 0x9}]}}}, 0x14)

15:46:40 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSBRK(r3, 0x5409, 0x4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(r2, &(0x7f0000000c40)=""/136, 0x2a)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="020000ffff00"/17], 0x11)

15:46:40 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x541d, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:40 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3, 0x5, 0xab}}}, 0xfffffffffffffda0)

15:46:40 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:40 executing program 4:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x3, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
dup3(r1, r0, 0x80000)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x100000000, 0x400, 0x7, 0x1000000000})
r2 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x82000, 0x198)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000100)=0x3, 0x4)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="c645164b753b49bd0355b9bed051c119eb2478b5e22c9ddf0e9a2cb2c5fa7d04eac961bd0be87ea45dc247dc6f"], 0x7)

[ 1326.488314] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 1326.544334] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:46:52 executing program 3:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c8001208000000000109020003000704040005000600"], 0x17)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x3, 0xc8, "32c32704c15026d2"}}}, 0xe)

15:46:52 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="540200000010be6e5ff112adc78e45d2c9041c0502c8000000"], 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x46}, @l2cap_cid_signaling={{0x42}, [@l2cap_disconn_rsp={{0x7, 0xf8, 0x4}, {0xb8, 0x80}}, @l2cap_conn_rsp={{0x3, 0x9, 0x8}, {0x9, 0x1, 0x9}}, @l2cap_disconn_rsp={{0x7, 0xff, 0x4}, {0x6, 0x73}}, @l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x1, 0x6}}, @l2cap_info_req={{0xa, 0x1f, 0x2}, {0x5930}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x1, 0x2}, {0x400}}, @l2cap_move_chan_cfm_rsp={{0x11, 0xc2, 0x2}, {0x9}}, @l2cap_create_chan_rsp={{0xd, 0x2, 0x8}, {0x9, 0x88, 0x80, 0x4}}]}}, 0x4b)

15:46:52 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:46:52 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="1a2c11000000ffffffffffff0200000000000000"], 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:46:52 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x541e, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:52 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})

15:46:52 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRESOCT=r0], 0x7)

15:46:52 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:52 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0f0c"], 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xbe}, "9f775b274f2d3a2479928003914f8d6c449984245aeac680cc50434df3b5b95cc12d40f8ad4bfe1d02cfd8d110a9f6df9a95bfd11ba7fa81d93a834ece91352e9cd3fa601c2e661bd67d9ad53d621772fe039c04c59e54a31a50c41de786942ff83a6b28410e0dbd7c99552d36e7c38d60204edb825af4afb29c81dd75e975d351588989081a81ef3aa7d7edf38da39981cd1158c22f187695e709e64a565c8b447cd902b5ad401308790acf5470d5c6422eeb9f3cd4dcad217f183ef3b3"}, 0xc2)

15:46:52 executing program 2:
r0 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, &(0x7f0000000040))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000002700))
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
dup3(r0, r1, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002640)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000002500)=[{&(0x7f0000000100)=""/33, 0x21}, {&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/190, 0xbe}, {&(0x7f0000001200)=""/234, 0xea}, {&(0x7f0000001300)=""/156, 0x9c}, {&(0x7f00000013c0)=""/106, 0x6a}, {&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000002440)=""/137, 0x89}], 0x8, &(0x7f0000002580)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}}], 0x1, 0x2120, &(0x7f0000002680)={0x77359400})
ioctl$TIOCSLCKTRMIOS(r2, 0x5457, &(0x7f00000026c0))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT=0x0], 0x14)

15:46:52 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x541e, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:46:52 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000180)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x4, 0xc8, "eab143f0ad0ecc34"}}}, 0xe)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="03c900b3255b067f31fd91ea4f2a9da7f318ed07000000188d5331b5c439993c82675ba24b8469e076dc5d3223d21a1106cffab7c5a29a992cae1aae600f04807770dc41f80b9078ede58385fd3051d12e4b2f78b128013dd44e567e1dca337843774a9146e5e3a62901559edda14afb76ff75f057cdaac6911b10b370c59852d69d8c7507a1540a9eda075ec67d0f1538c21cb4ac8bf4c16914d1e055865c629528467ff115798c7524eb273fadfe44ff2be86b992204"], 0xb7)

15:46:52 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:46:52 executing program 4:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="5a2772f222a7210ce60552ba90fd395389e49def838cc140623095594503b14eff6957014b66abcaa87a01787d7815170c375443b6e385dbdd5821c7a1ce7642f0b98763482f83eae88b58d2b65385e6a3524ffe95da4ceda16d28ed29f1816acc6f2910a68872ac5084a15a8e2e8afe6f61b535c030e16a6ece193c2e61e08a6d22d88f19786479720b83944f93528631ed61ab2d494f52870b"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "cbb58e28837890a042ae94e3975bc02b", 0x3}}}, 0x1a)

15:46:52 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9)

15:47:11 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5421, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:47:11 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0004}]})

15:47:11 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:47:11 executing program 3:
socket$inet6_icmp(0xa, 0x2, 0x3a)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0xffffffffffffff72)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0x64c249e66c47b26b, 0x2, 0x3, 0x7b}, @l2cap_cid_signaling={{0x77}, [@l2cap_create_chan_rsp={{0xd, 0x15, 0x8}, {0x3, 0xfff, 0x100, 0xffff}}, @l2cap_info_req={{0xa, 0x9, 0x2}, {0x40}}, @l2cap_conn_req={{0x2, 0x4, 0x4}, {0x2, 0x1000}}, @l2cap_move_chan_req={{0xe, 0x3f, 0x3}, {0x0, 0x2}}, @l2cap_create_chan_rsp={{0xd, 0xfe, 0x8}, {0x40, 0x1d0, 0x5, 0x20}}, @l2cap_move_chan_cfm={{0x10, 0x40, 0x4}, {0x7fff, 0x101}}, @l2cap_conf_req={{0x4, 0x81, 0x8}, {0x7ff, 0x7fff, [@l2cap_conf_flushto={0x2, 0x2, 0x7}]}}, @l2cap_conf_rsp={{0x5, 0x79, 0xa}, {0x3, 0x101, 0x6f, [@l2cap_conf_ews={0x7, 0x2}]}}, @l2cap_conf_rsp={{0x5, 0x1f, 0x24}, {0x9, 0x100, 0x81, [@l2cap_conf_efs={0x6, 0x10, {0x6a, 0x0, 0x5, 0xffff0001, 0x80, 0x800}}, @l2cap_conf_ews={0x7, 0x2, 0x67}, @l2cap_conf_ews={0x7, 0x2, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0x4}]}}]}}, 0x80)

15:47:11 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:11 executing program 4:
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3f5, 0x10, 0x70bd28, 0x25dfdbfb, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x10}, 0x4008040)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0xff, 0x4}, {0x30c, 0x800}}}}, 0x11)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:47:11 executing program 2:
r0 = memfd_secret(0x0)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x100, 0x70bd28, 0x25dfdbfc, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40448e0}, 0x44891)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:47:11 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="141c8d02c8040010"], 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x1d}, {0x2, [{@none, 0x23, 0x6, 0x8, "05a8ca", 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x66, 0x4, 0xb1, "96fa72", 0xfff9}]}}}, 0x20)

15:47:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x20, r4, 0x300, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void, @val={0xc, 0x99, {0xfffff452, 0x23}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4004041}, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xe99dc5b894326345, 0x2, 0x0, 0x1c}, @l2cap_cid_signaling={{0x18}, [@l2cap_info_rsp={{0xb, 0x3, 0x8}, {0x3, 0x1, "def17f5628c01402314c8d3b9404e9af1f9083ee41f738e07bf7ffc562e04c207992a3d2899ab1af600a614b1666565a6ed248f3605ed872b0a0ae75863fdd554a4f7dd068ca0e41b1bd54d7f27dcd91b9c327027b22ba54aa174e7a210662cac28a96a7f43c44afeafdb8bf0ee183285679a41dec4236befe044db7a34da7965095f9f3db10525aff50f274d5e224e613c3b084a3c69e4836e6e38a6ebb089c2471cf38e52c766339e119784ee8d0f861dde764185c691cfb6603ac2752e2df55725df6abdcbc6d849eb3a1b8578ac4f6e555aebf0aaf7d6a415c90"}}, @l2cap_conn_rsp={{0x3, 0x6, 0x38}, {0x5, 0x8, 0x1, 0xa5}}]}}, 0x21)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x6d}, @l2cap_cid_signaling={{0x69}, [@l2cap_create_chan_req={{0xc, 0x1, 0x5}, {0x0, 0x2, 0xff}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x8}}, @l2cap_conf_rsp={{0x5, 0x8, 0xa}, {0x1, 0x8001, 0x7, [@l2cap_conf_flushto={0x2, 0x2, 0x60de}]}}, @l2cap_move_chan_rsp={{0xf, 0xff, 0x4}, {0x7fff, 0xfffd}}, @l2cap_cmd_rej_unk={{0x1, 0x20, 0x2}, {0x8}}, @l2cap_disconn_req={{0x6, 0xf8, 0x4}, {0x8}}, @l2cap_conf_rsp={{0x5, 0x0, 0x32}, {0x7, 0x3ff, 0x0, [@l2cap_conf_mtu={0x1, 0x2, 0x6}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_flushto={0x2, 0x2, 0xfff7}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x1, 0x8, 0x622b, 0x4, 0x2}}, @l2cap_conf_efs={0x6, 0x10, {0x0, 0x0, 0xd7f, 0x101, 0x5, 0xfffffff9}}, @l2cap_conf_ews={0x7, 0x2, 0x3}]}}]}}, 0x72)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x2, 0x1e}, @l2cap_cid_le_signaling={{0x1a}, @l2cap_ecred_conn_req={{0x17, 0xff, 0x16}, {0xff, 0x1ff, 0x7, 0x1000, [0x4, 0x5, 0x9, 0x9, 0x0, 0x3, 0x2]}}}}, 0x23)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000480)={{{@in=@empty, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6}, 0x0, @in=@multicast2}}, &(0x7f0000000240)=0xe8)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000400)={'ip6gre0\x00', &(0x7f0000000340)={'sit0\x00', r7, 0x2f, 0xff, 0x1f, 0x0, 0x6, @local, @private0, 0x80, 0x1, 0x40, 0x9}})

15:47:11 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x20, 0x1, 0x5}}}, 0x8)

15:47:11 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x74, 0xc9, @none, 0x2, 0x3f, 0x3, 0x400, 0x5, 0xff}}}, 0x14)

15:47:11 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5422, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:47:11 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x3, 0x10}, @l2cap_cid_le_signaling={{0x23}, @l2cap_ecred_reconf_req={{0x19, 0x6, 0x8}, {0x3, 0x8, [0xff7f, 0x8]}}}}, 0x15)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0x1, 0xbf}, "68f2a5cae52094cf36e2aaf4e2895d0182dc5031119259922122d6b06770dce975b63650853d90e98d96966b223628a531ea85ac3b99a36eadb0843591b785257fe23b309d836c5f1f137373f8b75321b9455f7ae747705beffe9442ec8ad977240e4945059d32164ccfcaf9f971471a0be9235f5f64b23ca8f34336635f8f8a9919106e0162ad7e1ca042ce025400353e97fdab53f61aaaf886d8bc0ca0fbe7b32f5a2bfa84959b0df83e0ced78373b51f1b702ac52a7a16f4b4776d2f469"}, 0xc3)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

[ 1357.936616] Bluetooth: hci0: ACL packet for unknown connection handle 837
[ 1357.970640] Bluetooth: hci0: ACL packet for unknown connection handle 837
15:47:12 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:47:12 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:47:12 executing program 3:
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000540)={{{@in6=@private1, @in=@dev}}, {{@in=@initdev}, 0x0, @in=@multicast1}}, &(0x7f0000000340)=0xe8)
ioctl$AUTOFS_IOC_ASKUMOUNT(0xffffffffffffffff, 0x80049370, &(0x7f0000000240))
timer_create(0x6, &(0x7f00000001c0)={0x0, 0x30, 0x0, @thr={&(0x7f0000000040)="978d0ac76e546af1356412b3391031645e1c96892d8b1153c57dce422fc973c30bd4f83923d6d90a0277167680762680966a2359260ab701c8cedcd09eb024d95c7b907f458ee4a390d6", &(0x7f00000000c0)="ab61f00b31ab578f43a040333992603c1847b44e4f99a883044f6d115368140e1662a3dcefd1f4d37392d014c92a789db692514d33281f9f5c23f96766057baa33637e060643f473b8a1b62140762f769280ad76e13f411773b963c7c6a1bca4449aa93accef1be3cb6076fe4eb679e3bea7ea67b2f51bc398bc7b45b379c7f4d153dee481386a8125ad2a7f35642a24e3da5eca1027d96bf97d4fedc73c78ba76cba80900123596cbdd23e58a2ef137c3f9c71411a1280b56140c99c8ee7d2189ec69cb"}}, &(0x7f0000000200))
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x5]}, 0x8, 0xfe5cb1ac37d7a341)
read(r0, &(0x7f0000000280)=""/86, 0x56)
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x8)

15:47:12 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:25 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5423, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:47:25 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:47:25 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:47:25 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:47:25 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x55}, {0x6, [{@none, 0x7f, 0x4, 0x9, "35d6e0", 0x3}, {@none, 0x9, 0x40, 0xa8, "ab5f57", 0x8}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x3, 0xb0, 0x1f, "3f8879", 0x3edf}, {@any, 0x40, 0x2, 0x14, "09e4b4", 0x1}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x1, 0x8, "92a31d", 0x7}, {@none, 0xa3, 0x7, 0xc0, "49f13f", 0x6}]}}}, 0x58)

15:47:25 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x20, 0x1, 0x5}}}, 0x8)

15:47:25 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:47:25 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:25 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x1, 0x4}, {0x6, 0x9}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x99}, "35413fc3612993f4b37efbf97f57308bb2256782ae6baa90cdc892237f1783db10c0913cf5fdb75b6dc7f3692d8c52ba8315cbadb09d5d7c51952642feb7bba5f26eb5b7ff641be24b177531c76f24d196d98bab18601dbeaaf5caf3e7fc6d647c3bb7eecc783a1fa1450e48d3796da0449c4cb8cb72c88905c8fff28ced221abad7d5f6a6307987956c43b784abb2eae95d685a909520fb13"}, 0x9d)

15:47:25 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/155, 0x9b)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES64=r1, @ANYRESHEX=r0], 0x7)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
getsockname(0xffffffffffffffff, &(0x7f00000000c0)=@generic, &(0x7f0000000000)=0x80)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0x7)

15:47:25 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0xc0}, 0x2)

15:47:25 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x20, 0x1, 0x5}}}, 0x8)

15:47:25 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = dup(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:39 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:47:39 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x9}}}, 0x4)

15:47:39 executing program 0:
write$binfmt_aout(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b010607d603000031010000008000002903000002000000000000000000000033fec010dbe2987514fcadafaf1ea3b5b5dc7727a5a4e161d962eb34372c6e00ef3cce193a509fdaa655f0ebb6313a5d1a604ea9ca533cec75c5a495287f63000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000"/351], 0x15f)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03000000000000000fc4b025c56666cb7d58e5121ab1c3158a0d7afede249c54161c9f387e13830d759c2ee0a63aee5bdfdcd4fee892af22fe6dcfa69bf3155ce74346c768624d8183f05ad1238e1c6dddd8bbee85668ea107e256d9fd345f8df8f4cb62f414ac19c8763dba94499e87ee4e5760a50d05d3336bef"], 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x1d}, {0x2, [{@any, 0x3, 0xe, 0x8, "81cf00", 0xbf1}, {@any, 0x57, 0x1, 0x9, "c31329", 0xe812}]}}}, 0x20)
r0 = memfd_secret(0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000280)={<r1=>0x0, 0x3, 0x2})
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000680)={r1, 0x3, 0x0, [0x6, 0x2, 0x1, 0x200, 0x6], [0x391, 0xfffffffffffffffc, 0x4000000, 0x95, 0x0, 0x6, 0x9, 0x0, 0x401, 0x3, 0x3, 0x9, 0x6, 0x1, 0x7, 0x2, 0x1, 0x3, 0x15, 0x81, 0x8, 0x8, 0x7, 0x1, 0x6, 0x1f, 0xb0a2, 0x47, 0x7, 0x2b, 0x1, 0xf0, 0x94, 0x28, 0x3, 0x6, 0x7, 0x5, 0x9, 0x9, 0x40, 0x100000000, 0x9, 0x0, 0x0, 0x100000000, 0x4, 0xffff, 0x4, 0x0, 0x29d9, 0x3, 0x5, 0xed9, 0x3, 0x0, 0x3, 0x9, 0x4, 0x1, 0x401, 0xfffffffffffffffa, 0x488, 0x1, 0x1000, 0x0, 0x1ff, 0x1, 0x7f, 0x3f, 0xb5fa, 0x20, 0x100000001, 0x1, 0x0, 0x9, 0x7f, 0xbf5, 0x800000000000, 0xfffffffffffffff7, 0x0, 0x5, 0x400, 0x8001, 0x100000001, 0x5, 0x5, 0x5, 0xff, 0x2, 0x3ffc0000000, 0x800, 0x1, 0xffffffffffffff80, 0xcce, 0x1000, 0x800, 0x86e4, 0x6, 0x4, 0xfffffffffffffffa, 0x1, 0x4, 0x19, 0xffffffff, 0x7, 0x7, 0x5, 0xfffffffffffffff7, 0x5, 0x10001, 0x7, 0x200, 0x0, 0x110, 0x40, 0x10001, 0x85b2, 0x1, 0x1ff, 0x100000000]})
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0xa0, 0x2}, {0x6}}}}, 0xf)

15:47:39 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5424, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:47:39 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:47:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = dup(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:39 executing program 4:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0408"], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x20, 0x1, 0x5}}}, 0x8)

15:47:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_SET(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000200000000800060000001800018014000200776c616e3000"/38], 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'sit0\x00', <r3=>0x0, 0x4, 0xcc, 0x3, 0x0, 0x40, @empty, @private1, 0x8000, 0x0, 0x10000, 0x8}})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r4=>r1, {0xee00, 0xee01}}, './file1\x00'})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="1529e0c8d6f25daaf6a6fefb6a007469ccc026418d142707000000001a963d8a4734b03252e244876548e1901d073cea70761e397ad991bd9c237b7d942d0769416d9d144671f98dabeca29699424a63c16c163784e5c30c595dbb28c7f10630762e3f08db4350d6aae105888e313f3210c2a7726ec382f0f3ca2828fefd467cc51fca40649edc04456ffdeb6e948da67153e268915957e033ad00801fe0fcbf744be4ee6103e158c9fc8e46c2247ee95200"/192, @ANYRES16=r2, @ANYBLOB="00022dbd7000fedbdf251600000005000300010000000500030001000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x6b25a122337660ae)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'gretap0\x00', &(0x7f0000000100)={'tunl0\x00', 0x0, 0x1, 0x8, 0x4, 0x8, {{0x12, 0x4, 0x2, 0x9, 0x48, 0x65, 0x0, 0x1, 0x9c876932d8ae4734, 0x0, @broadcast, @broadcast, {[@rr={0x7, 0x3, 0x47}, @cipso={0x86, 0x2f, 0x3, [{0x7, 0x4, "fc5c"}, {0x2, 0xb, "6e98b433f7da3fc16a"}, {0x6, 0x12, "17ebf5f4547764ac64d73d1273712330"}, {0x1, 0x2}, {0x6, 0x6, "91b73d95"}]}, @noop]}}}}})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000001c0)={@rand_addr, <r5=>0x0}, &(0x7f0000000200)=0x14)
r6 = socket$inet6(0xa, 0x1, 0x0)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'sit0\x00', <r8=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r6, 0x29, 0x1b, &(0x7f0000000000)={@dev, r8}, 0x14)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x46, 0x0, 0x0)
r10 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000700)={'veth0_to_bond\x00', <r11=>0x0})
sendmmsg$inet6(r9, &(0x7f00000006c0)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x28}}], 0x1, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000900)={0x164, r2, 0x4, 0x70bd27, 0x25dfdbfb, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x4105}, 0x40010)

[ 1385.282769] Bluetooth: hci0: SCO packet for unknown connection handle 0
[ 1385.283663] Bluetooth: Wrong link type (-71)
[ 1385.285669] Bluetooth: hci0: SCO packet for unknown connection handle 0
[ 1385.288806] Bluetooth: Wrong link type (-71)
15:47:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "852c39dda8f1da4595d33938c88183915584c3a30c1160adee0ca6477601f99dce800b555c28bc8d5f836cb7fca26b315d4d6c47c454bbb1"}, 0x3c)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x19}, @l2cap_cid_signaling={{0x10}, [@l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x3, 0x21}}, @l2cap_info_rsp={{0xb, 0x7, 0x4}, {0xfff, 0x1000, "eb61a15d443e03f3a158cfab2a2ae1a7471c9e3a16fc1288f4d7f82cbc18bf70e09f5d6c25cc1465262ad8857ceefb354bcb1760debd9f44abd0f82d87c3ea862fd41d5b435c0c023cd9f6dda825035b4347e33a56c1897bc37b260f029358fbb87d014b4c5b26b80d0f584e46e305fc4daac2350879a20aefe8655af565e2192f278cf42c9f142861ee81eced1092"}}]}}, 0x19)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xab}, "87a487569a2d762718df84a5f4ffffeb989448f6fca5313ce27bac968cafc1cf891c818d897181daadbd686339b077054e537c7d2d42266aa79f8df1fa59ecdb1049436c9bf2e9007731827ed6da7b9081d345886b676247ee59c78857fdd5aabf4c1d995a5c92d8ecb95f4dd3f5643121b61b16a893223622c3c0682a334f9c339dbd7564296600a01d8dcd92b682458f5f6efe59587615c402d22bdc14afc6004822f654ac3d88a8d7c5"}, 0xaf)

15:47:39 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRESOCT=r0, @ANYRES64=r0], 0x8)

15:47:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_io_uring_complete(0x0)
r2 = dup(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:39 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5425, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:47:39 executing program 0:
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xac, 0x7a}, "e40c700ef1893ba422d58447790927a65d68d5f6cf49f25b0efeec713d70a1a81c5add824be522f7fbce27b7c17b3a0cc2283340d20750dd7af727e271b65d8284dc96c93b3449a39439c28a032aaffc16f281e95727f81b2c7061e108e222a55c2d5d2ff4e56e8813268ad49e67b24528565b922b0265fd5f9f"}, 0x7e)

[ 1385.450887] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1385.453307] Bluetooth: hci0: SCO packet for unknown connection handle 172
15:47:39 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "852c39dda8f1da4595d33938c88183915584c3a30c1160adee0ca6477601f99dce800b555c28bc8d5f836cb7fca26b315d4d6c47c454bbb1"}, 0x3c)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x19}, @l2cap_cid_signaling={{0x10}, [@l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x3, 0x21}}, @l2cap_info_rsp={{0xb, 0x7, 0x4}, {0xfff, 0x1000, "eb61a15d443e03f3a158cfab2a2ae1a7471c9e3a16fc1288f4d7f82cbc18bf70e09f5d6c25cc1465262ad8857ceefb354bcb1760debd9f44abd0f82d87c3ea862fd41d5b435c0c023cd9f6dda825035b4347e33a56c1897bc37b260f029358fbb87d014b4c5b26b80d0f584e46e305fc4daac2350879a20aefe8655af565e2192f278cf42c9f142861ee81eced1092"}}]}}, 0x19)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xab}, "87a487569a2d762718df84a5f4ffffeb989448f6fca5313ce27bac968cafc1cf891c818d897181daadbd686339b077054e537c7d2d42266aa79f8df1fa59ecdb1049436c9bf2e9007731827ed6da7b9081d345886b676247ee59c78857fdd5aabf4c1d995a5c92d8ecb95f4dd3f5643121b61b16a893223622c3c0682a334f9c339dbd7564296600a01d8dcd92b682458f5f6efe59587615c402d22bdc14afc6004822f654ac3d88a8d7c5"}, 0xaf)

15:47:39 executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="041c0502c8f8bec981d078000000d53bc9c51ddadd18a0945b51c60fa967d3f7b9eb40fbc0e778e7466f31162e68ebb7a0798d128de9241e2e8e04d34fe899081558115495f2dee1e61afd5ed9846e3d879a85fc8a94ddd2ea4ad5037d48a566eda6581b0344f9643de0163b182d728e0e2683dfd6396320e90c510c8b58b21e8e10cd4346e9cb14531c1662156ecd065b38bf5dee643c918b936f994900e98a8113"], 0x8)

15:47:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

[ 1385.454211] Bluetooth: hci0: SCO packet for unknown connection handle 172
15:47:51 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:47:51 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "852c39dda8f1da4595d33938c88183915584c3a30c1160adee0ca6477601f99dce800b555c28bc8d5f836cb7fca26b315d4d6c47c454bbb1"}, 0x3c)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x19}, @l2cap_cid_signaling={{0x10}, [@l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x3, 0x21}}, @l2cap_info_rsp={{0xb, 0x7, 0x4}, {0xfff, 0x1000, "eb61a15d443e03f3a158cfab2a2ae1a7471c9e3a16fc1288f4d7f82cbc18bf70e09f5d6c25cc1465262ad8857ceefb354bcb1760debd9f44abd0f82d87c3ea862fd41d5b435c0c023cd9f6dda825035b4347e33a56c1897bc37b260f029358fbb87d014b4c5b26b80d0f584e46e305fc4daac2350879a20aefe8655af565e2192f278cf42c9f142861ee81eced1092"}}]}}, 0x19)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xab}, "87a487569a2d762718df84a5f4ffffeb989448f6fca5313ce27bac968cafc1cf891c818d897181daadbd686339b077054e537c7d2d42266aa79f8df1fa59ecdb1049436c9bf2e9007731827ed6da7b9081d345886b676247ee59c78857fdd5aabf4c1d995a5c92d8ecb95f4dd3f5643121b61b16a893223622c3c0682a334f9c339dbd7564296600a01d8dcd92b682458f5f6efe59587615c402d22bdc14afc6004822f654ac3d88a8d7c5"}, 0xaf)

15:47:51 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xe2}, "6371dfcb5e42b53b6cd5d1a0f24f67ea76ce26b4359596b7c46f4882ea3d640051130d75a6f8a4bb82d55d8a028f05ba3b29f4b46770fa74ffd8d870f49557d4f8a33c692d7da728c379a00c8ed7cf1cd9dfd13e5f6734d23aa34ac73717e4a551605c86608dc664533f559bea787cf61bf100d345bbd9994c4d9d5736b9ffbd4f87a9a15c845ba19eeebdd10552582943c92f637acc00e2f7b7e1592ab758f79442520c1309ab82b3a37495bad022f36719835e5fbfe3029fb7686d7a6530cfaa68c4076f13dfa17357a95a64eeb717ea8f83f4e8918f52a1ba5bf8322669271472"}, 0xe6)

15:47:51 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5427, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:47:51 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:47:51 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000000))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000080)={0x0, 0x1, 0x16, 0x6, 0x6e, &(0x7f00000002c0)="9f7d747833dfea22ccdb71eb1880873e38a5be19c8c2e489b275837b0bdd8770c3ba1b9edd6e128936671543e77a4f679f51b735db99ac34efba737aa185a924d7237967affe9520f2b640e737fd2e6022f55318f4198a605ccc4dc8d8c8e8552c1711122489739e078ede957941ac6adb083be45c9eafa53174bd8abdc64d1f26004d18cdc03d0fb0507ae6b0e818450e08137eb9e6e60887279a26612ecfdc8f423ef30cb2eda0aa8754834d756fddea370cbe1fb084b435cc037582636931eb27797f5d888fd9072e4d12ef04c3a850a08c39d1c4bc8d8e260980a216763e3e3140a17b538b0f3a06286d83ae305571e8fa07dd0209ee990d48960396f5cfbe6e03c06cb8ae5e3edfb73ef96c1982821ef5c6ebd0559590d03f1715a5e29aa15454ca5f0ded53fbb7469cce31890e2984d679ef7bc17597886ac480a266d4fe103a90feecfb21e88326202b4549cbdffe94da1b9a58f405f148bfa54ab39ff219bf2d2f5d7277abcd715cb68b4889f85708df43452b07c812972f1f8ba758be42eddadc5e08a3f378de197b28c8d580ce0c5e80042f782eec03ad8b5d66c113a20fe345a95a75020a83644a6bebeb9bdfeb7d40a345cca7e47dcd43a299d367163d6a6a7b9607a1d7336d4acc0d63b4cf32a9f5ba9bb6c77162d6d6d317a6f39e34ea824a609ba28edbe4a67bd714a5684b8d14250daed20617ca444f5e535c64ad16fb4180559984e78e4aad9355005e120faaa388f18e9473df029c0385a01dd08575edef500b54504b5bb9b6f21b01958d0b972145304e2b2bde4b00ecc95d76b1fdb96d443bd5d861ac62b7c1dedfa9b95dd1f04c3a0798daeb49f3e9485476c7b906bc24cf76dc613f2d89ec45b03387f013e724ed2e497d393dfb0b4314f6e54d55cf626edd567eaa6ef246a97677c8748993f75d67f3809f254ca0f8f935bc5c1525222e6ed43baababd89b667ba04fcd009b7424fd25b2c32c11702adf21007b3424c5a8679f60ef00c74dca2fb9a081921c77b5e62f03498ec336302e7006a32ca4b06425713beee1825af071cedd06853e7c33cb53d1276586657e35c573f01c6b83527896440b42d488b6923ccc77ff5b5219cf969f1b3de7f7d7ade7098397d901fdba663e3c54453252c57a249317a7d7614d4f361d1f7f4235ca210e196a65c4c58bbaeda0fa072d5c46454b306a80652836bdcf8a2327630e19f15720b302e2cf146914705cc76083e1a62980e9c4df40f8ef20622c82a409a7b9295dd66e2dc33cb17aec24c2590198ee5610eca67ebd9a2d7201043f157e30676b46faa7c7b84871fc5e8f02c9e8dd35156b40a2a13772d7a855e5ab0a27695e9616f48b485b4ac88e675bcb96f0b8c355633ba0a5ff1b59881b648cbb7c97cd7f910bc15405a78dd18fd6d6c027060680599aaf8380aefe37025b02c"})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041c0502f1800000", @ANYRES32=r0, @ANYRESDEC], 0x8)

15:47:51 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040ebd70d982c50af066fee7ae4f5a2ab805005a0c0906"], 0x8)

15:47:51 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:51 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x5, 0x4}, {0x400, 0x2}}}}, 0x11)

15:47:51 executing program 2:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="fb0200000000ffffffffffff0200000000000000e3b90fbedf2fdf30f243aba843f9108002afe6dc4ba9fbd5df96413108fccbc8381f941dfab43ae1d9d556d774fc2f4bc02fc2aa47b90c7010f8182493d06809c13bd41c3162f95cac073d8f951662b728458926dae8c3cf765f3750109f15be3b46cbb58a7d04f552f50111e1e4bc98b26667aaa409a4b5f9ebc35ad53dab9abde994f8d702cd52b82bb07eabbde75173dc96b1a3a2ace73ec52acbf9770666602a2c20ec68575fa99bb28cb2546d97280af5b428d5efd72237f8e02e115879a96d2237"], 0x14)

15:47:51 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5428, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[ 1385.767571] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:47:51 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "852c39dda8f1da4595d33938c88183915584c3a30c1160adee0ca6477601f99dce800b555c28bc8d5f836cb7fca26b315d4d6c47c454bbb1"}, 0x3c)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x19}, @l2cap_cid_signaling={{0x10}, [@l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x3, 0x21}}, @l2cap_info_rsp={{0xb, 0x7, 0x4}, {0xfff, 0x1000, "eb61a15d443e03f3a158cfab2a2ae1a7471c9e3a16fc1288f4d7f82cbc18bf70e09f5d6c25cc1465262ad8857ceefb354bcb1760debd9f44abd0f82d87c3ea862fd41d5b435c0c023cd9f6dda825035b4347e33a56c1897bc37b260f029358fbb87d014b4c5b26b80d0f584e46e305fc4daac2350879a20aefe8655af565e2192f278cf42c9f142861ee81eced1092"}}]}}, 0x19)

15:47:51 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:47:51 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x2, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0xff, 0x2}, {0x1}}}}, 0xf)

15:47:51 executing program 3:
readlinkat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380)=""/17, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="042ffb030000000000003f3f988c04000203546c79302976268c01c25aec3599a4b5e212fe8723a75a7f7dd6f00a5d421462a889318d452c304272a7a9f928a99ff2fe07b5aa028bdff12c8441bc4d3cec65bcdc14a65eec3c3d9e85a4de8f9910087f96af166b74f7a8cb2a858d721d60f3ff206694425bf053f5a2d7ed1d1a3263cee1a10c9ebd49c02ce0fac66aaa5e3a8c3c6b7d47c39dc0b6f07adfcd52aa1b22e7f67a9a2bcd7aef2d712a2ced15ff0f51dd1d875e0df9299324003c7c5942867e247a03e2f859af30bea442a5e1eee1eba2c9cfe779587f1512fa3e01fdad8d86eb4e886ecfdd1c75f1f91634000897c7141e15aaa54d5730f44629e02770821d5e9ff14fa813ffffffffffff0300c25b2a4d0108fd0c062fccd1dec0ddf3ca33f66a8d1a903c689841ad7199a0a9e8ee8244b7698c2c25bf87da8ac2e96bef9fc0bab5ebeb332205dbac1362d4ea6b0dd6845e6fc0edd3a0ce7d0e3747afd31e68355d3cc6146ad3795c8c7272373f630268a66f0100d32e5c3b3ad7f697ade09c0c35425a0dd3fd70aeb7112eee1bfae72c98381b8b6bc1a0bd6f427c656952cc25db42b7fcf1fa6d76eabce00c38cf2e254a79173ebfb0000150d67bb25b836f0f5807e1aa42c68a270177718f623ff9604c877843f49cd021d252f4e08b9c5eef7d62349a07ac476432071460960e65bc43ec63bd31b2ba5019472558306cb8caa9a8aaaaaaaaaa100005c0a5db05002ae380abcaf2b99fb6ce8f3eb4fd8fba5ffaa2952f468fca375cf39c66cbbb1f966569a86a43484b837838138f7039b60a666d5b41abed83c32c6704ca45a39b380909bf5301d9131fd813f2f620b70bf049274ac0457d09178b326173886b7d499e40a60845ab284062c37efffc8da93eb330d8472418fdf4f89f121f8cfaace1010a48e16536e3c14dab0765e16d92880b91c5414c863d7938a554f35cf1a4cb1e8a49a08942bcd6c24b4e654870c2a3528a28a9a4be8614b5af72e493be9209e45a6a6ab19a98851b9081467332acf641d1c03a52d143fbb49b4e39185e1370b97caa709bc30358"], 0x2fe)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x5f}, @l2cap_cid_signaling={{0x5b}, [@l2cap_disconn_req={{0x6, 0x8, 0x4}, {0xfff, 0x9}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x5c, 0x2}, {0x40}}, @l2cap_info_rsp={{0xb, 0x3, 0x3b}, {0x818f, 0xfff8, "a98f77ae09363c4ab93bfe4b55e8393d0161be31975c62679e2a125e6294a9c1075ca693d8ebc8996e8f2ec3425bb51f727d3fa2fdf82c"}}, @l2cap_info_req={{0xa, 0x8, 0x2}, {0x6}}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x1}}]}}, 0x64)

15:47:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$BTRFS_IOC_DEV_REPLACE(r0, 0xca289435, &(0x7f0000000140)={0x2, 0x7a3ae1fc, @status={[0x301, 0x7, 0xc4, 0x81, 0xf1e, 0x2a8e]}, [0x8, 0x8001, 0x8, 0x4, 0x8, 0x0, 0x0, 0x3bb7, 0x7ff, 0x40, 0xffffffffffff8000, 0x3, 0xdb8d, 0x1000, 0x200, 0x1995, 0xd209, 0x9, 0x3, 0x3, 0x4, 0x0, 0xeb, 0x81, 0x80000000, 0x82, 0x733b, 0xffffffffffffffc0, 0x1f, 0x7, 0x80000000, 0x4, 0x1, 0xe5, 0x1, 0x1, 0x837, 0x0, 0xda1, 0x8000, 0xfbfd, 0x1, 0xa7, 0x0, 0xe57, 0xff, 0x80, 0x3f, 0x6, 0x0, 0x4, 0x81, 0xef52, 0x20, 0x1, 0x7, 0x9, 0x9, 0x1f5c, 0x5, 0x18fc, 0x9, 0x8, 0x3]})
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x3f, 0x9, 0xdb, 0x1, 0x0, 0x9, 0x4, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x4, @perf_bp={&(0x7f0000000000), 0x5}, 0x2000, 0x8, 0x307, 0x7, 0x7f, 0x9, 0x0, 0x0, 0x9, 0x0, 0x1}, 0x0, 0x8, r0, 0xa)
r1 = openat(r0, &(0x7f0000000b80)='./file1\x00', 0x0, 0x20)
openat(r1, &(0x7f0000000bc0)='./file1\x00', 0x200, 0x138)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

[ 1397.515764] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:48:05 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5429, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:05 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$HIDIOCGUCODE(r0, 0xc018480d, &(0x7f0000000080)={0x3, 0x1, 0x7, 0x9, 0x7, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x23}, "d32a33f0450182b27d36fa6c37f25a16d9eca9cc1d0c51f97b6e38e69d5d6fe9b636ee"}, 0x27)

15:48:05 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:05 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x38}, "852c39dda8f1da4595d33938c88183915584c3a30c1160adee0ca6477601f99dce800b555c28bc8d5f836cb7fca26b315d4d6c47c454bbb1"}, 0x3c)

15:48:05 executing program 2:
ioctl$CDROMMULTISESSION(0xffffffffffffffff, 0x5310, &(0x7f0000000000)={@msf={0x0, 0x8, 0x5}, 0x1, 0x3})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x10, 0x0, @none, 0x2}}}, 0x14)

15:48:05 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:05 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:48:05 executing program 3:
preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000180)=""/237, 0xed}, {&(0x7f0000000280)=""/204, 0xcc}, {&(0x7f0000000380)=""/72, 0x48}], 0x3, 0x8, 0xffffffff)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "612965d9c8241d4f"}}}, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0x0, 0xe9}, "120d3026084c430f06815926eac74d0ca8a8b545de77555c31f4c4faf44452c0035a573913312646cfc357146e640fae07f2e480d238dec625522f221952576d66f01f41e56529d8b184f71de1bb52e1a744aa09b50f9476f70e64c868c8010502b34a29560552cc64b332c9fc4b657573745752c2d50b1f17451bfe4429f1122ed9abf1d31370aedb8afbac7d867c1f076b01fe0dff8d27bfb88ac69952e19794956d3fd1d2b09296dc2bffb83d01ba188cc728b59f417e7adf66c3b71e4bf4524d6cc24522270f59f8412fbaf85016dd76fc857967fae9753b88c8da8932f8269b0baa497364136f"}, 0xed)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x6, 0x4}, {0x7, 0x2fe}}}}, 0x11)

15:48:05 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0x57}, @l2cap_cid_signaling={{0x53}, [@l2cap_disconn_req={{0x6, 0x9, 0x4}, {0x2, 0x5}}, @l2cap_create_chan_rsp={{0xd, 0x8, 0x8}, {0x2, 0x8, 0x4, 0x5}}, @l2cap_move_chan_rsp={{0xf, 0xd0, 0x4}, {0x7, 0x3}}, @l2cap_create_chan_req={{0xc, 0x1f, 0x5}, {0xfffe, 0x8000, 0x8}}, @l2cap_conn_rsp={{0x3, 0x81, 0x8}, {0x0, 0x4, 0x40, 0x4}}, @l2cap_conf_rsp={{0x5, 0x6, 0x6}, {0x4, 0x0, 0xfff}}, @l2cap_info_req={{0xa, 0x80, 0x2}, {0x8}}, @l2cap_cmd_rej_unk={{0x1, 0x1, 0x2}, {0x9}}, @l2cap_conn_rsp={{0x3, 0x0, 0x8}, {0x4, 0x20, 0x400, 0xffff}}]}}, 0x5c)

15:48:05 executing program 0:
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0x5, 0x2}, {0x7f}}}}, 0xf)

15:48:05 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000180)='./file1\x00', 0x10000, 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:05 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5437, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:05 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

[ 1397.706326] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:48:06 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)

15:48:06 executing program 2:
ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(0xffffffffffffffff, 0xf505, 0x0)

15:48:06 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="5dc605005a0c9d0000c14a4e7e6409b8"], 0x8)

15:48:06 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:06 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

[ 1411.900681] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:48:06 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:48:17 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:17 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:48:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))

15:48:17 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:48:17 executing program 3:
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@none}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x1e}, @l2cap_cid_signaling={{0x1a}, [@l2cap_conn_rsp={{0x3, 0x7, 0x8}, {0x3f, 0x5, 0x6, 0x490}}, @l2cap_move_chan_rsp={{0xf, 0x5, 0x4}, {0x94, 0x7}}, @l2cap_info_req={{0xa, 0xff, 0x2}, {0x1f}}]}}, 0x23)

15:48:17 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:48:17 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:17 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5441, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:17 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x1a}, @l2cap_cid_signaling={{0x16}, [@l2cap_move_chan_cfm={{0x10, 0x3, 0x4}, {0x5}}, @l2cap_info_req={{0xa, 0x3f, 0x2}, {0x793}}, @l2cap_info_rsp={{0xb, 0x9, 0x4}, {0x5, 0x200}}]}}, 0x1f)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x8, 0x0, 0x200d}}}, 0x7)

15:48:17 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x25}, {0x9, [{0xc9, 0x20}, {0xc8, 0x200}, {0xc9, 0x1ff}, {0xc9, 0x8000}, {0xc9, 0x3}, {0xc9, 0xe2}, {0xc9, 0x5}, {0xc9, 0x9}, {0xc8, 0x7fff}]}}}, 0x28)

15:48:17 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5450, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:17 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e05005a0c0b06"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)

15:48:17 executing program 6:
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:17 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))

15:48:17 executing program 6:
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:17 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'sit0\x00', <r2=>0x0})
sendmmsg$inet6(r0, &(0x7f00000006c0)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000"/32, @ANYRES32=r2], 0x28}}], 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000000)={'ip6gre0\x00', r2, 0x2f, 0x40, 0xe1, 0x3, 0xf, @dev={0xfe, 0x80, '\x00', 0x13}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7800, 0x10, 0xad63bc0, 0xffffff7b}})

15:48:28 executing program 2:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0xc23b)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
fcntl$setlease(r0, 0x400, 0x2)

15:48:28 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5451, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:28 executing program 6:
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:28 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:28 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))

15:48:28 executing program 0:
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x7fff)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="7bc44831015279a942216f4179ef925791803ede45413a998ad0685f6cbc75d0a190ca4a2920d93b60e412878db04d3d91a9368c04bd7a5f08c2e08b28b92fea6e9b7a73425bbb157de37a68d7193aac90"], 0x8)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x2, 0xc9, @none, 0x1, 0x4}}}, 0x4b)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c8e04d004900010006010400ff00ff000705040006000600030308004701040020001e8e4c5bce5805000120020005000c2005001f000200000000000000000200040ffb0400a600030047c0ba13f2e44cc4b95739e83fab758966e4283f46a86234e635ee2bed48a15dfc5b29c95d8776bcff0600000000000000a1947bedb734edf966af0094082cd7bb9d47d4ad08ce363732babcba3810677e1ab9078cb41ff1ba225d7d0b73315b2f3f413d31dcd0d5691767bb38830000000000000000"], 0x52)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x20}, "0800000000a8ab0135b366f1adea48d083b748995104f32d84f0700acba4f9d4"}, 0x24)

15:48:28 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_ssp_mode={{0x4d}, {0x6, 0x4}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xb}, @hci_ev_le_remote_conn_param_req={{}, {0xc8, 0x91e, 0x2ad2, 0x1, 0xf9d}}}}, 0xe)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03c90027f8cbb0ddbb1874dc86b09f527adaaf96c288cc80bda7250be70f7e4358486173082c94f346d834"], 0x2b)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0x159, 0x5b}, "cc453e9ea917162d0c7a4cb65c403e909983d65f6db31f2f14741ea0ad0208dd8b06e49c4226832479514d3de18dc058ab712095d21a3461418154ed659b2a3e8beac95e7464d4c37f070dbf01099db9875db2728e4424a46301d2"}, 0x5f)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

[ 1412.082436] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1434.704796] Bluetooth: hci0: unexpected event 0x03 length: 72 > 11
15:48:28 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5452, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:28 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:28 executing program 3:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e05005a0c09063f22a16f385ae457ea8314a2c155c41cc5f62033f7734f219bd37b0700ec0492ea6a78fa5a6fdcf2a835d079709e07f3ea887cdf9fe8a4853d92"], 0x8)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x8, 0xc8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xbc698293c1acae7d, 0x8, 0x81, 0xfffd, 0x7f, 0x80}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_changed={{0x2d, 0x9}, {0xff, 0xc9, 0x34, 0x9f, 0x5ec6, 0x6}}}, 0xc)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x18, 0xa}, {0x6, 0x400, 0xf915, 0x617f, 0x401}}}}, 0x17)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x63}, "fe29644e82a0ddfe06de4c0100b41e4b4bd37e08f8dd4bce4e4f41affcc5372b209aa5f449ae9ca6d5744a0c3543f6b0f6e026ff92d2b0fca66044535407120fbba5e16309e24d4f48f45ed0d0cb96de2a61a8e061a1fced6043d13d8f19dfb7ec9f11"}, 0x67)
syz_emit_vhci(&(0x7f0000000200)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x12}, "e9000206da334c08090e4f447491da64b46b"}, 0x16)
syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x48}, "2a275881a386ca18a9744dcf51ef143cc4a406eb95fe8f7532118f1a65d21fc900775001df7b7eee19a99715f09f732ef4fc9e585021a0320194816e33a0b505b20a9bc5fd458b56"}, 0x4c)

15:48:28 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRESOCT=0x0, @ANYRES32, @ANYRESDEC], 0x8)

15:48:28 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)

15:48:28 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0xf7}}}, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03c980327fd88ee7fb4c5223f3b7845f13e38459e680ed31b1764b077627ffff008000000000334688483690b3"], 0x36)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0x1e}, @l2cap_cid_le_signaling={{0x1a}, @l2cap_ecred_conn_req={{0x17, 0x0, 0x16}, {0x7ff, 0x8, 0x161, 0xfff, [0x1, 0x3, 0xa9f, 0xffff, 0xfffe, 0x5, 0x6]}}}}, 0x23)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xcb}, "28b023337e4dc0895c007a9992953ebe75a206321bc2c8b6b1f5e233d36b3edc33db4eb336af241039fff1cd6668c9e4d007a2261808ae0d16e7115564e4e8b40c89d4f2bc76631f8a57c1626e4ddbec564fb9c691230dde77c96e168253aad21dc51ffd9b85798ae69ceb49cee4464e39b1700902e5bf2d84d09810995a442a2f319d5afb4720c4248d604f474365edede4378cd9afb7e42cfaf5534208b543a0bb1dec9e7e3df0612f79f7545ae8f6d581e94d193a1fcb54afe1ee86e21d7551ee02b99ff78cf1800f38"}, 0xcf)

15:48:28 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x545d, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:29 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:29 executing program 0:
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000000000)=""/13)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xeb}, "7cf01fe6f8db790860ef274100355908e40d9cd0323b84d9e1a3fcbecf729afc53afbf4b3e4030a167c97ab82406dfb45f9d282b54477d5fd02baace23ff8fc6e3011fb3b54f907adad8dfa993b130beac0be4928704f060ee541e6df135b3dc593984320f54063e866cc967a4b06c5fea0338d0fde58455a6f54c9abfad0e720fd56c8bb860e2499c5e2572e1a0375b519da9a3d2e89403f98f25d1ac6ab0e7536bb6f788dd82b405068f8722961f97fd0de2f2df069efb21f681193f6e02cb68ba8d2fb2ab94e4aaa74ff955ee2ff4612d948c4ae602b2e237ff8b2549bb0424f4d8b7be2f0cbf2204b5"}, 0xef)

[ 1434.712707] Bluetooth: hci0: unexpected event 0x03 length: 72 > 11
15:48:29 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x5460, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:42 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)

15:48:42 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x97bd, 0x30b002)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0xee01}}, './file0\x00'})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e24, 0x1f, @mcast2, 0x75b}, 0x1c)

15:48:42 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x40049409, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:42 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0xc8, @none, 0x2, 0x0, 0x0, 0x202}}}, 0x14)

15:48:42 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:42 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:42 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:42 executing program 0:
ioctl$CDROM_SELECT_SPEED(0xffffffffffffffff, 0x5322, 0x8e1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

[ 1434.977066] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:48:42 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_ecred_conn_rsp={{0x18, 0xe0, 0xa}, {0x1ff, 0x97, 0x2, 0x73e2, [0x5]}}}}, 0x17)

15:48:42 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02000001000010ebe0e2a5629e4ccb000000000000000000521fe11f052766645ffd0a54717843e7f2f1e5f39a0e49ace639a11dcf664a461084ee78d26218ce3800000000000000642d2f2dd1450c1ed61884f4d1bf3484e9aa3c5091fb8721fa846e336433ce911483a92c4c95161d0a5e814ad4e3e246ea597c6b8d7dfe12707b80850c43656460d5c55a4f68713fabb23ec1936b2757f89dcc0911224e39c0ed2447c818e4c0230c0c124e984183a93375b6955391f6789a3fda03157bdd47d2"], 0x11)

15:48:42 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x40086602, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:42 executing program 4:
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)

15:48:42 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x2, 0x167}, @l2cap_cid_signaling={{0x163}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x23, 0x2}, {0x4}}, @l2cap_conf_rsp={{0x5, 0x0, 0x33}, {0x1, 0x401, 0xe35, [@l2cap_conf_ews={0x7, 0x2, 0x4}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x7, 0x8, 0x87, 0x9, 0x101}}, @l2cap_conf_efs={0x6, 0x10, {0x1, 0x0, 0x6, 0x7b7, 0x164b, 0x8001}}, @l2cap_conf_mtu={0x1, 0x2, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x9}, @l2cap_conf_mtu={0x1, 0x2, 0x800}]}}, @l2cap_info_rsp={{0xb, 0x2, 0xb6}, {0x1f, 0x3a22, "7a79da19576b9330b3cf369ab03804dd674aaf6ca888b9db23b854bb5fe7b8ddb3d023ac8cead430a2bf8a03b8b63b532c9d77b9ea9366a227f23fbe652783539a42862a0aa948df65e4c3a5118727b1f074ffcaa0694b67ce3e756f97cb39c464267e1b53f33a5ce982d673cdc53c883b913b92a0f4daf894da8f8d2c6a4785c922ea1aec53e89a9809c6021442c8f6a035a074b5d62d859170fadbe4f1d519f69d17db95bb68a78d82b71a15427354e91f"}}, @l2cap_cmd_rej_unk={{0x1, 0x9, 0x2}}, @l2cap_conf_req={{0x4, 0x7d, 0x15}, {0xffff, 0x3, [@l2cap_conf_mtu={0x1, 0x2, 0x7}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_ews={0x7, 0x2, 0x2}, @l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_move_chan_req={{0xe, 0x81, 0x3}, {0x3a, 0x1}}, @l2cap_create_chan_req={{0xc, 0x7, 0x5}, {0x1a, 0xc9c, 0x43}}, @l2cap_move_chan_cfm={{0x10, 0x8, 0x4}, {0x6, 0x5}}, @l2cap_conf_rsp={{0x5, 0xff, 0x2b}, {0x6, 0x5, 0x0, [@l2cap_conf_flushto={0x2, 0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x7ff}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x0, 0x80, 0x4, 0x8000, 0x506c, 0xb7a}}, @l2cap_conf_rfc={0x4, 0x9, {0x6, 0x1, 0x9, 0x5, 0x480, 0x8}}, @l2cap_conf_flushto={0x2, 0x2, 0x3}]}}, @l2cap_cmd_rej_unk={{0x1, 0x5, 0x2}, {0x2}}]}}, 0x16c)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sniff_subrate={{0x2e, 0xb}, {0x1, 0xc8, 0x1, 0x3, 0x6, 0x6}}}, 0xe)

15:48:42 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
dup(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

[ 1448.367613] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1448.516075] Bluetooth: hci0: ACL packet for unknown connection handle 0
15:48:42 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f00000000c0)=0x1)
r1 = dup3(r0, r0, 0x0)
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:48:42 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x40087602, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:55 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x401c5820, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:48:55 executing program 3:
fcntl$setflags(0xffffffffffffffff, 0x2, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="2f68b3137e355b75cda6d91ff128e9dc1b6efe6f901d258036b60a4302620b0d33cf2118a0ebc447738fb8584167baff004ec23eaeca6c8e64a926295796b52689d99d52d19ef501b2ac83b67dfe7d7d2d2cbccf9842e6dad04c77154a0014d6aab48419cd9c9f40a31e39689ba355c19032622128fa90cb84d7a9dc28f572b1fe464ac7479b7dcc48c7055031195738e20db5000800ffc382", @ANYRESHEX=0x0], 0x8)

15:48:55 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:48:55 executing program 4:
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)

15:48:55 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:55 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
dup(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:55 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x20, 0xc9}}}, 0x6)

15:48:55 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:48:55 executing program 3:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e05005a0c0b06bda32a9d96b790ac6f95889add81346a7a55301f1081df6c2b479b1582decdcd1653ff0025f74b46b27dd2011cf5ac50971cb11e51e5a5a2758a7263c836165d2e517d3bb0af755443e97047543454d95cdfc4e6ce125627"], 0x8)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3}, @l2cap_cid_signaling={{}, [@l2cap_conf_req={{0x4, 0x6}, {0x66, 0x1, [@l2cap_conf_efs={0x6, 0x0, {0x1, 0x0, 0x7, 0x3, 0x7, 0x9}}, @l2cap_conf_flushto={0x2, 0x0, 0xfffa}, @l2cap_conf_mtu={0x1, 0x0, 0x4}, @l2cap_conf_ews]}}, @l2cap_move_chan_rsp={{0xf, 0x6}, {0x8001, 0x6}}, @l2cap_disconn_req={{0x6, 0x1}, {0x5, 0x8000}}, @l2cap_conf_req={{0x4, 0x1f}, {0x7, 0x5, [@l2cap_conf_flushto={0x2, 0x0, 0x2}, @l2cap_conf_flushto={0x2, 0x0, 0x2}, @l2cap_conf_efs={0x6, 0x0, {0x0, 0x1, 0xe996, 0x8, 0x7, 0xffff8001}}, @l2cap_conf_rfc={0x4, 0x0, {0x0, 0xb2, 0x0, 0x7, 0x6, 0x1}}, @l2cap_conf_flushto={0x2, 0x0, 0xff}, @l2cap_conf_ews, @l2cap_conf_mtu={0x1, 0x0, 0x12c}, @l2cap_conf_fcs={0x5, 0x0, 0x1}, @l2cap_conf_efs={0x6, 0x0, {0x3, 0x0, 0x700, 0x200, 0x3f, 0x8001}}]}}, @l2cap_conf_req={{0x4, 0x7b}, {0x87, 0x1, [@l2cap_conf_efs={0x6, 0x0, {0x1f, 0x0, 0x1, 0x200, 0xffffffff, 0x1}}]}}, @l2cap_disconn_req={{0x6, 0x3}, {0x3000, 0x3}}, @l2cap_move_chan_cfm_rsp={{0x11, 0xe}, {0x800}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x1f}, {0x8}}]}}, 0x14)

15:48:55 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
dup(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:48:55 executing program 2:
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f00000009c0)={0x678, r0, 0x800, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x32c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x144, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '*$@^E)\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '[${\x00'}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x93}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '.\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ']-(\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffc00}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '{@:+$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2a215c4e}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb52d}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '!@+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '$L@#&-&){\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, ',-!*!+\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\\+\xa5}\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9176}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%/{\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '(*(!\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x315}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\\:$b\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7fff}, @ETHTOOL_A_BITSET_BITS={0x100, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '{{&@\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x59}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '\'^\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8000}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '/\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x52d}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffb}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '-^\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x24}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ',^\x00'}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2671}, @ETHTOOL_A_BITSET_BIT_NAME={0x10, 0x2, ',\'!\x11#-:\xce\xa5#)\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x100}, @ETHTOOL_A_BITSET_VALUE={0x3c, 0x4, "f8bc07b20bb9649e9e3ebe0a26ec219f5a51ec7594e2ad001b92aad7346371eac72942cf44170644d9f9bd243c1b19e95316327660a2d096"}, @ETHTOOL_A_BITSET_VALUE={0x39, 0x4, "c691e1efae4b2672e309b0c74498c18ef4a8489ad00cc2d62807a06ae3f98d6e2438364af18be1d1eb79b78a72e48127e75c86be39"}, @ETHTOOL_A_BITSET_BITS={0x50, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ')\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x60000000}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x310, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xfb, 0x4, "0e32f1f4e5683b220b253697646bff337c9ff1065fb27d42e00396ae598dc10cb7a52b7b281e988610c7f33337b6bc0ae79064c9aeb6b38ae936a3ca3843fd03e6392cbf86204a0dda3000c33203bb7fb86f8add35fb646bc410519b86c4a876a177cf2efb3048fd0c0cd785ffca6d308a4cde1f69606a7c8fe067d541e955762d824aee53bcd4acad99e88da3f4d9412e52947a092d915783878e8d4df52195a29b68d243bdca63029f7257c1e284e32bda80d16f2d1f82104038041903f04f8891ee9500dfcd690c3afc6d1b85d4f51b9237c269a1c38b41248a7d6fdae80986786f12390b9b0fffbe3d1a4e317a52d3f50743eb1e7f"}, @ETHTOOL_A_BITSET_MASK={0x33, 0x5, "6aa720452261e59c35744a245201095631191de6ba1ef36b30a25cc7a18bd627779b457181b1e7c8b5b763c24f2f3a"}, @ETHTOOL_A_BITSET_BITS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '+)-+\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x81}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, ']]#^\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x800}, @ETHTOOL_A_BITSET_BITS={0xa8, 0x3, 0x0, 0x1, [{0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '[\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, '(#)}$]#-:\\F]%\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '\xa9:\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, '+@+,}(#,$]\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '\\%\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '?\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '@\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, ':.,]/},+#\x00'}]}]}, @ETHTOOL_A_BITSET_MASK={0xf8, 0x5, "7927d7223fabda38239ade7e55c6ec2e23a5d5636a0d09f63a71c5f4da210eb48e387a57af01c27fa268edb6cfe0296ce03236de586f43496b421e812cacea2ba31bb3d624b2276574895cca034941ecb830d3117ab9a10842cc9f8ef9b95a8ac8f57a2060536730184128785565e85d3e13f13201bde8052e31c974d1cd60123c81797a2058662e8f1388cf67002116e30a65d2a76ff3c6e1f0536c1fb2e1875c55f823a59cf5404f7ef7644c1a2dd5dfa54ab33be744f8ea18cc2fc97bab48e4cc74701dabce4694caa0f23e769f1d842a1089e94454f7998568083340a3227d16678d50acdf25481ca8b3f4bb83130ffac960"}]}]}, 0x678}, 0x1, 0x0, 0x0, 0x24000000}, 0x8400)
syz_emit_vhci(&(0x7f00000008c0)=ANY=[@ANYBLOB="042c11000000ffffffffffff0200000020000000c01b6a69f914a0755971028c67c0acba30a3b6560af59767ade84dbd50069a54415d75ddb9d1a1f937d40869d79a3312765727597586df0995c369c460db2a367279154a7bcdce055a9e79746e7694dfc46123acf8891ad2745bd3f6a0586125119747682cffa505b2edfec92d2c1e8842cf053b20cc5fc9be7121ffaef9ecbff1dd9276f69288889ffc7f27cee7a0ac0d2d308ee1a3cf9c4b032b13658913ba11234c9df514e5772b033a1d6ce52421e4c2714c14e998ea447817c85929e6581bd0"], 0x14)

15:48:55 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_conn_param_update_rsp={{0x13, 0x2, 0x2}, {0xfffe}}}}, 0xf)

15:48:55 executing program 4:
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX, @ANYBLOB="5235c902468282cb8a96243f1f0a8caef57d6788730357c701ed2f6fc26a8c3d96caea6861d3e1bd58143d"], 0x2)

15:48:55 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4020940d, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:08 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(0x0, 0x2)

15:49:08 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:08 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:08 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="fe4c91097ac802e40c55c3093bf8663352fb601c97ad0895301f2558ad616671d3c0b370406f6ebcb8b4c6c94e5ee4ac6e1c5aca207d88cdfdf5095e3668d6b802e3faed3eea896c2ecb8ca69b0219b0b5e018c88b6d14137590f674b464781f6b4fa9a84931029a70b6d0a542d89e6a9c7beefd2759fee9c1bf38888cb6c015ae70d6"], 0xa)

15:49:08 executing program 2:
r0 = semget$private(0x0, 0x2, 0x75)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x83c4}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)=[0x2])
semtimedop(r0, &(0x7f0000000000)=[{0x2, 0x6, 0x800}, {0x2, 0x8, 0x1800}, {0x2, 0x53d, 0x800}, {0x3, 0x3}, {0x4, 0x6, 0x800}], 0x5, &(0x7f0000000080)={0x0, 0x989680})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="042c11000000ffffffffffff0201000000000000"], 0x14)

15:49:08 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x80045432, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:08 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:08 executing program 3:
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x100, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
r0 = getgid()
r1 = getgid()
r2 = getgid()
setresgid(r0, r1, r2)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0})
setresuid(0x0, r3, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0x0, r5, 0x0)
mount$9p_virtio(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x900004, &(0x7f0000000140)={'trans=virtio,', {[{@access_uid={'access', 0x3d, 0xee01}}, {@dfltgid={'dfltgid', 0x3d, r1}}, {@debug={'debug', 0x3d, 0x3}}, {@noextend}, {@version_L}, {@version_u}], [{@euid_gt={'euid>', r3}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@seclabel}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@uid_eq={'uid', 0x3d, r5}}, {@smackfshat={'smackfshat', 0x3d, '){]@\xc9'}}]}})
setfsgid(r4)

15:49:08 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:08 executing program 0:
ioctl$HIDIOCSFEATURE(0xffffffffffffffff, 0xc0404806, &(0x7f0000000080)="b8ad762645d2515deed10ca2020c5ba1ea32412e41e0cf4230693acbf0aa649cf0da23cf818e8f36b3b1e3d9c0c67370ad794ea0ee26da091a22af2d04c954e04bdb5be3ad4b3848d1497aa1a193084cff9d2e346a9601b1a29a91984b3cffe072c699a5f3c7e57ded03eabfa6eb6a6f126fed9c8f0837b719d69c6df217b85d313650c40c76f26698788585d404e83c42f110deb6a0892b801c228ed82056")
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041c050291587bfe"], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_train_complete={{0x4f, 0x1}, {0x1}}}, 0x4)

15:49:08 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x80045440, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:08 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_EXT_SCAN_ENABLE={{0x3f}, 0x1}}}, 0x7)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:49:08 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(0x0, 0x2)

15:49:08 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x9b}, "10f638deefd6972dfd94803a1cb1f078fecd31b5768a5660d096e6bec7e5e221f7a16fe76f607a0c481565295326fd0d6b87ad07f69e3737ad3b78995d22e4e0ffe1d0041ad03f31f7d0f9559e6bfa61e9a051ff531d7e3c771229176cea002492b80ae060e242c67ad0d42d2e987df6385d4b4f9b752b5f0548b4aeaa0462dcb5ea429ddb548ae21c3c6b6572953eb7502f59163ad965e7be443e"}, 0x9f)

15:49:08 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:49:21 executing program 2:
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:49:21 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x80086601, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:21 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x5c}, "7a611033718345c451992d3ccbad8acc5f1a0f50470f347fee98e27d24a61f1509b283e1bd2a04dc6bc3b25e3976667851a5952238611ad1b429cff60f0feb8bb19fecdb57efc5f4ab9695cc748a26c7a0bca48058060f43ee837de4"}, 0x60)

15:49:21 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:21 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(0x0, 0x2)

15:49:21 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:21 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:21 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, "76b7514e1d760380"}}}, 0x11)

15:49:21 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="042c11000000ffffffffff026fc33869d4afb16d4030ff0200000000000000"], 0x14)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_conn_param_update_rsp={{0x13, 0x20, 0x2}, {0xfffc}}}}, 0xf)

15:49:21 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:21 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x80087601, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:21 executing program 0:
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=<r0=>0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x1000)
r1 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041c0502c8007124"], 0x8)

15:49:21 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x46, 0x0)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000080)={0x3})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:49:21 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX, @ANYRESHEX=r0], 0x2)

15:49:21 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:21 executing program 2:
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="04d0d5000004ffff1700000003002d5940c1000045e5196d9142107d622df5609693eab7990f0e58cc8109b05bd477ed5fe441b00b5c9d9e09e4695249fc02405f990f6ab207551f6fe3ad836d8a80365bd3778100162e880f6a7c7d280e663495fe4df2a8bd9a4440079057f4b7638ddf173742755b245205e3bc920500000000000000ae2997ff10a5e17a1e2416e82bd5e2e162714548902ff097fe40fc32a8e8e4234ac9ca2553822b6ca7a6710e15a52fed77de86ca7315ca53b72d8a6dd7d32666a8e1a236bc54676e7f5daa50c466a151839f1b71a4e9ea686c3290f92052df18c792340775756ad09aa5f5"], 0x14)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x6}, @hci_rp_le_ltk_neg_reply={{0x1}, {0xe1, 0xc9}}}}, 0x9)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x1d}, {0x2, [{@none, 0x40, 0x38, "bace0e", 0x8000, 0x3}, {@any, 0x7, 0x5, "d4a4f4", 0x45, 0x1}]}}}, 0x20)

15:49:32 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:32 executing program 0:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000380)={<r0=>0x0}, &(0x7f00000003c0)=0xc)
ptrace$peeksig(0x4209, r0, &(0x7f0000000400)={0x8, 0x0, 0x3}, &(0x7f0000000440)=[{}, {}, {}])
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x8)

15:49:32 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:32 executing program 3:
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:49:32 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x801c581f, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:32 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c", @ANYRESHEX], 0x2)

15:49:32 executing program 2:
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='user.syz\x00', &(0x7f00000000c0)=""/17, 0x11)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

[ 1487.380371] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:49:32 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0xc0045878, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:32 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "c0303f", 0x1}}}, 0xd)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_name={{0x7, 0xff}, {0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "82e5a96339db4123ed4de84dfed06eda1ae7c55ddc7676be7dd2c01fdc88b1cf4c980a084e59d53ac7cebd6aaf4b65ae26af450f3a89cc23a6819797e9319547a0b1b6f97465732165115d015760aedc5d79cbe9c26019fef07926a3de7fccc7506245e0da2b77f324b5f60eeecedc73c13e1ce1fb6a3400c83c96b7284373bbf1de300c9a52753be3dabe7f407c4609d86cbf835c4a9cecb90eef3ce10ed55555824a2fa1a3d081a9e52556288c0596b7fb2cc5efdd26b14435fa7a247406dc9ab1c61dccba6ed974e1e9bbd4c173363a0891a92398ca3af57ba050fb7333ab7bfeb6c89e826747f4af235c26595e222dabca1f6dba2d7e"}}}, 0x102)
syz_emit_vhci(&(0x7f0000000280)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8d}, "6337ffdf8c11275bdb30e8d2ae9ae63a6bf93235b7ac1199992d22c21275a4abd2b801e8a04119d46959bb382f2a8b9a7bc538728413c7a0dd29426637d9c7e779dd53529123c47d385bb5dee214123f6ac14b0501887d1e2f63e495506e07c172b6a32122a8377d9a7c8d31abdecc87994577928caaeb6c9d13369e7c45ad3ce3163f9e7baeb287d6f892816f"}, 0x91)

15:49:32 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, 0x0, 0x0)

15:49:32 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0", @ANYBLOB="a9a4873c74bcf9c3f4ce24979ac16f3a7ef64e5f701ef285876597b4b7164bf4d444f1c967b0eba70c495996afd9be25ce1fc78eceeac141200702a9c3bf905f11d69945651dc9b19e63ca9c30b5791c89fd186368db6cf60af2913c3ef721bef30ae3b76c44d435a6ce972c"], 0x2)

15:49:32 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="042c11000000153affffff000000000000000100"], 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:49:32 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = getpid()
getpriority(0x1, r1)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0xff, 0x1, 0x5, 0x3, 0x0, 0x8001, 0xac080, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x101, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x880, 0x5, 0x49, 0x8, 0x7, 0x0, 0x6, 0x0, 0x403, 0x0, 0x10001}, r1, 0x9, 0xffffffffffffffff, 0x2)
fcntl$setown(r0, 0x8, r1)
ioctl$TCGETA(r0, 0x5405, &(0x7f0000000000))
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:49:32 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0xc0045878, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[ 1498.170442] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:49:45 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0"], 0x2)

15:49:45 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x47}, {0x5, [{@any, 0x7, 0xd0, 0x3a, "d4cf80", 0xffb7}, {@any, 0xfb, 0x20, 0x0, "5fbd9d", 0x8}, {@any, 0x80, 0x6, 0x0, "15710f", 0x2}, {@none, 0xff, 0x5, 0x26, "1b2000", 0xffff}, {@none, 0x5, 0x0, 0x1, "f32a6e", 0x2}]}}}, 0x4a)

15:49:45 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0xc0189436, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:45 executing program 0:
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private2={0xfc, 0x2, '\x00', 0xfc}, 0x8, 0x0, 0xff, 0xe, 0x2, 0x1}, &(0x7f0000000080)=0x20)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000000)=""/46, &(0x7f0000000100)=0x2e)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="342ca92c1574dd6778f192d8af36629e1e92d75b581d32e1cb057fb02c6e797793d883e746cbbe21d1e8a294"], 0x8)

15:49:45 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:45 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:45 executing program 3:
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="042ffb03000000000000088b23b6a90900628b7fdb6ab30dd059da746fc80b826919323f9ea653c89fddf6a22d61c8491dcce3cf320e76db995f81e72bf331ec908b713094775e5fbfec94883644e9ff7624a584149147beda955e47d98dcbe500762c8917dc1eb5c94514cf45e77429b4c3f66335b17823ed8e7b30bb45432ccb808c5c78033a2199b1a33d5a0cfd722f2ecc791fa3097fcfa162ac02047af007ec58c412a9d27c76ef1d8e20d6f52b388135b475acc6098f072eb4426b7e92f176ed92ce3c159a4ba046a6aa03284a8f743b19d5802020a54960487300788c84a9ab9caad90e86f248dbc71978788e149c37d0223eda35715f6ce193525d81d013aaaaaaaaaa110c061763470001037cf08cba79b3c4bf084c4f7d252155de474390f9cc48ae96ca1c2a1081048ee68d3be07deb237086f50a1b6fbacbf8a54e8b6e5a527228809c51f3e84c52464430119299e39a7363ad2b68a3ed4611a575fda2f4815b6420bc298fed5d8abc87bc9ef3cdbae7d89e398d45184454f5020b5f758a36880daaf405eba4b6d120accba51239dd41d781c9ab16a4cd96faaf4bd36d03ea076ba24381ba77344427be6b134992da8553642c90b4f1e54d17e61cd3d755e1f4d128bab2ac612b0c8c435c96e77f0026c967c0ea3a2687c10dc9406e4989bf1b93bc769021f0ea07a5a6615b181c6c67aee085a349a04a9cd7f684a74636f76a0000000000003e20badd2209000171f4fd6cf39e35725fd0bad923a0d90406d47a446253ae1b3f28c5e8bba37f08a6e10fda1a9ff6b82bb8323338900f86ebb7afea58b4ff78bba6f61cab20b8a0d99d1b4db3a5a34bd2bc6b8d230848a25f6b3d9e2747efef370fc8f7e93e6fe89124ba4b734acecd05a47803408a8b42a35f89acadb22e0997336290677ff3a433de1eddb7030ae088345996dc0e7f90bae22c9fca61067933329a21d3a3ef26588cbfa605e0c1a493ee127effbb2476e0d5c810239ea1d956b5e0faadeff05e9a61df4e12222bd2930ca2feb02a5861443eb5f79cc870ec3de8fa790ed35ba3c797af5dde9c7354c0bde08297b1000000"], 0x2fe)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT, 0x2)

15:49:45 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, 0x0, 0x0)

[ 1498.346724] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:49:45 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="91ebdf720522b50033be0ec21056f55c6dcc4d74d4e6b6b2e3c2145386520a58db2230ae0389bac3038e27954456fc98c7d62d0fd6175512a868783ac89fd3832733fe2abdd4f6d2e9a703fa833268e26b6447197e67c0"], 0x2)

15:49:45 executing program 3:
getuid()
syz_emit_vhci(&(0x7f0000000280)=ANY=[], 0x7)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x41, 0xc8, 0x20}}}, 0x7)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
setuid(r0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_confirm_req={{0x33, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x5}}}, 0xd)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="03c800d1b22d490321f1e386a9d59790863d16789241642f7383767b6b3c510c21843b3e90bf878a9f6790bc57a98f41e3f3137498443e6e06bdd84208810a1a9900175ed5bb18a38d7d0c8701a67895029778a2b7cfdbce427661a39caefbfec5642e46209adf4a2b63712c21387ae6a436a11c02c20a2c2745a60af769b48517e36be24770bcee4e20e95fea1680c190c51f5a330ef23c2fcf0d6203cbf7992a7c2e4f8ec4b1fd6572f99bb33c61a1feb693407413edc5f11e03216684a19840290c8df13779b7b3d4167e1301ad7492d3fd4f86"], 0xd5)

15:49:45 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0xc020660b, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[ 1511.347142] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:49:45 executing program 2:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff})
ioctl$RTC_VL_CLR(r0, 0x7014)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x6, 0x1ff}}, './file0\x00'})
inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x1000018)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="9f00000000bb08"], 0x14)
ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xfffffffa}}, './file0\x00'})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x200)
fadvise64(r2, 0xc000000000000000, 0xffffffff, 0x5)

15:49:45 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, 0x0, 0x0)

15:49:45 executing program 0:
pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:49:45 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC], 0x2)

15:49:45 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x2, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:45 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x20}, "f40226f1ddef87339fa1059ba11626a3871b6688db06a6c3d9a9394921bc579a"}, 0x24)

15:49:45 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

[ 1511.423442] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:49:57 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:49:57 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_INQUIRY_CANCEL={{0x5}, 0x6}}}, 0x7)

15:49:57 executing program 0:
ioctl$CDROMEJECT_SW(0xffffffffffffffff, 0x530f, 0x1)
read$hiddev(0xffffffffffffffff, &(0x7f0000000000)=""/170, 0xaa)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$CDROMMULTISESSION(r0, 0x5310, &(0x7f00000000c0)={@lba=0x46b, 0x1, 0x1})
prctl$PR_GET_IO_FLUSHER(0x3a)
prctl$PR_GET_IO_FLUSHER(0x3a)

15:49:57 executing program 2:
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}]}, 0x1c}}, 0x840)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x3, 0xa8}, @l2cap_cid_signaling={{0xa4}, [@l2cap_move_chan_req={{0xe, 0x5, 0x3}, {0x6, 0x80}}, @l2cap_move_chan_req={{0xe, 0x5, 0x3}, {0x1, 0x3}}, @l2cap_disconn_req={{0x6, 0x5, 0x4}, {0x7ff}}, @l2cap_conf_rsp={{0x5, 0x2, 0x26}, {0x1f, 0x3, 0x8, [@l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_ews={0x7, 0x2}, @l2cap_conf_flushto={0x2, 0x2, 0x3}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x2}, @l2cap_conf_flushto={0x2, 0x2, 0x5}, @l2cap_conf_mtu={0x1, 0x2, 0xb6}]}}, @l2cap_conf_rsp={{0x5, 0x92, 0x60}, {0x1f, 0x500, 0x5, [@l2cap_conf_efs={0x6, 0x10, {0xff, 0x1, 0xa0ca, 0x1ff, 0x3, 0x1000}}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x4, 0x0, 0x0, 0x4, 0x101, 0xde4000}}, @l2cap_conf_mtu={0x1, 0x2, 0x20}, @l2cap_conf_flushto={0x2, 0x2, 0x3b}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x42, 0xff, 0x7ffc, 0x0, 0x2}}, @l2cap_conf_efs={0x6, 0x10, {0x0, 0x3, 0x7f, 0x9, 0x7ff, 0x2}}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x3, 0x9, 0x0, 0x3, 0x80}}]}}]}}, 0xad)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03c9001ba88e81dd46731039cc3054a0e6105c593e62fba0b5c294f54c6003"], 0x1f)

15:49:57 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:49:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRESHEX], 0x2)

15:49:57 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x3, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:57 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:57 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="042d8acfbc95a00f972e0400"], 0xc)

[ 1511.643450] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:49:57 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:49:57 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x9, 0xc8, "bb3e41b14cf452f2"}}}, 0xe)

15:49:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRESHEX], 0x2)

15:49:57 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:49:57 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x4, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:49:57 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x33}, @l2cap_cid_signaling={{0x2f}, [@l2cap_move_chan_req={{0xe, 0x7, 0x3}, {0x8000, 0x1f}}, @l2cap_disconn_rsp={{0x7, 0x40, 0x4}, {0x5, 0x9}}, @l2cap_conn_rsp={{0x3, 0xff, 0x8}, {0x3, 0x79, 0x7ff, 0x3f}}, @l2cap_disconn_req={{0x6, 0x40, 0x4}, {0xff, 0x101}}, @l2cap_create_chan_rsp={{0xd, 0x1f, 0x8}, {0x200, 0x3, 0xfff8, 0x9}}]}}, 0x38)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x79}, "fb6e8addf71bf600e9eca964b640477993a6cfc0741b708c6e17b3e4caea0cda97050b02c3d7c5024cf058dfe6496bc51c8f23892108362708df395792b9486e52ada3dd864169c2d0f7f119a78d7548b9588b7fb0fb44955f94128eb463f1a1f785e66a4329b8ae14531604f75ad8e46a8bfc28b8f306ca27"}, 0x7d)

[ 1523.750534] Bluetooth: hci3: SCO packet for unknown connection handle 0
15:49:58 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:49:58 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x5, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:09 executing program 2:
r0 = syz_io_uring_complete(0x0)
r1 = fsmount(r0, 0x0, 0x80)
bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @any, 0x4, 0x2}, 0xe)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x2, 0xffffffffffffffff})

15:50:09 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:50:09 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x9, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:09 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32=r0], 0x2)

15:50:09 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:09 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:50:09 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x41}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02545e6d54a4e334cf6b6536418eac17305a0000000000000000000001000000"], 0x11)

15:50:09 executing program 3:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16], 0x8)

[ 1523.919758] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1535.913649] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1535.923915] Bluetooth: hci0: ACL packet for unknown connection handle 3668
15:50:10 executing program 3:
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000080))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000180)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$VT_ACTIVATE(r0, 0x5606, 0x6)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32], 0xb)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xf)
r3 = dup(r2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x1, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0x0, 0x2}, {0x4}}}}, 0xf)
ioctl$TCGETA(r3, 0x5405, &(0x7f00000000c0))
ioctl$VT_OPENQRY(r2, 0x5600, &(0x7f0000000040))

15:50:10 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[], 0x2)

15:50:10 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[], 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x31}, "384dcb22e12c936bb46c27ed961dd152c88107e04f070d0f67113aa685262ed686dd42365186d6c2b87172d30f9cd7e846"}, 0x35)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
r2 = syz_open_dev$vcsa(&(0x7f0000000200), 0x9, 0x200000)
ioctl$VT_ACTIVATE(r2, 0x5606, 0x7)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="7aea57cc9e17c7bbe3fa2c4d825466b219c014f201e7898e4fbd05ac2e11121b3da0ac15a5e3b318a7ce4110a0ba0b186600000000000000000000000020000000", @ANYRES64=r1, @ANYRESHEX=r4], 0x9)
signalfd4(r0, &(0x7f0000000040), 0x8, 0x80000)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xb2}, "9a4c6e7d28ddb2926467a4abb8a59a80b497cad16a32271d12747e6b729448f036676299ab6132b0f4e3a3ee32aa7718a7e7ef98c98e18f532efe388fae24e359a0f08d73b52341495b931a29bfab5568cff5ffc4772b45f83f5dbd835b020700b44ec0595316fb60f80fbd08666e1abced744dff6b84e8ea9340719b40d029b9ca333681e46d040d88058b409df407f21ea2e1f0d488e54937344325829cfb811220b55af6921e995cb74084a32d4393e11"}, 0xb6)

15:50:10 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x55, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:10 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_SET(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x2c, r2, 0x1, 0x0, 0x0, {0x6}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'ip6gre0\x00', <r3=>0x0, 0x4, 0x0, 0xce, 0x3, 0x20, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x2b}, 0x8000, 0x700, 0xffffffff, 0x8001}})
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'sit0\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_SET(r7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="f398fdc7", @ANYRES16=r8, @ANYBLOB="01000000000000000000060000001800018014000200776c616e3000"/38], 0x2c}}, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x68, r8, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x40814}, 0x4)
setsockopt$inet6_IPV6_PKTINFO(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev, r6}, 0x14)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x20, 0x1, 0x9, 0x101, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x5}}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x20008000)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x64, r2, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x40081}, 0x20000000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f0000000080))
setsockopt$packet_add_memb(r9, 0x107, 0x1, &(0x7f0000000240)={r6, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}}, 0x10)

15:50:10 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x300, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:10 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

[ 1536.141420] Zero length message leads to an empty skb
15:50:10 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:50:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x2000, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:23 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = creat(&(0x7f0000000c00)='./file0\x00', 0x7ed6bf2b0a1650d0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000c40), 0x400000, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r6, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000280))
pipe(&(0x7f0000000c80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$netlink(r0, &(0x7f0000000d80)={&(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc, 0x80000000}, 0xc, &(0x7f0000000b80)=[{&(0x7f00000014c0)={0x135c, 0x1c, 0x100, 0x70bd2b, 0x25dfdbfd, "", [@nested={0x108c, 0x49, 0x0, 0x1, [@typed={0x8, 0x2d, 0x0, 0x0, @pid}, @generic="7cb6d1d90c7123ffa1ca1dc92ef849d2514d0a5e86992f31b38d80b810f1ca3b60e1a058964bfae6a395fd50f75d0084e97e69a172c0004af4b7c013d8f72d8e6b875e4a923f1b541573ba95072e3f57c8940930c633ef", @typed={0x8, 0x8d, 0x0, 0x0, @u32=0x7}, @generic="de6c1ca404e84d70f8e2c64180d467e1ef260ec17f9a770b584dd319493de728d375491dd2379188dc3a3a3ca45ce353e055e46df887eede93afd7673aae401ddf3c22dadf6290f8a4558adc06e0f3ffb3b96aa234638f9029f23c44e795613d31fc1a3582f900ee7081690f0cb61ac5912b878e8b532a5efcc0ff6372ac4e86229497fc1dc4352ede1f60c17a7ebcfcaa8c2d08f800b128b108169e47c7fcb619d88ababa6338ca1f5903ebbcb90fa55127dadbaec4b16701d058bed7f0ad26388efee45e99d80c4f36a340b89738605344596f87379efaa9465012b2e6515e419c26fcea2d1d457d9c65e4c17f5f7faabe244517ee8895b84a59af7736d77de11eb32221026e7914e5181c6b5ff0d48e14837a9649a77add09cd81f3170f11c6ece75f78bc51de083b308085987b45a0ce8ad7ecd7b57bce032624f3a026f797e1b3e7d64584abdf642be379ce2ebef167dfee414f4968037c9e9be51e0bcf388e564dcca72f82b940e6e6508fbf18113e12fe43885dcb0bdf32b6912abce66bd225b400d2d04697dd0a87b741334310f059d6245803bda6a5245f14edc350fa4e245796f308bc53660f5aad6223cc519eaee046f5baf43cc820192885f7c728c01c9ace6cea5ac33ffb70698cbe6c17f2659f2c1dcb554ee30655d0906a4346981f2ba93569a0434a77f3bdd6a0a4c9e1a9167742aad41757a9d707c020299c74ec1c8ee940d5a016d1f2dea8ea64fd9a2fa5ec5d6350196d7b6416520285d1de0ce17a1b3326e37f7b8e823e0cc6d2dac4de8d0628d83c53cd6f9bd9aeeeff36d5b91743a04985ffc95914dd86173075ef6828c12e9a98eadce0bf10a10c2a0e0ce4d68fbf424bcabe1f6f4dfffaf64750d5e844b288d08d5a302438b7928e5b5ce435d4113a05461bd613757d9c3b503f1e3ceeb063f56f444535f85f138033ca3838b550a81230812b3f08ec760a64f058ba268331ae90aaf6ef0e9f55c96cd330da46e42a76a5d82ccf434a88f2af4fa7eef9cae71ac3a36d1cb812e001aeee8264614caa75aea481d38c8d14cf74a1182b5a5d1aa95ae9bebbba8cba7d539b637ab00cc92e1a4265911666725177509be0405141a6f8d5a8e28bcf22f3fb7e8d3ec46ab387bcae34fb4eb255c92a4d93181915dc6c34922e74d49c4d63f8d7ae0caa4ba575a1378feffb5859ac247beda79fd95894deae4190eb5a6836e397106b973a4380b106483fafe42f21ae88a22d7e099d4b184cb2377f5ec6e6dda7c8923922bbc3000edfc8a07d5760183348bcea50e03d2c6a0f77396d157eef371664c09a90c82152be1463b6507b5f210c88821d5425b1cb67494ad7250460b2bcffeaa93d719477fb85af26b194db6a16b93711ef09a85c69568c29b55a18644f7abe3f62c4244a5bae50fb22d15a8512db681ff250990db86e96dd8862f3cb380b3316b080b8b59620df87de582c34e25934a449924e346beb88dd8f336d111e08cb9b1581a1693e34a0f8e614589babab0a1ab8968d127ec56692f9eee955f7c881ba5927e32750041578662f0c0e4ef0b67f63fd1e783f4f1024f5cd99400ad7e7757a6f65d08ce97a5058026588836ecee854b0fc161d9a4235b50e2d8f03be60a4ed1dc7a7cef0434631a0abbc34ceba125e0e9070a9b9778e7d8d36d14a8c5c34d5df07867fecfd519d8a6d5760d7925b327aa50112ceb570e15f8843f79b47c4681ee3d13bb44945ce6d55369a00b27279cacbc49c333d42b40df0c0a0ebcb711735247e6fdfd42865069a36a03e2a2235d1096a7f530e647b569c93bec72c103222d2c54dc15a0de7ed534c855e8e64c4412baea5a4c034504b2b5d0f283d5e1bef6a7a04ae3511d03f82150017d2b2b5d8240e85f74781f99503daff0df7b48f673a0fe60a527a616d90018151259c63b410a2e20b91cff6bacb6f89fefd80ae7d3f840955b682756c1e35204b28291b72440db218b89d435380f2c747d8816f115e30116c4c98fee05cc1a81cd33d1021aff51ba38d90a9297759c9df1a6088ff461f5fa512d03ba1092379ea66b4c8b38e48166b47668781217ec2f712d5dbe481ed41c2b3e5918fe72b7175a4e510816b9608bb13102cab141dc9d4236e357ad8ab8d3cb194a3cd40397c8b3cabaf43a033f6a94ce9a6553db09a60d8bbea5724c87ee20a5ee0db77a81c40e58036e3ee390e97998012489f0f4c7008cbd659b8263454cb71c92bb54216463a2d68c34cd4d190d8eb6ce8a3d28fbf573577da227fbdd6f36a52541a15b6672ce9042975f37d7ce7dadd5538c90cb568d61c1b69a7c3c1926f2722eeadc8bda34712fcb2aa6f923345b5e37e3c3dece73daabcdb834153119fb19bee2b9ed1619117fd23dcf677fe4587e73653892ad72d64f44900f9311cf3c0b538c64a7f5f7d5da778856f6fc9079dd4e114fa605fe0242d841a3291bb9f68ed0aa5ec91e06786d8fa9f8783f769f4bf1eeae9d2199202d72839864b0144b0d76849ec83e7817dc6eb826404ca2e22d99e8bc6d9bf118ab6c92020f4fbe97314ad9d882dbc0b368f5836973453ebbe681f6e4363054e9f1ab42aee58dd67ed677f3a10ffe28296a21e545a71967f7fb9eb562de1b851638c42bbb3a5b83ef1061f4311bae18c078145a1d3cb3b6fc0eee8d8dde2785e0cd6eec2b4d889cfc730a1be289a1a2d1747ca0e4c83f6e2ba527ffdd6061cbf367c77b659a5a3038538f97f54109f9c15cecb617a89d40a35b476ee389586f1f9520c09e648f260b217e8b8a5afc63ae275962b0b8b0012ae8b25c1c548000dfb9c2b82db26f23f74bb0a0260238a7b52683a3633eb2efef3e9dfd1ecc4134f78e4090c0bd41bf6495080c707bd0f2ab3b2cc44dc14dcaa6e2831312906e46f81c3e54b2776d406cf2cfc18752c8e88c518ffdf8b685a826b959270959b0398f0b77d9af94a1ae47ba59390e4e84815cf0ab0bde5016809130285480f336d17fc6f4dab900b06394dbff368e16a8d689403c03865008e5f932fb6baa4ea75cce32b49c484de2a1b4a37970419c362af41fa10fd5a4d589b186740ee2e3066f086d06efe6318f5bf0e70959644103384828350484631900fec280a893eac451777384e89386ef3275f4fca2c56657e8b1a6e468a86ce23d0b5ebe0f56d0e86e3564c1c59ed9efa27359c39ed7f69901209ad479b140e6ca723f3f847ee476134382eeb7c8a448ae099e2157ea34e562b4d9cc0ff840919a2de80a40af1deea731efcb2c675f8089c60a6ef7cb188844116f94955bbf17e72dbb041f778d50db2b5493331704607c26f753a7e0175028970ea57041df1b30ea499907c62fe7a4becf8443708e64619e07b4c71ccf6b5eadde7f2b1b05b392813eb4bba41a17b171f5d24e12c60e9027340cc3fe860f6ab5c3c62e0f8d7c9e88369a6db681e1102c9f625fe5537b5460397a251ed10b2fc92a524c96ffa977479fac7c378fd629711c53e04eeff7082150c6c1c4420384c98bcd9215573ddb3164728a80ecec38b620831fb62109eeb0157a9088f873c9e2b205a69dce481b57ab59a10f49b28c68f8163a041b812f1e01c724d578de47703038f66055f4fbf9510d04e1329404f7e5aa5a7477769ccbac7384ab9b818cde8b428be51760bb6288568b4c4b1957fde427c247bad31f32ee5b2a11b0250601af080671c9f45fbac4f46274315c57a6d79f662d839e7fd5f2461973971282dfdb83d214be491b44111ac7578b06636adc3321a28856109551003c0e6cf2940301e3daf4987e3559706b062daebf9e663d9d65b2b12bc448e17fa8bc3b133e10c7ab30a00bd40c84888dfb1855a28ae6ce051b4d47534e4346d62a82d0565f69bd1fda4047c5e03b1ccc61006b9ec1c77e2805e00808f28ebad4b426c717e058572058b49baabb6534145d738f677c36e991ebe81d2a48f26104bdf20281fab49e0c9a9d2d1c7ff19eaa6b1f99da45baf528dc7d4f886ae0f5f3c27b392b55abdc4e42c766b471fb79bbca559409b6e19050d165c4c9e41536173e71e54c49f2c26de9132e85554e7262ca1e97c37888e066d0aaca77fdfddc1ceea76994012162e787b6cf2dcc67e042e537524e5462aaf7fb21a5381f15b318d5efdfcf27c30f619ed0ba6f73cba96077c96f481df8a6450aef5514a53cad184b2d7dc7569d1baddf44cde2160de1e935c893efc1fda50b1bcf146d7204394f9aba83a4405965e9101100e9e47d07f27a449a81d8554bfb32a04ee7fd2447e0baf71fc654959dac37936ca6813919188b4607d7347fbab715bc3fe00af4ef59332e7ebf20a6892628db819471e8aedd3c4dd83bf307088e4b8a84253dd0b8606ead132e93d188974e23bb2ac9df538084bf5761d1763efbf463c1456487661a34c2d95dec68e746eeafadd0118f6ed716782461b532090c61f4a44d935715974842ecdf33b8c1e6d7369fb6714efae0fe114b6e9be6dbcd5c0f2d6bf968eb64ee80b8ef1cdfb526dd0292509a976c4e5520f937bd0bead1b959b3c9a25216d37227fe7549cd00acc6d4d3b4cf6a311f9c8c79c57e3e3c81db62e34dc808540b6cdceb16cf9d81771fca082fb1832f009715c0e71f2c9c978b9877118f357d4400e7473e94ea3926efcb2e84316d8f4e0e69a6ae2c9222f35ee8bf20ff72a8b1d4c65935f80c1afb5711904c649372da7188c0f9a5feab9473703ecfe7b8ced9600ca437a5a026d2ce835074605aad2970da4be4e611f98e77462cada974b417a74bd737ba389687b0801e7cba98abb38dc42a5584d60ad32f0bd9f6d282942cd9290a2f16533ea3999f01244f320170b6e21d328a38d19e5416cf0a977742bd5c273c910a78252e84c2b39f576314b5ca728a7fd0ad20968c91cc7665d0aeaab04a7d332a8f79d3e4d7df091814c4e0e219fb76fe3a33d147814cd1a2ab771fb6f6207af6e115b4389a80afb5a85b3932bf1b3f896a957ca8b5021745749c04e076d4e8ba1e9e2b784607faed2895f51d702f65373b3f341644dfc3b0de85da6b7c310d4b384002482cdad53ee16bee8a68a62b339d0736ba6b8f0250ade31d94f52d11531bd7cbb5746a133cffbb391e0a9e7c8ce1ab59831d6b4da8a83b68108090a08a73be2111d3ecbdd6c29d4f5dbf231bb774efac33e060297199f1dee20c835afc0e0c33aea0a04bdf715fc06aa154fd261ee17a2e2db44ef4f792701dda00b10402c01fc21f4188d9fb07c77cb3890e073964299246082826bd7d597893d076e8b7e41f363a71ee05c4a7c522e4ac2275338bebc8892562502dbc1d23dee92f2fc0110b07e737ce109d9c7520f254bc61d2be71c355f67a18910d49c9fbae380f3e81628f3b15acbeb1b2f125e9ae91f4a4e047752c0faa5d03fc182d1be5792237e7f608f9f9af2de1ee1266e541bf3b77ba1b752b6a92ed82ecc8bb657f65b8b5042700c29b30957fae8a2355dc3c4defa363642c95e958ba43cc2055393366b6188b14b191acbb37e639c1c73ebd32ad771d09d104dc208f746205b6e51b17d26036cdc43cc4cce4746357b3062949a7a27fb3ed7088049e4abfdd0ed90aad4cf1b00d8ea214a9a221034a69cef6d30d914765eebceb0d8e12af1353fb3336adc114a9a0c2c2c0c2710b2da2e9554cf38b032b1021446099f180fe2d03c285a3e7157ad9ad6494519e62ff41117358016e7511d6f1df45535af89c6d936f3496f1433486f55ded3d46d7bc546b7ed53fc51e044ba17b7d5d5c633b931cd9116e78d52f543517cf11e", @generic="882e3b356192f7755cb9c4aa501a51887604890513bf2b5f5db103b38cc2f87d69", @generic]}, @generic="0a531748ef1083e965adc1b1ba97c178311febf513c5fba606e95fa2edff475527b411251b5f2c489f582bfcf39d4a633bd8c6e0edabbd228b82f092aa24cc68d62aff2196884c45935217357f42df0bd77bfd768ba6b8b65ec589684cd68cc4accd50a3193db0a497a812eb31b42ac93adaadd705e466fb2a8165a050519da345cb2915307a10de563492739b3cb5c00c5c05a6c32532a39e1772e154", @generic="26c36c1bc4cfff2157628212084635fcbda4d2ac7ac257b9aa898b083894caf1c1b6a86cf6b9cdb5436c95f0b588639a74025227f57e7c5920c9d4a316e44b685457b3f18cd1b47b2a3d4512116bf23dc39e71a32a76d43c21b5ec30f48bc7fe3b14872861b260ea43761c0b0e7f1bf988258229a68af9a233b3b239047a92664871e16dc6d11c8ec985", @generic="8d993a3446963793707a20001bfae24fa947783c6aa5529644a219aedbc4609ed4d8d5bfd112a256f44c11248e884d7849", @generic="7bb7bf7bdf39ee21c04d3bb366f158772a31edc08d2983cf6f1ae3894202ecd13220cd32743517785185d17d931ee9728d115f9060dca579d05c8eb17345350af1080276b1b5dc776e3272b93e553c2548d4a0c160bf6c523176f871f414e6d59ecfc4e2ba768a24869bd6a345c0f6fde8c75a46254e21847c1dc8a1b89caaa3141b6109c5bba4b35e3b2c50b1bb95ae6d3ee2e69de8ea", @typed={0x5, 0x2f, 0x0, 0x0, @str='\x00'}, @generic="1f7863e0a6d10f8203eda86a4e3e40c7fd50c896d2cf5eecb6e3d8578bb91a41042e47cc0e5867c0c48f4fff58c42b175f358e475ee48461e7c00a74042514da2542ad5b4a2cc82c9dd000952f1e91f69121cd71e228d71a01b3daddb1bee64043e439c1d2948271ca84778640d781633b3afbbb180c88504c4decd5c9dcfa6b0d81d3a63dc597120e79f097c09969e330f54afcf51372aea7e7dda670f79006dcd0917e1db0086794a92f6713a101d67f494502010976ebedde71045615641ca8ad9bbd4fc08276d5"]}, 0x135c}, {&(0x7f00000002c0)={0x198, 0x3b, 0x10, 0x70bd2d, 0x25dfdbfb, "", [@generic="59bc26408f5f423ce1581b8902b2e5bf404c7e532dde657d468b66a5c7bdc0bc5751129a01b34255a15d7a7c78bcba5dadbad4307d85b3630bd52185e1355f3177548dbd57e879b020650b584c9543ca2a95093d29ca27cb0afc56278b5e944696b91144cfb00aac", @generic="f08d5031ebd8a63b9d05103dc7fa08ab01c08bad7d1065711f44be76a0094476ef389ca1054fc53f4095c8d335ef5fa2c0e4bcc80cd5e4d6dcbbb7c84ce2a76beaa9531b0a459c5eca8204ce20bcc62515059b34eecbfe80de7e257107159868c7e373e31d89d4ef3c8ae63a9d7a2c3a63ab7a07f5d3c63048a5eaaf888f82e150a84ade602ef2925ba480452a5c93d4868e58b1fc7d76b3a5a12c498c839a0eac318f3b18e0c8ee99f9ceb57f61292cbc4b62", @nested={0x57, 0x7b, 0x0, 0x1, [@generic="e45b2a8782334be1deede83d477439528924d4c39e0bdce229d79cd135225d0720f0838ea7f004e5d68fb90e08a30f5f8ea3ee3fe97d2dc66bbaa16ca9530e5f034951918e0b5ccd278231bc3391b07ea6e1b6"]}, @typed={0x8, 0xe, 0x0, 0x0, @fd}, @typed={0x8, 0x5f, 0x0, 0x0, @u32=0xbd8}, @typed={0x4, 0x36}]}, 0x198}, {&(0x7f00000004c0)={0x574, 0x18, 0x10, 0x70bd26, 0x25dfdbff, "", [@generic="980a334c5bf924f50a372b7685a153aa037d87b09850d0d1ce323dc97990ed4e2795efca99e19efa97d6c251ee7c3b3ece417b6d6cff21f40d7c8f7533aa663d8b02a25660f64fbae19f6ee23fd1b688d7151a9abc67c868768e6b245fe0420cd55b31d3d038d4586b06da107f3079fb7a871ba91aa2b033f91890a028adcb64b1dace09ca104ac00b171f19504484687a18a5a024a9be7a44bee8", @nested={0x263, 0x7c, 0x0, 0x1, [@typed={0x36, 0x52, 0x0, 0x0, @binary="0df8225a739993673afe49ebbda131b3e5b8ded79844cb5b8cc4e7fe5ec73dabea05c951cfc251c68fd3b8076a9cef1a2d70"}, @typed={0x14, 0x44, 0x0, 0x0, @ipv6=@empty}, @typed={0x14, 0x23, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @typed={0x8, 0x56, 0x0, 0x0, @fd=r0}, @generic="49ba91b34dc3614479a526b5a8abedf591c67395b9113f42e5a3263b586159c71f0e380164e34717a25bca1f75ecfab5e63ac0ffa553e616397d7f23a91d29541ddd4be3c33bc195a2b23a8e98be3455d4e86fc5ed26047bb13066c7eac6aa5a56a98d0dcf0016745a161f26e69ebabceab53166725d0b5d44e2f113afa410edcecfa6ae953763081277ba2f3dbb830a721d7a7ef5f03093429d2c429cc800cc5938dcbc32cde5f87e757590129a1b20dfff39d3d53b6c7f8849b0321c7ef50702d69c3a8ef4093b4def1731497524b0beab4e1d76c12cd9f47202f00975eac33dda935054e37997136bc0d9609c6166a838ae", @typed={0x14, 0x64, 0x0, 0x0, @ipv6=@private0}, @generic="c4c7d4c0ef037bd40573d743507646d71075a3ca5608a43f1e69c2cce92a31ccfdce484da93dd057cce28c", @generic="87087c5e39afb39c2bd6590ad8a0410f5d728a5bd494aff671874f604bec5ae5738409c0d687aee6c136975addf09d5d502bfd9dad1799d691e85b4f4b6e82737b0b2da37613ee6751f2bd6915b36b54949cd2b21d874fbf85587dc3afd1206fdae031bea8e0e3ebb52950da26c400cb16f5974876d97ffdd33456444e76009a2fa96ea9a23b43ceab63eaada444378f", @typed={0x8, 0x77, 0x0, 0x0, @ipv4=@multicast2}, @generic="e40b695cf031f5f6d7584414c687d07e245820e2b28e5ae94c6fe88b72ae56132a7ba6be224b5a02985c1e66a8"]}, @generic="589bf0f2e54cb8aa582bde1cc81b3076ff7cce3e5ddf1ea844a1bfc059853ecc1b3e0550f36bb1176cb9cb1bb87feb243070674976c1ae894c6183", @nested={0xfb, 0x11, 0x0, 0x1, [@generic="e8e04ca78da35947a7d528c8dd698724d412c28f65ff0b282cb4aecb19755a57efa9991fd640848b835ff67436a70f934c3f966310dd3e9b80199e2bfa28285197114f2bede9d4b746f0db72a52d0b681cb8854474d2aa6979eff3feb4cb5a7a1676dea2753032dde05df3d030298ae004565ac2d117ba56900c645f26f8ff12d648b902891a80e6b961592a6616f235d44eb63ca7a59f3ba718733c671352d73905f61b121b519bbdaab25ab322282c1a5858", @typed={0x8, 0x44, 0x0, 0x0, @fd}, @generic="1f05ce99b4cb882ed69028c88dcdfe026b4f33622e243fc484cdd2cef2af6f7838a3dbbed6d018cdc5bc6af1c7a85fee4034e7161275ce1d0f7c9518"]}, @typed={0x8, 0x6, 0x0, 0x0, @uid}, @generic="75834a080d815accac9fb106fedb75d8ebbdf498e6baf9bac951c725ff815b70b1913b4b5c5e131b848a6816b45ac968a4df2ae756b3294f77a1e57601f2d4f4677bffc55c2f7a8d758ca7c211e62f50c5dd364d22e7f9062052c677eabd7bebfc24561db65398d7e9a9e9eb6f6ff98420d6ac8185d0fa4ff857271d3ca2b160c9f6e72811e8e33384315787577e7068cf584204320eb55b93813ae564bcde97e74c944c12746d946dd7437bfb00466de1", @generic="228f52f16a9757554d4202a7d64cbd0dec6ae164ea1214fdb689741aa6468da9cafee7d027d4674fcdd620be929ac5c80b7068b6af503e8052b8191f51af3143ecce9addbaf3f7eb02822e576caf984478f25aa320726f85d521318ccc2e02352c3ef2c116226160904b3df9180d410d6b0e07db75"]}, 0x574}, {&(0x7f0000000a40)={0x98, 0x1b, 0xc6cf0c3ef0822fae, 0x70bd29, 0x25dfdbfc, "", [@generic="67d71b91163fcdf09b6e133dbc8351e08f7101ac33b7555d25c5b3d5ba74e8a30197321b7aefc982ceca17e90e2bd5fd4374498ed6f5538c287ec994a856ebfec0ed4dac22829753188f023e271906f146d704b45ae2675cd5ca2ba070fc5ac21b19bab97a3af73a04979970661532cbd5c6bfd4ee35b1d04ffca988079db1c9a8c62e", @typed={0x4, 0x89}]}, 0x98}, {&(0x7f0000000b00)={0x58, 0x36, 0x20, 0x70bd2b, 0x25dfdbfd, "", [@generic="f9aea30c27748b054e38ba6864a5ac433b5db7fb24272188fdf0217a21734e83836bae406d87417165eefb5342fab10bc48f09d1d0d9c8ee18b8efdd59db31ca72cc3d5bbd42"]}, 0x58}], 0x5, &(0x7f0000000cc0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x34, 0x1, 0x1, [r2, r3, r4, r5, r0, r0, r6, r0, r0]}}, @rights={{0x18, 0x1, 0x1, [r7, r0]}}], 0x90, 0x4000000}, 0x20000880)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)={0x28, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @typed={0x8, 0x18, 0x0, 0x0, @pid}]}, 0x28}], 0x1}, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x0, '\x00', [{0x7fffffff, 0x7, 0x100, 0x0, 0x10001, 0x9}, {0x2, 0x800, 0xffff, 0x8, 0x5, 0x10001}], ['\x00', '\x00', '\x00']})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r8=>r0, @ANYBLOB="00000000000000002e2f38773b9e65a19749640b74f166696c653000"])
ioctl$HIDIOCGNAME(r8, 0x80404806, &(0x7f0000000240))

15:50:23 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xf0}, "538619a4e487f671df752c47f2e2ee8ea5f5cd5020051bd1b7a239b66c2a08b0330bd99a9089833340fec160da77b4fca27d4a2c56b98a7e437c55ea6c4aebc04001d7e94e362838da7c3441228e52f965e8ce42f06e01753de020f6664f15ad578afa786f3f7b9e26cd4649bca119201a25da94fabc33b36ac201933e07a33c0123ef528551d9bf0e2fdfd6e3a84b5f587fe2e74902fea8410cbf50991908e6565ebcd75cd45476739bb4483a1fa137335e9c6214c9c226491a0817819badadfe44819301fb5dcadb24fcb7f5bfaa589dee184a59cf38b1ea61ded5595d1e97b13de39fd5c928237232ef9b048929b0"}, 0xf4)

15:50:23 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04030b02c900ffffffffffff01e7c41b3f4a88dee0cf03558ca3a47b71c1f87996f31cafa8fd51a6113b050911d6a22146313d639a4a0be7bcdab056c62a07ebbd05ce9718000bbf0b3059d861c57524628bd6d6ee9ec3ff348b06f3acd49b9a76452fe1bf336624d8f8505636b60bd85ecff51b80e314e9b01c949c8605a4140f89397b831942db3443e9dc2e1789827047c9e3a530ae16139a01847703d23c752664ba47040db049fedd333977d67aff15aeae522e9c727d6da393c1a2454e5e1b55355b977a813fa04b85eaca8ae6c7d6fcc3d71aea5d73ec59acb0da327b5510c699d31d9f2f89ca301183f54d95c4f86f85276a23d92661cab2c6c2308517e75363c6a2240dca1071f02e4771f2b6a7932f78693631843a16eb8ee110f96328c89aac5245232f6336b073e73619c3f84c9859fb59ce81b54aaf824f010200b9135d06953d96f0c71ed212e4e2c8eb95682608a4650fec917efd789d1d67b0c4247c2e"], 0xe)

15:50:23 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[], 0x2)

15:50:23 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:50:23 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:50:23 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:23 executing program 2:
ptrace(0x11, 0x0)

15:50:23 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:23 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="0201c0e700e30001000e01030004000005050a0005000100030001020600100504003f000600100904000200ff0711fd0200de070b7f920004000600ad7fd55031609c7aaa9c3c285937ece626f93b8e1ca7488da544f43015a39af3150e13a1613b0c0cf45bd13f652cc317c4aa322fd67ca4e2475573772aa704599dd0e61fd8f9533332c92814c180d860f6b04a6f750186f4390031f99e42326f364badeef576c25b51dfc888b401240915b8c354ffb2c639bfc32b1c039008002000f9ff070003000e400300ff7f570173020008000c03050001010100000000000000000000003b162b193b9fc797455d60999f48070b56434824c743942fb967ff63c275582b17560bece79fe72e1c529480798bfaec844d1fd3e7c0bf0af8d9d728b58d5584bc9a56000000000000000000"], 0xec)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x81, 0x4}, {0x1, 0x6}}}}, 0x11)

15:50:23 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[], 0x2)

15:50:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x9801, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:23 executing program 3:
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@any, "3093c790a293e9dd442d380b7d20e00f", 0x9}}}, 0x1a)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x3}}}, 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x81}, "03fb803bc61a473459b7ff498717e0b899ec3ac10749e4b4179af6f870fe7238a7bb11ff40cc1621790d75544468ace4f7678ce5fe2d2c454e0a7f16de37efda767a862b64ceba845ac5a94e5dcc1d46c6a0d4955119c68e2da1cacb712203c0f9dd5e25e82e6099bd661b995978e4bdf24fcda6e1fb5b2df689528f23da269abf"}, 0x85)

15:50:23 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:50:23 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:50:37 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:50:37 executing program 2:
r0 = fork()
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000000)={0x2, 0x1, 0x2, 0x9, r0})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
fork()
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', <r4=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev, r4}, 0x14)
sendmsg$DCCPDIAG_GETSOCK(r1, &(0x7f0000000680)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000640)={&(0x7f00000000c0)=ANY=[@ANYBLOB="780500001300000125bd7000fedbdf252a03ff704e1a4e200200000002000000ffffff7fff0005002e66e4b33d06b23e4151e7d625aa0000", @ANYRES32=r4, @ANYBLOB="070000004b08000001000000030000000b0001009a9f9289a5c81f00cc000100b8b95f28e9595928cc3ee6d4f897d28c3b02a9e880c414ca6e376ed7c1c01d8aadcc164e0e01c6dff0556a6cec97eacf5aa3a264fa87ff8201b0fd3f535fd3953b7a0b7fedaea94ba652c981c5c8c31d27b6103ebe7412d01310323bbb078fe41e7a402cb7ef0aa9a2478b32bc1839722d1f2d808cfaf46cc9144c003c18c0c8644d7962ef950ccb22be8113f9e93081c53481b68d67a1d94b5cc48f0e7eeea633d2f4f63619499d615d02ca7eb116cece0dffb5831c8cccdf24741971eed2ad85b3376b2eda6ab49d0001007d7d5f415865976e722be03bfa481cf728303356d855cb8e176e39e98dd3bd612cadfbaa70fdc713bad753b7a4bda219f7622271098d4cf648a46dc4dd7c876e347681462eabb0cdc6c8468332cc86a5ca653a03dbd6fccc760ee865b5f180edb6ecf28f40ef4111a2308b2729484f3bfe55ac2340056c3143b01f6169821042509794f17e1613a8c2f582f68ce7681a0a892c0091a31189f9000000d3000100f467ef9b1eaf88eaed3a40231eb1f13cb38f67de66272da0b99b9e4eea13739105414b3bc6653c880ee99cc66df08dbd16743cd1b545f0197114dd47d1f92f0c6da5abf2c94370e9fcb238a6ab50cf0c461ffdae981e4a6d6e89931afaca2b8b24a10375ea33ca8faff002cd8bd50ca285288256841144435b6212ae2c745146ff5bebe9925f933297779d8a436ba03f58d1fcbf7255124145371210b3c68c143ef707c0957a9cb304036d9bcdd66aba93746cd955895f2c9877d8f4371974f5055ee86903fbe331a651487267ecd700910001006417965c79f17e75a064c1c17a32a4b4bde098f5d60bcff80468dde70b0850f41a67706cd18e3369cb847f3ba7468cd6e8126826546720242a031fec7e15bcb16dbe89b1cd2a958e8b9d882782ea0a81ca22b4a03c9c4f4b2a66d2659b7dc5474553eb315a8fef8feeb65580339cf3e1f304652b4128ed7a0db4369c51c42632f6fb60f3a5558032de0de746b80000004900010062db52a767fb06444bec0551ef4d22609c7a12c14e9fcef6d306edb6d73b9face534ad6f73bb83d035a68ebdde8896ad7b34d9fa8d0ee9515526a00abe28d92ecd1217368400000081000100baf701a8761eb8d4d7ae0cdf033810d4ad32bb20cd9fc35813ef7f366b1e35923e4159c77149148b31003baa39ee4afb95948b2b2b5033cda92333427db9249ca3ad410ad7e09944d0ad748cd6125d8d4f7f9fca34363518116636522a49a0e14967ace4dedf343cccd615abf1d5d970a4fca1aecf2ce25951bed7dad80000008a0001003753f8505bfeb9cd3aa923fc306f445d58fbad26dd867b7756d15f0a5f9c8485048e5e14f77b2fd9dda89d8bece2d6bae0e89a33c97331231bc077ad97b34408b965e001293dbbda8c0c859628ccb62cd5314938417fb2db5de56b0fd7a3fcc85410c1c27c7f68a2c8f076e19958004f71935fb4db854b5c1b2f7153d53829089648b8602c110000ed0001006168eec1905767208660adbbaf642bba6659bf77fe7c2fb272858840c636c7091f249ed58b5ee9e69fce9da07a020aeb096eeba6cc71626243806fb0478175c0e4311d4af50eda4e3411a7172f1f4b7e37e2d8decb63ac0f2a4f2bda2c57893109e5454ade8b3027a7a3b9aed747f1c0fdfe0814370a481e60cef123999c52b820e4cb2c1e2c2a0320530221ab21b52b4d2489accdc5cd3c59465200f69278a596368596ee2ae2c6341ba632f8ca27b2479e4f944492b6c5c957ffcfab424362b8187d67bd59a17d51756822adf1a8025c6f110a17068cd828d16e6830dd180703b996012d7f51e9af000000"], 0x578}, 0x1, 0x0, 0x0, 0x20000004}, 0x20000010)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r5, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f0000003640)=ANY=[@ANYBLOB="dac5beae3051bdd4f2b6ad7b2e4940ba8a30cfa8245bc559bfcfdadc48ce677b6e5a70419db47b6ab23eaf4a475c3abf26ede2c1e99688834117808ce5cfcd40094ac72e132b1b27380e70f665b0b7652ece2157cced96101a7f773a92059e24491cca02e47a39fd5f9de26a3430a2fba2ce90", @ANYRESDEC=r5, @ANYRES16=r2, @ANYRESHEX, @ANYRESHEX=r0], 0x14)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))

15:50:37 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:50:37 executing program 3:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x7}}}}, 0x8)

15:50:37 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:37 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRES64=r0, @ANYRES16=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "0dee9443db1d38608d66ed0054326a1c4858d720572f023f0c566316c0890e5ebb1810fe81efae31c540223b099447fb8f35335633121e7548295b9a8d8f0628fe4ac0d3a58a341cc264822ea02bc2d1e9b3a5a3e85525f9fd7aa026ff54c6fc60e91e1afca68acb27079f3a89db4104a5824a7c4b7f165f63e62294b51fe704fdb972c843970c2065dee1a3ecdd1966ab20b8b183f69c7c6bb4f2417f74dde4d56436c51c589566f24389291be0f6501803883e903a127afa4a"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0xa}, {0x8c, 0xfff8, 0x16de, 0xd610, 0x401}}}}, 0x17)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x76}, "ca3967e6b2fb3fa7483d2e55e0352b92b26c9d94577b2a3379550d9a9f3f8a58fe5212cb499b8a6b4d423e8cc6589facb8e54be445140d3ef9835afb7efcf34e2de0f6dd79772fdff80f253b11315a534857762b2ac99ede9c15c8827d4b69403c867280e71aa142b4fa871db44416a9a2bc8cca7f23"}, 0x7a)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9000c000800050006800400ff0fffffa2a0ce2c63a5567a781c635996a81e"], 0x11)

15:50:37 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x80000, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:37 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32], 0x2)

15:50:37 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:37 executing program 3:
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000002c0)={0x2c, &(0x7f0000000180)={0x40, 0x30, 0x5c, {0x5c, 0x31, "d2316a403b3dc469a85dff7ef6380dbfeaa9148a7d27e635a8f81af5044f46831febc9695c44ada04703074b169e7967ccda5c31cb87b89c0ebc80219a7262510097af4b61217a83d0791469fac73d4abdeeec29c3927a6c3fe9"}}, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x340a}}, &(0x7f0000000200)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000240)={0x20, 0x29, 0xf, {0xf, 0x29, 0xc0, 0x80, 0x1, 0xab, "260c3d1e", "dde23977"}}, &(0x7f0000000280)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x63, 0x0, 0xd0, 0x7f, 0x0, 0x5}}}, &(0x7f0000000800)={0x84, &(0x7f0000000300)={0x40, 0x31, 0xfc, "ff2b85fb7890e57e983fa47738f02a200d0158736c72d2270efd812a509845b8478ef083bbdb3acc9c8fbf6e9cc171e8f8ecaa9b55f911aebe69632a340bf99f66e8bbbf39d3c501d7e4ee5814d05e97868a47447f8694ee586cb293ea4f77cf0fd7ec8f8306c4383bcbf01a19700490f88ae5776cb8250a0c0f7cd88cb509bcca88eed435673564df8cc230f7e1920b7958abcd12f4543b03babd8ce76a39f00056c97af178e4c4675f7611b045e12113c405c62235074a637f97a9313bcdefd6ae44527c2e449e8eceb6f075d432abe5895b027a016771a5e0c2e3ecb28ee5458727f70acf351c69d81c4dc861b07e0490ed15854200b22fb0d5d3"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0x20}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x1f}, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000000500)={0x20, 0x0, 0x4, {0x1e0, 0x40}}, &(0x7f0000000540)={0x40, 0x7, 0x2, 0x7}, &(0x7f0000000580)={0x40, 0x9, 0x1, 0x60}, &(0x7f00000005c0)={0x40, 0xb, 0x2, "689e"}, &(0x7f0000000600)={0x40, 0xf, 0x2, 0x6}, &(0x7f0000000640)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, &(0x7f0000000680)={0x40, 0x17, 0x6, @broadcast}, &(0x7f00000006c0)={0x40, 0x19, 0x2, "277f"}, &(0x7f0000000700)={0x40, 0x1a, 0x2, 0x2}, &(0x7f0000000740)={0x40, 0x1c, 0x1, 0x8}, &(0x7f0000000780)={0x40, 0x1e, 0x1, 0x20}, &(0x7f00000007c0)={0x40, 0x21, 0x1, 0x8}})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000009c0)={0x24, &(0x7f00000008c0)={0x0, 0x0, 0x2e, {0x2e, 0x11, "3ee7b32544470415f9786b156d7d308a5b22ebabbb94616222cd483ec1532b12724a73117aa735fcf5b717e7"}}, &(0x7f0000000900)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x140c}}, &(0x7f0000000940)={0x0, 0x22, 0x25, {[@main=@item_4={0x3, 0x0, 0x8, "811de9dd"}, @global=@item_4={0x3, 0x1, 0x5, "530ffd4f"}, @local=@item_4={0x3, 0x2, 0x5, "cc5f0d2b"}, @local=@item_4={0x3, 0x2, 0xa, "d9dc5177"}, @local=@item_4={0x3, 0x2, 0x3, "39d9254c"}, @main=@item_4={0x3, 0x0, 0x8, "29bb5c95"}, @global=@item_4={0x3, 0x1, 0x5, "04addd33"}, @local=@item_012={0x1, 0x2, 0x7, '='}]}}, &(0x7f0000000980)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8000, 0x3, 0x1, {0x22, 0xdf6}}}}, &(0x7f0000000c40)={0x2c, &(0x7f0000000a00)={0x20, 0x1, 0xae, "e38031eef00d33d62b83e5083487c9a9374c9978c44955c867a107615285d3fdd18a7cca2fd5f7c0bf6a69abaa1d4a33fc5ab2a4e5605c238cf62dd11d0514a93af717051cec3b8749cadf416bb305adc64a393e679c57fc50174f7852fdb45f6027d5a750f68c3307da04cf65c0f9a958908340dac001cab626a564f6adcb058f03770f793744aab404c8fc06010aa7c84a37d204ef348e2c66b574198d4a3622656281bb44622f6bd421179719"}, &(0x7f0000000ac0)={0x0, 0xa, 0x1, 0xc6}, &(0x7f0000000b00)={0x0, 0x8, 0x1, 0x82}, &(0x7f0000000b40)={0x20, 0x1, 0xb0, "e5dfc55b1136b085ea1e076d5cad89fca0f65b6284a95205c7a01bcd6f209d06a4ed484c6c028b878d1b9daf554fb33fc1e9c36e815032e28e3bb3e707b2e72eab2976eccd1c2ee635b8f0dd4600d096b630f1c0638601561a8adb24fc7a69431679c402c5d470ee7bef2d002e0a412b4bf0e9248f1a0f11c6a6174721cc0ef1a1343193b98098045d53ef8022497b5ab4521f827134ca880697cae877b12fe9e2af8008b56bc65010e050a4b9e0b1c6"}, &(0x7f0000000c00)={0x20, 0x3, 0x1, 0x40}})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xbe}, "e388d026a1376eb29b99c96997141a029e7e1f4189ac44ef2ba07ca47a10407eca909601868b3a96df3d11b9157e5044f286a2f495724248dd4086fbf9303bbd862f1de7f1da188c5b0d09d9a2c2b7ef0e441ad4ae296819c01102e5c27dffb68a103d7a24d961344e0e8c053038365559b2721a91275c6910f1feb7b99dc3890b7bf40d1b1f59afaf0dd59633f3ad651b69e2303f54bac4198dcb9a16559c6ab7ad2b49b58dfa86aa14d22b7112343884715322ece3f5d334dab9270343"}, 0xc2)
syz_emit_vhci(0xfffffffffffffffd, 0x0)

15:50:37 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:37 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32], 0x2)

15:50:49 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:49 executing program 0:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
r0 = socket$inet6(0xa, 0x3, 0xffffdffc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000000)=0x6)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000100)={{}, "fcf5e7a26aa8d6c9acb797fc275c448db5cee99779f634214b3d2bbe6b414114b0ed8a79bfb48a97f15902dfde9306573e46144e65acf44df886d3f3622be70461e17cc5247988672a98a614d12f480d19458c28769d3d8909701b6cb6ad8daca22b5e0653de15dd2ba6bce262a8e32082a7a0a8ef6f3153657458d6be02ec3c5898b1e895063e7502054f8e692940a66867cae28e41bc46bfd36afab0eb680c73ba164785c9771f5aa77bc2927383a0bf35cb17078ed3ae7f01c595d13cff2a9fc3a4a9b9e3f46652b23704875ab457622a9e216b7d9c1666a254f8bf6fe0ae534303a031fde962da7e89984c896c2719ff9393ddc9719f2c51109f6a96c409a658a7290677d9d90d7569e13d423d01784875fe01ce8ef95e61d77f002415b656f865f6b7dfd515c4371a44251661f9c533e327f52b687cd970cee0c3b3f73d1d5a9eaab458f07e771367ca437a2f6f43f21b8e3f1fc35858ab09cacebee02dd84a63f50e9f07b237af207d500695316a536af9dd6d381cc4f8db198c6fa74838715a83e755e6ae01339b2dec9a772cf90bd4996f5ca8a070f70a42cb622240394e24a5dec33e3210f83b50adac2a0f55b0e96b28baf40ad1c6450f190e9db61a144266b647192cadd21391df6cc66a78e202306f1182a11f37fe1b4a9b67f350e684999f6770eb4447993171379ec0a763693eb263573cab32f4b5c316284ac32ec715112832b2dbb3c39186843707bea1dfc4de4b8d827cca013460614f338d7a3eaa70bd9aa4be4ff84715efa5b42ec10ea07a978bb2749ab2bafda78c77363318af1ef431ba38b2de03bbae40533ebc96ed7cef2bdb0c164c0484fa762b652b94863716e86f10f0a83026124b95fbc2e2ddec43c052ef636e8bbf911b451ff4cd29ad67052976c7d7b9ad93c7e68e4dbfc030dca2de34d426fd59d39fd90d75d1f912f8c4d238170bdc7214703c86c6779b431c4c48a22c65f1fe3b59cc3bb4b73c4a3e981fb08da9a7b8fd2f205ebabc32d5e89a7ea106a9d293cca91f0229cb9737ae8685a76ec567458a42d05a1bc913db5bae30beaf424a1cd943127abdaaee072a82b2e426f4872846b7e77f8e46cea3e5d7b2b3a14994ce86afd7cb624a98a7d3b1df35b3ce888f14b8b25d2c9ba9270dd401471347b8b7f59ef8f83162409d63fa6630fe32ff4469cea677c9c7f57890945e0c4951499a80b7e7abe5e69c6455c9395176f88a47c1fbee73da299654c51046d1e76fa8553cc8a28e61b899bcc158858a0aa893a2218ae079031cc25516e3df9a45a79a6da5d0e4402cf77418205a19f29b9f6a788843e2cb29041018d6511d7e41e1d99a53424886eabc863a4ace84f7c2aab5f8936cc320a5ad94aa825b5d188ca7351760456791b83ea387bb969cb13d34956c0bf8a22bd7c23af4df4ef77db2b091ca68cb7b1e7ec1a8d61a8ebf29faffeff647e998c26329d3a9fc3454792a360e96c6fcd1fcc2f4fd16bc118584c633280195f027bace93baaa2a74d01733cf1824f7070999e2c63b1197f81848e044b9ef55b5455b617014a3f5a0a59825b3f6156db491d53edfd81eab427011cfdad7cdd18776888baac4e7f1d8460352aa58ec97f58968b1849a53ee6ace96ca2f8598faf0f7639c0133314873cd1f3dc5a53b2f99c11491b23bb787d11b9179496249adf80ea1d61a736344fc67303fa02364eeb3a80d60af3b270046610d267207ece6e83d0a68c7a8c9fa9dbde7664e6a4713d98cb8edcf5bfbb0acd124ef4554c9de46d3b451786f7f2a9acb71d83a8d680be40617fcd0d533b9b2860e898e23a63aa45141961904c4236331eb8eebfe2a5014244d7aa07411411ce5e122d1ee0bc5e75a8cb8f4cae5b03bb28b2e98c7f5abb5f3518565ca6830b01b3fdc9b15a366c7622462f5a297bfc7b7c78a2a619232683003064f783e26a785cc8dacdc3ccc5433201c0d83bdf55df6115b64a95d7da953d8d323529799d10efad1db396da44953b5045baba727f0b1e1de82e67b36f3e829c6dc9f972bafa4cb523c090f09d6108adb872bcb4be5dd65e2c2e3e30195a4f487737ec82d7d4edd29c9e7e45fdc278237f60300374718497dcfc843b588779ec3028469228028c88ffaf08bd2f4528fd4b02472df8f4717cb8ab3f999c28700acc59090da448c671042b315abeeb02f1b0ce8ac84d630c8ef632876e8832b3bfe1c544f93a75bf39644e492971334cafb0e4af66c9e34718958e94f512c7812ca5c7b867b4dedefc0c305d2ee4de0ca14c05aaab7282ecef06e667d6fe2e5e0e50acbbc257ff0b1c77921a87ccb2a942dd9f875727a20af029b42a2389d50f615192340cf7ae2bc4483663e4ea463216c8dce7d0b6ae841c9ea003075ade3357c3f6d439f4039912697713c317c4f499ada809437d047c97e485176c39bab4e6ab4a5d60ebbf7ad40ba90b46a771e309e4b5b70a17380a08781b57fdae945d907d24af26a06dde2790267c334adec13a0f633ccddef9f658d353520249308e4420f67ab43fa20c0602ed360f2a8635e1a1f29d58d4275cb0733a6a2c953fc10df5634e9f3e5e4573bf74f0e5f258e9403a6e64fed518fc142008bf86b23cc219a570afaa33ec323b7dd21c79625e1c98b3adca62047bec52a4d2b10b7f465dc9aeaf3145d3d36b75c1314a121c0247bfaeacfef1f566a7e9dc6a471bda119a535a1eb3a91585c4381f1a70789932909eadfffd47b810610550b7911f341f6e98737f6fe2d27a9c5ddde8d66f7d7d2452a1ed72d0a5608c3bc882aa4a4628056991218a73bbd9cd5765b851ecbf7bcc85bed719b3404cd5211e9180d5ebe50f154f0e3f542af6d527cc1ef5ac82d9f4934b27972e31be8bb64607d9eb71dd6b2f03f8d5f7b82baf2a296443ff6341ee36b6ddbb291206003824311d4f6979debd299e85652db1f9e95ef18067ef0d63306e3576b310b2f6126043b0497d6c45196871008cf16191fbb338b5decbdb2a0d2bfc9e989ea558eae6ad7bb8a1d258d8f1ccab6eaadaece08de63d7ff672481e9839777ea8e06261a8589fd244cfc22984e3a62977a4a01c381583b85f16b14b47f9858d9c6c9e69c6b40f83402a6f46566657b216871c6d35ade675ed30b0aaae1e2ad275cf59934435cfc49ddb8b850f6dbfdacfb08d03ddd30a670cff6ad3092888b225c6d9f71b8fdbebb1cedd1e17f2d401616c112d6772766b2c1dfbc7f226dee5f2af1373c7cf16408ab631b89a2f619b21cad0e53d69caf1b0666708c70d3c52fc34b393af30d07daa28388971044ea6e89cda0bd12f87c4b14c83b362e098ac9d37ba7204b6ef2efc3cadd0550d6c2710eeea8648ec870b183ea6548ca54edf76e7ba654f153b0f1f4a1f5b0396b0de4aaaab5bd81cbca64ee7c40adb8f157f95f79b502af802d2bfb7703d81d6d8a5dcfe5421e6a94e822b3e000c87e9d27b3263c8d014e7ac35f5113066bbf793b969ce980c3be32d61d16cc312e410c86c2e02e9c14ff6b955bc4b0a6f59df53feb5d1352ac49e47dbd6d59b2a220e6fa54177aa596e14fed4789752c4e1bcd19e37f9fef9018c08751e526d8b1e153a9c21c27171e4f891ba8a8ab66f375219b1608f0ce16cae3e93cdaf18d3961cf0170bbdf69967e7a41119b5c0083a5180f83cc99c194bf12d9ff966ade7609ac78ef3cdbdf89d51f563a9c061c2c19234c393725f8690fa537208e0dfe907fc3b9de59ca5308e22d7f8d8835daa4d529d06fb2601e3c993049e40fd80c628cecfc2e45ad2df9ce55c16201d94ed9960e443219fe0ea51bb5fe1e022e7ee730899e968c300c46596f2bbfe7057787d8866c3dcd46f7c08dac668112f2e5c535a90326eb2b98ea9b79bdf443a45b4df9f8f73370af377a78d76afc804699298c15e0cdf2842ed7364609caba8ff101dc837d759f183d27ee1dd4dfb39d29abe673a6dfad653c5ad111f58af8da8b3e175c751234e3fb72fcb7e7efb3b35548d52348f80ca2241272c62cc6f5934284145e7bfc788b1d47c724ea1108498c930b313a6bf06c0a7a927dcdf5ec684c5ea34ac28eb04eb257b13cd2181959853e9a0882772a6e62745a74aee383aa97a0879975d58b681e29a5914885f4f9c24b789a5994bbec9b124aa10beb6798701da6775a85fce56b3ff24aa1d52a3d107ce320d817aec01e59140ea5c2e8e034cfbdf2fbad8434959a0fca21aea94c4d41dcc67edbb9739be8133d9d5b2207a31e30428daed1a1e819b665deab708352133e50f157ac26b2e6faa5026574841eb7971672b0b334a3986b1f69bcabba58709e0437a4b12c1a8ba1b27c26f2ba08e825220943c92d28fa8da82f0c562909cd4b9d1e5640d0f7fbdd9112ac9f5aa8f33e150ea60b5e4e6ef7ef849920a736626a0fb293771d21ff96b56c73863498a8602514b90be0fc233b1acfb31cc4192db24c0cdeb5c76c01e0cce47ac4804dfb60361f8b67f9852c5744b089d411e4f870880931b5f5ff9ca4e6a2e3e2f47d6863871d262d7d815b2423a0a255460e7aca1e669661db6e415f49843edb466a2aa02f5a0f3da6292dff4b2e34d0e771b49276d05478d83d77c78e57a9e484f1226bac36303cd7b034195c22ac342f69300b2d70d25cfe9bb76f77c8df85be5ce82283830a55bbcccd9cf9c30594f26b4e4035acffe0bf7bfd0896de50c1224131f70b4204eaa9eca83807338f18d87f3e912948f56f6118c4744a9c72b0b27702c543d08f05784a6fd2488e92f2398334081fe2002a3a3585b401ba3e2912a913e6e88551acb444101c6a942011b0df7e1b0705c21e473ace3430a4c78da7033089275e41c2b03969b9c8bb982e19c8231ea82e2b2d8c0cf7f3840aa61c1796f956ec8481bcd23dc6c18ef8ab2d6f8789999ef30e9237f713d8f1198c0ba1a4b1c48cad16e513321f7d31629e976185053223a6847ea01b84a1ad2eb2df6788f84d084c5cbd9601e20810134ba3a7d069bdc441f11cd7e9fad525478944a44d10a765b36cb8c73d8d01104df21c953b4009fa9b31cb7315e0db42bbace5c9c129403be33134755a8ac72945889d0f641ef775e6fb778592ffe5d5635596bcf7b0801fd71996587bce2a52f60df602c6b653b79a7db5b75f4515d5ae021711f01a4b7bcf9635ced3a1a41dbd65f8818248171d8c367dc640e5c2999187da1a9805a1254bcfef4742c876643cfbf197744ecea87e9f11baab17fbcb745bf2d60c07382d4e3a897cfa03e7771d2b4e527a0009087ffb9fded1d37c2e027fdfc517e8aeae57feee8e5b332ea8a5355124cf56fed16b63de521512ec62ac261fe45ce53b51ae0e7e03cc73c8523603c3c35ff88056390152bc33a5c9abf3f63f200f34f0dbea6e6e9d320d1e76c89dd0531f172f0dfc144726099dd6864e293987bfdb6f630ad9d8f5a1142b0a778c93567e539f11905b0971ed21181ed32a0c8e31cfcb2da523d327baac5c0782978500ec02ddf0f23418310fea46f2327ccc52ebe939d6c1f0388185fb3ed9da43f4825f3150f87ab055b1cbdb38836d7f873ab27953592176e06a6f78edf529a9605a582a2eea1bba30080bb71213d7edae68993a929f3783185b2a7e60895e6794750b15261b2e7975bf02ae04a1b5473df76560e98e5a2bb0e3eeee3e114e132fbf4432efb4707646295d8f63d36f33dd5455587e5d122d1418bbcedba8fada3fe8077b8e6a7ddc9b8afbbff7d3f8531b5abcb6e405d8f6d38f83f434c1572065c7a9a8d2e3ea7ca666"})

15:50:49 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:50:49 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:50:49 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES32], 0x2)

15:50:49 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x2, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:49 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$revoke(0x3, r0)
keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x2})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9b01d00080005002739040000"], 0x11)

15:50:49 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001600), 0xffffffffffffffff)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r0, {0x9}}, './file0\x00'})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = dup(r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x163}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_FRAME={0x38, 0x33, @deauth={@wo_ht={{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x1}, @device_a, @device_b, @random="220f7134b769", {0xc, 0x4}}, 0x23, @val={0x8c, 0x18, {0xc7b, "4cc904b1af19", @long="d3b34e36c29e06b8b659b30373104b1c"}}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x52, 0x100, 0x8]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10}, 0x4042)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_FLUSH_PMKSA(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r4, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x4000000)
r10 = dup(r2)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r13=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r12, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000001740)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001700)={&(0x7f0000001640)={0xb4, r1, 0x200, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r13}, @val={0xc, 0x99, {0x8001, 0x7a}}}}, [@NL80211_ATTR_IE={0x4}, @NL80211_ATTR_IE={0x1b, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x6}, 0x7, 0x80, @broadcast, 0x2, 0x3, 0x7}}]}, @NL80211_ATTR_SSID={0x5, 0x34, @random='='}, @NL80211_ATTR_IE={0x36, 0x2a, [@ext_channel_switch={0x3c, 0x4, {0x0, 0x8, 0x2c, 0x8}}, @ht={0x2d, 0x1a, {0x80f47222eeb827bf, 0x2, 0x0, 0x0, {0x8b, 0x3f, 0x0, 0x1f, 0x0, 0x1, 0x0, 0x2}, 0x1, 0x707, 0x8}}, @cf={0x4, 0x6, {0x2, 0x5, 0x2, 0x9}}, @mesh_id={0x72, 0x6}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_IE={0x11, 0x2a, [@challenge={0x10, 0x1, 0xe5}, @mesh_chsw={0x76, 0x6, {0x3, 0x8, 0x3b, 0x2}}, @supported_rates]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_def_err_data_reporting={{}, {0x9, 0x6}}}}, 0x8)

15:50:49 executing program 2:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="048e110000e12f97bc1eda43ea00dc3354f9f5705c00000000001e2bc60f4900"], 0x14)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:50:49 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
r0 = socket$inet6(0xa, 0x3, 0xffffdffc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000000)=0x6)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000100)={{}, "fcf5e7a26aa8d6c9acb797fc275c448db5cee99779f634214b3d2bbe6b414114b0ed8a79bfb48a97f15902dfde9306573e46144e65acf44df886d3f3622be70461e17cc5247988672a98a614d12f480d19458c28769d3d8909701b6cb6ad8daca22b5e0653de15dd2ba6bce262a8e32082a7a0a8ef6f3153657458d6be02ec3c5898b1e895063e7502054f8e692940a66867cae28e41bc46bfd36afab0eb680c73ba164785c9771f5aa77bc2927383a0bf35cb17078ed3ae7f01c595d13cff2a9fc3a4a9b9e3f46652b23704875ab457622a9e216b7d9c1666a254f8bf6fe0ae534303a031fde962da7e89984c896c2719ff9393ddc9719f2c51109f6a96c409a658a7290677d9d90d7569e13d423d01784875fe01ce8ef95e61d77f002415b656f865f6b7dfd515c4371a44251661f9c533e327f52b687cd970cee0c3b3f73d1d5a9eaab458f07e771367ca437a2f6f43f21b8e3f1fc35858ab09cacebee02dd84a63f50e9f07b237af207d500695316a536af9dd6d381cc4f8db198c6fa74838715a83e755e6ae01339b2dec9a772cf90bd4996f5ca8a070f70a42cb622240394e24a5dec33e3210f83b50adac2a0f55b0e96b28baf40ad1c6450f190e9db61a144266b647192cadd21391df6cc66a78e202306f1182a11f37fe1b4a9b67f350e684999f6770eb4447993171379ec0a763693eb263573cab32f4b5c316284ac32ec715112832b2dbb3c39186843707bea1dfc4de4b8d827cca013460614f338d7a3eaa70bd9aa4be4ff84715efa5b42ec10ea07a978bb2749ab2bafda78c77363318af1ef431ba38b2de03bbae40533ebc96ed7cef2bdb0c164c0484fa762b652b94863716e86f10f0a83026124b95fbc2e2ddec43c052ef636e8bbf911b451ff4cd29ad67052976c7d7b9ad93c7e68e4dbfc030dca2de34d426fd59d39fd90d75d1f912f8c4d238170bdc7214703c86c6779b431c4c48a22c65f1fe3b59cc3bb4b73c4a3e981fb08da9a7b8fd2f205ebabc32d5e89a7ea106a9d293cca91f0229cb9737ae8685a76ec567458a42d05a1bc913db5bae30beaf424a1cd943127abdaaee072a82b2e426f4872846b7e77f8e46cea3e5d7b2b3a14994ce86afd7cb624a98a7d3b1df35b3ce888f14b8b25d2c9ba9270dd401471347b8b7f59ef8f83162409d63fa6630fe32ff4469cea677c9c7f57890945e0c4951499a80b7e7abe5e69c6455c9395176f88a47c1fbee73da299654c51046d1e76fa8553cc8a28e61b899bcc158858a0aa893a2218ae079031cc25516e3df9a45a79a6da5d0e4402cf77418205a19f29b9f6a788843e2cb29041018d6511d7e41e1d99a53424886eabc863a4ace84f7c2aab5f8936cc320a5ad94aa825b5d188ca7351760456791b83ea387bb969cb13d34956c0bf8a22bd7c23af4df4ef77db2b091ca68cb7b1e7ec1a8d61a8ebf29faffeff647e998c26329d3a9fc3454792a360e96c6fcd1fcc2f4fd16bc118584c633280195f027bace93baaa2a74d01733cf1824f7070999e2c63b1197f81848e044b9ef55b5455b617014a3f5a0a59825b3f6156db491d53edfd81eab427011cfdad7cdd18776888baac4e7f1d8460352aa58ec97f58968b1849a53ee6ace96ca2f8598faf0f7639c0133314873cd1f3dc5a53b2f99c11491b23bb787d11b9179496249adf80ea1d61a736344fc67303fa02364eeb3a80d60af3b270046610d267207ece6e83d0a68c7a8c9fa9dbde7664e6a4713d98cb8edcf5bfbb0acd124ef4554c9de46d3b451786f7f2a9acb71d83a8d680be40617fcd0d533b9b2860e898e23a63aa45141961904c4236331eb8eebfe2a5014244d7aa07411411ce5e122d1ee0bc5e75a8cb8f4cae5b03bb28b2e98c7f5abb5f3518565ca6830b01b3fdc9b15a366c7622462f5a297bfc7b7c78a2a619232683003064f783e26a785cc8dacdc3ccc5433201c0d83bdf55df6115b64a95d7da953d8d323529799d10efad1db396da44953b5045baba727f0b1e1de82e67b36f3e829c6dc9f972bafa4cb523c090f09d6108adb872bcb4be5dd65e2c2e3e30195a4f487737ec82d7d4edd29c9e7e45fdc278237f60300374718497dcfc843b588779ec3028469228028c88ffaf08bd2f4528fd4b02472df8f4717cb8ab3f999c28700acc59090da448c671042b315abeeb02f1b0ce8ac84d630c8ef632876e8832b3bfe1c544f93a75bf39644e492971334cafb0e4af66c9e34718958e94f512c7812ca5c7b867b4dedefc0c305d2ee4de0ca14c05aaab7282ecef06e667d6fe2e5e0e50acbbc257ff0b1c77921a87ccb2a942dd9f875727a20af029b42a2389d50f615192340cf7ae2bc4483663e4ea463216c8dce7d0b6ae841c9ea003075ade3357c3f6d439f4039912697713c317c4f499ada809437d047c97e485176c39bab4e6ab4a5d60ebbf7ad40ba90b46a771e309e4b5b70a17380a08781b57fdae945d907d24af26a06dde2790267c334adec13a0f633ccddef9f658d353520249308e4420f67ab43fa20c0602ed360f2a8635e1a1f29d58d4275cb0733a6a2c953fc10df5634e9f3e5e4573bf74f0e5f258e9403a6e64fed518fc142008bf86b23cc219a570afaa33ec323b7dd21c79625e1c98b3adca62047bec52a4d2b10b7f465dc9aeaf3145d3d36b75c1314a121c0247bfaeacfef1f566a7e9dc6a471bda119a535a1eb3a91585c4381f1a70789932909eadfffd47b810610550b7911f341f6e98737f6fe2d27a9c5ddde8d66f7d7d2452a1ed72d0a5608c3bc882aa4a4628056991218a73bbd9cd5765b851ecbf7bcc85bed719b3404cd5211e9180d5ebe50f154f0e3f542af6d527cc1ef5ac82d9f4934b27972e31be8bb64607d9eb71dd6b2f03f8d5f7b82baf2a296443ff6341ee36b6ddbb291206003824311d4f6979debd299e85652db1f9e95ef18067ef0d63306e3576b310b2f6126043b0497d6c45196871008cf16191fbb338b5decbdb2a0d2bfc9e989ea558eae6ad7bb8a1d258d8f1ccab6eaadaece08de63d7ff672481e9839777ea8e06261a8589fd244cfc22984e3a62977a4a01c381583b85f16b14b47f9858d9c6c9e69c6b40f83402a6f46566657b216871c6d35ade675ed30b0aaae1e2ad275cf59934435cfc49ddb8b850f6dbfdacfb08d03ddd30a670cff6ad3092888b225c6d9f71b8fdbebb1cedd1e17f2d401616c112d6772766b2c1dfbc7f226dee5f2af1373c7cf16408ab631b89a2f619b21cad0e53d69caf1b0666708c70d3c52fc34b393af30d07daa28388971044ea6e89cda0bd12f87c4b14c83b362e098ac9d37ba7204b6ef2efc3cadd0550d6c2710eeea8648ec870b183ea6548ca54edf76e7ba654f153b0f1f4a1f5b0396b0de4aaaab5bd81cbca64ee7c40adb8f157f95f79b502af802d2bfb7703d81d6d8a5dcfe5421e6a94e822b3e000c87e9d27b3263c8d014e7ac35f5113066bbf793b969ce980c3be32d61d16cc312e410c86c2e02e9c14ff6b955bc4b0a6f59df53feb5d1352ac49e47dbd6d59b2a220e6fa54177aa596e14fed4789752c4e1bcd19e37f9fef9018c08751e526d8b1e153a9c21c27171e4f891ba8a8ab66f375219b1608f0ce16cae3e93cdaf18d3961cf0170bbdf69967e7a41119b5c0083a5180f83cc99c194bf12d9ff966ade7609ac78ef3cdbdf89d51f563a9c061c2c19234c393725f8690fa537208e0dfe907fc3b9de59ca5308e22d7f8d8835daa4d529d06fb2601e3c993049e40fd80c628cecfc2e45ad2df9ce55c16201d94ed9960e443219fe0ea51bb5fe1e022e7ee730899e968c300c46596f2bbfe7057787d8866c3dcd46f7c08dac668112f2e5c535a90326eb2b98ea9b79bdf443a45b4df9f8f73370af377a78d76afc804699298c15e0cdf2842ed7364609caba8ff101dc837d759f183d27ee1dd4dfb39d29abe673a6dfad653c5ad111f58af8da8b3e175c751234e3fb72fcb7e7efb3b35548d52348f80ca2241272c62cc6f5934284145e7bfc788b1d47c724ea1108498c930b313a6bf06c0a7a927dcdf5ec684c5ea34ac28eb04eb257b13cd2181959853e9a0882772a6e62745a74aee383aa97a0879975d58b681e29a5914885f4f9c24b789a5994bbec9b124aa10beb6798701da6775a85fce56b3ff24aa1d52a3d107ce320d817aec01e59140ea5c2e8e034cfbdf2fbad8434959a0fca21aea94c4d41dcc67edbb9739be8133d9d5b2207a31e30428daed1a1e819b665deab708352133e50f157ac26b2e6faa5026574841eb7971672b0b334a3986b1f69bcabba58709e0437a4b12c1a8ba1b27c26f2ba08e825220943c92d28fa8da82f0c562909cd4b9d1e5640d0f7fbdd9112ac9f5aa8f33e150ea60b5e4e6ef7ef849920a736626a0fb293771d21ff96b56c73863498a8602514b90be0fc233b1acfb31cc4192db24c0cdeb5c76c01e0cce47ac4804dfb60361f8b67f9852c5744b089d411e4f870880931b5f5ff9ca4e6a2e3e2f47d6863871d262d7d815b2423a0a255460e7aca1e669661db6e415f49843edb466a2aa02f5a0f3da6292dff4b2e34d0e771b49276d05478d83d77c78e57a9e484f1226bac36303cd7b034195c22ac342f69300b2d70d25cfe9bb76f77c8df85be5ce82283830a55bbcccd9cf9c30594f26b4e4035acffe0bf7bfd0896de50c1224131f70b4204eaa9eca83807338f18d87f3e912948f56f6118c4744a9c72b0b27702c543d08f05784a6fd2488e92f2398334081fe2002a3a3585b401ba3e2912a913e6e88551acb444101c6a942011b0df7e1b0705c21e473ace3430a4c78da7033089275e41c2b03969b9c8bb982e19c8231ea82e2b2d8c0cf7f3840aa61c1796f956ec8481bcd23dc6c18ef8ab2d6f8789999ef30e9237f713d8f1198c0ba1a4b1c48cad16e513321f7d31629e976185053223a6847ea01b84a1ad2eb2df6788f84d084c5cbd9601e20810134ba3a7d069bdc441f11cd7e9fad525478944a44d10a765b36cb8c73d8d01104df21c953b4009fa9b31cb7315e0db42bbace5c9c129403be33134755a8ac72945889d0f641ef775e6fb778592ffe5d5635596bcf7b0801fd71996587bce2a52f60df602c6b653b79a7db5b75f4515d5ae021711f01a4b7bcf9635ced3a1a41dbd65f8818248171d8c367dc640e5c2999187da1a9805a1254bcfef4742c876643cfbf197744ecea87e9f11baab17fbcb745bf2d60c07382d4e3a897cfa03e7771d2b4e527a0009087ffb9fded1d37c2e027fdfc517e8aeae57feee8e5b332ea8a5355124cf56fed16b63de521512ec62ac261fe45ce53b51ae0e7e03cc73c8523603c3c35ff88056390152bc33a5c9abf3f63f200f34f0dbea6e6e9d320d1e76c89dd0531f172f0dfc144726099dd6864e293987bfdb6f630ad9d8f5a1142b0a778c93567e539f11905b0971ed21181ed32a0c8e31cfcb2da523d327baac5c0782978500ec02ddf0f23418310fea46f2327ccc52ebe939d6c1f0388185fb3ed9da43f4825f3150f87ab055b1cbdb38836d7f873ab27953592176e06a6f78edf529a9605a582a2eea1bba30080bb71213d7edae68993a929f3783185b2a7e60895e6794750b15261b2e7975bf02ae04a1b5473df76560e98e5a2bb0e3eeee3e114e132fbf4432efb4707646295d8f63d36f33dd5455587e5d122d1418bbcedba8fada3fe8077b8e6a7ddc9b8afbbff7d3f8531b5abcb6e405d8f6d38f83f434c1572065c7a9a8d2e3ea7ca666"})

15:50:49 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:49 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000380)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x7}, @NL802154_ATTR_PAGE={0x5, 0x7, 0xc}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x15}, @NL802154_ATTR_CHANNEL={0x0, 0x8, 0x16}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x2, 0x3, r4}]}, 0x60}}, 0x40850)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:50:49 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x8, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:50:49 executing program 3:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="1b0e05005a0c09061aed58a325f63b364692e38424fd7dcff7f6809dd4b63b0b87cf00e9a88fee68f4ba5f4997a2f10f837b90badbaa19760f3af6745d3f770626b6d40eb47fe7fcf34745fe202db4faa084942fad880b561cc36701979c36cb273c8fce0f0c67a7"], 0x8)

15:50:49 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="042c11000008ffffffffffff0200000000000000"], 0x14)

15:50:49 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:50:49 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:50:49 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
r0 = socket$inet6(0xa, 0x3, 0xffffdffc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000000)=0x6)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000100)={{}, "fcf5e7a26aa8d6c9acb797fc275c448db5cee99779f634214b3d2bbe6b414114b0ed8a79bfb48a97f15902dfde9306573e46144e65acf44df886d3f3622be70461e17cc5247988672a98a614d12f480d19458c28769d3d8909701b6cb6ad8daca22b5e0653de15dd2ba6bce262a8e32082a7a0a8ef6f3153657458d6be02ec3c5898b1e895063e7502054f8e692940a66867cae28e41bc46bfd36afab0eb680c73ba164785c9771f5aa77bc2927383a0bf35cb17078ed3ae7f01c595d13cff2a9fc3a4a9b9e3f46652b23704875ab457622a9e216b7d9c1666a254f8bf6fe0ae534303a031fde962da7e89984c896c2719ff9393ddc9719f2c51109f6a96c409a658a7290677d9d90d7569e13d423d01784875fe01ce8ef95e61d77f002415b656f865f6b7dfd515c4371a44251661f9c533e327f52b687cd970cee0c3b3f73d1d5a9eaab458f07e771367ca437a2f6f43f21b8e3f1fc35858ab09cacebee02dd84a63f50e9f07b237af207d500695316a536af9dd6d381cc4f8db198c6fa74838715a83e755e6ae01339b2dec9a772cf90bd4996f5ca8a070f70a42cb622240394e24a5dec33e3210f83b50adac2a0f55b0e96b28baf40ad1c6450f190e9db61a144266b647192cadd21391df6cc66a78e202306f1182a11f37fe1b4a9b67f350e684999f6770eb4447993171379ec0a763693eb263573cab32f4b5c316284ac32ec715112832b2dbb3c39186843707bea1dfc4de4b8d827cca013460614f338d7a3eaa70bd9aa4be4ff84715efa5b42ec10ea07a978bb2749ab2bafda78c77363318af1ef431ba38b2de03bbae40533ebc96ed7cef2bdb0c164c0484fa762b652b94863716e86f10f0a83026124b95fbc2e2ddec43c052ef636e8bbf911b451ff4cd29ad67052976c7d7b9ad93c7e68e4dbfc030dca2de34d426fd59d39fd90d75d1f912f8c4d238170bdc7214703c86c6779b431c4c48a22c65f1fe3b59cc3bb4b73c4a3e981fb08da9a7b8fd2f205ebabc32d5e89a7ea106a9d293cca91f0229cb9737ae8685a76ec567458a42d05a1bc913db5bae30beaf424a1cd943127abdaaee072a82b2e426f4872846b7e77f8e46cea3e5d7b2b3a14994ce86afd7cb624a98a7d3b1df35b3ce888f14b8b25d2c9ba9270dd401471347b8b7f59ef8f83162409d63fa6630fe32ff4469cea677c9c7f57890945e0c4951499a80b7e7abe5e69c6455c9395176f88a47c1fbee73da299654c51046d1e76fa8553cc8a28e61b899bcc158858a0aa893a2218ae079031cc25516e3df9a45a79a6da5d0e4402cf77418205a19f29b9f6a788843e2cb29041018d6511d7e41e1d99a53424886eabc863a4ace84f7c2aab5f8936cc320a5ad94aa825b5d188ca7351760456791b83ea387bb969cb13d34956c0bf8a22bd7c23af4df4ef77db2b091ca68cb7b1e7ec1a8d61a8ebf29faffeff647e998c26329d3a9fc3454792a360e96c6fcd1fcc2f4fd16bc118584c633280195f027bace93baaa2a74d01733cf1824f7070999e2c63b1197f81848e044b9ef55b5455b617014a3f5a0a59825b3f6156db491d53edfd81eab427011cfdad7cdd18776888baac4e7f1d8460352aa58ec97f58968b1849a53ee6ace96ca2f8598faf0f7639c0133314873cd1f3dc5a53b2f99c11491b23bb787d11b9179496249adf80ea1d61a736344fc67303fa02364eeb3a80d60af3b270046610d267207ece6e83d0a68c7a8c9fa9dbde7664e6a4713d98cb8edcf5bfbb0acd124ef4554c9de46d3b451786f7f2a9acb71d83a8d680be40617fcd0d533b9b2860e898e23a63aa45141961904c4236331eb8eebfe2a5014244d7aa07411411ce5e122d1ee0bc5e75a8cb8f4cae5b03bb28b2e98c7f5abb5f3518565ca6830b01b3fdc9b15a366c7622462f5a297bfc7b7c78a2a619232683003064f783e26a785cc8dacdc3ccc5433201c0d83bdf55df6115b64a95d7da953d8d323529799d10efad1db396da44953b5045baba727f0b1e1de82e67b36f3e829c6dc9f972bafa4cb523c090f09d6108adb872bcb4be5dd65e2c2e3e30195a4f487737ec82d7d4edd29c9e7e45fdc278237f60300374718497dcfc843b588779ec3028469228028c88ffaf08bd2f4528fd4b02472df8f4717cb8ab3f999c28700acc59090da448c671042b315abeeb02f1b0ce8ac84d630c8ef632876e8832b3bfe1c544f93a75bf39644e492971334cafb0e4af66c9e34718958e94f512c7812ca5c7b867b4dedefc0c305d2ee4de0ca14c05aaab7282ecef06e667d6fe2e5e0e50acbbc257ff0b1c77921a87ccb2a942dd9f875727a20af029b42a2389d50f615192340cf7ae2bc4483663e4ea463216c8dce7d0b6ae841c9ea003075ade3357c3f6d439f4039912697713c317c4f499ada809437d047c97e485176c39bab4e6ab4a5d60ebbf7ad40ba90b46a771e309e4b5b70a17380a08781b57fdae945d907d24af26a06dde2790267c334adec13a0f633ccddef9f658d353520249308e4420f67ab43fa20c0602ed360f2a8635e1a1f29d58d4275cb0733a6a2c953fc10df5634e9f3e5e4573bf74f0e5f258e9403a6e64fed518fc142008bf86b23cc219a570afaa33ec323b7dd21c79625e1c98b3adca62047bec52a4d2b10b7f465dc9aeaf3145d3d36b75c1314a121c0247bfaeacfef1f566a7e9dc6a471bda119a535a1eb3a91585c4381f1a70789932909eadfffd47b810610550b7911f341f6e98737f6fe2d27a9c5ddde8d66f7d7d2452a1ed72d0a5608c3bc882aa4a4628056991218a73bbd9cd5765b851ecbf7bcc85bed719b3404cd5211e9180d5ebe50f154f0e3f542af6d527cc1ef5ac82d9f4934b27972e31be8bb64607d9eb71dd6b2f03f8d5f7b82baf2a296443ff6341ee36b6ddbb291206003824311d4f6979debd299e85652db1f9e95ef18067ef0d63306e3576b310b2f6126043b0497d6c45196871008cf16191fbb338b5decbdb2a0d2bfc9e989ea558eae6ad7bb8a1d258d8f1ccab6eaadaece08de63d7ff672481e9839777ea8e06261a8589fd244cfc22984e3a62977a4a01c381583b85f16b14b47f9858d9c6c9e69c6b40f83402a6f46566657b216871c6d35ade675ed30b0aaae1e2ad275cf59934435cfc49ddb8b850f6dbfdacfb08d03ddd30a670cff6ad3092888b225c6d9f71b8fdbebb1cedd1e17f2d401616c112d6772766b2c1dfbc7f226dee5f2af1373c7cf16408ab631b89a2f619b21cad0e53d69caf1b0666708c70d3c52fc34b393af30d07daa28388971044ea6e89cda0bd12f87c4b14c83b362e098ac9d37ba7204b6ef2efc3cadd0550d6c2710eeea8648ec870b183ea6548ca54edf76e7ba654f153b0f1f4a1f5b0396b0de4aaaab5bd81cbca64ee7c40adb8f157f95f79b502af802d2bfb7703d81d6d8a5dcfe5421e6a94e822b3e000c87e9d27b3263c8d014e7ac35f5113066bbf793b969ce980c3be32d61d16cc312e410c86c2e02e9c14ff6b955bc4b0a6f59df53feb5d1352ac49e47dbd6d59b2a220e6fa54177aa596e14fed4789752c4e1bcd19e37f9fef9018c08751e526d8b1e153a9c21c27171e4f891ba8a8ab66f375219b1608f0ce16cae3e93cdaf18d3961cf0170bbdf69967e7a41119b5c0083a5180f83cc99c194bf12d9ff966ade7609ac78ef3cdbdf89d51f563a9c061c2c19234c393725f8690fa537208e0dfe907fc3b9de59ca5308e22d7f8d8835daa4d529d06fb2601e3c993049e40fd80c628cecfc2e45ad2df9ce55c16201d94ed9960e443219fe0ea51bb5fe1e022e7ee730899e968c300c46596f2bbfe7057787d8866c3dcd46f7c08dac668112f2e5c535a90326eb2b98ea9b79bdf443a45b4df9f8f73370af377a78d76afc804699298c15e0cdf2842ed7364609caba8ff101dc837d759f183d27ee1dd4dfb39d29abe673a6dfad653c5ad111f58af8da8b3e175c751234e3fb72fcb7e7efb3b35548d52348f80ca2241272c62cc6f5934284145e7bfc788b1d47c724ea1108498c930b313a6bf06c0a7a927dcdf5ec684c5ea34ac28eb04eb257b13cd2181959853e9a0882772a6e62745a74aee383aa97a0879975d58b681e29a5914885f4f9c24b789a5994bbec9b124aa10beb6798701da6775a85fce56b3ff24aa1d52a3d107ce320d817aec01e59140ea5c2e8e034cfbdf2fbad8434959a0fca21aea94c4d41dcc67edbb9739be8133d9d5b2207a31e30428daed1a1e819b665deab708352133e50f157ac26b2e6faa5026574841eb7971672b0b334a3986b1f69bcabba58709e0437a4b12c1a8ba1b27c26f2ba08e825220943c92d28fa8da82f0c562909cd4b9d1e5640d0f7fbdd9112ac9f5aa8f33e150ea60b5e4e6ef7ef849920a736626a0fb293771d21ff96b56c73863498a8602514b90be0fc233b1acfb31cc4192db24c0cdeb5c76c01e0cce47ac4804dfb60361f8b67f9852c5744b089d411e4f870880931b5f5ff9ca4e6a2e3e2f47d6863871d262d7d815b2423a0a255460e7aca1e669661db6e415f49843edb466a2aa02f5a0f3da6292dff4b2e34d0e771b49276d05478d83d77c78e57a9e484f1226bac36303cd7b034195c22ac342f69300b2d70d25cfe9bb76f77c8df85be5ce82283830a55bbcccd9cf9c30594f26b4e4035acffe0bf7bfd0896de50c1224131f70b4204eaa9eca83807338f18d87f3e912948f56f6118c4744a9c72b0b27702c543d08f05784a6fd2488e92f2398334081fe2002a3a3585b401ba3e2912a913e6e88551acb444101c6a942011b0df7e1b0705c21e473ace3430a4c78da7033089275e41c2b03969b9c8bb982e19c8231ea82e2b2d8c0cf7f3840aa61c1796f956ec8481bcd23dc6c18ef8ab2d6f8789999ef30e9237f713d8f1198c0ba1a4b1c48cad16e513321f7d31629e976185053223a6847ea01b84a1ad2eb2df6788f84d084c5cbd9601e20810134ba3a7d069bdc441f11cd7e9fad525478944a44d10a765b36cb8c73d8d01104df21c953b4009fa9b31cb7315e0db42bbace5c9c129403be33134755a8ac72945889d0f641ef775e6fb778592ffe5d5635596bcf7b0801fd71996587bce2a52f60df602c6b653b79a7db5b75f4515d5ae021711f01a4b7bcf9635ced3a1a41dbd65f8818248171d8c367dc640e5c2999187da1a9805a1254bcfef4742c876643cfbf197744ecea87e9f11baab17fbcb745bf2d60c07382d4e3a897cfa03e7771d2b4e527a0009087ffb9fded1d37c2e027fdfc517e8aeae57feee8e5b332ea8a5355124cf56fed16b63de521512ec62ac261fe45ce53b51ae0e7e03cc73c8523603c3c35ff88056390152bc33a5c9abf3f63f200f34f0dbea6e6e9d320d1e76c89dd0531f172f0dfc144726099dd6864e293987bfdb6f630ad9d8f5a1142b0a778c93567e539f11905b0971ed21181ed32a0c8e31cfcb2da523d327baac5c0782978500ec02ddf0f23418310fea46f2327ccc52ebe939d6c1f0388185fb3ed9da43f4825f3150f87ab055b1cbdb38836d7f873ab27953592176e06a6f78edf529a9605a582a2eea1bba30080bb71213d7edae68993a929f3783185b2a7e60895e6794750b15261b2e7975bf02ae04a1b5473df76560e98e5a2bb0e3eeee3e114e132fbf4432efb4707646295d8f63d36f33dd5455587e5d122d1418bbcedba8fada3fe8077b8e6a7ddc9b8afbbff7d3f8531b5abcb6e405d8f6d38f83f434c1572065c7a9a8d2e3ea7ca666"})

15:50:49 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendto(r0, &(0x7f0000000000)="556aa1b968265a58cfa7f48f4c9be1bb33fb0e26c136dbeb513b9240c2d2e31d20ad6809846e9d7ef0b2f8c08f6531422edd1abf32e32d9594fc441a5703910e3e5f79f5d468dee11856702deb9f9bae4328c453fc", 0x55, 0x0, &(0x7f0000000140)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x80)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c820b900b50001000a4002000600100504009b00040005ff1100ffff0901000004090006080800a8000aa4810604000300c8060bff8600c0000800bcdce2b07bcb5d038dbd11cdbe544ac445ac7c3cb82d5abfddf54d74456fd99ab71f503100000000440600336ce943d0160d64957ea32790730eb9423fd35eed95b91858e9b2d1076a9e5a780f8733b15b8a7f23e4eed9977b26e6970acffdf258e5294d2005f387ef67ad605a4403175f89dfd4c31c0a8c55b2f6ed19d06b08fd0c4ae87ae77c02f5d5c59b259b65335dce70455a17e0518ea0c9a6bd3d17244a4203491a7aca"], 0xbe)

15:50:49 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e050058090906"], 0x8)

15:50:49 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

[ 1575.586756] Bluetooth: Unknown BR/EDR signaling command 0x81
[ 1575.587790] Bluetooth: Wrong link type (-22)
[ 1575.600264] Bluetooth: Unknown BR/EDR signaling command 0x81
[ 1575.601211] Bluetooth: Wrong link type (-22)
15:51:01 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xa, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:51:01 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
r0 = socket$inet6(0xa, 0x3, 0xffffdffc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000000)=0x6)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000100)={{}, "fcf5e7a26aa8d6c9acb797fc275c448db5cee99779f634214b3d2bbe6b414114b0ed8a79bfb48a97f15902dfde9306573e46144e65acf44df886d3f3622be70461e17cc5247988672a98a614d12f480d19458c28769d3d8909701b6cb6ad8daca22b5e0653de15dd2ba6bce262a8e32082a7a0a8ef6f3153657458d6be02ec3c5898b1e895063e7502054f8e692940a66867cae28e41bc46bfd36afab0eb680c73ba164785c9771f5aa77bc2927383a0bf35cb17078ed3ae7f01c595d13cff2a9fc3a4a9b9e3f46652b23704875ab457622a9e216b7d9c1666a254f8bf6fe0ae534303a031fde962da7e89984c896c2719ff9393ddc9719f2c51109f6a96c409a658a7290677d9d90d7569e13d423d01784875fe01ce8ef95e61d77f002415b656f865f6b7dfd515c4371a44251661f9c533e327f52b687cd970cee0c3b3f73d1d5a9eaab458f07e771367ca437a2f6f43f21b8e3f1fc35858ab09cacebee02dd84a63f50e9f07b237af207d500695316a536af9dd6d381cc4f8db198c6fa74838715a83e755e6ae01339b2dec9a772cf90bd4996f5ca8a070f70a42cb622240394e24a5dec33e3210f83b50adac2a0f55b0e96b28baf40ad1c6450f190e9db61a144266b647192cadd21391df6cc66a78e202306f1182a11f37fe1b4a9b67f350e684999f6770eb4447993171379ec0a763693eb263573cab32f4b5c316284ac32ec715112832b2dbb3c39186843707bea1dfc4de4b8d827cca013460614f338d7a3eaa70bd9aa4be4ff84715efa5b42ec10ea07a978bb2749ab2bafda78c77363318af1ef431ba38b2de03bbae40533ebc96ed7cef2bdb0c164c0484fa762b652b94863716e86f10f0a83026124b95fbc2e2ddec43c052ef636e8bbf911b451ff4cd29ad67052976c7d7b9ad93c7e68e4dbfc030dca2de34d426fd59d39fd90d75d1f912f8c4d238170bdc7214703c86c6779b431c4c48a22c65f1fe3b59cc3bb4b73c4a3e981fb08da9a7b8fd2f205ebabc32d5e89a7ea106a9d293cca91f0229cb9737ae8685a76ec567458a42d05a1bc913db5bae30beaf424a1cd943127abdaaee072a82b2e426f4872846b7e77f8e46cea3e5d7b2b3a14994ce86afd7cb624a98a7d3b1df35b3ce888f14b8b25d2c9ba9270dd401471347b8b7f59ef8f83162409d63fa6630fe32ff4469cea677c9c7f57890945e0c4951499a80b7e7abe5e69c6455c9395176f88a47c1fbee73da299654c51046d1e76fa8553cc8a28e61b899bcc158858a0aa893a2218ae079031cc25516e3df9a45a79a6da5d0e4402cf77418205a19f29b9f6a788843e2cb29041018d6511d7e41e1d99a53424886eabc863a4ace84f7c2aab5f8936cc320a5ad94aa825b5d188ca7351760456791b83ea387bb969cb13d34956c0bf8a22bd7c23af4df4ef77db2b091ca68cb7b1e7ec1a8d61a8ebf29faffeff647e998c26329d3a9fc3454792a360e96c6fcd1fcc2f4fd16bc118584c633280195f027bace93baaa2a74d01733cf1824f7070999e2c63b1197f81848e044b9ef55b5455b617014a3f5a0a59825b3f6156db491d53edfd81eab427011cfdad7cdd18776888baac4e7f1d8460352aa58ec97f58968b1849a53ee6ace96ca2f8598faf0f7639c0133314873cd1f3dc5a53b2f99c11491b23bb787d11b9179496249adf80ea1d61a736344fc67303fa02364eeb3a80d60af3b270046610d267207ece6e83d0a68c7a8c9fa9dbde7664e6a4713d98cb8edcf5bfbb0acd124ef4554c9de46d3b451786f7f2a9acb71d83a8d680be40617fcd0d533b9b2860e898e23a63aa45141961904c4236331eb8eebfe2a5014244d7aa07411411ce5e122d1ee0bc5e75a8cb8f4cae5b03bb28b2e98c7f5abb5f3518565ca6830b01b3fdc9b15a366c7622462f5a297bfc7b7c78a2a619232683003064f783e26a785cc8dacdc3ccc5433201c0d83bdf55df6115b64a95d7da953d8d323529799d10efad1db396da44953b5045baba727f0b1e1de82e67b36f3e829c6dc9f972bafa4cb523c090f09d6108adb872bcb4be5dd65e2c2e3e30195a4f487737ec82d7d4edd29c9e7e45fdc278237f60300374718497dcfc843b588779ec3028469228028c88ffaf08bd2f4528fd4b02472df8f4717cb8ab3f999c28700acc59090da448c671042b315abeeb02f1b0ce8ac84d630c8ef632876e8832b3bfe1c544f93a75bf39644e492971334cafb0e4af66c9e34718958e94f512c7812ca5c7b867b4dedefc0c305d2ee4de0ca14c05aaab7282ecef06e667d6fe2e5e0e50acbbc257ff0b1c77921a87ccb2a942dd9f875727a20af029b42a2389d50f615192340cf7ae2bc4483663e4ea463216c8dce7d0b6ae841c9ea003075ade3357c3f6d439f4039912697713c317c4f499ada809437d047c97e485176c39bab4e6ab4a5d60ebbf7ad40ba90b46a771e309e4b5b70a17380a08781b57fdae945d907d24af26a06dde2790267c334adec13a0f633ccddef9f658d353520249308e4420f67ab43fa20c0602ed360f2a8635e1a1f29d58d4275cb0733a6a2c953fc10df5634e9f3e5e4573bf74f0e5f258e9403a6e64fed518fc142008bf86b23cc219a570afaa33ec323b7dd21c79625e1c98b3adca62047bec52a4d2b10b7f465dc9aeaf3145d3d36b75c1314a121c0247bfaeacfef1f566a7e9dc6a471bda119a535a1eb3a91585c4381f1a70789932909eadfffd47b810610550b7911f341f6e98737f6fe2d27a9c5ddde8d66f7d7d2452a1ed72d0a5608c3bc882aa4a4628056991218a73bbd9cd5765b851ecbf7bcc85bed719b3404cd5211e9180d5ebe50f154f0e3f542af6d527cc1ef5ac82d9f4934b27972e31be8bb64607d9eb71dd6b2f03f8d5f7b82baf2a296443ff6341ee36b6ddbb291206003824311d4f6979debd299e85652db1f9e95ef18067ef0d63306e3576b310b2f6126043b0497d6c45196871008cf16191fbb338b5decbdb2a0d2bfc9e989ea558eae6ad7bb8a1d258d8f1ccab6eaadaece08de63d7ff672481e9839777ea8e06261a8589fd244cfc22984e3a62977a4a01c381583b85f16b14b47f9858d9c6c9e69c6b40f83402a6f46566657b216871c6d35ade675ed30b0aaae1e2ad275cf59934435cfc49ddb8b850f6dbfdacfb08d03ddd30a670cff6ad3092888b225c6d9f71b8fdbebb1cedd1e17f2d401616c112d6772766b2c1dfbc7f226dee5f2af1373c7cf16408ab631b89a2f619b21cad0e53d69caf1b0666708c70d3c52fc34b393af30d07daa28388971044ea6e89cda0bd12f87c4b14c83b362e098ac9d37ba7204b6ef2efc3cadd0550d6c2710eeea8648ec870b183ea6548ca54edf76e7ba654f153b0f1f4a1f5b0396b0de4aaaab5bd81cbca64ee7c40adb8f157f95f79b502af802d2bfb7703d81d6d8a5dcfe5421e6a94e822b3e000c87e9d27b3263c8d014e7ac35f5113066bbf793b969ce980c3be32d61d16cc312e410c86c2e02e9c14ff6b955bc4b0a6f59df53feb5d1352ac49e47dbd6d59b2a220e6fa54177aa596e14fed4789752c4e1bcd19e37f9fef9018c08751e526d8b1e153a9c21c27171e4f891ba8a8ab66f375219b1608f0ce16cae3e93cdaf18d3961cf0170bbdf69967e7a41119b5c0083a5180f83cc99c194bf12d9ff966ade7609ac78ef3cdbdf89d51f563a9c061c2c19234c393725f8690fa537208e0dfe907fc3b9de59ca5308e22d7f8d8835daa4d529d06fb2601e3c993049e40fd80c628cecfc2e45ad2df9ce55c16201d94ed9960e443219fe0ea51bb5fe1e022e7ee730899e968c300c46596f2bbfe7057787d8866c3dcd46f7c08dac668112f2e5c535a90326eb2b98ea9b79bdf443a45b4df9f8f73370af377a78d76afc804699298c15e0cdf2842ed7364609caba8ff101dc837d759f183d27ee1dd4dfb39d29abe673a6dfad653c5ad111f58af8da8b3e175c751234e3fb72fcb7e7efb3b35548d52348f80ca2241272c62cc6f5934284145e7bfc788b1d47c724ea1108498c930b313a6bf06c0a7a927dcdf5ec684c5ea34ac28eb04eb257b13cd2181959853e9a0882772a6e62745a74aee383aa97a0879975d58b681e29a5914885f4f9c24b789a5994bbec9b124aa10beb6798701da6775a85fce56b3ff24aa1d52a3d107ce320d817aec01e59140ea5c2e8e034cfbdf2fbad8434959a0fca21aea94c4d41dcc67edbb9739be8133d9d5b2207a31e30428daed1a1e819b665deab708352133e50f157ac26b2e6faa5026574841eb7971672b0b334a3986b1f69bcabba58709e0437a4b12c1a8ba1b27c26f2ba08e825220943c92d28fa8da82f0c562909cd4b9d1e5640d0f7fbdd9112ac9f5aa8f33e150ea60b5e4e6ef7ef849920a736626a0fb293771d21ff96b56c73863498a8602514b90be0fc233b1acfb31cc4192db24c0cdeb5c76c01e0cce47ac4804dfb60361f8b67f9852c5744b089d411e4f870880931b5f5ff9ca4e6a2e3e2f47d6863871d262d7d815b2423a0a255460e7aca1e669661db6e415f49843edb466a2aa02f5a0f3da6292dff4b2e34d0e771b49276d05478d83d77c78e57a9e484f1226bac36303cd7b034195c22ac342f69300b2d70d25cfe9bb76f77c8df85be5ce82283830a55bbcccd9cf9c30594f26b4e4035acffe0bf7bfd0896de50c1224131f70b4204eaa9eca83807338f18d87f3e912948f56f6118c4744a9c72b0b27702c543d08f05784a6fd2488e92f2398334081fe2002a3a3585b401ba3e2912a913e6e88551acb444101c6a942011b0df7e1b0705c21e473ace3430a4c78da7033089275e41c2b03969b9c8bb982e19c8231ea82e2b2d8c0cf7f3840aa61c1796f956ec8481bcd23dc6c18ef8ab2d6f8789999ef30e9237f713d8f1198c0ba1a4b1c48cad16e513321f7d31629e976185053223a6847ea01b84a1ad2eb2df6788f84d084c5cbd9601e20810134ba3a7d069bdc441f11cd7e9fad525478944a44d10a765b36cb8c73d8d01104df21c953b4009fa9b31cb7315e0db42bbace5c9c129403be33134755a8ac72945889d0f641ef775e6fb778592ffe5d5635596bcf7b0801fd71996587bce2a52f60df602c6b653b79a7db5b75f4515d5ae021711f01a4b7bcf9635ced3a1a41dbd65f8818248171d8c367dc640e5c2999187da1a9805a1254bcfef4742c876643cfbf197744ecea87e9f11baab17fbcb745bf2d60c07382d4e3a897cfa03e7771d2b4e527a0009087ffb9fded1d37c2e027fdfc517e8aeae57feee8e5b332ea8a5355124cf56fed16b63de521512ec62ac261fe45ce53b51ae0e7e03cc73c8523603c3c35ff88056390152bc33a5c9abf3f63f200f34f0dbea6e6e9d320d1e76c89dd0531f172f0dfc144726099dd6864e293987bfdb6f630ad9d8f5a1142b0a778c93567e539f11905b0971ed21181ed32a0c8e31cfcb2da523d327baac5c0782978500ec02ddf0f23418310fea46f2327ccc52ebe939d6c1f0388185fb3ed9da43f4825f3150f87ab055b1cbdb38836d7f873ab27953592176e06a6f78edf529a9605a582a2eea1bba30080bb71213d7edae68993a929f3783185b2a7e60895e6794750b15261b2e7975bf02ae04a1b5473df76560e98e5a2bb0e3eeee3e114e132fbf4432efb4707646295d8f63d36f33dd5455587e5d122d1418bbcedba8fada3fe8077b8e6a7ddc9b8afbbff7d3f8531b5abcb6e405d8f6d38f83f434c1572065c7a9a8d2e3ea7ca666"})

15:51:01 executing program 5:
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:01 executing program 3:
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000001080)='.pending_reads\x00', 0x8000, 0x40)
mq_timedsend(r0, &(0x7f00000010c0)="dccf8a88b274d97ef284d1a9c3895f2c4fff696eb713f996942f63a78ad074e5fb3109d90dbd76f684c536097cf38c406ffd2e76ccdc679236ff69275eaeb63f3e008ed55ea4c0042b2ea4d3ace0c585cdd7e6e1615bc3ee13eb5332be1b0795487965c48351314514d8026850d5ea8b17354f9243ea03af9928199f891ca696fc2e40db31fe961a5245cdb1d4096e997c62736d3dbb9e3b6e22e020bc2d98ed4520244e5053fee7f4fc0ed46218ca389600", 0xb2, 0x0, &(0x7f0000001180)={0x0, 0x989680})
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', <r3=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev, r3}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x89f5, &(0x7f0000001300)={'ip6gre0\x00', &(0x7f0000001280)={'syztnl0\x00', <r4=>0x0, 0x29, 0x1f, 0x6, 0x101, 0x5, @loopback, @mcast1, 0x7800, 0x7800, 0x7f, 0x80}})
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'sit0\x00', <r7=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r5, 0x29, 0x1b, &(0x7f0000000000)={@dev, r7}, 0x14)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000018c0)={r4, @rand_addr=0x64010101, @rand_addr=0x64010100}, 0xc)
sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000001840)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001800)={&(0x7f0000001340)={0x49c, 0x0, 0x10, 0x70bd27, 0x25dfdbff, {}, [{{0x8}, {0xb8, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3971a1c4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8}, {0x1a4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7fffffff}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xfcfe}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x101}}, {0x8}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x7212, 0x80, 0x6, 0x7f}, {0x4, 0x8, 0x1f, 0x81}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8}, {0x214, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xffffff7f}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xff}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x193}}}]}}]}, 0x49c}}, 0x20000044)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x81, 0xc9, 0x80, 0x5}}}, 0x9)
openat(r0, &(0x7f00000011c0)='./file0\x00', 0x101100, 0x40)
openat(0xffffffffffffff9c, &(0x7f0000001200)='./file0\x00', 0x0, 0x12)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "fff79747466eff80a4c46845541bbc91a073444788554d4283ac2c6069749a78903f0bed8f783577fde57b867f464fea014ae8ebb243bf10a49e5af5351bb762fced930e3d9ab1fef3ee2efdb26d9b5b370b88edd1fb434193b96ce5f18cb16cf8b7673643a10057dfcb581a6391f7f7c78ef5dce38600d433c5c80ce09fc3e6de3bcedb716a504d55998720b86dbedcd72228d19d88285ea42f1d067d3b930de9177dbac39a42e094ff9d8faeb7f95d86e218b7be2bde11e3fee3b46f33c7f1e7e1ed93e5dca08ee93e13a3ba59114c4051f3c8c44dfd5bd41bedcb33eb59f9a76e82809fa24854824de994443802aea3606e273802835ca379f4acefce05473dc3f4857db30a240eea7a82db57c385e2944257b53dc3f9d5707ca7b47dc02123d01417bc5739284a7ed9793d9b05bf47af921a0720c5b4cbeec3d3335c12b643808181ee3ae3a11f7704c9c06bc739f56b53021e9420eb411892610b4db574657134df8295cbbaab8bb2f9d9dfff6ec7622e15945febedac852d5f6f48af9802a0eadad131f9113fd95565ec5b7968e8554f73036ca08158c62d8d662b2b5fb6c7bedebb4f52d6e87d7a21eeaac1247a7ca30261f6a0b58412c380f6f24a3d88434e3bcc085e25c10bff77659514d61a08af7590a33c7612035b75ecbe636d03dcef40fbf92fc3bc74153e1cbf524d5fa43c1c60855e9958c571cce99e2b0669c3b3f2b59c26304434a41c6697add6468be649047e245b52afd7ef0994d40f618c682651958132204ac60029d924ecc5b1842f5c55e448bfc4659e581ece74bfbab4ff096898a658ceb93434a05ea5023465ad9fc05e1aec79b3f2915012c6308db39a711d14c4b0aa5ee77cc8de56e8aab9bd34cfd74e66d8eb1b6e74588fadd34fbe8dcad6e8d2280bada5be32b1e3ea8c9c1e90419eb09ace8a80a4bd75557c638c0eb46b947087c3e0fb0187636b3fb48fdaff90e68f55636cae9f17badce1b2e7a4624d8081dd2d2612ede912cc7d2032c1cddd92ea8a18df17297bf311e9e320e0e0f0910f992414e3ab9a3b8f2cad8dc92358d3f3d97b9379afcd3b64dc5e00b7a365f398f6541f84e2fbb2e8817b711d94ae092e27e8134f2e8995b7331fcb25a40d0e99665392481ae1146054542d744ef0564d0e16f9eb83d3cb5b473124d2a5a96696a958aad75bcd71d42ee1ec018dc53c1f4d7ba8033ae79c69f7b9e361a9e46d0466fc8e4a55d5f45a72e568d73417e9342c5112643dea0127fcc175146ef822cd405229b773349f3e40ed56de537ea1d796fc3f09b8757631646b7bd701326016b4638ef547deb2e1a97f82212ea0acad02e9cf2db075ecd49f1e3725a5ba3c71414e3c4bae0dde1c0af647468f4ffa05ae3c9c6ec186ecb3b657f163bbde1d6b40ef053a90916448605de78c816249583c278a400e0a51024e0b69dc1cfa40516efb693d3ad447b808dfbff65758ea065c774a12cf2083f536bc477a7cb970152e9f4ea86404a39d67a9af6e621a1f11f5db3f50ac88e4f050954f27a412accb634c32b93dd0326f976492aa313e022b07754248026136358720968928be0970c46ae140b1102e274f40be628505371ddc5506221e653781c39936fd59663734fa2d7bec8929afb2ac2c1ecaf8b7b7e632deab4885e7f459f340f7be77f9d77091cb31df685d78aa97120b3c361c1edac9a7f5df080e0f409443f09f35f250560bea66980b075d968e5d5307fcf420145d5dbdb1a33ebbb26cc984111c772223115ce25ba17369d640537682a5598fb73aca70aaf706e7e0aced6b9bf815d2d11c1c228bc7727690b7dde5696d028995b4daaa0854f4b0296aef832244d7dac733828938fbe2ed0015697e14570ea4fb2e0db6782457158d81878a8f5ff32ab9350abfeaebe817119ede5e737f78068646f6c5e28779350fce981b361024d7f98027fa2443b54ab7b0f83e2a3831ec3159d7ba10c946c862461b66626f949f9d706f9e210332c58cd6f10e85eeb0b3454af419fec05484f7e4d0ffc3745f4e603fddb50616f7bc223ae0428584b31925eb39ce6bc704c76f647a73b521a32184d757f14ab4fd698126fc1b24b61f277da81e4ea3820c2e5a570371c2ff1ec16167861430e5437cfba0c2a8d790be4fb91f50669ad017a4ce42bb2a77b40670441ac9c0b788aae7905f2e0e9a3ca4c3d5baec49d301b34616afee028b23a973cae4f12658163310bb1fb23613723edd8804d0f14bbfe895a45807cc39f3747ae4ea3348470988a076ea68140cf2a94c66e0c04acef53deb651c08bb7a6dbfc97481af34ffb6ce313eef8e8e738ffa2b3370cb39c945c7ab8174f773bbe4a9461ad0a7801e146de32f0cf689c87d8ea59479b0c04ba9e82216222518b2979b7b16927dae56cff3c41c5b777b3002778b56d68125b8674c2c4343d16a6a438d24dd8fcd7a7f7cf62c16b022ddf9ba58c1fddadd7a0fb0ec7e2d1b5dfa758bee5322ab230ad7cd32bfdb8775ce6a79b705f43f12cf9918d99c703c978120d1672fe0845030cef848c23ce04df76093d3e139eb0fa8c9c697eb7bd44fcd448c8dfbcebf208554db5f49d47302f6ff7f44bed127a1a2ca96d2e57d84a4c3538b9461eee5e72b93be28bed5f7ce897293822bb4af5bdd404df1684c6456040c21c47a6883034b11406ccea2430171287cf6557e4e2bb888f466f89c2d73b0d34b69c25fb6fa0435ab32c7c0eaf20ccaca89a47428871fa4762afa65b79786e9bca747db9f389bab34c0f9c1f48099972a9d21c10d575f35d0040392b576ad8b55d9700c7dd1a6696db104dd3c82fca29c2fbf7db549dd43c54459723117854c8d5af5326d79fe7d427579541e29e2e8253e349d16c422cb2c5229a4ab863843cac71745d1f518e590d4fbd7507e1c05d4ea8c1b1a53bbf7d2bfb826b754031804b558b890dc5a5dc62f191177f0748463b40ba3ed0ec3076109baa1d8e4c4f51e41a525583bd2870d13ce863f2d7c5311da4e813e4b82fbaa63f7019122463e7903c6457d701266eb3481c87b73f040b1e59a3555ccd64dc487827d91468c95d2f0c1396f7584cfbc0521174e6486221128f2c72fa845c31d41d620c8b72cff3e446e8fa871ce292d17a1e5cdcca37893090e289ce90691e81f2615c9affb0756f412a370415716040242f22144ea3c85800de1d7b79aec30183279d5af3de14be24a90253568f1b1a9746669bbdf03db33ee6fe32dc5a766658c9b7a36db7983a055c61bc51bf2bef16e851b27b63bba551eeec7f7ad8032bd173fa9bae85f93f8c81ce894d337eefed66949944dbd70c6b233960aec0a4a455c346e7266ff72b6d6b6c7f7e5903a21e54117a74f3eac2435e53727d5ea61a9830a1dc14d4dbb41bbd3d16e197b446ca0d74e8883da115a3db1552639d8fdd6b0561749b77dcdadb35955da21b1ac0e5bf58087460cd990c2e8db113f1aa1a282a6bc12b711b77316d7ae5a3b04ecdc17ceef5229bf826af91eea86b11b1a9663053bd2d9c53d0e72912be7fa47fdb6c26a173ad877feab7260ce29ca4b7dfc9e7066d11735a648e0c3dbdbed461ff8d91d6be179076bf057721745dade1cab0e2cfdefa59caa220f8ea77ed8f9685f26811c14cd0617a462631e7afaebf7c18424fcc8b20c142b619bbf6e611b32369a54c1a55d848f52767d65c6d8997c48710880cfe1da1766f820ac94882e80c39a7a5e505a8b3ea754ed7aeac312e263c591c850ea1906c46907da500c65be5d81d4893ac72138485cd5268d66ec3bfd93572b51a0888f6913cd8eb083000817e828478bcd1b31d950a06718e283bb66b034da447d644d7fb61a24ad984c2d6f28c2d33865c9ec05f455223156e667e3dda8f13590a2c348b0778efdec9c509c5edf782b128aaad743c75e0234bfce803453b0a4d0aa68bfe5e1d653f886519f14edd5ecf3295d980f0f6c209e0b88f618a2d497e1b84cd97f00e3e66f08f5bd91dcf8a06738a5b94aab77ae10c1188f75ef31171b24fb2947d3a47591ffed39b4a568e605378c220c38535a5a913465b06f03fe87a967dae29cb3cdb88942f1aedac360d2bc0d06d5db4d723cee930d5f15b139cadd2c946d6fb295dc810351e9e1b87f8ba56e24b331ff88d03f23d69c2a8e719a5a1a0164456afac555ea1166ddec780f114f429ca9d87bbbcd46644b579aad8a40d1078f18984da91ca5a0a8c7db29832a888364ee41f998faf6b17a45832086210aa7d9c6c33cac9b5307bb2c30750fa2fd00fa059dc8d6ea7300f3752830a9e0385d3098a17fb3e1ce2975b4dbf7b0a93b2aa8c0f2156d9928d345d0ff8cfeab9d746fbe69a7258ae79fc407f4fd57632245f76a8695028a9e59c2ccaed265a447174a769372f50d78daf98c2a098f1ad06d8a16fc6fc10ffb8caa1a767f1bab7f6ce6e71440a1798a0d821b517d06f299bf4dfae28eacd435511eacc969fd7dde1d947d5a256ca54eba8e7b2a7e40e2828ef78beaad80d3438775e5aa6a8ba0d0d0c0729f60a30376bd2a5dd0ebf62aad907ec90c4393429d5c19e7accd5327784762493e61aa3b91e1dfaaa8f439c8e826f409035c608b806a317017c5428aeef28b3f3e4e5f5657788503804a42be69677d00532a28e798e75fe67ed1fd9e0c10ce89b520c8de025c283b01f64bdab989fe98b183026f477e5e50f9595bfe29f245cc6e8b629b09519519096556eab092c992efc08d8d6ec548b63d84a01bacd2bc866773325226fd393bf8c15d107b8adfa878c831c48dac2eaa30fab4f7d9b54f6069f4f512ae107980076aa979448f7c5208b24b296fa3af56b3323553cc19c031e05197a291c72e164d31a1a23629c80c2c6ae78435c3a9bf9345a23b0cca619c017bac6e0df72cdecbafa217c2dd0913cdfaf1d768262d2e5c58955e04902c3297c4cdd6334c37dd477f89612e4d23afbc7b503e48f0f690e473d2665d5595a79fdfdd63dd694ce9efa26ab1afa1238ac70f8d822df3a313751aa55cbfcdade7fa197f13f9ffc44b5f8de34de1a9b9a70570ee0f424eb3c3e88c371de248a197e65a9fa810ef45397a7d83e4818de086c50685594c8397193a8f8661928a588dce9b5be09529f1792b4c279d1ca7d85a4e3d5ea6531a73616ca1a1956eac2280282ca900ee03610aa1e1a4f02281764276d78e1ee6f4e0790c061546eeb34de6f92e3d33c934aba3540b965898c38347c6e2db35fc5494dde9b3d5e9ba81a05b7e2178605f2f50d4c8226072a996e15e0bc38aa7fab812a35ee75b2284a8c51d546e747ce5eb417eab634a2e1e518a0ec14499032851f8004644fc687ec3cb7ed528219ef8d66c200e245555f454e17f5420b321eb534ef6547a423b827014c2ea6b130340585173ff6c4452ec3e97b92b8d5b1c6f12e67118b3b55b9443f2f808afac7ff021f85cb722551f43d752a4f346e61f1242605dfebc0772d60ccd1fd5245dddd1d18617637c4defc80f8aacb7f683f3c7f4106f4b29eb33adea318e7b171b60027c557457b77c5b1e6c44d3042b9cf07f4c535a63fddfcde2674de4ced87297707c0de9df63f1c6d8b8463ca687bbacf812ebe828f426432b554aeabaf935023235908c9e46c35173992a1823b0e6050c8eda81ce7d1a3928f9f74b5201d639b774381a0e07619fb100faced0a098e41f9542f5b1e1b61647de826b6058e62bca56684532e8e7339147cff7e8bcad5662a2960066b160621f56f0e3fb008fc11918311aa6f69205188b84e1bcdc427b2a6e86"}, 0x1004)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000001880)={r3, @remote, @dev={0xac, 0x14, 0x14, 0x42}}, 0xc)

15:51:01 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000000080)={0x8001, {{0xa, 0x4e21, 0x9, @dev={0xfe, 0x80, '\x00', 0x27}, 0x78a3afa4}}, {{0xa, 0x4e22, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}}}, 0x108)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:51:01 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "04f670", 0x2}}}, 0xd)

15:51:01 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))

15:51:01 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:01 executing program 2:
r0 = getpgrp(0xffffffffffffffff)
wait4(r0, &(0x7f0000000000), 0x2, &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)

15:51:01 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendto(r0, &(0x7f0000000000)="556aa1b968265a58cfa7f48f4c9be1bb33fb0e26c136dbeb513b9240c2d2e31d20ad6809846e9d7ef0b2f8c08f6531422edd1abf32e32d9594fc441a5703910e3e5f79f5d468dee11856702deb9f9bae4328c453fc", 0x55, 0x0, &(0x7f0000000140)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x80)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c820b900b50001000a4002000600100504009b00040005ff1100ffff0901000004090006080800a8000aa4810604000300c8060bff8600c0000800bcdce2b07bcb5d038dbd11cdbe544ac445ac7c3cb82d5abfddf54d74456fd99ab71f503100000000440600336ce943d0160d64957ea32790730eb9423fd35eed95b91858e9b2d1076a9e5a780f8733b15b8a7f23e4eed9977b26e6970acffdf258e5294d2005f387ef67ad605a4403175f89dfd4c31c0a8c55b2f6ed19d06b08fd0c4ae87ae77c02f5d5c59b259b65335dce70455a17e0518ea0c9a6bd3d17244a4203491a7aca"], 0xbe)

15:51:01 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
socket$inet6(0xa, 0x3, 0xffffdffc)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x6)

15:51:01 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x82, 0x2}, {0x100}}}}, 0xf)

[ 1587.582852] Bluetooth: Unexpected continuation frame (len 10)
[ 1589.373007] Bluetooth: hci0: command 0x0409 tx timeout
15:51:13 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:13 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:13 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x10, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:51:13 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="e6ff00000000000095554813c4d71001f45b058a274e3a8342cf979cbe6203bcc4d58ad021150a09a9df933fe96dd4a68b73eab1fbc9a0431493514ede36aad5fe36b34cdc813bbe4d93f4a5674b027ff203f80100000000000000f3c2", @ANYRESOCT], 0x8)

15:51:13 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:51:13 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendto(r0, &(0x7f0000000000)="556aa1b968265a58cfa7f48f4c9be1bb33fb0e26c136dbeb513b9240c2d2e31d20ad6809846e9d7ef0b2f8c08f6531422edd1abf32e32d9594fc441a5703910e3e5f79f5d468dee11856702deb9f9bae4328c453fc", 0x55, 0x0, &(0x7f0000000140)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x80)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c820b900b50001000a4002000600100504009b00040005ff1100ffff0901000004090006080800a8000aa4810604000300c8060bff8600c0000800bcdce2b07bcb5d038dbd11cdbe544ac445ac7c3cb82d5abfddf54d74456fd99ab71f503100000000440600336ce943d0160d64957ea32790730eb9423fd35eed95b91858e9b2d1076a9e5a780f8733b15b8a7f23e4eed9977b26e6970acffdf258e5294d2005f387ef67ad605a4403175f89dfd4c31c0a8c55b2f6ed19d06b08fd0c4ae87ae77c02f5d5c59b259b65335dce70455a17e0518ea0c9a6bd3d17244a4203491a7aca"], 0xbe)

15:51:13 executing program 2:
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x2, 0x60}, @l2cap_cid_signaling={{0x5c}, [@l2cap_conf_rsp={{0x5, 0x5a, 0x31}, {0x4, 0x1f, 0x35fa, [@l2cap_conf_rfc={0x4, 0x9, {0x3, 0x6, 0x2, 0x6, 0x5, 0xfff8}}, @l2cap_conf_efs={0x6, 0x10, {0x5, 0x1, 0x7, 0x0, 0x0, 0x8}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x8}, @l2cap_conf_mtu={0x1, 0x2, 0x3ff}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0x3, 0x5, 0x5, 0xe00}}, @l2cap_create_chan_rsp={{0xd, 0xa5, 0x8}, {0x9, 0xd504, 0x3, 0x6}}, @l2cap_conf_req={{0x4, 0x3f, 0xb}, {0x6, 0x7ff, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0xffff}]}}]}}, 0x65)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0201f00c000800050100010000000000001ff3fffe036b89a8661c46a076180f1b00a74086772c44880b348a58395e6cc5bbea7782d540632b5a0365c14312"], 0x11)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x1, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0x22, 0x2}, {0x4}}}}, 0xf)

15:51:13 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
socket$inet6(0xa, 0x3, 0xffffdffc)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))

15:51:13 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:13 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
socket$inet6(0xa, 0x3, 0xffffdffc)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)

15:51:13 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)

15:51:13 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x77}, @l2cap_cid_signaling={{0x73}, [@l2cap_conf_rsp={{0x5, 0x2f, 0x39}, {0x5, 0x9, 0xc1, [@l2cap_conf_flushto={0x2, 0x2, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0xca, 0x2, 0xfff9, 0x10000ff, 0x2, 0x8}}, @l2cap_conf_efs={0x6, 0x10, {0x2, 0x2, 0xe4, 0x2de, 0x20, 0x7}}, @l2cap_conf_rfc={0x4, 0x9, {0x4, 0x8e, 0x6, 0x6b, 0x755b, 0x7fff}}]}}, @l2cap_conf_rsp={{0x5, 0x2, 0x32}, {0x8001, 0x1, 0x7, [@l2cap_conf_flushto={0x2, 0x2, 0x9647}, @l2cap_conf_flushto={0x2, 0x2, 0xffff}, @l2cap_conf_flushto={0x2, 0x2, 0x5}, @l2cap_conf_ews={0x7, 0x2, 0x2}, @l2cap_conf_flushto={0x2, 0x2, 0xfa9}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x0, 0x2, 0x5, 0x8, 0x9, 0x80000000}}, @l2cap_conf_fcs={0x5, 0x1, 0x1}]}}]}}, 0x7c)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x44}, @l2cap_cid_signaling={{0x40}, [@l2cap_conf_req={{0x4, 0x20, 0x1e}, {0x1f, 0x2, [@l2cap_conf_ews={0x7, 0x2, 0x1ff}, @l2cap_conf_efs={0x6, 0x10, {0xf5, 0x2, 0xffc0, 0xff, 0x0, 0x4}}, @l2cap_conf_ews={0x7, 0x2, 0x8}]}}, @l2cap_conn_rsp={{0x3, 0x20, 0x8}, {0x0, 0x0, 0x776a, 0x1}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0xec85, 0x3, 0x5, 0x9}}, @l2cap_cmd_rej_unk={{0x1, 0x2, 0x2}, {0x1}}]}}, 0x49)

15:51:13 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendto(r0, &(0x7f0000000000)="556aa1b968265a58cfa7f48f4c9be1bb33fb0e26c136dbeb513b9240c2d2e31d20ad6809846e9d7ef0b2f8c08f6531422edd1abf32e32d9594fc441a5703910e3e5f79f5d468dee11856702deb9f9bae4328c453fc", 0x55, 0x0, &(0x7f0000000140)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x80)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c820b900b50001000a4002000600100504009b00040005ff1100ffff0901000004090006080800a8000aa4810604000300c8060bff8600c0000800bcdce2b07bcb5d038dbd11cdbe544ac445ac7c3cb82d5abfddf54d74456fd99ab71f503100000000440600336ce943d0160d64957ea32790730eb9423fd35eed95b91858e9b2d1076a9e5a780f8733b15b8a7f23e4eed9977b26e6970acffdf258e5294d2005f387ef67ad605a4403175f89dfd4c31c0a8c55b2f6ed19d06b08fd0c4ae87ae77c02f5d5c59b259b65335dce70455a17e0518ea0c9a6bd3d17244a4203491a7aca"], 0xbe)

15:51:13 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:13 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0xfffffffa]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:13 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x29, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:51:13 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:51:13 executing program 2:
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0xa400, 0x62)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x2, 0x70bd25, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000010)
syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xde}, "7c1c02d0ace1132b16bcd685c6118806f96fa669cd3d3fbd8fcc4234f32b72f74c0605e6eff699bdf7adaaec1812783511bedd8f6e488b6df0ffc61f9281f1821490ae478aa5ff120f9861e5e26d9e03096adfffe4fbb556e4c5a8302b0028e01ec945753559d5852917f2a648a4be38ecd2565eed61bca70e1f08ee95b28c5db820a684b81ef31679c7c0705f43b433647650fc1508d7800246c5386f5766b2e06dbb6af89db3acb204f92e2027462248924b0933e50e74d239d5c98e33e29489a42bd76a08e9dde273d7fa4ac9e287ff080d46be570b6216105116e33c"}, 0xe2)

15:51:13 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)
socket$inet6(0xa, 0x3, 0xffffdffc)

15:51:26 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:26 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x9, 0xc8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x2}}}, 0xe)

15:51:26 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRES64=r0, @ANYRES16=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "0dee9443db1d38608d66ed0054326a1c4858d720572f023f0c566316c0890e5ebb1810fe81efae31c540223b099447fb8f35335633121e7548295b9a8d8f0628fe4ac0d3a58a341cc264822ea02bc2d1e9b3a5a3e85525f9fd7aa026ff54c6fc60e91e1afca68acb27079f3a89db4104a5824a7c4b7f165f63e62294b51fe704fdb972c843970c2065dee1a3ecdd1966ab20b8b183f69c7c6bb4f2417f74dde4d56436c51c589566f24389291be0f6501803883e903a127afa4a"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0xa}, {0x8c, 0xfff8, 0x16de, 0xd610, 0x401}}}}, 0x17)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x76}, "ca3967e6b2fb3fa7483d2e55e0352b92b26c9d94577b2a3379550d9a9f3f8a58fe5212cb499b8a6b4d423e8cc6589facb8e54be445140d3ef9835afb7efcf34e2de0f6dd79772fdff80f253b11315a534857762b2ac99ede9c15c8827d4b69403c867280e71aa142b4fa871db44416a9a2bc8cca7f23"}, 0x7a)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9000c000800050006800400ff0fffffa2a0ce2c63a5567a781c635996a81e"], 0x11)

15:51:26 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:26 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)

15:51:26 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x8200, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x1, 0x0, 0x1, 0x1}]})

15:51:26 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xc4, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:51:26 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:51:26 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)

15:51:26 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x30, 0xa}, {0x1, 0xb8b7, 0x80, 0x5, 0x81}}}}, 0x17)

15:51:26 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:26 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0x0, @none, 0x2}}}, 0x14)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_stack_internal={{0xfd, 0xea}, {0x81, "8382c871614e3dd6f77059f9ae88aaa686dcf520620ef7e04444f67cf0b3a4292815c0d09e80f6530ac06aa6ac7283765997639c99965517bf124ef9dc84fecad18192475d91c2e58fecd4a5df17b753717043335af1237e6e61c34c8880f93f6fe892ed87cd03b73ae1b8beaee692b7a1241ed0620242dd0fb2b7739082a0e1abcb0452ab4b9b2286f6d982b575fe72983b61fdee94e6263e923ca304c665b92b6c92ccad852cc0167f45570e357cacb43664e5c859fca1e4d773e77ce96f8835887050b39539c3dd3e202a8ffaa0ded562c74790975046ece7a07494d11a41517781793075f159"}}}, 0xed)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x4, 0xa}, {0x0, 0xf15, 0x1, 0x0, 0x2}}}}, 0x17)

15:51:40 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x7a9, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:51:40 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})

15:51:40 executing program 2:
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2\x00', 0x1ff)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x63}, "013322584c56a443e3c67a2347c30197658c195dd640ea4495f6e9518ab5d4fc15bb3a7a2ba40ccf49db88d8bc4946a4ddc43fc10aa1c884f6f92850e20feea8785879280f67fc379de24cadf407784750f237255d90e71d9fa48bd4a94034a5bcba5f"}, 0x67)

15:51:40 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRES64=r0, @ANYRES16=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "0dee9443db1d38608d66ed0054326a1c4858d720572f023f0c566316c0890e5ebb1810fe81efae31c540223b099447fb8f35335633121e7548295b9a8d8f0628fe4ac0d3a58a341cc264822ea02bc2d1e9b3a5a3e85525f9fd7aa026ff54c6fc60e91e1afca68acb27079f3a89db4104a5824a7c4b7f165f63e62294b51fe704fdb972c843970c2065dee1a3ecdd1966ab20b8b183f69c7c6bb4f2417f74dde4d56436c51c589566f24389291be0f6501803883e903a127afa4a"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0xa}, {0x8c, 0xfff8, 0x16de, 0xd610, 0x401}}}}, 0x17)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x76}, "ca3967e6b2fb3fa7483d2e55e0352b92b26c9d94577b2a3379550d9a9f3f8a58fe5212cb499b8a6b4d423e8cc6589facb8e54be445140d3ef9835afb7efcf34e2de0f6dd79772fdff80f253b11315a534857762b2ac99ede9c15c8827d4b69403c867280e71aa142b4fa871db44416a9a2bc8cca7f23"}, 0x7a)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9000c000800050006800400ff0fffffa2a0ce2c63a5567a781c635996a81e"], 0x11)

15:51:40 executing program 0:
r0 = add_key(&(0x7f0000000000)='ceph\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="b431fc3e76852388ca741a1da6d30bc886413f2a8726b6982f9529f89f8e03ae52940990e1501188d3c6c2106be3eb7b6d4fb11b783084b40fca8d66a486307d082a6c0f50662aaee2aef44f35cff447c82ddcbdda931bbc25df3ca38d1c221ac6090b12f349ae62f9fc042ed7afc74c0bfa6b1953050bf98390fdc9c5c868592e1557b417cfd2370f2a9968d98588c593e0d0f992de68d376339703b06e31804b00e54c223e8e3e1f4fce01974c60fd92a669b8f4f4bf3f8ebcd9f5fbb45256ea47587181a4acab6a78c9fcc11b2c822d587fce781a39663ef1151991f97e5af56f9e92170b4011c5234d14ee868966915f44", 0xf3, 0xfffffffffffffffb)
keyctl$unlink(0x9, r0, 0xfffffffffffffffb)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:51:40 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:40 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:51:40 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:40 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})

15:51:40 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:51:41 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:41 executing program 0:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000200), 0x600900, 0x0)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000240)={0x2, 0x2})
pipe(&(0x7f0000000280))
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x5f3481, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r3, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x48008}, 0x1)
ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f0000000080)={{r1}, {@void, @max}})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041c0512c8000000"], 0x8)

15:51:41 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x4, 0x1, 0x8, 0x6})

15:51:41 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:41 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRES64=r0, @ANYRES16=0x0], 0x8)
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xba}, "0dee9443db1d38608d66ed0054326a1c4858d720572f023f0c566316c0890e5ebb1810fe81efae31c540223b099447fb8f35335633121e7548295b9a8d8f0628fe4ac0d3a58a341cc264822ea02bc2d1e9b3a5a3e85525f9fd7aa026ff54c6fc60e91e1afca68acb27079f3a89db4104a5824a7c4b7f165f63e62294b51fe704fdb972c843970c2065dee1a3ecdd1966ab20b8b183f69c7c6bb4f2417f74dde4d56436c51c589566f24389291be0f6501803883e903a127afa4a"}, 0xbe)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0xa}, {0x8c, 0xfff8, 0x16de, 0xd610, 0x401}}}}, 0x17)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x76}, "ca3967e6b2fb3fa7483d2e55e0352b92b26c9d94577b2a3379550d9a9f3f8a58fe5212cb499b8a6b4d423e8cc6589facb8e54be445140d3ef9835afb7efcf34e2de0f6dd79772fdff80f253b11315a534857762b2ac99ede9c15c8827d4b69403c867280e71aa142b4fa871db44416a9a2bc8cca7f23"}, 0x7a)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9000c000800050006800400ff0fffffa2a0ce2c63a5567a781c635996a81e"], 0x11)

15:51:41 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:41 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xa00, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:51:41 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))

15:51:41 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB='\x00 \x00\x00\x00\x00\x00\x00'], 0x8)

15:51:53 executing program 4:
prctl$PR_SET_ENDIAN(0x14, 0x1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)

15:51:53 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:53 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:51:53 executing program 0:
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x91c1ce92541690ca, 0x0)
msgsnd(r0, &(0x7f0000000240)={0x1}, 0x8, 0x0)
msgctl$MSG_INFO(r0, 0xc, &(0x7f00000000c0)=""/105)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0x23}, @l2cap_cid_signaling={{0x1f}, [@l2cap_create_chan_req={{0xc, 0x0, 0x5}, {0x0, 0xba, 0x9}}, @l2cap_move_chan_cfm={{0x10, 0x80, 0x4}, {0x101, 0x569}}, @l2cap_info_req={{0xa, 0x0, 0x2}, {0x2}}, @l2cap_move_chan_cfm={{0x10, 0x7f, 0x4}, {0x6261, 0x7}}]}}, 0x28)

15:51:53 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:51:53 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:53 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:51:53 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x2000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:51:53 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:51:53 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x81, 0xc8}}}, 0x6)

15:52:06 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:52:06 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:06 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:06 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000080)=@delpolicy={0x27c, 0x14, 0x10, 0x70bd29, 0x25dfdbfb, {{@in6=@dev={0xfe, 0x80, '\x00', 0x44}, @in6=@local, 0x4e21, 0xbecf, 0x4e23, 0x8000, 0xa, 0x80, 0xa0, 0x3a}, 0x6e6bb6, 0x56cf977b37b3e389}, [@user_kmaddress={0x2c, 0x13, {@in6=@dev={0xfe, 0x80, '\x00', 0x40}, @in=@remote, 0x0, 0xa}}, @address_filter={0x28, 0x1a, {@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x22}}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x2, 0x9, 0x3f}}, @replay_esn_val={0x24, 0x17, {0x2, 0x70bd2c, 0x70bd2d, 0x70bd2c, 0x70bd26, 0x3, [0x9, 0x1]}}, @replay_esn_val={0x24, 0x17, {0x2, 0x70bd29, 0x70bd2c, 0x70bd25, 0x70bd2b, 0x7, [0x4, 0x1000]}}, @etimer_thresh={0x8, 0xc, 0x8000}, @tmpl={0x104, 0x5, [{{@in=@rand_addr=0x64010100, 0x4d4, 0x33}, 0x0, @in6=@mcast1, 0x3505, 0x7, 0x0, 0x5, 0x0, 0x8001, 0x4}, {{@in6=@loopback, 0x4d2, 0xff}, 0x2, @in6=@dev={0xfe, 0x80, '\x00', 0x30}, 0x3507, 0x3, 0x0, 0x2, 0x2, 0x7ff, 0x9}, {{@in6=@mcast1, 0x4d3, 0x6c}, 0x2, @in=@dev={0xac, 0x14, 0x14, 0x1a}, 0x34ff, 0x2, 0x1, 0x89, 0x3, 0x1, 0x8}, {{@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x4d6, 0xff}, 0x0, @in=@broadcast, 0x3500, 0x0, 0x1, 0x5, 0x2, 0x1000, 0x9}]}, @tmpl={0x84, 0x5, [{{@in6=@remote, 0x4d4, 0xf29c770255f86a49}, 0x2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x34ff, 0x3, 0x1, 0x80, 0x5, 0xdf00, 0x400}, {{@in=@dev={0xac, 0x14, 0x14, 0x27}, 0x4d3, 0x51}, 0x0, @in=@rand_addr=0x64010100, 0x3505, 0x0, 0x1, 0xf0, 0x99, 0x8, 0x101}]}]}, 0x27c}, 0x1, 0x0, 0x0, 0x1}, 0x4080)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:52:06 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:06 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x2900, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:06 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:06 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:06 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:52:06 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16, @ANYRES32, @ANYRESOCT], 0x8)

15:52:06 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:06 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x4000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:06 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:52:06 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:06 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:06 executing program 0:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c850c700c30001000c0405000600085ef0ae8f02002000040237000100020004090302df03000104c9760102000805010006100802c300030000000000010001000100050100070200020702001002020900020104000800800005f93e003f0004007fff0702000106102b0101010800000008000000f9ffffff07020700070205000702000106107f00000001000000ad00000008000000010206000100020008000c8105001e4b08000105021c00ff030001050006100200050008000000020000000080400001020800"], 0xcc)

15:52:17 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)

15:52:17 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041c0542c8523600"], 0x8)

15:52:17 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:17 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:17 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:17 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0xc0189436, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:17 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:17 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xa907, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:17 executing program 0:
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_keypress_notify={{0x3c, 0x7}, {@any, 0x40}}}, 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0x16}, @l2cap_cid_le_signaling={{0x12}, @l2cap_ecred_conn_req={{0x17, 0x9, 0xe}, {0x100, 0x3, 0xfff7, 0x8, [0x4, 0xfffa, 0x8]}}}}, 0x1b)

15:52:17 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:52:17 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:17 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xc400, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:17 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:17 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:17 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:18 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:52:18 executing program 0:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x20042, 0x140)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1f8f0fbe8783bbdf1c322aaed3dde1bf36a3dc951043122cccabf82eb3f5d98f50e03f45acb0f24f39ad12d427debc29938d54a7d16eb0c1fd40424caf65e5ccfae8544424852ee60839195a4c56be426b28d973882a7cbd6882775af989066504676c653453", @ANYRES16=0x0, @ANYBLOB="08002bbd7000fcdbdf250d0000000500290001000000050029000000000008002b00c89a775a05002f0000000000"], 0x34}, 0x1, 0x0, 0x0, 0x20040040}, 0x4)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)

15:52:18 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:18 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:29 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:52:29 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:29 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:29 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:29 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:29 executing program 0:
prctl$PR_GET_FPEMU(0x9, &(0x7f0000000000))

15:52:29 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:29 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x80000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:29 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x8, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xc1}, "c9f5df765c4a9cb26a25a86f932df5ec653c890657771a04befc6d8229bafbe14c37113b35d92bedaf05dedfcc6bef8305301cb9b41b2e801388faed0158db598a70ffedafea5b9501d0314ed25efc2490609d299796f23e5cdb69063cd4f39f446138420873ce23217c44a9bd796be2f302d8663196b2ff099cee3b5109f3a23fa712ecc5dbbb0154221f3bef4d8a01d3682d1c640513020d80ea7cb4a25ad99795361fe5f7975d2bf6aaff6d672c4fa254337ad8923d92a275505d38da92a27f"}, 0xc5)

15:52:29 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:52:29 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:29 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:29 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x200000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:29 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:29 executing program 0:
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x0)

15:52:29 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:52:29 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x8, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xc1}, "c9f5df765c4a9cb26a25a86f932df5ec653c890657771a04befc6d8229bafbe14c37113b35d92bedaf05dedfcc6bef8305301cb9b41b2e801388faed0158db598a70ffedafea5b9501d0314ed25efc2490609d299796f23e5cdb69063cd4f39f446138420873ce23217c44a9bd796be2f302d8663196b2ff099cee3b5109f3a23fa712ecc5dbbb0154221f3bef4d8a01d3682d1c640513020d80ea7cb4a25ad99795361fe5f7975d2bf6aaff6d672c4fa254337ad8923d92a275505d38da92a27f"}, 0xc5)

15:52:29 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:29 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:29 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

[ 1677.629085] Bluetooth: hci0: command 0x0406 tx timeout
15:52:42 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:42 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xe0ffff, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:42 executing program 0:
ioctl$HIDIOCGVERSION(0xffffffffffffffff, 0x80044801, &(0x7f0000000000))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x41}, 0x2)

15:52:42 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:42 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:42 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:52:42 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040004}, 0x0)

15:52:42 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x8, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xc1}, "c9f5df765c4a9cb26a25a86f932df5ec653c890657771a04befc6d8229bafbe14c37113b35d92bedaf05dedfcc6bef8305301cb9b41b2e801388faed0158db598a70ffedafea5b9501d0314ed25efc2490609d299796f23e5cdb69063cd4f39f446138420873ce23217c44a9bd796be2f302d8663196b2ff099cee3b5109f3a23fa712ecc5dbbb0154221f3bef4d8a01d3682d1c640513020d80ea7cb4a25ad99795361fe5f7975d2bf6aaff6d672c4fa254337ad8923d92a275505d38da92a27f"}, 0xc5)

15:52:42 executing program 4:

15:52:42 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

15:52:42 executing program 2:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x8, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xc1}, "c9f5df765c4a9cb26a25a86f932df5ec653c890657771a04befc6d8229bafbe14c37113b35d92bedaf05dedfcc6bef8305301cb9b41b2e801388faed0158db598a70ffedafea5b9501d0314ed25efc2490609d299796f23e5cdb69063cd4f39f446138420873ce23217c44a9bd796be2f302d8663196b2ff099cee3b5109f3a23fa712ecc5dbbb0154221f3bef4d8a01d3682d1c640513020d80ea7cb4a25ad99795361fe5f7975d2bf6aaff6d672c4fa254337ad8923d92a275505d38da92a27f"}, 0xc5)

15:52:42 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x7f}, "2bef6c9f2c3f1efa22fb494606800c59f7eb67cea24723f110acda04d06bb89d1195cb39f82f995b3a26b7b1d37c732ba1c947cdd255cc44c6335d3372d3bcf1dd53023ed179efcaabb57081ae14e0cf14aa6053db224c7baa98ef9af74de032eab8267f09901aada530dcd595ebae76d59f0517d3170812557104b16affab"}, 0x83)

15:52:54 executing program 4:

15:52:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:54 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:54 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x1000000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:54 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:54 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:54 executing program 0:
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xc4}, "a74e2016ad1e36d68b40076a28e3752954c3d2a972029c1c690c85e9403d6541e1fd5de9710c2e4df813711a233c9f6116a2dff500e8b1a461d6fd0a081042ce370a87d840aa0bdf38e79cbd49109512e474d676bacead002b63a03eb1bbbe906409a65258c9ff73e13ff29d77ac7ef2d432e12e59d24eb31b4860c3250e1d34e2e0f5f8081c5a857d778de0ea7c7584048e6b30e06595e421f70f916023b6c1bca40350e56aa4022e49151cc93e6f5ccaa94f3b9ff2c0426630a68eade2d05c3811424d"}, 0xc8)

15:52:54 executing program 4:

15:52:54 executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c9500a40276f7c6f06000500011e1b39cb37da00cdcabb7b8daad7921fc0f513d2df5c91d2703f0943119ec39528ff99de6fdb6d879c4b9a2626ecfb82c4f787df613fcd23ecf16dc84ed16e6e8d4b2a9f7fc341a51bd0a70000000000000001c9acba8a454f0e15a69557a9b35a731612003fb30a2a200e67b7da846d1bc478122566b7c2e1636e54c42686ad0354e2c20f2725fe00034c58b93493be833ae155b1f15c4db0234619151f67d5e57845bf7b8815a0382c0dc0c8d83e826c405606af01ba402901a8e67f445ddd7a308d652d4d02d2b796e81f511f56e1a1cbafe207027950cab45e6d91"], 0xf)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x67}, "4f2b4cd5adfca534b42ae1223a6e9a44afb5f17c80e6d44b61086cf578edc2f9a0fd0425d1edbb97933c67aee99444cd558267fd5149cdeb60bfd9434700ed25cb69a9f606611ac18c217be1702a6794ac04ad82e38012899eb2ee47ec4e79a6dc1dd5ae82ef70"}, 0x6b)

15:52:54 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:52:54 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:54 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x2000000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:52:54 executing program 0:
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x94, 0x0, 0x320, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8000, 0x3a}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x50}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x34}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x17}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x14}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x6a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x36}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x37}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xa}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x35}]}, 0x94}, 0x1, 0x0, 0x0, 0x40000c0}, 0xc004)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x81, 0xc8, 0x1}}}, 0x7)

15:52:54 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:54 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:54 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:52:54 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:52:54 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:52:55 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:52:55 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9f00c00120001000603040005000800"], 0x12)

15:52:55 executing program 4:
syz_emit_vhci(0x0, 0x0)

15:52:55 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x0]}]}]}, 0x30}}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000080))
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000007c0)={0x230, r3, 0x300, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1c}}}}, [@NL80211_ATTR_SCHED_SCAN_DELAY={0x8}, @NL80211_ATTR_SCAN_SSIDS={0x34, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}]}, @NL80211_ATTR_SCAN_SUPP_RATES={0x1c0, 0x7d, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xce, 0x1, "35182533d6e6dacc46e78fb931cdbbf23568ae02a1d566fc61e8c4719eb771cc19fee4af048794f75a77b3acf3ee7cb4a8cf43321376115f7b55a300d5b4e15e1f88d41be8c5167cd94b582fb229a88aed624a261c872966a81c80ae1e8a6bbb19389fc8af71f1c8faf2f245e6908754d3ac08d756b323dfc9c4a85c92b9c811e8b374b929134faaf7e395baa157e00937e2192ad923a4c8cc3bb052aaaafb8d52c5546353d54158b09978dc2c251c25c917a787de52741bc1ad6d847ba110569e65cc0dd9f0d1e319cb"}, @NL80211_BAND_6GHZ={0xeb, 0x3, "06ddfb45ed6c7af0fe56108718204662d49a6267fb322d34b37ba23b701e82de1a7500dfdfd79bdf0ca6786cb7b659e82160e651a457f96cf96dd0d7acfcf37a42c30da268bd0846c07a59d7ce345a8954d5bb80e35de84934ab350358c9f6fc8aea0ae9f15d6f65be0b22626498417291b6366871c7b7d4ba9ebb049946a14acc604e934d37f89a341f6a73ac33d556ca4abff4e402d21d1e0f3da04ba4a63a626e990e00f904ebe22eb55000077fc37bcba27b2f9cd4d5923c46ee71ac307fb7030279abe63777a29569c20725d5cb5be1c5df6217a91de3282b74b28095db1aba3e1cac5b6d"}]}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x40}, @NL80211_ATTR_MAC={0xa}]}, 0x230}, 0x1, 0x0, 0x0, 0x44800}, 0x4000000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
sendmsg$NL80211_CMD_SET_WOWLAN(r2, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="080026bd7000fddbdf254a000000080001002300000008000300", @ANYRES32=r4, @ANYBLOB="f8027580040003001c01048018010080fa000100bd458147760e6fcfdbc8fc8125745c22fc94fe09ee6a1cb698affbdfa46b83e54938e3eeadd72d016d11d763f193257927043f81c4d89c4067250abf794d61ca4bff3306e281dc58bd70bf38461e9d9594f15e6295daa93e7cbc2892befdb6f240fc502b353c1ca2530b4f078c1eeb3ec16310c2fbc41becafb0c32ea507e1678c7e513964d64aff1e3bae14ba83ee8d9d23676e334f5c0c4cbae65c6ae563c42723a5560553c8bd3bd5e68e6c44d1fe7b54b0b5ce194d87fe7cd89be6495b2f99b866b50a91a8fa5345bc5ef3124fcd0ff2d367edda9d4f5bda057b7873feef18f6e007af4dab70a0d45dd278032b97b35963bf2d9700000800030006000000080003004700000008000300f7ffffff0400070004000300cc010480c8010080fa0001000fdbdfb53151be84832af4e8539b7094fbe2816ec5b9da9ba7d09bf079e07af930beb39433df3be5d9a54eb9fba9432f0ffb04faaf6a85f83f427fef4ddec9266f7da915b7eee639d563449ed8b0561f6c23375c97302d6e714fc1067b0eee9aece439a99c61770422eea5589d1dadc883e792880596238350648b0f36b2ffe6150098fcb5e29cf3c574edba8de991e5efb835f3f7461f9020735cc9d7ba60c5ab73d8b69b8ee17f44288f2f60769d10beaa3b8b33dddd699f04630b3d1487897742cbaa52d63db2c0706e7bcce97a632fd6508592c16a5db5df1bf91b8bdd46b726fba88b838fb0041f11abb37950a2da6a98f267f70000b80001008ace911ea92f52181e6ad44feba0937c2cc6ae6cd88524d3f096d2420deb907327d1e465473d28bdbeea08626858c654381eb6bdf0ed0334dca9edabb5b56e4b3b211e9f520c9002039ed4a2aed7f17bcef2494d0cb8b68d0365c5143b43741b01ca437c98942776dd5c09c9afd974ccc5f45b4f6437e46daf7fe2535ddf5f6591e43b4b5e18d8f1eb9b71cdc1cc20b3a2f5b0b6d855fde828eb1eb99518803dc219087c23b11b46b5f20b3b7cd0231ff77cc24208000300feffffff0800030003000000"], 0x31c}, 0x1, 0x0, 0x0, 0x20004004}, 0xc005)

15:53:08 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:53:08 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_role_change={{0x12, 0x8}, {0x6}}}, 0xb)

15:53:08 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xa000000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:53:08 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:08 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:08 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x25}, {0x9, [{0xc9, 0x20}, {0xc8, 0x200}, {0xc9, 0x1ff}, {0xc9, 0x8000}, {0xc9, 0x3}, {0xc9, 0xe2}, {0xc9, 0x5}, {0xc9, 0x9}, {0xc8, 0x7fff}]}}}, 0x28)

15:53:08 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:53:08 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

15:53:08 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:53:23 executing program 4:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x2, 0xc8}}}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x25}, {0x9, [{0xc9, 0x20}, {0xc8, 0x200}, {0xc9, 0x1ff}, {0xc9, 0x8000}, {0xc9, 0x3}, {0xc9, 0xe2}, {0xc9, 0x5}, {0xc9, 0x9}, {0xc8, 0x7fff}]}}}, 0x28)

15:53:23 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:53:23 executing program 0:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="08ab3dd06b28f968eb5151f449e6ce208f0ac608a6049713be79ea59ce073b7d82feed887dccae7cd28a8644ae5ca9b7841e67fecdca576f9e91b427b3ea7ae15b6a458a6ad339d76c8468369b1e7b67b66d7b810d5ed7bf2eb15d29fd62a04304b15f74fde96552673600000000"], 0x6)

15:53:23 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x10000000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:53:23 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:23 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:53:23 executing program 6:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b4a, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:53:23 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 1)

15:53:23 executing program 0:
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04308edd049311d52d41c1eccc450ef202d39610"], 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:53:23 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 2)

[ 1729.296438] FAULT_INJECTION: forcing a failure.
[ 1729.296438] name fail_usercopy, interval 1, probability 0, space 0, times 0
15:53:23 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x3}, 0x4}}}, 0xd)

[ 1729.296481] CPU: 0 PID: 9670 Comm: syz-executor.4 Not tainted 6.4.0-next-20230630 #1
[ 1729.296522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1729.296540] Call Trace:
[ 1729.296548]  <TASK>
[ 1729.296559]  dump_stack_lvl+0xc1/0xf0
[ 1729.296622]  should_fail_ex+0x4b4/0x5b0
[ 1729.296673]  _copy_from_user+0x30/0xf0
[ 1729.296721]  copy_msghdr_from_user+0x89/0x150
[ 1729.296778]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1729.296826]  ? __pfx___lock_acquire+0x10/0x10
[ 1729.296865]  ? lock_acquire+0x19a/0x4c0
[ 1729.296904]  ? find_held_lock+0x2c/0x110
[ 1729.296954]  ? get_pid_task+0xec/0x250
[ 1729.297000]  ___sys_sendmsg+0xdd/0x1b0
[ 1729.297045]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1729.297088]  ? __fget_files+0x245/0x480
[ 1729.297134]  ? lock_release+0x1e3/0x680
[ 1729.297174]  ? __pfx_lock_release+0x10/0x10
[ 1729.297217]  ? lock_release+0x1e3/0x680
[ 1729.297266]  ? __fget_files+0x267/0x480
[ 1729.297321]  ? __fget_light+0xe5/0x270
[ 1729.297376]  __sys_sendmsg+0xf7/0x1d0
[ 1729.297419]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1729.297473]  ? fput+0x2f/0x1a0
[ 1729.297513]  ? ksys_write+0x19e/0x250
[ 1729.297546]  ? __pfx_ksys_write+0x10/0x10
[ 1729.297584]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 1729.297624]  ? syscall_enter_from_user_mode+0x21/0x50
[ 1729.297675]  do_syscall_64+0x3f/0x90
[ 1729.297723]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1729.297777] RIP: 0033:0x7f354e337b19
[ 1729.297799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1729.297830] RSP: 002b:00007f354b8ad188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1729.297861] RAX: ffffffffffffffda RBX: 00007f354e44af60 RCX: 00007f354e337b19
[ 1729.297884] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000005
[ 1729.297904] RBP: 00007f354b8ad1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1729.297924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1729.297944] R13: 00007fffa633856f R14: 00007f354b8ad300 R15: 0000000000022000
[ 1729.297989]  </TASK>
15:53:23 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

[ 1729.494977] FAULT_INJECTION: forcing a failure.
[ 1729.494977] name failslab, interval 1, probability 0, space 0, times 0
[ 1729.496705] CPU: 1 PID: 9683 Comm: syz-executor.4 Not tainted 6.4.0-next-20230630 #1
15:53:23 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))

[ 1729.497850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1729.499030] Call Trace:
[ 1729.499386]  <TASK>
15:53:23 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x29000000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[ 1729.499745]  dump_stack_lvl+0xc1/0xf0
[ 1729.500343]  should_fail_ex+0x4b4/0x5b0
[ 1729.500898]  ? __alloc_skb+0x28c/0x330
[ 1729.501415]  should_failslab+0x9/0x20
[ 1729.501948]  kmem_cache_alloc_node+0x65/0x3b0
[ 1729.502554]  __alloc_skb+0x28c/0x330
[ 1729.503070]  ? __pfx___alloc_skb+0x10/0x10
15:53:23 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:23 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

[ 1729.503640]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1729.504486]  netlink_sendmsg+0x9ac/0xe40
[ 1729.505133]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1729.505793]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1729.506610]  sock_sendmsg+0x1b6/0x200
[ 1729.507181]  ____sys_sendmsg+0x76a/0x9a0
[ 1729.507749]  ? copy_msghdr_from_user+0xfc/0x150
[ 1729.508396]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1729.509027]  ? find_held_lock+0x2c/0x110
[ 1729.509597]  ? get_pid_task+0xec/0x250
[ 1729.510154]  ___sys_sendmsg+0x110/0x1b0
[ 1729.510760]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1729.511514]  ? __fget_files+0x245/0x480
[ 1729.512098]  ? __pfx_lock_release+0x10/0x10
[ 1729.512693]  ? lock_release+0x1e3/0x680
[ 1729.513310]  ? __fget_files+0x267/0x480
[ 1729.514014]  ? __fget_light+0xe5/0x270
[ 1729.514581]  __sys_sendmsg+0xf7/0x1d0
[ 1729.515116]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1729.515775]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 1729.516488]  ? syscall_enter_from_user_mode+0x21/0x50
[ 1729.517199]  do_syscall_64+0x3f/0x90
[ 1729.517730]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1729.518442] RIP: 0033:0x7f354e337b19
[ 1729.518980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1729.521713] RSP: 002b:00007f354b8ad188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1729.522741] RAX: ffffffffffffffda RBX: 00007f354e44af60 RCX: 00007f354e337b19
[ 1729.523710] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000005
[ 1729.524748] RBP: 00007f354b8ad1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1729.525928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1729.526953] R13: 00007fffa633856f R14: 00007f354b8ad300 R15: 0000000000022000
[ 1729.527964]  </TASK>
15:53:23 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000000100)={{r1}, 0x0, 0x2, @inherit={0x78, &(0x7f0000000080)={0x1, 0x6, 0xfff, 0x1, {0x1, 0x3, 0x7, 0x8, 0xffff}, [0x100000001, 0xffffffff, 0xffffffffffffffc7, 0x1, 0x7ff, 0x59]}}, @subvolid=0xf090})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001100)={{0x1, 0x1, 0x18, r2, @out_args}, './file0\x00'})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="046100884664"], 0x6)

15:53:23 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 3)

15:53:35 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x40000000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:53:35 executing program 6:
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="05008ddd6c6530b4000000000003"])
clock_gettime(0x0, &(0x7f0000001b00)={<r1=>0x0, <r2=>0x0})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0)
dup(r5)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000280))
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f00000002c0)={0x1, 0x0, 0x5d8e, 0x9, 0x8, 0x7})
recvmmsg$unix(r0, &(0x7f0000001a80)=[{{&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000001380)=[{&(0x7f0000000100)=""/80, 0x50}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/219, 0xdb}, {&(0x7f0000001c00)=""/4108, 0x100c}, {&(0x7f00000012c0)=""/138, 0x8a}], 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="00000002000000963ac7272d2d414b3ae4d17e96b7fda7e555ff6881723e047a7398996cc621f861cd7e7a212b65c9f09630c86207436fcc9be1f8c8a42dce235e7b0242297691b4b79f927ad2f2b1586c703fc0b39b3ea317b9dd3e6bff6184485f9da189f2d8547d209b5ee161b755291385b49f698fa304879b8e4c81942988feb40044fa6b18c13e9fa2b7208f15affe4fdeac776582645d8d1bc68160d2f123798e145a100653e8a12528e1004f8284255e46593c1b851a79006540251da5723127a5afc7054d5d579ef4ffbb6802d7e5685dd81bb6212cd1ba061f309341ff7af7c8ef77beaee7fb1ac573d71b88b20600f53d94314000e18ed1912df7ea7462d43a1abbc298614277d94399e69b04a6abbdebfdf65e12", @ANYRES32=0x0, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="30000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c0000007d0000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r3, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES16=r4, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x168}}, {{&(0x7f0000001580)=@abs, 0x6e, &(0x7f00000019c0)=[{&(0x7f0000001600)=""/109, 0x6d}, {&(0x7f0000001680)=""/17, 0x11}, {&(0x7f00000016c0)=""/254, 0xfe}, {&(0x7f00000017c0)=""/113, 0x71}, {&(0x7f0000001840)=""/161, 0xa1}, {&(0x7f0000001900)=""/182, 0xb6}], 0x6, &(0x7f0000001a40)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}], 0x2, 0x0, &(0x7f0000001b40)={r1, r2+60000000})
r6 = dup(r0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000001bc0)={0x0, r6, 0x9, 0x7ff, 0x7, 0x3})
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x2, 0x20}, @l2cap_cid_le_signaling={{0x1c}, @l2cap_ecred_conn_rsp={{0x18, 0x57, 0x18}, {0x2, 0x20, 0x40, 0xfff, [0x3, 0x0, 0x32c, 0x1, 0x4, 0x8, 0x2, 0x8000]}}}}, 0x25)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r7=>r3, {0x7, 0x9b91}}, './file0\x00'})
ioctl$TIOCGISO7816(r7, 0x80285442, &(0x7f0000000340))
r8 = socket$nl_audit(0x10, 0x3, 0x9)
fcntl$getown(r8, 0x9)
syz_emit_vhci(&(0x7f0000001b80)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x1, 0x14}, @l2cap_cid_signaling={{0x10}, [@l2cap_conn_req={{0x2, 0x6, 0x4}, {0xfff8, 0xfff7}}, @l2cap_disconn_req={{0x6, 0x21, 0x4}, {0x8, 0x101}}]}}, 0x19)

15:53:35 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:53:35 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x1, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_create_chan_rsp={{0xd, 0xf8, 0x8}, {0x3f, 0x800, 0x6, 0x101}}]}}, 0x15)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x27}, @l2cap_cid_signaling={{0x23}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x40, 0x2}, {0x6}}, @l2cap_conf_req={{0x4, 0x1, 0xb}, {0xdb9f, 0x8000, [@l2cap_conf_flushto={0x2, 0x2, 0x1}, @l2cap_conf_fcs={0x5, 0x1}]}}, @l2cap_disconn_rsp={{0x7, 0x3f, 0x4}, {0x8, 0x172}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}, {0xfff}}]}}, 0x2c)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x0, 0xc9}}}, 0x6)

15:53:35 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 4)

15:53:35 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:35 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:53:35 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:35 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1000}, "08a10ee9b29052d66ecdb0607c27abdf8dd4fe851e1f1951b2d2e8e22d5e4ba5583981af829091faa497117bab0490ebd40e5dc8926a81f680adbd82cb8d7f7d01a8108fd3cf3f997c2711cef67ab3dea5741a78675793b162b9650bd122bc928d5e01ce737ba9687ccb478354a8824e358f05f2ade7cfc1174c3eea9ab207fd4b5bc4a5df4e47c5ae6212f8e44410723de54d4ac94d433d2494edc76b4b8a6194e45165440834baefbcbbd7874c55828c9a338b6d05e93e7e12214c52e0884a13f0da4984f4fa52f9634d8f845e8ecada109f6819b6840228487d41dfbd071bb1248b0bfd89fd5c55a0cc918a13625ac8fb7a5af887e17a465c8fb764bc53d2bb07481d679b7cf3d1df534acfdb482a9a6329db8582bd27ae9973996e5f373e960ac99e25f5a442c0a520970f6dd58c2666ffa32f5a52bf440b5aaf00bf19c6ee29926cc7e7afe86f91af498cde3d4c466acc894e49deccf495f1d9310486b0badfb6ad830463ccadfe5c264a44df97e631d9f2cafff5dd619a6f51216a180906883cbdbc49acedc2bfde7ba4c4015b82350e76c02408a3dbbeb2b0ba050895eb2a313096375e2086071e899507af380a880340f742cc928b297daed06daa4836741311b7d996da3f4c2b53c325edbfcae2bfdde215adbcbe85294a4698fc0dddee3669edc6e7268ca8115b99d733253f8205d6b39d4b093ed69ed84f0c6711243aaf367542ff3213ae6e14e90507a89b2ff7f47a715643af23f7e9a0484610afb35f55b166dfef6f1bc0d1c2dbced803d9b59ffe3502f307a275912a1c29efa22665520b61d75995e4aee4cadc3560f2f930c8ecbce274aea68ac9a4c0fd46ee54547f19a1204d99a5f56d00dce31484b965d5cd9d56159e96e08a8595ea38d067e15b825cfa997573161a55b156ec176351ce273e402c9b8042aa082441030393c4e145ffbd85cbed8da92a6ee3ae0906a3988829e8c0d9eb12f0ab52993c960c5777bca0aa485ed3add15752bcdfd73b67c0f9869aad277d37c506ca22381a8f879f2b29da5b1fd07d0e8e560a39f32a38ffb630040bba7a6f7da72438c80a90e749dee7583ac5f9ae2625a58ff3ab58c51d3b5e807e4534fbc0f5724f1a9976797ce875c450a7fcb27b472f1321214f1c790c35680737ed5c9f8ecaf77ffc8fe5b329fc915893d33400a58c76f1ea1c805ed9ecdc1eb5249b13a01daff0683a16986369afb35301f15aa5ecea98aa172fd902d7c8cee60d3e63cd381b7a1e4e588bca72df17bbbf2deff85b22109ed00a10b6d51c3fa5cf2216da6e774415aacf19b5d726afbe4ac9cf884670876ed01c132a24ccb21abcc6beadb11f9e8dc0b3269debf696be36125c348ae9806e6ffe2177b17d0be3cd24cf3c6f5cc26813f9230aa5745d6d06f8db8a0826a56d280648c333cdb61ad180381396ecf663245bce3715508a12d9030584565c42500dd1df8bab7ae36442a87e93cfedc568bf6a7df6d139c0ca7188bee6e2311afd58535b91953282d6d146f814433cf00f57b80940f35cf5b04849f676c2ef3602016599507405cf2e32ac830c0c9e9b2b9a52f6a0d91fefcd24398518a7c64a205f2f9109baac5fd64beb91a3ecfd994c096de140e1c638eaa6de013f9b101f54d4ee56c0cd65e6b93051580b214ac437042216728e2eb22353b3ecf30fcf6a3d4672bcd6984cd45648146e8f868d5fdcc25035b44b726657102ac69a91c5a457f39681c3f300952c9ec198f21ec3bae750cb817e714bf37ef9e87a81925b7326b9e221624bd20fddb0b00100cb0b2a39320a4c4881b898a3a77baba7f744f6fc06bde4f81fd52a7625c9af571e93f24fa7858d7f36f3d8b61113ffd150afc401d0806304917f613d01378e89081a4caa85f87e856cf1515354dfd44f1f7d2f1b47576f3a44ff166f20c6f01aaf8bfac7ea4b4481a9aecbc8dc58d2289b004af4f1b88d5421576524c9e52ff768c25fc199dc1706ce0b545b89c632c1b60d1ee868837a17a9e9fe2547466dcb361b0dae3a8717535225f9baee30f6e5821335e1b862fc024face4d6be67540aa2ff37a553ded626864b9fd548a3ba5a791f37760c9c530c7c1958739674f7feb50be4f2af7f60f3a30abb545a8ebaf3152f618bf26181569ab1f1c2a010c2e8f9d6711ef6d298f988fb905aa77f394870537afb554535701434d3546a66285cc695d2b7b02d5ad0eeb594618982fe3a419e01624dc9fc3ffd41d6a6dbe1506e2d1218d7faf38b0979eeec6736ddc197b0ae8874b0cdbcb252230c23d48cf36b3c15e15477168e848acf12f073254a4777f1db0898c9d7f0fb8c120d715beca2166168095e6eae5f8de122d6ac88cb122983bfb815f56dad3850e225a282db76fda71c76a172c36e739e99476e3dbd30bb6d1d0e14d3d88b5921542b67723d03831e3ecf33ae03d6223f7a0910437ffbd1ed2097d4e4e891d2e522eac0d946a658136b41e4eddc35d3b504ff5298b3920fd460b9e1063f2d598ac4eca6b29adc3eda6666ae08d40f844cd445768d04d1b76314b790b3a930455c52d96f150ec0d5d02f3c4c8bf980e27b8be37f3000ba226aedc64d31f04ed083e1332221751dfdfc85522dce486e8af0c0d08e5562e2caa039d2b91b55d6db89cc9d1837dd8da3dae7ba7ffc163e6aeac6b49e7f34eab03212e7115b0eae5ab54537b9227d68da6a40838d26480de3d4432421702c3c51da62388ac27340deee1f230d3b11d42c752d45b1947ada9e89a4360476d2faf42dc264ce10ac076d8a0eb90d5f586cbbb534075a5855813a24ea3184399bd803cd133087c102252d876343ee3f3be8be30afb973ebebb79d2740acb1f39afcb376fcd4c45e04851ed1da4b46c063eaae1c839a41f95a91535245b31c9d971cef73bb1fc9aa0b23bc692393acca97a7d1ee08689667d92f7ce4319a7c297088e00d463bd99f98769a3bef2257762fb6c6075d9c45ad2594598cd83bc1dc158b4d5f8778b3ae25e31f7cb260e1503e5bb93cbe30a55214ded16ce4741c52804ee01dd63dffb46d2a723e3f311ac7dcfa8083e9c2156c2bfc63ee16cfbab85cbf06dccc8e4d8965454eba7a1f0571df594f6ab15c2c15cbec2fcb565601ced2c183b5eadd126d46ccfdabad78c3f7e10e0fd5813a7a5d9537d77f7a81df57a6cf5e97bdcdd03148500e4c325b8c71dcb13a6bd7729e362190074f5e10cbba52646b7de9c4aee19823077f4ce32e8c6a98a3d0ec9e4687cc7724b818498904f01f58cb2b976d1984b4b3a77dac2559a01b3b2e43efcdcc802e63367234d72cc66894f185dc4d7ff9ac149fcff173c2d0c99c4b4e2b29b6d46b2c9e3b41ba0b093f8b26c13fa385db7e1e1e787fed5cb85365b4c5358187beaa30f3c129ede622f5becef44fe34e82593a2345538a2b12551e105a22c9f93450a6fd21be611b81ff656e4936f405bbfc80452139f030d55abb8c2efa5d95f7f0350e8b08746754aafa883c6b7782eba675fb686e8ddf5b769c6b6f69d928abb1b7c45f4bf7f7e2924022bd9395880befed1cb734a45cc081399f1a4af3183e2c25517053ccb9ad2d8b9ca461341176ff7e27736b4cdc8f7fda98c29a5829bb37adabb6505901875ec66634bbaff38f3a02327125a9e171acd48dd385f0c39bbed99ed902e6c032a3e94e5ecbb1d0f2aeb5c77960741314849943abf9c8383696d3554b80e50ebf843f982013892d3cf33c06ea81011ef6b75b0ec00238fd172ed063d1951c8579a8c721d38ee08dab7a1353876df3858df4e4c7368bb7bd7dfe3e6cbdc17dfbb4f263654c33c16170cf8b9520793491d14706c30b8fe41a9914895980e31605bb22b94305e2a98278166ce86f6d59b3c30ee7b9b8e1bd8c60bd12597085c10d2e3c9372a86f1e47531deff6f57a13d4f263152ae4d200c1856fdd03eb72ec001cc75d052e68d4595e8de79f7176c5ac12fd983df8d076fffea6cbd57d753a1f9e1234c476d5079ff6b9e35a2379483b0f973348a0af18442b67ba7cb3517d4fb0d043925aa3b73913a90b0bfa6573c2716c0ec0c0fd02d260f9fd13d7441bc678800182085ada615b3e161f387a0d4fa762542c37679b56a560ab55507386f23d4e8287a52e1cbcb1cad64e10f7eebca1b4d60b10a05b60bb0eb085885e99b9ed21e66aa4830ab069919e0d5e31844dc4503eb29075e996cc9c6ec6d7da843ed15d6dc802ae14bf98b83302d86e3fcf5921d67e798769672ca90a2d115d537ca881dcdb089c2f40e69be058adfab1d4634c4ded9572695297fa1b11b5579594d357d15f60d9d7bbbe06b4ff3ddca2c15bd8548cff8bfdcb49939c72a8e6de1a560c86d4a9705362a673a133430a5496953b7da42e50feb350ad7d42a61b702acd4fb9f0db36372333188472b058ae3dd1e96f5edd4ebcf66539fb7b5fc71f21f0fd08b322f50f79d2df20717f2421aa455218c41d6083969908eacc70917b94ad6dc889e7e65a2b91a8921d7bf954f79e12db550c96f1b87b8a69af50f7b721608a0335d6c2714d0e71d52ae6fc71ae3d866591636cbb40473de6e98e434043d204e95fc51aa3258909a35848d9f87af52c6b2eca3aac2bed691b0497f4f4b8772142a90d591414e23ffd919a05e2e0708d491366c059ac3f24079e1a2af665c7c6b29a2057d3d922228f3b8aeae866dcda1adcee45f371d0485f34e353e25de4141b596fa80d76e2b57c0cdf0299a1283dc63fb567fcb31fb9cc12b9051882d328ae26134c9752d040a472bcb9ef638de2799ec3dcf8bd93111c70e49d58ca052fef9ec6b1a71a834dd86cf22473311e883a018398f40d1f9db49ee6b943c0bc79178f9a25ff7a4f7c630e46b8cd8b2ce1b66938002a85924b24466ef94905c7e2a436f9c3cf056186966415c4ba298d6f4bc333d994d1470c85ad6e01c3e92e3f096dec3ece177e5e5d1e649c92e8a5263020c660704986355ff4cccecb36c978b4115ce7f75ef6c4b72cfb86b1956d4e2c534a68bacf2392c585f034bfcf0257f7ed967071c33edd3265cf9e78bab6067842100aed9f7690e967160e28bac44aa21c8b02048c29034a37a322223c7eba9294e0d810391fede38e6a337e42230519cfdbe5a7e34eff117a0d6ad97ccf201543987c9f2e4cec5159ca514ec2ba5f41da789a97b6c34711594c865fb4a259bbef29c47df1ae20c08152d03eca3ea45de371d6fa9b81c1d1f7a83a4fd9fb3a1d46df99d85027cdbf0929b7e39bdae5d1929f70245e9e16bed59e1c371aef37408185b6b9353e5d02f52b34e5aa2796226db8425267b0687d04d190ac083c470426ce70d4671f682bcdb0e0313f566eb01807218b01f11952daed21c56a48a5cec0a74d9f73e960730823b3a7112070840315bcb6c941f8bdac8262e2fd5667e85b5952b1b90124c7c1a810e14abe9f653e5cb43077a91ae831400f891ee730786c57372ef2f54507e22b98db9a5dc164a0edf4edf2791c7f7d934c13efcf6c187f8f3591e607569e2ba403cfa04381bb369a6c56c151dc28db43b3b82a9dd53c30206b0c67ff227cf4ac2ee443c8beb22a98363a60a62b2da084ec71670704e4124b6e8a1a544ed38afdc1bd2201a961319276eba990cb3f7bc3191a717e5484946e972db770ba86a272f7e73c49ded506332dd03d8217caf51a9e6604336297a506ad4f7104640663be1550698253d69f4bcdea24e3837771867e6b5d200cd7e81831a71e4d1660c1d337268d4cecdcc884775301fa7fc489cddddd35806b34b7dc"}, 0x1004)

15:53:35 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 5)

[ 1741.483899] Bluetooth: Unexpected continuation frame (len 39)
[ 1741.485716] Bluetooth: Unexpected continuation frame (len 39)
15:53:35 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xa9070000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:53:35 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:35 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x6, 0x4}, {0x6, 0x8}}}}, 0x11)

15:53:35 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:48 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 6)

15:53:48 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:53:48 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r4, &(0x7f0000000c40)=""/164, 0xa4)

15:53:48 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xc4000000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:53:48 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@any, "1c1546c759aff001"}}}, 0x11)

15:53:48 executing program 6:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="00000000a78da7bb8dfa4006ec27e589b559b882c50f75a878cd017b68b216f5f94aebfc22193566965a84e315ccb33137de496c2f379317fb27a8530dd5fe19d8506b3410a1e4ebb95f6d9783e08a6f0c67a46ff968726ecaf60e1a824133bf07b893578c0a277db45835ec9c282f0359cb634d39c8f8eded964c184a65045d2ecfa6d1d777c3b1ddba1b0a8fce6884a369396caaaa6dd6faada39b757421ca4294b4"], 0x6)

15:53:48 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:48 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

[ 1754.376929] FAULT_INJECTION: forcing a failure.
[ 1754.376929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1754.377907] CPU: 1 PID: 9769 Comm: syz-executor.4 Not tainted 6.4.0-next-20230630 #1
[ 1754.378540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1754.379312] Call Trace:
[ 1754.379495]  <TASK>
[ 1754.379653]  dump_stack_lvl+0xc1/0xf0
[ 1754.379958]  should_fail_ex+0x4b4/0x5b0
[ 1754.380242]  _copy_from_iter+0x1d3/0x1320
[ 1754.380545]  ? __build_skb_around+0x27f/0x3b0
[ 1754.380869]  ? __pfx__copy_from_iter+0x10/0x10
[ 1754.381189]  ? __pfx___alloc_skb+0x10/0x10
[ 1754.381487]  ? __netlink_dump_start+0x9c0/0x9c0
[ 1754.381824]  ? __virt_addr_valid+0x102/0x340
[ 1754.382146]  ? __check_object_size+0x3d4/0x8c0
[ 1754.382471]  netlink_sendmsg+0x880/0xe40
[ 1754.382776]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1754.383083]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1754.383420]  sock_sendmsg+0x1b6/0x200
[ 1754.383689]  ____sys_sendmsg+0x76a/0x9a0
[ 1754.383986]  ? copy_msghdr_from_user+0xfc/0x150
[ 1754.384327]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1754.384653]  ? find_held_lock+0x2c/0x110
[ 1754.384950]  ? get_pid_task+0xec/0x250
[ 1754.385233]  ___sys_sendmsg+0x110/0x1b0
[ 1754.385520]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1754.385840]  ? __fget_files+0x245/0x480
[ 1754.386136]  ? __pfx_lock_release+0x10/0x10
[ 1754.386440]  ? lock_release+0x1e3/0x680
[ 1754.386736]  ? __fget_files+0x267/0x480
[ 1754.387033]  ? __fget_light+0xe5/0x270
[ 1754.387322]  __sys_sendmsg+0xf7/0x1d0
[ 1754.387601]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1754.387948]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 1754.388320]  ? syscall_enter_from_user_mode+0x21/0x50
[ 1754.388682]  do_syscall_64+0x3f/0x90
[ 1754.388956]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1754.389329] RIP: 0033:0x7f354e337b19
[ 1754.389587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1754.390804] RSP: 002b:00007f354b8ad188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1754.391331] RAX: ffffffffffffffda RBX: 00007f354e44af60 RCX: 00007f354e337b19
[ 1754.391825] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000005
[ 1754.392319] RBP: 00007f354b8ad1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1754.392807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1754.393280] R13: 00007fffa633856f R14: 00007f354b8ad300 R15: 0000000000022000
[ 1754.393932]  </TASK>
15:53:48 executing program 0:
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="03c900513a433eea6b6d7c743ff1c73324f8366a495a1f17cf6b63fe5b529303a8705a4d89b997d3032e956c20d3bff7f251d91a66c8e0f5d63e8c4317edfaae32a43795e22409cd11dcd4d0c02ffc2f064ef1fe8105cefecab01e7f5e42991dc55968a4a99046087cf847d033e55caf9e0eef4ca3a09af26ac82463fbb538241e11f1a28ca02869194642f29e77583d9045340bebffdd0a5215c48c6e617e4bac915efd74efbdb28804cba2d9edf92f113e6653cb78bc5a4e88578e7a4ef62107c84d2acfeecffee3fdd6c6758df8655ce922f3c27e842ab694b710ee4eb96d8d2a6bbf71060942eb24d1944f727d2f23b302a2baf9f48bfb647eab677b260bfa217f71ffb5e73a6c834e748954acedac"], 0x55)

15:53:48 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x40, 0x0, 0x8, 0x7fff}}}, 0x9)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x3, 0x4}}, 0x9)

15:53:48 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 7)

15:53:48 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:48 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xfdfdffff, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:53:48 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:53:48 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x6)

15:53:48 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f00000000c0)}], 0x2, 0x81, 0x5)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280))
sendfile(r1, r2, &(0x7f00000000c0)=0x10001, 0x4)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="16858c1a4000"], 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

[ 1754.630803] FAULT_INJECTION: forcing a failure.
[ 1754.630803] name failslab, interval 1, probability 0, space 0, times 0
[ 1754.632134] CPU: 1 PID: 9788 Comm: syz-executor.4 Not tainted 6.4.0-next-20230630 #1
[ 1754.632673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1754.633226] Call Trace:
[ 1754.633411]  <TASK>
[ 1754.633574]  dump_stack_lvl+0xc1/0xf0
[ 1754.633863]  should_fail_ex+0x4b4/0x5b0
[ 1754.634152]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1754.634607]  should_failslab+0x9/0x20
[ 1754.634882]  __kmem_cache_alloc_node+0x66/0x320
[ 1754.635213]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1754.635655]  ? avc_has_perm_noaudit+0x148/0x3a0
[ 1754.636008]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1754.636458]  __kmalloc+0x4a/0x160
[ 1754.636710]  genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x290
[ 1754.637155]  ? genl_cmd_full_to_split+0x371/0x660
[ 1754.637494]  genl_family_rcv_msg_doit.isra.0+0x9f/0x2e0
[ 1754.637864]  ? __pfx_genl_family_rcv_msg_doit.isra.0+0x10/0x10
[ 1754.638282]  ? cap_capable+0x1be/0x220
[ 1754.638570]  ? security_capable+0x99/0xc0
[ 1754.638875]  ? ns_capable+0xe4/0x120
[ 1754.639154]  genl_rcv_msg+0x503/0x7e0
[ 1754.639429]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1754.639739]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1754.640082]  ? __pfx_nl80211_set_cqm+0x10/0x10
[ 1754.640403]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1754.640748]  ? lock_acquire+0x19a/0x4c0
[ 1754.641032]  ? __create_object+0x3ee/0xc90
[ 1754.641359]  netlink_rcv_skb+0x15d/0x450
[ 1754.641645]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1754.641949]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1754.642285]  ? __pfx_down_read+0x10/0x10
[ 1754.642578]  ? netlink_deliver_tap+0x1b2/0xcc0
[ 1754.642879]  ? is_vmalloc_addr+0x86/0xa0
[ 1754.643175]  genl_rcv+0x28/0x40
[ 1754.643413]  netlink_unicast+0x552/0x800
[ 1754.643716]  ? __pfx_netlink_unicast+0x10/0x10
[ 1754.644060]  ? __virt_addr_valid+0x102/0x340
[ 1754.644388]  netlink_sendmsg+0x923/0xe40
[ 1754.644693]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1754.645035]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1754.645369]  sock_sendmsg+0x1b6/0x200
[ 1754.645644]  ____sys_sendmsg+0x76a/0x9a0
[ 1754.645932]  ? copy_msghdr_from_user+0xfc/0x150
[ 1754.646260]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1754.646592]  ? find_held_lock+0x2c/0x110
[ 1754.646886]  ? get_pid_task+0xec/0x250
[ 1754.647170]  ___sys_sendmsg+0x110/0x1b0
[ 1754.647459]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1754.647787]  ? __fget_files+0x245/0x480
[ 1754.648079]  ? __pfx_lock_release+0x10/0x10
[ 1754.648385]  ? lock_release+0x1e3/0x680
[ 1754.648677]  ? __fget_files+0x267/0x480
[ 1754.648970]  ? __fget_light+0xe5/0x270
[ 1754.649257]  __sys_sendmsg+0xf7/0x1d0
[ 1754.649533]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1754.649870]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 1754.650242]  ? syscall_enter_from_user_mode+0x21/0x50
[ 1754.650606]  do_syscall_64+0x3f/0x90
[ 1754.650874]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1754.651241] RIP: 0033:0x7f354e337b19
[ 1754.651502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1754.652721] RSP: 002b:00007f354b8ad188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1754.653238] RAX: ffffffffffffffda RBX: 00007f354e44af60 RCX: 00007f354e337b19
[ 1754.653733] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000005
[ 1754.654221] RBP: 00007f354b8ad1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1754.654704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1754.655194] R13: 00007fffa633856f R14: 00007f354b8ad300 R15: 0000000000022000
[ 1754.655690]  </TASK>
15:53:48 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 8)

15:54:00 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:00 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xffffe000, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

15:54:00 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:00 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 9)

15:54:00 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2)

15:54:00 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
syz_open_dev$tty20(0xc, 0x4, 0x1)

15:54:00 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f00000000c0)=""/176, 0xb0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
flock(r0, 0x1)

15:54:00 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:54:00 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x10000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="38476bacc818a27e1fd8953ac800"], 0x6)

15:54:00 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 10)

15:54:00 executing program 6:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.io_queued\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_keypress_notify={{0x3c, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}}}, 0xa)
syz_mount_image$nfs(&(0x7f0000003c40), &(0x7f0000003c80)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000050c0)={[{'fsc,ntext'}]})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, r1, 0x20, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0xfa20}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_si_device={{0x1, 0x4}, {0x8}}}, 0x7)

15:54:00 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 11)

[ 1766.399514] FAULT_INJECTION: forcing a failure.
[ 1766.399514] name failslab, interval 1, probability 0, space 0, times 0
[ 1766.399564] CPU: 1 PID: 9815 Comm: syz-executor.4 Not tainted 6.4.0-next-20230630 #1
[ 1766.399581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1766.399590] Call Trace:
[ 1766.399594]  <TASK>
[ 1766.399601]  dump_stack_lvl+0xc1/0xf0
[ 1766.399631]  should_fail_ex+0x4b4/0x5b0
[ 1766.399653]  ? __alloc_skb+0x28c/0x330
[ 1766.399671]  should_failslab+0x9/0x20
[ 1766.399689]  kmem_cache_alloc_node+0x65/0x3b0
[ 1766.399709]  ? genl_family_rcv_msg_doit.isra.0+0x246/0x2e0
[ 1766.399730]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1766.399757]  __alloc_skb+0x28c/0x330
[ 1766.399775]  ? __pfx___alloc_skb+0x10/0x10
[ 1766.399797]  ? ns_capable+0xe4/0x120
[ 1766.399821]  netlink_ack+0x35e/0x1370
[ 1766.399838]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1766.399858]  ? __pfx_netlink_ack+0x10/0x10
[ 1766.399872]  ? lock_acquire+0x19a/0x4c0
[ 1766.399892]  ? __create_object+0x3ee/0xc90
[ 1766.399930]  netlink_rcv_skb+0x35a/0x450
[ 1766.399949]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1766.399969]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1766.400000]  ? __pfx_down_read+0x10/0x10
[ 1766.400026]  ? netlink_deliver_tap+0x1b2/0xcc0
[ 1766.400050]  ? is_vmalloc_addr+0x86/0xa0
[ 1766.400073]  genl_rcv+0x28/0x40
[ 1766.400088]  netlink_unicast+0x552/0x800
[ 1766.400117]  ? __pfx_netlink_unicast+0x10/0x10
[ 1766.400142]  ? __virt_addr_valid+0x102/0x340
[ 1766.400174]  netlink_sendmsg+0x923/0xe40
[ 1766.400204]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1766.400237]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1766.400264]  sock_sendmsg+0x1b6/0x200
[ 1766.400281]  ____sys_sendmsg+0x76a/0x9a0
[ 1766.400297]  ? copy_msghdr_from_user+0xfc/0x150
[ 1766.400323]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1766.400343]  ? find_held_lock+0x2c/0x110
[ 1766.400369]  ? get_pid_task+0xec/0x250
[ 1766.400392]  ___sys_sendmsg+0x110/0x1b0
[ 1766.400414]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1766.400435]  ? __fget_files+0x245/0x480
[ 1766.400461]  ? __pfx_lock_release+0x10/0x10
[ 1766.400482]  ? lock_release+0x1e3/0x680
[ 1766.400507]  ? __fget_files+0x267/0x480
[ 1766.400534]  ? __fget_light+0xe5/0x270
[ 1766.400561]  __sys_sendmsg+0xf7/0x1d0
[ 1766.400581]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1766.400617]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 1766.400636]  ? syscall_enter_from_user_mode+0x21/0x50
[ 1766.400662]  do_syscall_64+0x3f/0x90
[ 1766.400686]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1766.400715] RIP: 0033:0x7f354e337b19
[ 1766.400726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1766.400741] RSP: 002b:00007f354b8ad188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1766.400757] RAX: ffffffffffffffda RBX: 00007f354e44af60 RCX: 00007f354e337b19
[ 1766.400768] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000005
[ 1766.400778] RBP: 00007f354b8ad1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1766.400788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1766.400797] R13: 00007fffa633856f R14: 00007f354b8ad300 R15: 0000000000022000
[ 1766.400820]  </TASK>
15:54:00 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:54:00 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0xfffffdfd, 0x15, 0x1c, 0x198, &(0x7f00000002c0)})

[ 1766.675842] nfs: Unknown parameter 'ntext'
[ 1766.706174] Bluetooth: hci1: unexpected event 0x01 length: 4 > 1
[ 1766.723215] nfs: Unknown parameter 'ntext'
15:54:00 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 12)

15:54:00 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:00 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:00 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:54:13 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:54:13 executing program 6:
r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r0, 0x1, 0x70bd25, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8080)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03200300c800"], 0x6)

15:54:13 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:13 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0) (fail_nth: 13)

15:54:13 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
syz_open_dev$tty20(0xc, 0x4, 0x1)

15:54:13 executing program 0:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="300300004f7b3a3e32bd72eac23ca8c4f105e3906c3fec20a76d72c63dd10708f03fbf99014ba8921c1122d3c8a06ab3287993b6ce7e6f7a"], 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x47}, "3e8cafdb54e05f30465a657c62d0a67b3762350d3ca5476a1b82c949be1f6423649eada6b838ef6c7db65d054905ae9c165b457fc7898b61fc511690df1082507004e1aab790d2"}, 0x4b)

15:54:13 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x8, 0x1c, 0x198, &(0x7f00000002c0)})

15:54:13 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:13 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xd}, @l2cap_cid_signaling={{0x9}, [@l2cap_create_chan_req={{0xc, 0x5, 0x5}, {0x9, 0x9, 0x6}}]}}, 0x12)

[ 1766.733347] Bluetooth: hci1: unexpected event 0x01 length: 4 > 1
[ 1779.455928] FAULT_INJECTION: forcing a failure.
[ 1779.455928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1779.456000] CPU: 0 PID: 9879 Comm: syz-executor.4 Not tainted 6.4.0-next-20230630 #1
[ 1779.456025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1779.456042] Call Trace:
[ 1779.456050]  <TASK>
[ 1779.456071]  dump_stack_lvl+0xc1/0xf0
[ 1779.456124]  should_fail_ex+0x4b4/0x5b0
[ 1779.456164]  _copy_to_user+0x30/0xc0
[ 1779.456200]  simple_read_from_buffer+0xd0/0x170
[ 1779.456221]  proc_fail_nth_read+0x1a2/0x240
[ 1779.456244]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1779.456264]  ? security_file_permission+0xb5/0xe0
[ 1779.456295]  vfs_read+0x1de/0x8f0
[ 1779.456311]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1779.456331]  ? __pfx_vfs_read+0x10/0x10
[ 1779.456345]  ? __fget_light+0xe5/0x270
[ 1779.456372]  ? __fget_files+0x267/0x480
[ 1779.456405]  ksys_read+0x122/0x250
[ 1779.456421]  ? __pfx_ksys_read+0x10/0x10
[ 1779.456439]  ? lockdep_hardirqs_on_prepare+0x27b/0x3f0
[ 1779.456465]  do_syscall_64+0x3f/0x90
[ 1779.456489]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 1779.456517] RIP: 0033:0x7f354e2ea69c
[ 1779.456528] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1779.456543] RSP: 002b:00007f354b8ad170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1779.456559] RAX: ffffffffffffffda RBX: 0000000000000034 RCX: 00007f354e2ea69c
[ 1779.456573] RDX: 000000000000000f RSI: 00007f354b8ad1e0 RDI: 0000000000000006
[ 1779.456583] RBP: 00007f354b8ad1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1779.456593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1779.456603] R13: 00007fffa633856f R14: 00007f354b8ad300 R15: 0000000000022000
[ 1779.456626]  </TASK>
[ 1779.499994] Bluetooth: hci1: SCO packet for unknown connection handle 800
15:54:25 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
syz_open_dev$tty20(0xc, 0x4, 0x1)

15:54:25 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:54:25 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:25 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

15:54:25 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_logical_link_complete={{0x46, 0x4}, {0x2, 0xc8, 0x8}}}, 0x7)

15:54:25 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x2000, 0x1c, 0x198, &(0x7f00000002c0)})

15:54:25 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:25 executing program 0:
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x40}, 0xfeb6)

15:54:25 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_changed={{0x2d, 0x9}, {0x9, 0xc9, 0x0, 0x40, 0x8, 0x6}}}, 0xc)

15:54:25 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xd}, "f105cebbcd26b7c5575f0a1962"}, 0x11)

15:54:25 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

15:54:25 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x10, 0x198, &(0x7f00000002c0)})

15:54:25 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x0, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:26 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:26 executing program 6:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000080)={0x3, 0xe94, 0x3, 0x7ff, 0x1, "0fca115839eff7ebb93201ea930e0ef343997d", 0x3, 0x4})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_ext_features={{0x23, 0xd}, {0x7, 0xc8, 0x7f, 0x20, "af5540851102b628"}}}, 0x10)

15:54:26 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x9f}, "0399e35937e58ff31b79660988d612c3fbda0840dda927a79ff9a5e68cb356b3cf66b0cbbfdfaa0eb7dd37dd8ef61c08ff4ce943d1caa803014b3f579307eb2c7af0a7e6745a2e2d0d143d9761d1624eb8661888693316622aef8b7f105ac4608558ad749fb70ca50aea7b91bd5b9eb070b793d93f152b17d408c2d6a6bf7c705e46e2c11cb9bbaaaa6197591bb5363dc2bf0cbe346adf28b892fd72d12814"}, 0xa3)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

15:54:38 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:54:38 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x5b}, {0x6, [{@any, 0x9, 0x40, 0x7, "cefe01", 0x40, 0x7}, {@any, 0x4, 0x4, 0x4, 'U)2', 0x0, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x3f, 0x6, 0xff, "1fd472", 0x80, 0x7}, {@none, 0x3, 0x40, 0x1a, "8ca798", 0x9384, 0x7}, {@any, 0x2, 0x80, 0x9, "511d24", 0x6, 0x4}, {@any, 0x3, 0x8, 0xff, "84d8a3", 0x1, 0x1f}]}}}, 0x5e)

15:54:38 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6"})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:38 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x2, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

15:54:38 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})

15:54:38 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:38 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x2000, 0x198, &(0x7f00000002c0)})

15:54:38 executing program 6:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x8a5, 0x8, 0x800, 0x2}}}, 0xa)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

[ 1779.584302] Bluetooth: hci1: SCO packet for unknown connection handle 800
[ 1804.437376] Bluetooth: hci1: Malformed Event: 0x02
[ 1804.444846] Bluetooth: hci1: Malformed Event: 0x02
15:54:38 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

15:54:38 executing program 6:
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="04300308c800ffe282f9cd80e3b0d0f249adad22f4d4b5655e9f5ea5669d8342347511841c47760bd0f749f9f3e20cafa0dc7af41ab67a0e0d20446119b38929c8eed9700c9705341db475644cefc63fa8a729abc69717cc1595"], 0x6)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c8205800540001000e040300ffff000d42080001000200ff011f000180020000001020040000010900014802000100017602005d0304071300050003000702030004090205c000000700090006060400ff07175606a5040000340400"], 0x5d)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_rsp={{0x7, 0x40, 0x4}, {0x1, 0x7fff}}]}}, 0x11)

15:54:38 executing program 0:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000380)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x24}}, 0x0)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000380)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001400000008001d00", @ANYRES32, @ANYBLOB="08000300", @ANYRES32=r7, @ANYBLOB="fcbd8c24f9da860a8525b3d87ba4ad20336bda7c591f77"], 0x24}, 0x1, 0x0, 0x0, 0x10004}, 0x58040)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r8=>0x0})
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000400), r2)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x78, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x4}, @NL80211_ATTR_FRAME_MATCH={0x2b, 0x5b, "978171941249aae9fb15ed9fa4a5f7cddeef61293ff8f44faccd5388f170053b335f4e176d2c95"}, @NL80211_ATTR_FRAME_MATCH={0x20, 0x5b, "6a56cb272155486b603b7b44c136bdde4e59f09a0895c7dd43947f43"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xab}]}, 0x78}, 0x1, 0x0, 0x0, 0xc041}, 0x400c4)
sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x89001002}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r0, 0x4, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x80d4}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)

15:54:38 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x4, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

[ 1804.625279] Bluetooth: Wrong link type (-22)
[ 1804.625704] Bluetooth: hci1: link tx timeout
[ 1804.625769] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1804.625821] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 1804.625840] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 9468, name: kworker/u5:0
[ 1804.625864] preempt_count: 0, expected: 0
[ 1804.625877] RCU nest depth: 1, expected: 0
[ 1804.626037] 3 locks held by kworker/u5:0/9468:
[ 1804.626055]  #0: ffff888016701138 ((wq_completion)hci1#2){+.+.}-{0:0}, at: process_one_work+0x99d/0x1770
15:54:38 executing program 6:
pwrite64(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0xcb)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000100))
fchdir(r1)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="504feb00f520c1e60ffff66e1fc1cb5fc8b7e6d012d0c007b8db1825c2ff0f040067b2d5c2466a5df45c4fc28dd81e9929d11b97cc1066c268c5c6ffec72b2d602a8c42effd4a8556773e44de350b3f48217857949325585f1b2e2ebfa7d2344235c6c47a612d4c5d8717d39e22e9591ea3fda8b0cb2e0d01be6a066f7894576a298371ff48f10f19fe62652167d82d4a60fb8b2c39a4d1521bcac3ab6f6d9c9606e9968a625b981d5f110012fdca521ca2fa8a791c1cb6381b2b2a27272e3e459f8745a8ec3dbe13837f7161af549c8ea313503de763474b64a", @ANYRESHEX=r0, @ANYRES16=r0, @ANYRESOCT=r0, @ANYRESDEC=r0, @ANYRESHEX=r0, @ANYRESDEC=r0, @ANYRESOCT=r0], 0x6)

[ 1804.626161]  #1: ffff88804150fdb0 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: process_one_work+0x9d0/0x1770
[ 1804.626292]  #2: ffffffff8560b6c0 (rcu_read_lock){....}-{1:2}, at: __check_timeout+0x171/0x480
[ 1804.626372] CPU: 0 PID: 9468 Comm: kworker/u5:0 Not tainted 6.4.0-next-20230630 #1
[ 1804.626402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1804.626419] Workqueue: hci1 hci_tx_work
[ 1804.626451] Call Trace:
[ 1804.626459]  <TASK>
[ 1804.626470]  dump_stack_lvl+0xc1/0xf0
[ 1804.626516]  __might_resched+0x2f9/0x510
[ 1804.626559]  __mutex_lock+0x9e/0x1a30
[ 1804.626597]  ? irq_work_queue+0x2d/0x80
[ 1804.626644]  ? __wake_up_klogd.part.0+0x5d/0xa0
[ 1804.626682]  ? vprintk_emit+0x125/0x560
[ 1804.626720]  ? hci_cmd_sync_submit+0x3b/0x2d0
[ 1804.626766]  ? __pfx___mutex_lock+0x10/0x10
[ 1804.626803]  ? vprintk+0x90/0xa0
[ 1804.626845]  ? _printk+0xbf/0x100
[ 1804.626876]  ? __pfx__printk+0x10/0x10
[ 1804.626927]  ? __pfx_abort_conn_sync+0x10/0x10
[ 1804.626965]  hci_cmd_sync_submit+0x3b/0x2d0
[ 1804.627006]  ? __pfx_abort_conn_sync+0x10/0x10
[ 1804.627041]  hci_cmd_sync_queue+0x7b/0xb0
[ 1804.627087]  hci_disconnect+0x1c2/0x450
[ 1804.627121]  ? __pfx_hci_disconnect+0x10/0x10
[ 1804.627155]  ? __pfx_lock_release+0x10/0x10
[ 1804.627188]  ? __sanitizer_cov_trace_switch+0x54/0x90
15:54:38 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6c}, "0a39955f95ed6d85d214710a7ab1b399da36241657e9650d5dc2b536030c5e039ee2ff476799664b519412ce515e7ef1eef84680d9a21f1f77a03d4ff70b2f052176cb500cefec71e9a8d30adca2f8f566ad9419da53a47df37c6f8801e81823406e6615282449d1d3cc337d"}, 0x70)

[ 1804.627241]  __check_timeout+0x2cc/0x480
[ 1804.627280]  hci_tx_work+0x7cb/0x1a70
[ 1804.627324]  ? pwq_activate_inactive_work+0x298/0x550
[ 1804.627366]  ? __pfx_hci_tx_work+0x10/0x10
[ 1804.627416]  process_one_work+0xabf/0x1770
[ 1804.627469]  ? __pfx_lock_acquire+0x10/0x10
[ 1804.627504]  ? __pfx_process_one_work+0x10/0x10
[ 1804.627555]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1804.627611]  worker_thread+0x64f/0x12a0
[ 1804.627672]  ? __pfx_worker_thread+0x10/0x10
[ 1804.627717]  kthread+0x33f/0x440
[ 1804.627747]  ? __pfx_kthread+0x10/0x10
[ 1804.627783]  ret_from_fork+0x2c/0x50
[ 1804.627844]  </TASK>
[ 1804.627884] 
[ 1804.627889] =============================
[ 1804.627894] [ BUG: Invalid wait context ]
[ 1804.627902] 6.4.0-next-20230630 #1 Tainted: G        W         
[ 1804.627916] -----------------------------
[ 1804.627922] kworker/u5:0/9468 is trying to lock:
15:54:38 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x5, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

[ 1804.627934] ffff888015bb49b0 (&hdev->unregister_lock){+.+.}-{3:3}, at: hci_cmd_sync_submit+0x3b/0x2d0
[ 1804.628006] other info that might help us debug this:
[ 1804.628013] context-{4:4}
[ 1804.628023] 3 locks held by kworker/u5:0/9468:
[ 1804.628038]  #0: ffff888016701138 ((wq_completion)hci1#2){+.+.}-{0:0}, at: process_one_work+0x99d/0x1770
[ 1804.628119]  #1: ffff88804150fdb0 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: process_one_work+0x9d0/0x1770
[ 1804.628195]  #2: ffffffff8560b6c0 (rcu_read_lock){....}-{1:2}, at: __check_timeout+0x171/0x480
[ 1804.628260] stack backtrace:
[ 1804.628267] CPU: 0 PID: 9468 Comm: kworker/u5:0 Tainted: G        W          6.4.0-next-20230630 #1
[ 1804.628296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1804.628311] Workqueue: hci1 hci_tx_work
[ 1804.628338] Call Trace:
[ 1804.628344]  <TASK>
[ 1804.628352]  dump_stack_lvl+0x91/0xf0
[ 1804.628399]  __lock_acquire+0x1605/0x6340
[ 1804.628438]  ? __pfx_mark_lock.part.0+0x10/0x10
[ 1804.628472]  ? 0xffffffffa0000000
[ 1804.628490]  ? __pfx___lock_acquire+0x10/0x10
[ 1804.628522]  ? __is_insn_slot_addr+0x147/0x290
[ 1804.628552]  ? mark_held_locks+0x9e/0xe0
[ 1804.628587]  lock_acquire+0x19a/0x4c0
[ 1804.628619]  ? hci_cmd_sync_submit+0x3b/0x2d0
[ 1804.628659]  ? __pfx_lock_acquire+0x10/0x10
[ 1804.628693]  ? mark_lock.part.0+0xef/0x2f50
[ 1804.628725]  ? dump_stack_lvl+0xda/0xf0
[ 1804.628762]  ? dump_stack_lvl+0xdc/0xf0
[ 1804.628805]  __mutex_lock+0x12a/0x1a30
[ 1804.628841]  ? hci_cmd_sync_submit+0x3b/0x2d0
[ 1804.628877]  ? irq_work_queue+0x2d/0x80
[ 1804.628920]  ? __wake_up_klogd.part.0+0x5d/0xa0
[ 1804.628954]  ? vprintk_emit+0x125/0x560
[ 1804.628991]  ? hci_cmd_sync_submit+0x3b/0x2d0
[ 1804.629033]  ? __pfx___mutex_lock+0x10/0x10
[ 1804.629069]  ? vprintk+0x90/0xa0
[ 1804.629108]  ? _printk+0xbf/0x100
[ 1804.629137]  ? __pfx__printk+0x10/0x10
[ 1804.629173]  ? __pfx_abort_conn_sync+0x10/0x10
[ 1804.629204]  hci_cmd_sync_submit+0x3b/0x2d0
[ 1804.629242]  ? __pfx_abort_conn_sync+0x10/0x10
[ 1804.629274]  hci_cmd_sync_queue+0x7b/0xb0
[ 1804.629313]  hci_disconnect+0x1c2/0x450
[ 1804.629345]  ? __pfx_hci_disconnect+0x10/0x10
[ 1804.629377]  ? __pfx_lock_release+0x10/0x10
[ 1804.629408]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1804.629450]  __check_timeout+0x2cc/0x480
[ 1804.629483]  hci_tx_work+0x7cb/0x1a70
[ 1804.629518]  ? pwq_activate_inactive_work+0x298/0x550
[ 1804.629557]  ? __pfx_hci_tx_work+0x10/0x10
[ 1804.629595]  process_one_work+0xabf/0x1770
[ 1804.629638]  ? __pfx_lock_acquire+0x10/0x10
[ 1804.629672]  ? __pfx_process_one_work+0x10/0x10
[ 1804.629715]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1804.629759]  worker_thread+0x64f/0x12a0
[ 1804.629805]  ? __pfx_worker_thread+0x10/0x10
[ 1804.629846]  kthread+0x33f/0x440
[ 1804.629874]  ? __pfx_kthread+0x10/0x10
[ 1804.629905]  ret_from_fork+0x2c/0x50
[ 1804.629948]  </TASK>
[ 1804.631536] Bluetooth: Wrong link type (-22)
[ 1804.631706] Bluetooth: hci1: link tx timeout
[ 1804.631720] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
15:54:39 executing program 1:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:39 executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280))

15:54:39 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
read(r0, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r1, &(0x7f0000000c40)=""/164, 0xa4)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r2, &(0x7f0000000c40)=""/164, 0xa4)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r3, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x9)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000000c0)={0x1ff, 0x3, 0x5, 0x4, 0x6, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6", 0x100, 0x458ee99e})

15:54:39 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6"})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:39 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000080)={0x1, 0x0, 0x15, 0x1c, 0x2000, &(0x7f00000002c0)})

15:54:39 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0400f676df18f16d0580235f1f1b1f922c085afb75ae5c7cf8b11064"], 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "5d77cf"}}}, 0xd)

15:54:39 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x6, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

15:54:39 executing program 0:
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@remote}, 0x0, @in6=@loopback}}, &(0x7f00000001c0)=0xe8)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x46, 0x0, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', <r3=>0x0})
sendmmsg$inet6(r1, &(0x7f00000006c0)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000"/32, @ANYRES32=r3], 0x28}}], 0x1, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x46, 0x0, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'sit0\x00', <r6=>0x0})
sendmmsg$inet6(r4, &(0x7f00000006c0)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000"/32, @ANYRES32=r6], 0x28}}], 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'erspan0\x00', &(0x7f00000002c0)={'ip_vti0\x00', <r7=>0x0, 0x8, 0x1, 0xffffffff, 0x3, {{0x24, 0x4, 0x1, 0x17, 0x90, 0x64, 0x0, 0xc, 0x29, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x3d}, {[@timestamp={0x44, 0x18, 0x4d, 0x0, 0xa, [0x0, 0x5, 0x5, 0xffffffff, 0x8]}, @timestamp_prespec={0x44, 0x24, 0xa9, 0x3, 0x9, [{@private=0xa010101, 0x4}, {@empty, 0x80000005}, {@local, 0x7}, {@remote, 0xfffffffa}]}, @timestamp_prespec={0x44, 0x14, 0x31, 0x3, 0x1, [{@broadcast, 0x7}, {@local, 0x40000000}]}, @timestamp_addr={0x44, 0x2c, 0xeb, 0x1, 0x1, [{@private=0xa010102, 0x10001}, {@remote, 0x4}, {@private=0xa010101, 0x81}, {@multicast1, 0x9}, {@broadcast, 0x101}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000002a80)={'batadv_slave_0\x00', <r8=>0x0})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000002bc0)={'gre0\x00', &(0x7f0000002ac0)={'syztnl2\x00', <r9=>0x0, 0x1, 0x40, 0x80000001, 0xab, {{0x32, 0x4, 0x1, 0x1a, 0xc8, 0x64, 0x0, 0x20, 0x29, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x1e}, {[@timestamp_addr={0x44, 0x2c, 0x85, 0x1, 0x4, [{@dev={0xac, 0x14, 0x14, 0x26}, 0x8a}, {@remote, 0xffffffff}, {@empty, 0xe2}, {@broadcast, 0x1800000}, {@loopback, 0x9}]}, @lsrr={0x83, 0x13, 0xd1, [@broadcast, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @lsrr={0x83, 0x7, 0xaf, [@multicast1]}, @generic={0x86, 0x7, "bdbd95c650"}, @end, @rr={0x7, 0x7, 0xa1, [@initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_prespec={0x44, 0xc, 0x12, 0x3, 0xa, [{@broadcast, 0x7ff}]}, @cipso={0x86, 0x36, 0x2, [{0x1, 0xb, "782a836d255dd03a8f"}, {0x7, 0x9, "28e84ff3236e26"}, {0x5, 0x3, "ac"}, {0x7, 0x7, "15ab0ff53b"}, {0x0, 0x2}, {0x6, 0x10, "d8e5fac96fef327f5bb05126b908"}]}, @timestamp_prespec={0x44, 0x1c, 0x55, 0x3, 0xa, [{@multicast2, 0x6}, {@remote, 0xff}, {@remote, 0x8}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000002c80)={'ip6tnl0\x00', &(0x7f0000002c00)={'ip6gre0\x00', <r10=>0x0, 0x2f, 0x9, 0x6, 0x1, 0x40, @mcast1, @mcast1, 0x700, 0x8000, 0x80, 0x2}})
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000033c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000003380)={&(0x7f0000002cc0)={0x684, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0x1b0, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2d1}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x4, 0xc0, 0x8, 0x2}, {0x8, 0x1, 0x3f, 0x81}, {0x1f3, 0xe1, 0x2c, 0x4}]}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r0}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}]}}, {{0x8}, {0x15c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x84, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x54, 0x4, [{0x2, 0x6, 0x80, 0x401}, {0x6, 0x3, 0x2, 0x4}, {0x1, 0x6, 0x20, 0x7}, {0xfffd, 0x3f, 0xd3, 0xffffffff}, {0x3, 0x2, 0x7f, 0x14c5}, {0xf3, 0x80, 0x2, 0xffffffff}, {0xfff, 0x8, 0x21, 0x2}, {0x20, 0x1, 0x4, 0x3}, {0xc659, 0x80, 0x7, 0x2}, {0x4, 0x3, 0x0, 0x3}]}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x5, 0x0, 0xf1, 0x8472}, {0xfff, 0x7f, 0xfd, 0x53}, {0xff01, 0x20, 0x6, 0x4b8}, {0x1, 0x3, 0x4, 0x81}]}}}]}}, {{0x8, 0x1, r3}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffb}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0x1bc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}, {0x8, 0x6, r9}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}]}}]}, 0x684}, 0x1, 0x0, 0x0, 0x44010}, 0xc0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)

15:54:39 executing program 0:
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}}}, 0x6)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRESOCT], 0x5d)

15:54:39 executing program 5:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "3e43d0a9efe60286daf8d9aa538ab4bd90afd6"})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
read(0xffffffffffffffff, &(0x7f0000000c40)=""/164, 0xa4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280))

15:54:39 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x7, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

15:54:39 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04ff0100b87f8af1470e93b2c700009c000000"], 0x6)

15:54:39 executing program 0:
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="0430e8ff00002d953a569cdffefe3c9547309e88ab68165f6cf88f29e8799922ce82e5a2faa46d8c5adc14e4e7fdc530ab207f2e05301825ba3b04a0abee83ec817bc02fd42b419f3cbdc9fe321a6ce600c63a0fcca9d2b6898e9a6453583ebfa82ad9638423cabd70f45a82bce191e8ed4f2e4a930ff2e379f8f5be938dd259451e5055495ccf59f0bfa872b85150e79b063ccf7063a2bd3e726313721ebcc3df900c71d9ce0c352f6187a58d6ebf77ddfac9c047715c696667e680d2fc6b29664a2c537be4e5da8aff53f1cc37e973ad8e30e2d0f1096e4ac737164b3080b460406266613a082083cb7cc1a9c28f48805db61c11a0bb5286d117fb503186d2b6813d2bfcf017090f20dda4510994c7285a34b04f181ef9215aad349e78"], 0x6)

15:54:39 executing program 6:
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="fb0400000000f4131fbfb5ad5fb123de9cdcd68b7c0bd4f2526a3e824c3d66481fe162f71910c1ced6db90ead9d283df429a13fe6da1505573a9fe0ec9576c913dfc0ef7a6d3d1875c219b94ae88c3f66a78c747dd9cb1d1904ef179d9382e0a450f239d7abb20c46161aff79fe16d54fe5f83a20a619b04c67d560159e6a72419cb853f9ec21fdcfef0cc3a56b52622a6076c6d864206035bbedfd23f32f29947b31b73126856491f89b5ede5d17f9abed27fb3500576c9469a98f9dd2ede0da231f7a9eea2641b5401673fb84e8fddfa4afa86fd5f9940b91292f4fa827d3c8306514a95eaa15e76dc4e57e70608b50e96939575e69442ad731f9800fe464eb4647a19b6e14367b5d6d5469f487d926cd8b31863037a120a8913401d648432bd92277f9f9ee6798442989235e073a0ca4318dd27f741b9b4550d04033a80d73d0777377627794f40975a025988a69d62a260c4ab85d503e7cf8c0ee552b79b9e5f3133a6757018bbb8a8bda777388c2d393f184b9270"], 0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="02c9e46c580163a2701b00170001000e020300070001023f04000700c90006800400ce490000"], 0x20)
syz_emit_vhci(&(0x7f00000004c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x8b}, "7daa82af212fec19cc45ddc0f741cb5b72d4eabb0c34761cc8c87f0033ac494f47473c1f24cdb7809cebfdeb52664346cde506788d7046ed99ade39a702e2bc49e5054281cf1aea0768abb50e73f6cff21782ddd3c59b5beb0194c56ad9d163561aaf415fa95d6e1001f681704159b2b85f0a0ee979cf9cdff462fba193dfa5d7373200b943280d9f871e2"}, 0x8f)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_req={{0x6, 0x40, 0x4}, {0xfff7, 0x2}}}}, 0x11)
syz_emit_vhci(&(0x7f0000000580)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x4f}, "0df62f961c6fd78193db30bd98d922f46bcdb8ecc6811a73e99abaf19c224129bc9e4dac1fe24a8f743a33e0eb5ab47c46614ba508db83bb9e4d4083f770be41d8c426a77200"/79}, 0x53)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x2, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_cmd_rej_unk={{0x1, 0x7a, 0x2}}]}}, 0xf)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04ebd2d8"], 0x4)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0x3f}, {0xfff, 0xa, [{0xc9, 0xdf2, 0xf08b}, {0xc8, 0xf801, 0xc42}, {0xc9, 0x20, 0x80}, {0xc9, 0x0, 0x40}, {0xc9, 0x8, 0x8001}, {0xc8, 0x8a4a, 0xb632}, {0xc8, 0xe56e, 0x1}, {0xc9, 0x6, 0xebe}, {0xc8, 0x4, 0x9}, {0xc9, 0x0, 0x1f}]}}}, 0x42)
syz_emit_vhci(&(0x7f0000000280)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x3, 0x22}, @l2cap_cid_signaling={{0x1e}, [@l2cap_conn_req={{0x2, 0x0, 0x4}, {0x7, 0x4}}, @l2cap_disconn_req={{0x6, 0x1, 0x4}, {0x4, 0x3}}, @l2cap_move_chan_cfm={{0x10, 0x0, 0x4}, {0xaaa, 0x5}}, @l2cap_info_req={{0xa, 0x8, 0x2}, {0x5}}]}}, 0x27)

15:54:39 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f00000003c0)={0x0, 0x8, &(0x7f0000000300)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)

[ 1805.096501] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 1805.096801] Bluetooth: hci1: Received unexpected HCI Event 0x00
15:54:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r0, &(0x7f00000002c0)={&(0x7f00000001c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r1, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xbc1e, 0x42}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r1, @ANYBLOB="00042cbd7000fbdbdf254f00000088007a80140001004845a0e4f94556017ec7eb80e414000100577dce9769c3d07bcda653f29fbcb1450800040000000080240001003b58a9486796ec298ad7335f2ef131d0f0ac6f250a854196f5d185ac8fee6f421c00022f81f30869d974a515dcd8ed09e159007ad871f90d02162fa169064866a3ff4bedc84fc1ec53f2190c000300a143c296"], 0x9c}}, 0x4000804)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000300), 0x4)

[ 1805.496529] Bluetooth: hci1: ACL packet for unknown connection handle 1225
[ 1805.498113] Bluetooth: hci1: unexpected event 0x48 length: 63 > 3
[ 1805.498143] Bluetooth: hci1: wrong event for mode 0
[ 1805.499811] Bluetooth: hci1: ACL packet for unknown connection handle 1225
[ 1805.500770] Bluetooth: hci1: unexpected event 0x48 length: 63 > 3
[ 1805.500796] Bluetooth: hci1: wrong event for mode 0
[ 1806.652984] Bluetooth: hci1: command 0x0406 tx timeout
[ 1808.701002] Bluetooth: hci1: command 0x0409 tx timeout

VM DIAGNOSIS:
15:54:38  Registers:
info registers vcpu 0
RAX=0000000000000004 RBX=0000000000000004 RCX=0000000000000000 RDX=000000000001c062
RSI=ffffffff821a0138 RDI=0000000000000007 RBP=000000000001c062 RSP=ffff88806ce09da8
R8 =0000000000000007 R9 =0000000000010000 R10=000000000001c062 R11=ffff88806ce09ff8
R12=000000000001c062 R13=ffff888009088180 R14=ffff88800908c4c8 R15=ffff888009088008
RIP=ffffffff821a013e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555562a7400 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555556bf8c58 CR3=000000000e2d6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=7463656a6e695f31313230385f7a7973 XMM03=00007f6db18e77c800007f6db18e77c0
XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=000000000000014d RBX=000000000000014e RCX=00000000004f5bc0 RDX=000000c000708a00
RSI=000000000000014d RDI=000000c001893410 RBP=000000c00105b588 RSP=000000c00105b578
R8 =0000000000000001 R9 =000000000001a000 R10=b25bee84fcc55c29 R11=b25bee84fcc4821f
R12=0000000000000002 R13=0000000001240aa0 R14=0000000000000000 R15=00000000004643c0
RIP=00000000004f5c0c RFL=00000206 [-----P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000000c000030b10 00000000 00000000
GS =0000 0000000000000000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff38fba9040 CR3=000000000f2b4000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=0000000000000000c1162e42fefa39ef
XMM02=0000000000000000bfe62e42fefa39ef XMM03=d6b272ecffc6c568c26610cc971bd129
XMM04=0a560fffc22518dbb807c0d012d0e6b7 XMM05=29991ed88dc24f5cf45d6a46c2d5b267
XMM06=02d6b272ecffc6c568c26610cc971bd1 XMM07=83f4b350e34de4736755a8d4ff2ec4a8
XMM08=1c6aa72ff6c23a726644eedd68f59e02 XMM09=5e791ab782d066e278c03eb26a02df00
XMM10=d921fedadc5fffd8ea3d7d7532890277 XMM11=0eb45a8a22a2741fd6e7b95840ed7887
XMM12=d58ade492b4a01d5f374a9f41e731c45 XMM13=00000000000000000000000000000173
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000